Java Code Examples for io.jsonwebtoken.SignatureAlgorithm#RS256

The following examples show how to use io.jsonwebtoken.SignatureAlgorithm#RS256 . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: JwtSecurityInitializer.java    From api-layer with Eclipse Public License 2.0 7 votes vote down vote up
@PostConstruct
public void init() {
    signatureAlgorithm = SignatureAlgorithm.RS256;
    HttpsConfig config = HttpsConfig.builder().keyAlias(keyAlias).keyStore(keyStore).keyPassword(keyPassword)
        .keyStorePassword(keyStorePassword).keyStoreType(keyStoreType).build();
    try {
        jwtSecret = SecurityUtils.loadKey(config);
        jwtPublicKey = SecurityUtils.loadPublicKey(config);
    } catch (HttpsConfigError er) {
        apimlLog.log("org.zowe.apiml.gateway.jwtInitConfigError", er.getCode(), er.getMessage());
    }
    if (jwtSecret == null || jwtPublicKey == null) {
        String errorMessage = String.format("Not found '%s' key alias in the keystore '%s'.", keyAlias, keyStore);
        apimlLog.log("org.zowe.apiml.gateway.jwtKeyMissing", keyAlias, keyStore);
        throw new HttpsConfigError(errorMessage, HttpsConfigError.ErrorCode.WRONG_KEY_ALIAS, config);
    }
}
 
Example 2
Source File: SuccessfulQueryHandlerTest.java    From api-layer with Eclipse Public License 2.0 6 votes vote down vote up
@BeforeEach
public void setup() {
    httpServletRequest = new MockHttpServletRequest();
    httpServletResponse = new MockHttpServletResponse();
    AuthConfigurationProperties authConfigurationProperties = new AuthConfigurationProperties();

    SignatureAlgorithm algorithm = SignatureAlgorithm.RS256;
    KeyPair keyPair = SecurityUtils.generateKeyPair("RSA", 2048);
    Key privateKey = null;
    if (keyPair != null) {
        privateKey = keyPair.getPrivate();
    }
    ZosmfServiceV2 zosmfService = new ZosmfServiceV2(authConfigurationProperties, discoveryClient, restTemplate, new ObjectMapper());
    AuthenticationService authenticationService = new AuthenticationService(
        applicationContext, authConfigurationProperties, jwtSecurityInitializer, zosmfService,
        discoveryClient, restTemplate, cacheManager, new CacheUtils()
    );
    when(jwtSecurityInitializer.getSignatureAlgorithm()).thenReturn(algorithm);
    when(jwtSecurityInitializer.getJwtSecret()).thenReturn(privateKey);

    jwtToken = authenticationService.createJwtToken(USER, DOMAIN, LTPA);

    ObjectMapper mapper = new ObjectMapper();
    successfulQueryHandler = new SuccessfulQueryHandler(mapper, authenticationService);
}
 
Example 3
Source File: JwtHelper.java    From github-branch-source-plugin with MIT License 6 votes vote down vote up
/**
 * Create a JWT for authenticating to GitHub as an app installation
 * @param githubAppId the app ID
 * @param privateKey PKC#8 formatted private key
 * @return JWT for authenticating to GitHub
 */
static String createJWT(String githubAppId, final String privateKey) {
    requireNonNull(githubAppId, privateKey);

    SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.RS256;

    long nowMillis = System.currentTimeMillis();
    Date now = new Date(nowMillis);

    Key signingKey;
    try {
        signingKey = getPrivateKeyFromString(privateKey);
    } catch (GeneralSecurityException e) {
        throw new IllegalArgumentException("Couldn't parse private key for GitHub app, make sure it's PKCS#8 format", e);
    }

    JwtBuilder builder = Jwts.builder()
            .setIssuedAt(now)
            .setIssuer(githubAppId)
            .signWith(signingKey, signatureAlgorithm);

    Date exp = new Date(nowMillis + VALIDITY_MS);
    builder.setExpiration(exp);

    return builder.compact();
}
 
Example 4
Source File: JwtHelper.java    From hono with Eclipse Public License 2.0 5 votes vote down vote up
/**
 * Sets the path to a PKCS8 PEM file containing the RSA private key to use for signing tokens asserting the
 * registration status of devices.
 *
 * @param keyPath The absolute path to the file.
 * @throws NullPointerException if the path is {@code null}.
 * @throws IllegalArgumentException if the key cannot be read from the file.
 */
protected final void setPrivateKey(final String keyPath) {
    Objects.requireNonNull(keyPath);
    key = KeyLoader.fromFiles(vertx, keyPath, null).getPrivateKey();
    if (key == null) {
        throw new IllegalArgumentException("cannot load private key: " + keyPath);
    } else if (key instanceof ECKey) {
        algorithm = SignatureAlgorithm.ES256;
    } else if (key instanceof RSAKey) {
        algorithm = SignatureAlgorithm.RS256;
    } else {
        throw new IllegalArgumentException("unsupported private key type: " + key.getClass());
    }
}
 
Example 5
Source File: JwtHelper.java    From hono with Eclipse Public License 2.0 5 votes vote down vote up
/**
 * Sets the path to a PEM file containing a certificate holding a public key to use for validating the signature of
 * tokens asserting the registration status of devices.
 *
 * @param keyPath The absolute path to the file.
 * @throws NullPointerException if the path is {@code null}.
 * @throws IllegalArgumentException if the key cannot be read from the file.
 */
protected final void setPublicKey(final String keyPath) {
    Objects.requireNonNull(keyPath);
    key = KeyLoader.fromFiles(vertx, null, keyPath).getPublicKey();
    if (key == null) {
        throw new IllegalArgumentException("cannot load public key: " + keyPath);
    } else if (key instanceof ECKey) {
        algorithm = SignatureAlgorithm.ES256;
    } else if (key instanceof RSAKey) {
        algorithm = SignatureAlgorithm.RS256;
    } else {
        throw new IllegalArgumentException("unsupported public key type: " + key.getClass());
    }
}
 
Example 6
Source File: AuthenticationProviderToken.java    From pulsar with Apache License 2.0 5 votes vote down vote up
private SignatureAlgorithm getPublicKeyAlgType(ServiceConfiguration conf) throws IllegalArgumentException {
    if (conf.getProperty(CONF_TOKEN_PUBLIC_ALG) != null
            && StringUtils.isNotBlank((String) conf.getProperty(CONF_TOKEN_PUBLIC_ALG))) {
        String alg = (String) conf.getProperty(CONF_TOKEN_PUBLIC_ALG);
        try {
            return SignatureAlgorithm.forName(alg);
        } catch (SignatureException ex) {
            throw new IllegalArgumentException("invalid algorithm provided " + alg, ex);
        }
    } else {
        return SignatureAlgorithm.RS256;
    }
}
 
Example 7
Source File: ServerPrivateKey.java    From athenz with Apache License 2.0 5 votes vote down vote up
public ServerPrivateKey(final PrivateKey key, final String id) {

        this.key = key;
        this.id = id;

        algorithm = ECDSA.equalsIgnoreCase(key.getAlgorithm()) ?
                SignatureAlgorithm.ES256 : SignatureAlgorithm.RS256;
    }
 
Example 8
Source File: JWTUtils.java    From datacollector with Apache License 2.0 5 votes vote down vote up
public static SignatureAlgorithm getSignatureAlgorithm(SigningAlgorithms alg) {
    switch (alg) {
      case HS256:
        return SignatureAlgorithm.HS256;
      case HS384:
        return SignatureAlgorithm.HS384;
      case HS512:
        return SignatureAlgorithm.HS512;
      case RS256:
        return SignatureAlgorithm.RS256;
      case RS384:
        return SignatureAlgorithm.RS384;
      case RS512: // NOSONAR - asking to reduce line count
        return SignatureAlgorithm.RS512;
        // The following are not JDK standard and are difficult to test, so ignoring for now.
//      case PS256:
//        return SignatureAlgorithm.PS256; //NOSONAR
//      case PS384:
//        return SignatureAlgorithm.PS384; //NOSONAR
//      case PS512:
//        return SignatureAlgorithm.PS512; //NOSONAR
//      case ES256:
//        return SignatureAlgorithm.ES256; //NOSONAR
//      case ES384:
//        return SignatureAlgorithm.ES384; //NOSONAR
//      case ES512:
//        return SignatureAlgorithm.ES512; //NOSONAR
      case NONE:
        return SignatureAlgorithm.NONE;
      default:
        throw new IllegalStateException("Unknown Signing Algorithm: " + alg.getLabel());
    }

  }
 
Example 9
Source File: Acme.java    From acme-client with Apache License 2.0 4 votes vote down vote up
protected SignatureAlgorithm getJWSSignatureAlgorithm() {
	return SignatureAlgorithm.RS256;
}