本文整理匯總了Java中com.nimbusds.jwt.SignedJWT.verify方法的典型用法代碼示例。如果您正苦於以下問題:Java SignedJWT.verify方法的具體用法?Java SignedJWT.verify怎麽用?Java SignedJWT.verify使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類com.nimbusds.jwt.SignedJWT的用法示例。
在下文中一共展示了SignedJWT.verify方法的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Java代碼示例。
示例1: readSignedJWT
import com.nimbusds.jwt.SignedJWT; //導入方法依賴的package包/類
private <T> JWTData<T> readSignedJWT(String data, KeySelector keySelector, Class<T> classType, JWTVerifier verifier) throws ParseException, JOSEException {
SignedJWT signedJWT = SignedJWT.parse(data);
String keyID = signedJWT.getHeader().getKeyID();
Key key = keySelector.selectSecretKey(keyID);
if (key == null) {
throw new InvalidJWTException(String.format("No key found for %s", keyID));
}
JWSVerifier jwsVerifier = jwsVerifierFactory.createJWSVerifier(signedJWT.getHeader(), key);
if (!signedJWT.verify(jwsVerifier)) {
throw new InvalidJWTException("JWT Signature verification failed");
}
if (verifier != null) {
if (!verifier.verify(signedJWT.getHeader(), signedJWT.getJWTClaimsSet())) {
throw new InvalidJWTException("JWT verification failed");
}
}
MetaJWTData metaJWTData = new MetaJWTData(keyID, signedJWT.getHeader().getCustomParams());
return readJSONString(signedJWT.getPayload().toString(), classType, metaJWTData);
}
示例2: retrieveUsernamePasswordFromLoginToken
import com.nimbusds.jwt.SignedJWT; //導入方法依賴的package包/類
/**
* retrieves username and password from JSON web tocken
*
* @param token - the serialized JSON web token from login
* @return username and password (combined by ":")
*/
public static String retrieveUsernamePasswordFromLoginToken(String token) {
JWEObject jweObject;
try {
jweObject = JWEObject.parse(token);
// Decrypt with shared key
jweObject.decrypt(new RSADecrypter(RSA_KEYS.getPrivate()));
// Extract payload
SignedJWT signedJWT = jweObject.getPayload().toSignedJWT();
RSAKey serverPublicKey = RSAKey.parse(signedJWT.getHeader().getJWK().toJSONObject());
if (signedJWT.verify(new RSASSAVerifier(serverPublicKey))) {
//Token is valid
String username = signedJWT.getJWTClaimsSet().getSubject();
String password = signedJWT.getJWTClaimsSet().getStringClaim("password");
return username + ":" + password;
}
} catch (ParseException | JOSEException e) {
LOGGER.error(e);
}
return null;
}
示例3: validateSignature
import com.nimbusds.jwt.SignedJWT; //導入方法依賴的package包/類
/**
* Verify the signature of the JWT token in this method. This method depends
* on the public key that was established during init based upon the
* provisioned public key. Override this method in subclasses in order to
* customize the signature verification behavior.
*
* @param jwtToken the token that contains the signature to be validated
* @return valid true if signature verifies successfully; false otherwise
*/
protected boolean validateSignature(SignedJWT jwtToken) {
boolean valid = false;
if (JWSObject.State.SIGNED == jwtToken.getState()) {
LOG.debug("JWT token is in a SIGNED state");
if (jwtToken.getSignature() != null) {
LOG.debug("JWT token signature is not null");
try {
JWSVerifier verifier = new RSASSAVerifier(publicKey);
if (jwtToken.verify(verifier)) {
valid = true;
LOG.debug("JWT token has been successfully verified");
} else {
LOG.warn("JWT signature verification failed.");
}
} catch (JOSEException je) {
LOG.warn("Error while validating signature", je);
}
}
}
return valid;
}
示例4: parseAndVerifyToken
import com.nimbusds.jwt.SignedJWT; //導入方法依賴的package包/類
public SignedJWT parseAndVerifyToken(String jwtString) throws WebApiClientException {
try {
SignedJWT signedJWT = SignedJWT.parse(jwtString);
JWSVerifier verifier = new RSASSAVerifier(jwtConfig.getRSAPublicKey());
if (signedJWT.verify(verifier)) {
JWTClaimsSet claimsSet = signedJWT.getJWTClaimsSet();
if (claimsSet.getAudience().contains(jwtConfig.getServiceUUID()) &&
claimsSet.getIssuer().equalsIgnoreCase(JwtUtil.ISSUER)) {
return signedJWT;
}
}
} catch (ParseException | JOSEException e) {
throw new WebApiClientException(e.getMessage());
}
throw new WebApiClientException("Authorization token cannot be verified");
}
示例5: retrievePublicKeyFromLoginToken
import com.nimbusds.jwt.SignedJWT; //導入方法依賴的package包/類
/**
* retrieves the client public key from Login Token
*
* @param token - the serialized JSON Web Token from login
* @return the public key as JWK object
*/
public static JWK retrievePublicKeyFromLoginToken(String token) {
JWK result = null;
JWEObject jweObject;
try {
jweObject = JWEObject.parse(token);
// Decrypt with shared key
jweObject.decrypt(new RSADecrypter(RSA_KEYS.getPrivate()));
// Extract payload
SignedJWT signedJWT = jweObject.getPayload().toSignedJWT();
result = signedJWT.getHeader().getJWK();
RSAKey publicKey = RSAKey.parse(result.toJSONObject());
if (signedJWT.verify(new RSASSAVerifier(publicKey))) {
return result;
}
} catch (ParseException | JOSEException e) {
LOGGER.error(e);
}
return null;
}
示例6: decryptAndVerify
import com.nimbusds.jwt.SignedJWT; //導入方法依賴的package包/類
@Override
public String decryptAndVerify(String encryptedAndSignedJwt) {
try {
JWEObject jweObject = JWEObject.parse(encryptedAndSignedJwt);
jweObject.decrypt(new DirectDecrypter(sessionJwtEncryptionKey));
SignedJWT signedJWT = jweObject.getPayload().toSignedJWT();
if (!signedJWT.verify(new MACVerifier(sessionJwtEncryptionKey))) {
logger.warn("JWT signature verification failed.");
return null;
}
for (JwtClaimsSetVerifier verifier : jwtClaimsSetVerifiers) {
if (!verifier.verify(signedJWT.getJWTClaimsSet())) {
logger.warn("JWT claims verification failed.");
return null;
}
}
return signedJWT.getJWTClaimsSet().getSubject();
} catch (ParseException | JOSEException e) {
throw new RuntimeException("Could not parse JWT", e);
}
}
示例7: deserialize
import com.nimbusds.jwt.SignedJWT; //導入方法依賴的package包/類
public Client deserialize(String jweString) {
try {
JWEObject jweObject = JWEObject.parse(jweString);
jweObject.decrypt(new DirectDecrypter(sessionJwtEncryptionKey));
SignedJWT signedJWT = jweObject.getPayload().toSignedJWT();
if(!signedJWT.verify(new MACVerifier(sessionJwtEncryptionKey))) {
return null;
}
if(!expirationJwtClaimsVerifier.verify(signedJWT.getJWTClaimsSet())) {
return null;
}
return objectMapper.readValue(signedJWT.getJWTClaimsSet().getSubject(), Client.class);
} catch (ParseException | JOSEException | IOException e) {
throw new RuntimeException("Could not deserialize JWT to Client", e);
}
}
示例8: validateSignature
import com.nimbusds.jwt.SignedJWT; //導入方法依賴的package包/類
protected boolean validateSignature(SignedJWT jwtToken) {
boolean valid = false;
if (JWSObject.State.SIGNED == jwtToken.getState()) {
if (jwtToken.getSignature() != null) {
try {
RSAPublicKey publicKey = parseRSAPublicKey(publicKeyPath);
JWSVerifier verifier = new RSASSAVerifier(publicKey);
if (verifier != null && jwtToken.verify(verifier)) {
valid = true;
}
} catch (Exception e) {
LOGGER.info("Exception in validateSignature", e);
}
}
}
return valid;
}
示例9: verifyToken
import com.nimbusds.jwt.SignedJWT; //導入方法依賴的package包/類
@Override
public Optional<Authentication> verifyToken(Optional<String> token) {
if (!token.isPresent()) {
return Optional.empty();
}
SignedJWT signedJwt;
JWTClaimsSet claimSet;
try {
signedJwt = SignedJWT.parse(token.get());
claimSet = signedJwt.getJWTClaimsSet();
if (!signedJwt.verify(verifier)) {
throw new BadCredentialsException("Invalid token");
}
} catch (ParseException | JOSEException e) {
throw new IllegalArgumentException("Error while parsing and verifying token.", e);
}
if (claimSet.getExpirationTime().getTime() < System.currentTimeMillis()) {
throw new BadCredentialsException("Token is expired");
}
return Optional.of(transformer.getAuthentication(claimSet));
}
示例10: verifySignature
import com.nimbusds.jwt.SignedJWT; //導入方法依賴的package包/類
private boolean verifySignature(String jwt) {
try {
SignedJWT signedJWT = SignedJWT.parse(jwt);
if (new Date().before(signedJWT.getJWTClaimsSet().getExpirationTime())) {
JWSVerifier verifier =
new RSASSAVerifier((RSAPublicKey) getPublicKey(KEYSTORE, KEYSTORE_PASSWORD, ALIAS));
return signedJWT.verify(verifier);
} else {
log.info("Token has expired");
}
} catch (ParseException | IOException | KeyStoreException | CertificateException |
NoSuchAlgorithmException | UnrecoverableKeyException | JOSEException e) {
log.error("Error occurred while JWT signature verification. JWT=" + jwt, e);
}
return false;
}
示例11: validToken
import com.nimbusds.jwt.SignedJWT; //導入方法依賴的package包/類
@Test
public void validToken() throws JOSEException, ParseException {
JWTClaimsSet jwtClaims = getJWTClaimsSet("issuer", "subject", new Date(), new Date(), new Date(new Date().getTime() + 100000));
JWSHeader header = new JWSHeader(JWSAlgorithm.HS256);
Payload payload = new Payload(jwtClaims.toJSONObject());
JWSObject jwsObject = new JWSObject(header, payload);
JWSSigner signer = new MACSigner(sharedKey);
jwsObject.sign(signer);
String token = jwsObject.serialize();
SignedJWT signed = SignedJWT.parse(token);
JWSVerifier verifier = new MACVerifierExtended(sharedKey, signed.getJWTClaimsSet());
signed.verify(verifier);
Assert.assertTrue("Must be valid", signed.verify(verifier));
}
示例12: invalidTokenNotBeforeTime
import com.nimbusds.jwt.SignedJWT; //導入方法依賴的package包/類
@Test
public void invalidTokenNotBeforeTime() throws JOSEException, ParseException {
JWTClaimsSet jwtClaims = getJWTClaimsSet("issuer", "subject", new Date(), new Date(new Date().getTime() + 100000), new Date(new Date().getTime() + 200000));
JWSHeader header = new JWSHeader(JWSAlgorithm.HS256);
Payload payload = new Payload(jwtClaims.toJSONObject());
JWSObject jwsObject = new JWSObject(header, payload);
JWSSigner signer = new MACSigner(sharedKey);
jwsObject.sign(signer);
String token = jwsObject.serialize();
SignedJWT signed = SignedJWT.parse(token);
JWSVerifier verifier = new MACVerifierExtended(sharedKey, signed.getJWTClaimsSet());
signed.verify(verifier);
Assert.assertFalse("Must be invalid", signed.verify(verifier));
}
示例13: invalidTokenExpirationTime
import com.nimbusds.jwt.SignedJWT; //導入方法依賴的package包/類
@Test
public void invalidTokenExpirationTime() throws JOSEException, ParseException {
JWTClaimsSet jwtClaims = getJWTClaimsSet("issuer", "subject", new Date(), new Date(), new Date());
JWSHeader header = new JWSHeader(JWSAlgorithm.HS256);
Payload payload = new Payload(jwtClaims.toJSONObject());
JWSObject jwsObject = new JWSObject(header, payload);
JWSSigner signer = new MACSigner(sharedKey);
jwsObject.sign(signer);
String token = jwsObject.serialize();
SignedJWT signed = SignedJWT.parse(token);
JWSVerifier verifier = new MACVerifierExtended(sharedKey, signed.getJWTClaimsSet());
signed.verify(verifier);
Assert.assertFalse("Must be invalid", signed.verify(verifier));
}
示例14: extractAppIdFromIdToken
import com.nimbusds.jwt.SignedJWT; //導入方法依賴的package包/類
private String extractAppIdFromIdToken(String token) {
String appId = null;
KeyStoreManager keyStoreManager = KeyStoreManager.getInstance(MultitenantConstants.SUPER_TENANT_ID);
try {
keyStoreManager.getDefaultPrimaryCertificate();
JWSVerifier verifier =
new RSASSAVerifier((RSAPublicKey) keyStoreManager.getDefaultPublicKey());
SignedJWT jwsObject = SignedJWT.parse(token);
if (jwsObject.verify(verifier)) {
appId = jwsObject.getJWTClaimsSet().getStringClaim("appId");
}
} catch (Exception e) {
String message = "Could not extract application id from id token";
log.error(message, e);
}
return appId;
}
示例15: isValidJWToken
import com.nimbusds.jwt.SignedJWT; //導入方法依賴的package包/類
/**
* Validates a JWT token.
* @param secret secret used for generating the token
* @param jwt token to validate
* @return true if token is valid
*/
public static boolean isValidJWToken(String secret, SignedJWT jwt) {
try {
if (secret != null && jwt != null) {
JWSVerifier verifier = new MACVerifier(secret);
if (jwt.verify(verifier)) {
Date referenceTime = new Date();
JWTClaimsSet claims = jwt.getJWTClaimsSet();
Date expirationTime = claims.getExpirationTime();
Date notBeforeTime = claims.getNotBeforeTime();
boolean expired = expirationTime == null || expirationTime.before(referenceTime);
boolean notYetValid = notBeforeTime == null || notBeforeTime.after(referenceTime);
return !(expired || notYetValid);
}
}
} catch (JOSEException e) {
logger.warn(null, e);
} catch (ParseException ex) {
logger.warn(null, ex);
}
return false;
}