本文整理汇总了Java中org.jose4j.jwt.consumer.JwtConsumerBuilder.setExpectedAudience方法的典型用法代码示例。如果您正苦于以下问题:Java JwtConsumerBuilder.setExpectedAudience方法的具体用法?Java JwtConsumerBuilder.setExpectedAudience怎么用?Java JwtConsumerBuilder.setExpectedAudience使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.jose4j.jwt.consumer.JwtConsumerBuilder的用法示例。
在下文中一共展示了JwtConsumerBuilder.setExpectedAudience方法的6个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: buildConsumer
import org.jose4j.jwt.consumer.JwtConsumerBuilder; //导入方法依赖的package包/类
public JwtConsumer buildConsumer(final HttpsJwks jwks,
final List<String> audience) {
final JwtConsumerBuilder builder = new JwtConsumerBuilder()
.setRequireJwtId();
if (jwks != null) {
builder
.setVerificationKeyResolver(new HttpsJwksVerificationKeyResolver(jwks));
} else {
builder.setSkipSignatureVerification();
}
if (audience != null) {
builder
.setExpectedAudience(audience.toArray(new String[audience.size()]));
} else {
builder.setSkipDefaultAudienceValidation();
}
return builder.build();
}
示例2: toClaimsSet
import org.jose4j.jwt.consumer.JwtConsumerBuilder; //导入方法依赖的package包/类
/**
* {@inheritDoc}
*/
@Override
public JwtClaims toClaimsSet(final String jwt,
final String audience,
final HttpsJwks httpsJwks) {
final JwtConsumerBuilder builder = new JwtConsumerBuilder()
.setVerificationKeyResolver(new HttpsJwksVerificationKeyResolver(httpsJwks));
if (audience == null) {
builder.setSkipDefaultAudienceValidation();
} else {
builder.setExpectedAudience(audience);
}
final JwtConsumer jwtConsumer = builder
.build();
try {
return jwtConsumer.processToClaims(jwt);
} catch (final InvalidJwtException e) {
throw new InternalServerErrorException(e);
}
}
示例3: JWTVerifier
import org.jose4j.jwt.consumer.JwtConsumerBuilder; //导入方法依赖的package包/类
public JWTVerifier(final String secret, final String issuer, final String audience)
{
final JwtConsumerBuilder builder = new JwtConsumerBuilder();
if (StringUtils.isNotBlank(audience))
builder.setExpectedAudience(audience);
if (StringUtils.isNotBlank(issuer))
builder.setExpectedIssuer(issuer);
builder.setVerificationKey(new HmacKey(secret.getBytes(StandardCharsets.UTF_8)));
builder.setAllowedClockSkewInSeconds(60);
builder.setRelaxVerificationKeyValidation(); // Allow HMAC keys < 256 bits
consumer = builder.build();
}
示例4: verifyJWT
import org.jose4j.jwt.consumer.JwtConsumerBuilder; //导入方法依赖的package包/类
private String verifyJWT() throws Exception {
JwtConsumerBuilder builder = new JwtConsumerBuilder();
// Basics
builder.setRequireExpirationTime();
builder.setRequireSubject();
if (!isEmpty(this.issuer)) {
builder.setExpectedIssuer(this.issuer);
}
if (!isEmpty(this.audience)) {
builder.setExpectedAudience(this.audience);
}
if (this.jws) {
AlgorithmConstraints jwsAlgConstraints =
new AlgorithmConstraints(ConstraintType.WHITELIST,ALGORITHMS.get(jwsAlgo));
builder.setJwsAlgorithmConstraints(jwsAlgConstraints);
builder.setVerificationKey(getJWSKey(this.jwsKey, this.jwsAlgo));
}
if (this.jwe) {
if (!this.jws) {
builder.setDisableRequireSignature();
}
AlgorithmConstraints jweAlgConstraints =
new AlgorithmConstraints(ConstraintType.WHITELIST, ALGORITHMS.get(jweKeyAlgo));
builder.setJweAlgorithmConstraints(jweAlgConstraints);
AlgorithmConstraints jweEncConstraints =
new AlgorithmConstraints(ConstraintType.WHITELIST, ALGORITHMS.get(jweAlgo));
builder.setJweContentEncryptionAlgorithmConstraints(jweEncConstraints);
builder.setDecryptionKey(getJWEKey(this.jweKey, this.jweKeyAlgo, this.jweKeyPassword));
}
JwtConsumer jwtConsumer = builder.build();
JwtClaims claims = jwtConsumer.processToClaims(jwt);
return claims.toJson();
}
示例5: setRequirements
import org.jose4j.jwt.consumer.JwtConsumerBuilder; //导入方法依赖的package包/类
@Override
public void setRequirements(TokenRequirements requirements)
throws JoseException {
if (requirements == null) {
requirements = TokenRequirementsBuilder.createDefault();
}
this.requirements = requirements;
JwtConsumerBuilder jwtConsumerBuilder = new JwtConsumerBuilder();
if (requirements.validateSignature()) {
JsonWebKeySet jsonWebKeySet = new JsonWebKeySet(
requirements.getVerificationKeys());
VerificationKeyResolver jwksResolver = new JwksVerificationKeyResolver(
jsonWebKeySet.getJsonWebKeys());
jwtConsumerBuilder.setVerificationKeyResolver(jwksResolver);
}
if (requirements.validateExpiration()) {
jwtConsumerBuilder.setRequireExpirationTime()
.setAllowedClockSkewInSeconds(
(int) requirements.getAllowedClockDriftSecs())
.setRequireIssuedAt();
}
if (requirements.checkAudience()) {
jwtConsumerBuilder.setExpectedAudience(requirements.getAudience());
}
if (requirements.checkIssuer()) {
jwtConsumerBuilder.setExpectedIssuer(requirements.getIssuer());
}
if (requirements.checkSubject()) {
jwtConsumerBuilder.setExpectedSubject(requirements.getClientId());
}
this.jwtConsumer = jwtConsumerBuilder.build();
}
示例6: handleJwtAssertionGrant
import org.jose4j.jwt.consumer.JwtConsumerBuilder; //导入方法依赖的package包/类
/**
* Takes an assertion and converts it using an {@link InternalClaimsBuilder} to
* a JWT used internally
*
* @param assertion
* an external JWT assertion
* @param clientId
* client ID
* @return OAuth response
*/
private OAuthTokenResponse handleJwtAssertionGrant(final String assertion,
final String clientId,
final String audience) {
if (assertion == null) {
throw ErrorResponses.badRequest(ErrorCodes.INVALID_REQUEST, "Missing assertion");
}
if (clientId == null) {
throw ErrorResponses.badRequest(ErrorCodes.INVALID_REQUEST, "Missing client_id");
}
try {
final URI jwksUri = clientValidator.getJwksUri(clientId);
LOG.debug("jwksUri={}", jwksUri);
HttpsJwks httpsJwks = null;
if (jwksUri != null) {
httpsJwks = jwksMap.computeIfAbsent(jwksUri, uri -> new HttpsJwks(uri.toASCIIString()));
}
final JwtConsumerBuilder builder = new JwtConsumerBuilder();
if (httpsJwks == null) {
builder.setDisableRequireSignature()
.setSkipSignatureVerification();
} else {
builder.setVerificationKeyResolver(new HttpsJwksVerificationKeyResolver(httpsJwks));
}
if (audience == null) {
builder.setExpectedAudience(clientId);
} else {
builder.setExpectedAudience(clientId, audience);
}
final JwtConsumer jwtConsumer = builder
.build();
final JwtClaims internalClaims = internalClaimsBuilder.buildInternalJWTClaimsSet(jwtConsumer.processToClaims(assertion));
if (internalClaims.getSubject() == null) {
LOG.error("Subject is missing from {}", internalClaims);
throw ErrorResponses.internalServerError("Subject is missing from the resulting claims set.");
}
internalClaims.setGeneratedJwtId();
internalClaims.setIssuer(issuer.toASCIIString());
if (audience == null) {
internalClaims.setAudience(clientId);
} else {
internalClaims.setAudience(clientId, audience);
}
internalClaims.setIssuedAtToNow();
final Instant expirationTime = Instant.now().plus(jwtMaximumLifetimeInSeconds, ChronoUnit.SECONDS);
internalClaims.setExpirationTime(NumericDate.fromMilliseconds(expirationTime.toEpochMilli()));
return tokenCache.store(cryptoOps.sign(internalClaims), internalClaims.getAudience(), expirationTime);
} catch (final MalformedClaimException
| InvalidJwtException e) {
LOG.error("Unable to parse assertion", e);
throw ErrorResponses.badRequest(ErrorCodes.INVALID_REQUEST, "Unable to parse assertion");
}
}