本文整理汇总了Java中org.springframework.security.jwt.Jwt.verifySignature方法的典型用法代码示例。如果您正苦于以下问题:Java Jwt.verifySignature方法的具体用法?Java Jwt.verifySignature怎么用?Java Jwt.verifySignature使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.springframework.security.jwt.Jwt
的用法示例。
在下文中一共展示了Jwt.verifySignature方法的3个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: verifySignature
import org.springframework.security.jwt.Jwt; //导入方法依赖的package包/类
private static void verifySignature(Jwt jwt, String publicKey) {
try {
RsaVerifier rsaVerifier = new RsaVerifier(publicKey);
jwt.verifySignature(rsaVerifier);
} catch (Exception ex) {
throw new AuthenticationServiceException("Error verifying signature of token");
}
}
示例2: authenticate
import org.springframework.security.jwt.Jwt; //导入方法依赖的package包/类
@Override
public Authentication authenticate(final Authentication authRequest) throws AuthenticationException {
// Getting string token from authentication request object
String token = Preconditions.notNull(StringUtils.trimToNull((String) authRequest.getCredentials()), ExceptionCode.AUTHENTICATION, "No jwt token present.");
// Getting JWT object from string token
Jwt jwt = JwtHelper.decode(token);
// Getting payload of token
String claims = jwt.getClaims();
TokenPayload tokenPayload = this.gson.fromJson(claims, TokenPayload.class);
// Checking if token already expired and throwing an AuthenticationException in this case
checkIsExpired(tokenPayload.expirationTime);
// Getting user id from token
Long userId = Preconditions.notNull(tokenPayload.userId, ExceptionCode.AUTHENTICATION, "Token doesn't contains user id.");
// Getting user from database
HeapUser user = this.heapUserRepository.findOne(userId);
// Validate token signature (to be sure that token doesn't change on client side)
try {
jwt.verifySignature(new MacSigner(user.getSecret()));
} catch (Exception cause) {
HeapException.throwNew(ExceptionCode.AUTHENTICATION, "Token verification failed.", cause);
}
// Return authenticated Authentication
HeapUserDetails userDetails = new HeapUserDetails(user);
userDetails.eraseCredentials();
return new JwtAuthenticationToken(userDetails);
}
示例3: decodeAndVerify
import org.springframework.security.jwt.Jwt; //导入方法依赖的package包/类
@Nullable
@Override
public BlueWebToken decodeAndVerify(@Nonnull final String idToken){
final long now = System.currentTimeMillis();
if(log.isTraceEnabled()){
log.trace("Decoding token [" + idToken + "]");
}
try{
Jwt jwt = JwtHelper.decode(idToken);
// Get the key ID we need to use to verify the token
String keyId = getKeyId(idToken);
if("".equals(keyId.trim())){
log.warn("Failed to retrieve key ID for token");
return null;
}
BlueWebToken token = typeSecuredObjectMapper().readValue(
jwt.getClaims(),
BlueWebToken.class);
// Get the key and verify the JWT signature
RSAPublicKey key = rsaPublicKey(keyId, token.getAuthContextReference());
jwt.verifySignature(new RsaVerifier(key));
// Validate the nonce
if(!nonceService.isValid(token.getNonce())){
log.warn("Failed to validate nonce in token. This could be a replay attack.");
return null;
}
if(!claimValidationService.validateAudience(token)){
log.warn("Failed to validate audience in token. This could be a replay attack.");
return null;
}
if(!claimValidationService.validateIssuer(token)){
log.warn("Failed to validate issuer of token. This could be a replay attack.");
return null;
}
if(!claimValidationService.validateNotBefore(token, now)){
log.warn("Failed to validate notBefore time in token. This could be a replay attack. 'Now' milliseconds: " + now + "; 'NotBefore' milliseconds: " + token
.getNotBefore()
.toInstant()
.toEpochMilli());
return null;
}
if(!claimValidationService.validateExpiration(token, now)){
log.warn("Failed to validate expiration time in token. This could be a replay attack. 'Now' milliseconds: " + now + "; 'Expiration' milliseconds: " + token
.getExpiration()
.toInstant()
.toEpochMilli());
return null;
}
return token;
}catch(IOException | IllegalArgumentException | InvalidSignatureException x){
log.warn("Failed to extract data from JWT token: " + x.getMessage(), x);
}
return null;
}