本文整理匯總了Java中com.nimbusds.jwt.SignedJWT.parse方法的典型用法代碼示例。如果您正苦於以下問題:Java SignedJWT.parse方法的具體用法?Java SignedJWT.parse怎麽用?Java SignedJWT.parse使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類com.nimbusds.jwt.SignedJWT的用法示例。
在下文中一共展示了SignedJWT.parse方法的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Java代碼示例。
示例1: readSignedJWT
import com.nimbusds.jwt.SignedJWT; //導入方法依賴的package包/類
private <T> JWTData<T> readSignedJWT(String data, KeySelector keySelector, Class<T> classType, JWTVerifier verifier) throws ParseException, JOSEException {
SignedJWT signedJWT = SignedJWT.parse(data);
String keyID = signedJWT.getHeader().getKeyID();
Key key = keySelector.selectSecretKey(keyID);
if (key == null) {
throw new InvalidJWTException(String.format("No key found for %s", keyID));
}
JWSVerifier jwsVerifier = jwsVerifierFactory.createJWSVerifier(signedJWT.getHeader(), key);
if (!signedJWT.verify(jwsVerifier)) {
throw new InvalidJWTException("JWT Signature verification failed");
}
if (verifier != null) {
if (!verifier.verify(signedJWT.getHeader(), signedJWT.getJWTClaimsSet())) {
throw new InvalidJWTException("JWT verification failed");
}
}
MetaJWTData metaJWTData = new MetaJWTData(keyID, signedJWT.getHeader().getCustomParams());
return readJSONString(signedJWT.getPayload().toString(), classType, metaJWTData);
}
示例2: testRolesEndpointToJWTString
import com.nimbusds.jwt.SignedJWT; //導入方法依賴的package包/類
/**
*
* @throws Exception
*/
@Test
public void testRolesEndpointToJWTString() throws Exception {
// Transform the JSON content into a signed JWT
String jwt = TokenUtils.generateTokenString("/Token1.json");
System.out.println(jwt);
/* Note that if you try to validate this token string via jwt.io debugger, you need to take the
/publicKey.pem contents, and use
-----BEGIN PUBLIC KEY-----
...
-----END PUBLIC KEY-----
rather than the:
-----BEGIN RSA PUBLIC KEY-----
...
-----END RSA PUBLIC KEY-----
in the file.
*/
// Validate the string via Nimbus
SignedJWT signedJWT = SignedJWT.parse(jwt);
PublicKey publicKey = TokenUtils.readPublicKey("/publicKey.pem");
Assert.assertTrue(publicKey instanceof RSAPublicKey, "publicKey isa RSAPublicKey");
JWSVerifier verifier = new RSASSAVerifier((RSAPublicKey)publicKey);
Assert.assertTrue(signedJWT.verify(verifier));
}
示例3: parseAndVerifyToken
import com.nimbusds.jwt.SignedJWT; //導入方法依賴的package包/類
public SignedJWT parseAndVerifyToken(String jwtString) throws WebApiClientException {
try {
SignedJWT signedJWT = SignedJWT.parse(jwtString);
JWSVerifier verifier = new RSASSAVerifier(jwtConfig.getRSAPublicKey());
if (signedJWT.verify(verifier)) {
JWTClaimsSet claimsSet = signedJWT.getJWTClaimsSet();
if (claimsSet.getAudience().contains(jwtConfig.getServiceUUID()) &&
claimsSet.getIssuer().equalsIgnoreCase(JwtUtil.ISSUER)) {
return signedJWT;
}
}
} catch (ParseException | JOSEException e) {
throw new WebApiClientException(e.getMessage());
}
throw new WebApiClientException("Authorization token cannot be verified");
}
示例4: verifyToken
import com.nimbusds.jwt.SignedJWT; //導入方法依賴的package包/類
@Override
public Optional<Authentication> verifyToken(Optional<String> token) {
if (!token.isPresent()) {
return Optional.empty();
}
SignedJWT signedJwt;
JWTClaimsSet claimSet;
try {
signedJwt = SignedJWT.parse(token.get());
claimSet = signedJwt.getJWTClaimsSet();
if (!signedJwt.verify(verifier)) {
throw new BadCredentialsException("Invalid token");
}
} catch (ParseException | JOSEException e) {
throw new IllegalArgumentException("Error while parsing and verifying token.", e);
}
if (claimSet.getExpirationTime().getTime() < System.currentTimeMillis()) {
throw new BadCredentialsException("Token is expired");
}
return Optional.of(transformer.getAuthentication(claimSet));
}
示例5: itShouldGenerateAValidToken
import com.nimbusds.jwt.SignedJWT; //導入方法依賴的package包/類
@Test
public void itShouldGenerateAValidToken() throws ParseException, JOSEException {
JWTClaimsSet claimsSet = new JWTClaimsSet.Builder()
.subject(USER.getUsername())
.issueTime(NOW)
.expirationTime(EXPIRATION)
.build();
Mockito.when(mockTransformer.getClaimsSet(AUTHENTICATION)).thenReturn(claimsSet);
Mockito.when(mockSigner.sign(Matchers.any(), Matchers.any())).thenReturn(Base64URL.encode("MYSIGNATURE"));
// Method being tested
String token = jwtTokenService.generateToken(AUTHENTICATION);
SignedJWT signedJwt = SignedJWT.parse(token);
JWTClaimsSet fetchedClaimsSet = signedJwt.getJWTClaimsSet();
Assertions.assertThat(signedJwt.verify(verifier)).isTrue();
System.out.println(signedJwt.serialize());
Assertions.assertThat(fetchedClaimsSet.getSubject()).isEqualTo(USERNAME);
}
示例6: interceptRequest
import com.nimbusds.jwt.SignedJWT; //導入方法依賴的package包/類
@Override
public boolean interceptRequest(Request request, Response response) throws Exception {
HttpHeaders headers = request.getHeaders();
if (headers != null) {
String jwtHeader = headers.getHeaderString(JWT_HEADER);
if (jwtHeader != null) {
SignedJWT signedJWT = SignedJWT.parse(jwtHeader);
ReadOnlyJWTClaimsSet readOnlyJWTClaimsSet = signedJWT.getJWTClaimsSet();
if (readOnlyJWTClaimsSet != null) {
// Do something with claims
return true;
}
}
}
response.setHeader(javax.ws.rs.core.HttpHeaders.WWW_AUTHENTICATE, AUTH_TYPE_JWT);
response.setStatus(javax.ws.rs.core.Response.Status.UNAUTHORIZED.getStatusCode());
return false;
}
示例7: verifySignature
import com.nimbusds.jwt.SignedJWT; //導入方法依賴的package包/類
private boolean verifySignature(String jwt) {
try {
SignedJWT signedJWT = SignedJWT.parse(jwt);
if (new Date().before(signedJWT.getJWTClaimsSet().getExpirationTime())) {
JWSVerifier verifier =
new RSASSAVerifier((RSAPublicKey) getPublicKey(KEYSTORE, KEYSTORE_PASSWORD, ALIAS));
return signedJWT.verify(verifier);
} else {
log.info("Token has expired");
}
} catch (ParseException | IOException | KeyStoreException | CertificateException |
NoSuchAlgorithmException | UnrecoverableKeyException | JOSEException e) {
log.error("Error occurred while JWT signature verification. JWT=" + jwt, e);
}
return false;
}
示例8: validToken
import com.nimbusds.jwt.SignedJWT; //導入方法依賴的package包/類
@Test
public void validToken() throws JOSEException, ParseException {
JWTClaimsSet jwtClaims = getJWTClaimsSet("issuer", "subject", new Date(), new Date(), new Date(new Date().getTime() + 100000));
JWSHeader header = new JWSHeader(JWSAlgorithm.HS256);
Payload payload = new Payload(jwtClaims.toJSONObject());
JWSObject jwsObject = new JWSObject(header, payload);
JWSSigner signer = new MACSigner(sharedKey);
jwsObject.sign(signer);
String token = jwsObject.serialize();
SignedJWT signed = SignedJWT.parse(token);
JWSVerifier verifier = new MACVerifierExtended(sharedKey, signed.getJWTClaimsSet());
signed.verify(verifier);
Assert.assertTrue("Must be valid", signed.verify(verifier));
}
示例9: invalidTokenNotBeforeTime
import com.nimbusds.jwt.SignedJWT; //導入方法依賴的package包/類
@Test
public void invalidTokenNotBeforeTime() throws JOSEException, ParseException {
JWTClaimsSet jwtClaims = getJWTClaimsSet("issuer", "subject", new Date(), new Date(new Date().getTime() + 100000), new Date(new Date().getTime() + 200000));
JWSHeader header = new JWSHeader(JWSAlgorithm.HS256);
Payload payload = new Payload(jwtClaims.toJSONObject());
JWSObject jwsObject = new JWSObject(header, payload);
JWSSigner signer = new MACSigner(sharedKey);
jwsObject.sign(signer);
String token = jwsObject.serialize();
SignedJWT signed = SignedJWT.parse(token);
JWSVerifier verifier = new MACVerifierExtended(sharedKey, signed.getJWTClaimsSet());
signed.verify(verifier);
Assert.assertFalse("Must be invalid", signed.verify(verifier));
}
示例10: invalidTokenExpirationTime
import com.nimbusds.jwt.SignedJWT; //導入方法依賴的package包/類
@Test
public void invalidTokenExpirationTime() throws JOSEException, ParseException {
JWTClaimsSet jwtClaims = getJWTClaimsSet("issuer", "subject", new Date(), new Date(), new Date());
JWSHeader header = new JWSHeader(JWSAlgorithm.HS256);
Payload payload = new Payload(jwtClaims.toJSONObject());
JWSObject jwsObject = new JWSObject(header, payload);
JWSSigner signer = new MACSigner(sharedKey);
jwsObject.sign(signer);
String token = jwsObject.serialize();
SignedJWT signed = SignedJWT.parse(token);
JWSVerifier verifier = new MACVerifierExtended(sharedKey, signed.getJWTClaimsSet());
signed.verify(verifier);
Assert.assertFalse("Must be invalid", signed.verify(verifier));
}
示例11: extractAppIdFromIdToken
import com.nimbusds.jwt.SignedJWT; //導入方法依賴的package包/類
private String extractAppIdFromIdToken(String token) {
String appId = null;
KeyStoreManager keyStoreManager = KeyStoreManager.getInstance(MultitenantConstants.SUPER_TENANT_ID);
try {
keyStoreManager.getDefaultPrimaryCertificate();
JWSVerifier verifier =
new RSASSAVerifier((RSAPublicKey) keyStoreManager.getDefaultPublicKey());
SignedJWT jwsObject = SignedJWT.parse(token);
if (jwsObject.verify(verifier)) {
appId = jwsObject.getJWTClaimsSet().getStringClaim("appId");
}
} catch (Exception e) {
String message = "Could not extract application id from id token";
log.error(message, e);
}
return appId;
}
示例12: jwtMAC
import com.nimbusds.jwt.SignedJWT; //導入方法依賴的package包/類
/**
* JWT
* 使用HMAC SHA-256 進行加密 與 解密
* 基於相同的 secret (對稱算法)
* <p/>
* 算法 Secret長度
* HS256 32
* HS384 64
* HS512 64
*
* @throws Exception
*/
@Test
public void jwtMAC() throws Exception {
String sharedSecret = RandomStringUtils.random(64, true, true);
JWSSigner jwsSigner = new MACSigner(sharedSecret);
//生成idToken
final String payloadText = "I am MyOIDC";
JWTClaimsSet claimsSet = new JWTClaimsSet.Builder()
.subject("subject")
.issuer("https://andaily.com")
.claim("payloadText", payloadText)
.expirationTime(new Date(new Date().getTime() + 60 * 1000))
.build();
// final JWSHeader header = new JWSHeader(JWSAlgorithm.HS256);
// final JWSHeader header = new JWSHeader(JWSAlgorithm.HS384);
final JWSHeader header = new JWSHeader(JWSAlgorithm.HS512);
SignedJWT signedJWT = new SignedJWT(header, claimsSet);
signedJWT.sign(jwsSigner);
final String idToken = signedJWT.serialize();
//校驗idToken
final SignedJWT parseJWT = SignedJWT.parse(idToken);
JWSVerifier jwsVerifier = new MACVerifier(sharedSecret);
final boolean verify = parseJWT.verify(jwsVerifier);
assertTrue(verify);
// final Payload payload = parseJWT.getPayload();
final JWTClaimsSet jwtClaimsSet = parseJWT.getJWTClaimsSet();
assertEquals(jwtClaimsSet.getSubject(), "subject");
}
示例13: decodeToken
import com.nimbusds.jwt.SignedJWT; //導入方法依賴的package包/類
public JWTClaimsSet decodeToken(String authHeader) throws ParseException, JOSEException {
SignedJWT signedJWT = SignedJWT.parse(getSerializedToken(authHeader));
if (signedJWT.verify(new MACVerifier(tokenSecret))) {
return signedJWT.getJWTClaimsSet();
} else {
throw new JOSEException("Signature verification failed");
}
}
示例14: verifySignature
import com.nimbusds.jwt.SignedJWT; //導入方法依賴的package包/類
public Boolean verifySignature(String token) throws ParseException, JOSEException {
SignedJWT signedJWT = SignedJWT.parse(token);
SessionIdentifier session = getSession(token);
byte[] sharedSecret = session.getSecretKey();
JWSVerifier verifier = new MACVerifier(sharedSecret);
return signedJWT.verify(verifier);
}
示例15: validateToken
import com.nimbusds.jwt.SignedJWT; //導入方法依賴的package包/類
protected boolean validateToken(String token) {
try {
SignedJWT signed = SignedJWT.parse(token);
return validateSignature(signed);
} catch (ParseException ex) {
LOGGER.info("ParseException in validateToken", ex);
return false;
}
}