本文整理匯總了Java中com.nimbusds.jwt.JWTClaimsSet.setIssueTime方法的典型用法代碼示例。如果您正苦於以下問題:Java JWTClaimsSet.setIssueTime方法的具體用法?Java JWTClaimsSet.setIssueTime怎麽用?Java JWTClaimsSet.setIssueTime使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類com.nimbusds.jwt.JWTClaimsSet的用法示例。
在下文中一共展示了JWTClaimsSet.setIssueTime方法的8個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Java代碼示例。
示例1: getJWT
import com.nimbusds.jwt.JWTClaimsSet; //導入方法依賴的package包/類
protected SignedJWT getJWT(String sub, Date expires, RSAPrivateKey privateKey)
throws Exception {
JWTClaimsSet claimsSet = new JWTClaimsSet();
claimsSet.setSubject(sub);
claimsSet.setIssueTime(new Date(new Date().getTime()));
claimsSet.setIssuer("https://c2id.com");
claimsSet.setCustomClaim("scope", "openid");
claimsSet.setExpirationTime(expires);
List<String> aud = new ArrayList<String>();
aud.add("bar");
claimsSet.setAudience("bar");
JWSHeader header = new JWSHeader.Builder(JWSAlgorithm.RS256).build();
SignedJWT signedJWT = new SignedJWT(header, claimsSet);
Base64URL sigInput = Base64URL.encode(signedJWT.getSigningInput());
JWSSigner signer = new RSASSASigner(privateKey);
signedJWT.sign(signer);
return signedJWT;
}
示例2: selfIssue
import com.nimbusds.jwt.JWTClaimsSet; //導入方法依賴的package包/類
public String selfIssue() {
JWSSigner signer = new RSASSASigner((RSAPrivateKey) keyPair.getPrivate());
List<String> aud = new ArrayList<String>();
aud.add(Constants.POYNT_API_HOST);
JWTClaimsSet claimsSet = new JWTClaimsSet();
claimsSet.setAudience(aud);
claimsSet.setSubject(config.getAppId());
claimsSet.setIssuer(config.getAppId());
Calendar now = Calendar.getInstance();
claimsSet.setIssueTime(now.getTime());
now.add(Calendar.MINUTE, 15);
claimsSet.setExpirationTime(now.getTime());
claimsSet.setJWTID(UUID.randomUUID().toString());
SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.RS256), claimsSet);
try {
signedJWT.sign(signer);
} catch (JOSEException e) {
throw new PoyntSdkException("Failed to sign self issued JWT.");
}
return signedJWT.serialize();
}
示例3: getJWT
import com.nimbusds.jwt.JWTClaimsSet; //導入方法依賴的package包/類
protected SignedJWT getJWT(String sub, Date expires, RSAPrivateKey privateKey)
throws Exception {
JWTClaimsSet claimsSet = new JWTClaimsSet();
claimsSet.setSubject(sub);
claimsSet.setIssueTime(new Date(new Date().getTime()));
claimsSet.setIssuer("https://c2id.com");
claimsSet.setCustomClaim("scope", "openid");
claimsSet.setExpirationTime(expires);
List<String> aud = new ArrayList<String>();
aud.add("bar");
claimsSet.setAudience("bar");
JWSHeader header = new JWSHeader.Builder(JWSAlgorithm.RS256).build();
SignedJWT signedJWT = new SignedJWT(header, claimsSet);
JWSSigner signer = new RSASSASigner(privateKey);
signedJWT.sign(signer);
return signedJWT;
}
示例4: service
import com.nimbusds.jwt.JWTClaimsSet; //導入方法依賴的package包/類
@Override
protected void service(HttpServletRequest request, HttpServletResponse response)
throws IOException, ServletException {
if (shared_key == null || subdomain == null)
throw new ServletException("Zendesk is not configured.");
// Given a user instance
// Compose the JWT claims set
JWTClaimsSet jwtClaims = new JWTClaimsSet();
jwtClaims.setIssueTime(new Date());
jwtClaims.setJWTID(UUID.randomUUID().toString());
Subject subject = EnvironmentContext.getCurrent().getSubject();
jwtClaims.setCustomClaim("name", getName());
jwtClaims.setCustomClaim("email", subject.getUserName());
// Create JWS header with HS256 algorithm
JWSHeader header = new JWSHeader(JWSAlgorithm.HS256);
JWSObject jwsObject = new JWSObject(header, new Payload(jwtClaims.toJSONObject()));
// Create HMAC signer
JWSSigner signer = new MACSigner(shared_key.getBytes());
try {
jwsObject.sign(signer);
} catch (JOSEException e) {
String msg = String.format("Error signing JWT: %s", e.getMessage());
LOG.warn(msg);
response.sendError(500, msg);
}
// Serialise to JWT compact form
String jwtString = jwsObject.serialize();
String redirectUrl = "https://" + subdomain + ".zendesk.com/access/jwt?jwt=" + jwtString;
response.sendRedirect(redirectUrl);
}
示例5: buildIDToken
import com.nimbusds.jwt.JWTClaimsSet; //導入方法依賴的package包/類
/**
* To build id token from OauthToken request message context
*
* @param request Token request message context
* @return Signed jwt string.
* @throws IdentityOAuth2Exception
*/
protected String buildIDToken(OAuthTokenReqMessageContext request)
throws IdentityOAuth2Exception {
String issuer = OAuth2Util.getIDTokenIssuer();
long lifetimeInMillis = OAuthServerConfiguration.getInstance().
getApplicationAccessTokenValidityPeriodInSeconds() * 1000;
long curTimeInMillis = Calendar.getInstance().getTimeInMillis();
// setting subject
String subject = request.getAuthorizedUser().getAuthenticatedSubjectIdentifier();
if (!StringUtils.isNotBlank(subject)) {
subject = request.getAuthorizedUser().getUserName();
}
// Set claims to jwt token.
JWTClaimsSet jwtClaimsSet = new JWTClaimsSet();
jwtClaimsSet.setIssuer(issuer);
jwtClaimsSet.setSubject(subject);
jwtClaimsSet.setAudience(Arrays.asList(request.getOauth2AccessTokenReqDTO().getClientId()));
jwtClaimsSet.setClaim(Constants.AUTHORIZATION_PARTY, request.getOauth2AccessTokenReqDTO().getClientId());
jwtClaimsSet.setExpirationTime(new Date(curTimeInMillis + lifetimeInMillis));
jwtClaimsSet.setIssueTime(new Date(curTimeInMillis));
addUserClaims(jwtClaimsSet, request.getAuthorizedUser());
if (JWSAlgorithm.NONE.getName().equals(signatureAlgorithm.getName())) {
return new PlainJWT(jwtClaimsSet).serialize();
}
return signJWT(jwtClaimsSet, request);
}
示例6: generateIdToken
import com.nimbusds.jwt.JWTClaimsSet; //導入方法依賴的package包/類
@Override
public void generateIdToken(String code, String userId, String clientId, String nonce, long authTime, String accessToken, long expireTime) {
try {
byte[] encoded = Base64.decodeBase64(JophielProperties.getInstance().getIdTokenPrivateKey().getBytes("utf-8"));
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(encoded);
KeyFactory kf = KeyFactory.getInstance("RSA");
RSAPrivateKey privateKey = (RSAPrivateKey) kf.generatePrivate(keySpec);
JWSSigner signer = new RSASSASigner(privateKey);
JWTClaimsSet claimsSet = new JWTClaimsSet();
claimsSet.setSubject(userId);
claimsSet.setAudience(clientId);
claimsSet.setIssuer(JophielProperties.getInstance().getJophielBaseUrl());
claimsSet.setIssueTime(new Date(System.currentTimeMillis()));
claimsSet.setExpirationTime(new Date(expireTime));
claimsSet.setClaim("auth_time", authTime);
claimsSet.setClaim("at_hash", JudgelsPlayUtils.hashMD5(accessToken).substring(accessToken.length() / 2));
SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.RS512), claimsSet);
signedJWT.sign(signer);
IdTokenModel idTokenModel = new IdTokenModel();
idTokenModel.userJid = userId;
idTokenModel.clientJid = clientId;
idTokenModel.code = code;
idTokenModel.redeemed = false;
idTokenModel.token = signedJWT.serialize();
idTokenDao.persist(idTokenModel, IdentityUtils.getUserJid(), IdentityUtils.getIpAddress());
} catch (NoSuchAlgorithmException | InvalidKeySpecException | JOSEException | UnsupportedEncodingException e) {
throw new RuntimeException(e);
}
}
示例7: issueToken
import com.nimbusds.jwt.JWTClaimsSet; //導入方法依賴的package包/類
public static JWT issueToken(String principal, String group, String role) {
// must have for kerb-token
String krbPrincipal = principal + "@SH.INTEL.COM";
PlainHeader header = new PlainHeader();
//header.setCustomParameter("krbPrincipal", krbPrincipal);
JWTClaimsSet jwtClaims = new JWTClaimsSet();
String iss = "token-service";
jwtClaims.setIssuer(iss);
String sub = principal;
jwtClaims.setSubject(sub);
// must have for kerb-token
jwtClaims.setSubject(krbPrincipal);
jwtClaims.setClaim("group", group);
if (role != null) {
jwtClaims.setClaim("role", role);
}
List<String> aud = new ArrayList<String>();
aud.add("krb5kdc-with-token-extension");
jwtClaims.setAudience(aud);
// Set expiration in 60 minutes
final Date NOW = new Date(new Date().getTime() / 1000 * 1000);
Date exp = new Date(NOW.getTime() + 1000 * 60 * 60);
jwtClaims.setExpirationTime(exp);
Date nbf = NOW;
jwtClaims.setNotBeforeTime(nbf);
Date iat = NOW;
jwtClaims.setIssueTime(iat);
String jti = UUID.randomUUID().toString();
jwtClaims.setJWTID(jti);
PlainJWT jwt = new PlainJWT(header, jwtClaims);
return jwt;
}
示例8: buildIDToken
import com.nimbusds.jwt.JWTClaimsSet; //導入方法依賴的package包/類
@Override
public String buildIDToken(OAuthAuthzReqMessageContext request, OAuth2AuthorizeRespDTO tokenRespDTO)
throws IdentityOAuth2Exception {
String issuer = OAuth2Util.getIDTokenIssuer();
long lifetimeInMillis = Integer.parseInt(config.getOpenIDConnectIDTokenExpiration()) * 1000;
long curTimeInMillis = Calendar.getInstance().getTimeInMillis();
// setting subject
String subject = request.getAuthorizationReqDTO().getUser().getAuthenticatedSubjectIdentifier();
String nonceValue = request.getAuthorizationReqDTO().getNonce();
// Get access token issued time
long accessTokenIssuedTime = getAccessTokenIssuedTime(tokenRespDTO.getAccessToken(), request) / 1000;
String atHash = null;
String responseType = request.getAuthorizationReqDTO().getResponseType();
//at_hash is generated on access token. Hence the check on response type to be id_token token or code
if (!JWSAlgorithm.NONE.getName().equals(signatureAlgorithm.getName()) &&
!OAuthConstants.ID_TOKEN.equalsIgnoreCase(responseType) &&
!OAuthConstants.NONE.equalsIgnoreCase(responseType)) {
String digAlg = mapDigestAlgorithm(signatureAlgorithm);
MessageDigest md;
try {
md = MessageDigest.getInstance(digAlg);
} catch (NoSuchAlgorithmException e) {
throw new IdentityOAuth2Exception("Invalid Algorithm : " + digAlg);
}
md.update(tokenRespDTO.getAccessToken().getBytes(Charsets.UTF_8));
byte[] digest = md.digest();
int leftHalfBytes = 16;
if (SHA384.equals(digAlg)) {
leftHalfBytes = 24;
} else if (SHA512.equals(digAlg)) {
leftHalfBytes = 32;
}
byte[] leftmost = new byte[leftHalfBytes];
for (int i = 0; i < leftHalfBytes; i++) {
leftmost[i] = digest[i];
}
atHash = new String(Base64.encodeBase64URLSafe(leftmost), Charsets.UTF_8);
}
if (log.isDebugEnabled()) {
StringBuilder stringBuilder = (new StringBuilder())
.append("Using issuer ").append(issuer).append("\n")
.append("Subject ").append(subject).append("\n")
.append("ID Token life time ").append(lifetimeInMillis / 1000).append("\n")
.append("Current time ").append(curTimeInMillis / 1000).append("\n")
.append("Nonce Value ").append(nonceValue).append("\n")
.append("Signature Algorithm ").append(signatureAlgorithm).append("\n");
if (log.isDebugEnabled()) {
log.debug(stringBuilder.toString());
}
}
JWTClaimsSet jwtClaimsSet = new JWTClaimsSet();
jwtClaimsSet.setIssuer(issuer);
jwtClaimsSet.setSubject(subject);
jwtClaimsSet.setAudience(Arrays.asList(request.getAuthorizationReqDTO().getConsumerKey()));
jwtClaimsSet.setClaim("azp", request.getAuthorizationReqDTO().getConsumerKey());
jwtClaimsSet.setExpirationTime(new Date(curTimeInMillis + lifetimeInMillis));
jwtClaimsSet.setIssueTime(new Date(curTimeInMillis));
jwtClaimsSet.setClaim("auth_time", accessTokenIssuedTime);
if(atHash != null){
jwtClaimsSet.setClaim("at_hash", atHash);
}
if (nonceValue != null) {
jwtClaimsSet.setClaim("nonce", nonceValue);
}
request.addProperty(OAuthConstants.ACCESS_TOKEN, tokenRespDTO.getAccessToken());
CustomClaimsCallbackHandler claimsCallBackHandler =
OAuthServerConfiguration.getInstance().getOpenIDConnectCustomClaimsCallbackHandler();
claimsCallBackHandler.handleCustomClaims(jwtClaimsSet, request);
if (JWSAlgorithm.NONE.getName().equals(signatureAlgorithm.getName())) {
return new PlainJWT(jwtClaimsSet).serialize();
}
return signJWT(jwtClaimsSet, request);
}