本文整理汇总了Java中org.jose4j.jws.JsonWebSignature.verifySignature方法的典型用法代码示例。如果您正苦于以下问题:Java JsonWebSignature.verifySignature方法的具体用法?Java JsonWebSignature.verifySignature怎么用?Java JsonWebSignature.verifySignature使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.jose4j.jws.JsonWebSignature的用法示例。
在下文中一共展示了JsonWebSignature.verifySignature方法的12个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: verifyJwsSignature
import org.jose4j.jws.JsonWebSignature; //导入方法依赖的package包/类
/**
* Verify jws signature byte [ ].
*
* @param value the value
* @param signingKey the signing key
* @return the byte [ ]
*/
public static byte[] verifyJwsSignature(final Key signingKey, final byte[] value) {
try {
final String asString = new String(value, StandardCharsets.UTF_8);
final JsonWebSignature jws = new JsonWebSignature();
jws.setCompactSerialization(asString);
jws.setKey(signingKey);
final boolean verified = jws.verifySignature();
if (verified) {
final String payload = jws.getPayload();
LOGGER.trace("Successfully decoded value. Result in Base64-encoding is [{}]", payload);
return EncodingUtils.decodeBase64(payload);
}
return null;
} catch (final Exception e) {
throw Throwables.propagate(e);
}
}
示例2: verifySignature
import org.jose4j.jws.JsonWebSignature; //导入方法依赖的package包/类
/**
* Verify signature.
*
* @param value the value
* @return the value associated with the signature, which may have to
* be decoded, or null.
*/
protected byte[] verifySignature(@NotNull final byte[] value) {
try {
final String asString = new String(value);
final JsonWebSignature jws = new JsonWebSignature();
jws.setCompactSerialization(asString);
jws.setKey(this.signingKey);
final boolean verified = jws.verifySignature();
if (verified) {
final String payload = jws.getPayload();
logger.debug("Successfully decoded value. Result in Base64-encoding is [{}]", payload);
return CompressionUtils.decodeBase64(payload);
}
return null;
} catch (final Exception e) {
throw new RuntimeException(e);
}
}
示例3: verifySignature
import org.jose4j.jws.JsonWebSignature; //导入方法依赖的package包/类
/**
* Verify signature.
*
* @param value the value
* @return the value associated with the signature, which may have to
* be decoded, or null.
*/
private String verifySignature(@NotNull final String value) {
try {
final JsonWebSignature jws = new JsonWebSignature();
jws.setCompactSerialization(value);
jws.setKey(this.secretKeySigningKey);
final boolean verified = jws.verifySignature();
if (verified) {
logger.debug("Signature successfully verified. Payload is [{}]", jws.getPayload());
return jws.getPayload();
}
return null;
} catch (final Exception e) {
throw new RuntimeException(e);
}
}
示例4: verify
import org.jose4j.jws.JsonWebSignature; //导入方法依赖的package包/类
@Override
public boolean verify(String authToken, String issuer) {
Preconditions.checkNotNull(authToken);
Preconditions.checkNotNull(issuer);
try {
JsonWebKeySet jwks = this.jwksSupplier.supply(issuer);
JsonWebSignature jws = new JsonWebSignature();
jws.setCompactSerialization(authToken);
for (JsonWebKey jwk : this.jwkSelector.selectList(jws, jwks.getJsonWebKeys())) {
jws.setKey(jwk.getKey());
if (jws.verifySignature()) {
return true;
}
}
} catch (JoseException exception) {
throw new UnauthenticatedException("Cannot verify the signature", exception);
}
return false;
}
示例5: verifySignature
import org.jose4j.jws.JsonWebSignature; //导入方法依赖的package包/类
/**
* Verify signature.
*
* @param value the value
* @return the value associated with the signature, which may have to
* be decoded, or null.
*/
protected byte[] verifySignature(@NotNull final byte[] value) {
try {
final String asString = new String(value);
final JsonWebSignature jws = new JsonWebSignature();
jws.setCompactSerialization(asString);
jws.setKey(this.signingKey);
final boolean verified = jws.verifySignature();
if (verified) {
final String payload = jws.getPayload();
logger.debug("Successfully decoded value. Result in Base64-encoding is [{}]", payload);
return CompressionUtils.decodeBase64ToByteArray(payload);
}
return null;
} catch (final Exception e) {
throw new RuntimeException(e);
}
}
示例6: attemptAll
import org.jose4j.jws.JsonWebSignature; //导入方法依赖的package包/类
private Key attemptAll(JsonWebSignature jws) throws UnresolvableKeyException
{
for (X509Certificate certificate : x5tMap.values())
{
PublicKey publicKey = certificate.getPublicKey();
jws.setKey(publicKey);
try
{
if (jws.verifySignature())
{
return publicKey;
}
}
catch (JoseException e)
{
log.debug("Verify signature didn't work: {}", ExceptionHelp.toStringWithCauses(e));
}
}
StringBuilder sb = new StringBuilder();
sb.append("Unable to verify the signature with any of the provided keys - SHA-1 thumbs of provided certificates: ");
sb.append(x5tMap.keySet());
sb.append(".");
throw new UnresolvableKeyException(sb.toString());
}
示例7: verifySignature
import org.jose4j.jws.JsonWebSignature; //导入方法依赖的package包/类
/**
* Verify signature.
*
* @param value the value
* @return the value associated with the signature, which may have to
* be decoded, or null.
*/
private String verifySignature(@NotNull final String value) {
try {
final JsonWebSignature jws = new JsonWebSignature();
jws.setCompactSerialization(value);
jws.setKey(this.secretKeySigningKey);
final boolean verified = jws.verifySignature();
if (verified) {
LOGGER.debug("Signature successfully verified. Payload is [{}]", jws.getPayload());
return jws.getPayload();
}
return null;
} catch (final Exception e) {
throw new RuntimeException(e);
}
}
示例8: verifyJwsCompactSerialization
import org.jose4j.jws.JsonWebSignature; //导入方法依赖的package包/类
@Override
public boolean verifyJwsCompactSerialization(String jwsCompactSerialization, byte[] secretKey) {
try {
Key key = new AesKey(secretKey);
JsonWebSignature jws = new JsonWebSignature();
jws.setCompactSerialization(jwsCompactSerialization);
jws.setKey(key);
boolean signatureVerified = jws.verifySignature();
return signatureVerified;
} catch (JoseException ex) {
throw new RuntimeException(ex);
}
}
示例9: jwsVerify
import org.jose4j.jws.JsonWebSignature; //导入方法依赖的package包/类
private static String jwsVerify(Key key, String jwt) throws Exception {
JsonWebSignature jws = new JsonWebSignature();
jws.setCompactSerialization(jwt);
jws.setKey(key);
jws.setDoKeyValidation(false);
boolean signatureVerified = jws.verifySignature();
System.out.println("JWS signature verification: " + signatureVerified);
System.out.println("JWT Headers: " + jws.getHeaders().getFullHeaderAsJsonString() );
return jws.getPayload();
}
示例10: jwsVerificationExample
import org.jose4j.jws.JsonWebSignature; //导入方法依赖的package包/类
@Test
public void jwsVerificationExample() throws JoseException
{
//
// An example of signature verification using JSON Web Signature (JWS)
//
// The complete JWS representation, or compact serialization, is string consisting of
// three dot ('.') separated base64url-encoded parts in the form Header.Payload.Signature
String compactSerialization = "eyJhbGciOiJFUzI1NiJ9." +
"VGhpcyBpcyBzb21lIHRleHQgdGhhdCBpcyB0byBiZSBzaWduZWQu." +
"GHiNd8EgKa-2A4yJLHyLCqlwoSxwqv2rzGrvUTxczTYDBeUHUwQRB3P0dp_DALL0jQIDz2vQAT_cnWTIW98W_A";
// Create a new JsonWebSignature
JsonWebSignature jws = new JsonWebSignature();
// Set the compact serialization on the JWS
jws.setCompactSerialization(compactSerialization);
// Set the verification key
// Note that your application will need to determine where/how to get the key
// Here we use an example from the JWS spec
PublicKey publicKey = ExampleEcKeysFromJws.PUBLIC_256;
jws.setKey(publicKey);
// Check the signature
boolean signatureVerified = jws.verifySignature();
// Do something useful with the result of signature verification
System.out.println("JWS Signature is valid: " + signatureVerified);
// Get the payload, or signed content, from the JWS
String payload = jws.getPayload();
// Do something useful with the content
System.out.println("JWS payload: " + payload);
}
示例11: parseJwksAndVerifyJwsExample
import org.jose4j.jws.JsonWebSignature; //导入方法依赖的package包/类
@Test
public void parseJwksAndVerifyJwsExample() throws JoseException
{
//
// An example of signature verification using JSON Web Signature (JWS)
// where the verification key is obtained from a JSON Web Key Set document.
//
// A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a
// cryptographic key (often but not always a public key). A JSON Web Key Set (JWK Set) document
// is a JSON data structure for representing one or more JSON Web Keys (JWK). A JWK Set might,
// for example, be obtained from an HTTPS endpoint controlled by the signer but this example
// presumes the JWK Set JSONhas already been acquired by some secure/trusted means.
String jsonWebKeySetJson = "{\"keys\":[" +
"{\"kty\":\"EC\",\"use\":\"sig\"," +
"\"kid\":\"the key\"," +
"\"x\":\"amuk6RkDZi-48mKrzgBN_zUZ_9qupIwTZHJjM03qL-4\"," +
"\"y\":\"ZOESj6_dpPiZZR-fJ-XVszQta28Cjgti7JudooQJ0co\",\"crv\":\"P-256\"}," +
"{\"kty\":\"EC\",\"use\":\"sig\"," +
" \"kid\":\"other key\"," +
"\"x\":\"eCNZgiEHUpLaCNgYIcvWzfyBlzlaqEaWbt7RFJ4nIBA\"," +
"\"y\":\"UujFME4pNk-nU4B9h4hsetIeSAzhy8DesBgWppiHKPM\",\"crv\":\"P-256\"}]}";
// The complete JWS representation, or compact serialization, is string consisting of
// three dot ('.') separated base64url-encoded parts in the form Header.Payload.Signature
String compactSerialization = "eyJhbGciOiJFUzI1NiIsImtpZCI6InRoZSBrZXkifQ." +
"UEFZTE9BRCE."+
"Oq-H1lk5G0rl6oyNM3jR5S0-BZQgTlamIKMApq3RX8Hmh2d2XgB4scvsMzGvE-OlEmDY9Oy0YwNGArLpzXWyjw";
// Create a new JsonWebSignature object
JsonWebSignature jws = new JsonWebSignature();
// Set the compact serialization on the JWS
jws.setCompactSerialization(compactSerialization);
// Create a new JsonWebKeySet object with the JWK Set JSON
JsonWebKeySet jsonWebKeySet = new JsonWebKeySet(jsonWebKeySetJson);
// The JWS header contains information indicating which key was used to secure the JWS.
// In this case (as will hopefully often be the case) the JWS Key ID
// corresponds directly to the Key ID in the JWK Set.
// The VerificationJwkSelector looks at Key ID, Key Type, designated use (signatures vs. encryption),
// and the designated algorithm in order to select the appropriate key for verification from
// a set of JWKs.
VerificationJwkSelector jwkSelector = new VerificationJwkSelector();
JsonWebKey jwk = jwkSelector.select(jws, jsonWebKeySet.getJsonWebKeys());
// The verification key on the JWS is the public key from the JWK we pulled from the JWK Set.
jws.setKey(jwk.getKey());
// Check the signature
boolean signatureVerified = jws.verifySignature();
// Do something useful with the result of signature verification
System.out.println("JWS Signature is valid: " + signatureVerified);
// Get the payload, or signed content, from the JWS
String payload = jws.getPayload();
// Do something useful with the content
System.out.println("JWS payload: " + payload);
}
示例12: claimsOfToken
import org.jose4j.jws.JsonWebSignature; //导入方法依赖的package包/类
public Map<String, Object> claimsOfToken( String issuerId, String token )
throws JoseException
{
// Token issuer
Issuer issuer = issuers.get( issuerId );
Objects.requireNonNull( issuer, "Unknown issuer: " + issuerId );
try
{
// Validate token signature
JsonWebSignature jws = new JsonWebSignature();
jws.setCompactSerialization( token );
jws.setKey( issuer.key() );
if( !jws.verifySignature() )
{
throw new JoseException( "JSON Web Token signature verification failed" );
}
// Extract claims
Map<String, Object> claims = JsonUtil.parseJson( jws.getPayload() );
// Validate token not-before/expiration
ZoneId utc = ZoneId.of( "UTC" );
ZonedDateTime nowUtc = ZonedDateTime.now( utc );
if( claims.get( CLAIM_NOT_BEFORE ) != null
&& ZonedDateTime.ofInstant( Instant.ofEpochSecond( (Long) claims.get( CLAIM_NOT_BEFORE ) ), utc )
.isAfter( nowUtc ) )
{
throw new JoseException( "JSON Web Token is not valid yet!" );
}
if( claims.get( CLAIM_EXPIRATION ) != null
&& ZonedDateTime.ofInstant( Instant.ofEpochSecond( (Long) claims.get( CLAIM_EXPIRATION ) ), utc )
.isBefore( nowUtc ) )
{
throw new JoseException( "JSON Web Token has expired!" );
}
if( metrics != null )
{
metrics.metrics().meter( METRIC_VALIDATED_TOKENS ).mark();
}
// Claims
return Collections.unmodifiableMap( claims );
}
catch( Exception ex )
{
if( metrics != null )
{
metrics.metrics().meter( METRIC_TOKEN_VALIDATION_ERRORS ).mark();
}
throw new JoseException( "JSON Web Token validation failed", ex );
}
}