Java Code Examples for com.nimbusds.jwt.JWTClaimsSet#getSubject()

The following examples show how to use com.nimbusds.jwt.JWTClaimsSet#getSubject() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: KnoxService.java    From nifi with Apache License 2.0 6 votes vote down vote up
/**
 * Extracts the authentication from the token and verify it.
 *
 * @param jwt signed jwt string
 * @return the user authentication
 * @throws ParseException if the payload of the jwt doesn't represent a valid json object and a jwt claims set
 * @throws JOSEException if the JWS object couldn't be verified
 */
public String getAuthenticationFromToken(final String jwt) throws ParseException, JOSEException {
    if (!configuration.isKnoxEnabled()) {
        throw new IllegalStateException("Apache Knox SSO is not enabled.");
    }

    // attempt to parse the signed jwt
    final SignedJWT signedJwt = SignedJWT.parse(jwt);

    // validate the token
    if (validateToken(signedJwt)) {
        final JWTClaimsSet claimsSet = signedJwt.getJWTClaimsSet();
        if (claimsSet == null) {
            logger.info("Claims set is missing from Knox JWT.");
            throw new InvalidAuthenticationException("The Knox JWT token is not valid.");
        }

        // extract the user identity from the token
        return claimsSet.getSubject();
    } else {
        throw new InvalidAuthenticationException("The Knox JWT token is not valid.");
    }
}
 
Example 2
Source File: CellerySignedJWTValidator.java    From cellery-security with Apache License 2.0 5 votes vote down vote up
private void validateMandatoryJWTClaims(JWTClaimsSet claimsSet) throws IdentityOAuth2Exception {

        String subject = claimsSet.getSubject();
        List<String> audience = claimsSet.getAudience();
        String jti = claimsSet.getJWTID();
        if (StringUtils.isEmpty(claimsSet.getIssuer()) || StringUtils.isEmpty(subject) ||
                claimsSet.getExpirationTime() == null || audience == null || jti == null) {
            throw new IdentityOAuth2Exception("Mandatory fields(Issuer, Subject, Expiration time, jtl or Audience) " +
                    "are empty in the given Token.");
        }
    }