io.smallrye.jwt.auth.principal.JWTCallerPrincipal Java Examples

The following examples show how to use io.smallrye.jwt.auth.principal.JWTCallerPrincipal. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: JwtDownloadServlet.java    From apicurio-studio with Apache License 2.0 6 votes vote down vote up
@Override
protected void proxyUrlTo(String url, HttpServletRequest request, HttpServletResponse response) {
    try {

        JWTCallerPrincipal principal = (JWTCallerPrincipal) request.getUserPrincipal();

        if (principal != null) {
            proxyUrlWithToken(principal.getRawToken(), url, response);
        } else {
            throw new IllegalStateException("No user present at request");
        }
    } catch (IllegalStateException e) {
        logger.error("Error proxying URL: " + url, e);
        try {
            response.sendError(500);
        } catch (IOException e1) {
        }
    }
}
 
Example #2
Source File: QuarkusAuthenticationFilter.java    From apicurio-studio with Apache License 2.0 6 votes vote down vote up
/**
 * @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)
 */
@Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
        throws IOException, ServletException {

    HttpServletRequest httpReq = (HttpServletRequest) request;
    JWTCallerPrincipal principal = (JWTCallerPrincipal) httpReq.getUserPrincipal();

    if (principal != null) {

        // Fabricate a User object from information in the access token and store it in the request.
        User user = new User();
        user.setEmail(principal.getClaim("email"));
        user.setLogin(principal.getClaim("preferred_username"));
        user.setName(principal.getClaim("name"));
        ((SecurityContext) security).setUser(user);
        ((SecurityContext) security).setToken(principal.getRawToken());

        chain.doFilter(request, response);
    }
}
 
Example #3
Source File: KeycloakJWTCallerPrincipalFactory.java    From thorntail with Apache License 2.0 5 votes vote down vote up
@Override
public JWTCallerPrincipal parse(final String token, final JWTAuthContextInfo authContextInfo) throws ParseException {
    try {
        JWSInput jwsInput = new JWSInput(token);
        AccessToken accessToken = AdapterTokenVerifier.verifyToken(jwsInput.getWireString(), deployment);
        return new KeycloakJWTCallerPrincipal(jwsInput.readContentAsString(), accessToken);
    } catch (Throwable ex) {
        throw new ParseException("Failure to parse the token", ex);
    }
}
 
Example #4
Source File: QuarkusAuthenticationFilter.java    From apicurio-studio with Apache License 2.0 5 votes vote down vote up
/**
 * @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)
 */
@Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
        throws IOException, ServletException {

    HttpServletRequest httpReq = (HttpServletRequest) request;
    JWTCallerPrincipal principal = (JWTCallerPrincipal) httpReq.getUserPrincipal();

    if (principal != null) {
        HttpSession httpSession = httpReq.getSession();

        // Set the token as a string in the request (as an attribute) for later use.
        StudioConfigAuth auth = new StudioConfigAuth();
        auth.setType(StudioConfigAuthType.token);
        auth.setLogoutUrl(((HttpServletRequest) request).getContextPath() + "/logout");
        auth.setToken(principal.getRawToken());
        //TODO carnalca unsafe cast from long to int
        auth.setTokenRefreshPeriod((int) expirationToRefreshPeriod(principal.getExpirationTime()));
        httpSession.setAttribute(RequestAttributeKeys.AUTH_KEY, auth);

        // Fabricate a User object from information in the access token and store it in the request.
        User user = new User();
        user.setEmail(principal.getClaim("email"));
        user.setLogin(principal.getClaim("preferred_username"));
        user.setName(principal.getClaim("name"));
        httpSession.setAttribute(RequestAttributeKeys.USER_KEY, user);

        chain.doFilter(request, response);
    }
}
 
Example #5
Source File: TestJsonWebToken.java    From smallrye-jwt with Apache License 2.0 4 votes vote down vote up
private JsonWebToken validateToken(String token, JWTAuthContextInfo contextInfo) throws ParseException {
    JWTCallerPrincipalFactory factory = JWTCallerPrincipalFactory.instance();
    JWTCallerPrincipal callerPrincipal = factory.parse(token, contextInfo);
    return callerPrincipal;
}
 
Example #6
Source File: JWTLoginModule.java    From thorntail with Apache License 2.0 2 votes vote down vote up
/**
 * Validate the bearer token passed in with the authorization header
 *
 * @param jwtCredential - the input bearer token
 * @return return the validated JWTCallerPrincipal
 * @throws ParseException - thrown on token parse or validation failure
 */
protected JWTCallerPrincipal validate(JWTCredential jwtCredential) throws ParseException {
    JWTCallerPrincipalFactory factory = JWTCallerPrincipalFactory.instance();
    JWTCallerPrincipal callerPrincipal = factory.parse(jwtCredential.getBearerToken(), jwtCredential.getAuthContextInfo());
    return callerPrincipal;
}