com.auth0.jwk.JwkProvider Java Examples

The following examples show how to use com.auth0.jwk.JwkProvider. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: AsymmetricSignatureVerifier.java    From auth0-java-mvc-common with MIT License 5 votes vote down vote up
private static JWTVerifier createJWTVerifier(final JwkProvider jwkProvider) {
    Algorithm alg = Algorithm.RSA256(new RSAKeyProvider() {
        @Override
        public RSAPublicKey getPublicKeyById(String keyId) {
            try {
                Jwk jwk = jwkProvider.get(keyId);
                return (RSAPublicKey) jwk.getPublicKey();
            } catch (JwkException ignored) {
                // JwkException handled by Algorithm verify implementation from java-jwt
            }
            return null;
        }

        @Override
        public RSAPrivateKey getPrivateKey() {
            //NO-OP
            return null;
        }

        @Override
        public String getPrivateKeyId() {
            //NO-OP
            return null;
        }
    });
    return JWT.require(alg)
            .ignoreIssuedAt()
            .build();
}
 
Example #2
Source File: SignatureVerifierTest.java    From auth0-java-mvc-common with MIT License 5 votes vote down vote up
@Test
public void failsWhenErrorGettingJwk() throws Exception {
    JwkProvider  jwkProvider = mock(JwkProvider.class);
    when(jwkProvider.get("abc123")).thenThrow(JwkException.class);

    exception.expect(TokenValidationException.class);
    exception.expectMessage("Invalid token signature");
    SignatureVerifier verifier = new AsymmetricSignatureVerifier(jwkProvider);
    verifier.verifySignature(RS_JWT);
}
 
Example #3
Source File: SignatureVerifierTest.java    From auth0-java-mvc-common with MIT License 5 votes vote down vote up
private JwkProvider getRSProvider(String rsaPath) throws Exception {
    JwkProvider jwkProvider = mock(JwkProvider.class);
    Jwk jwk = mock(Jwk.class);
    when(jwkProvider.get("abc123")).thenReturn(jwk);
    RSAPublicKey key = readPublicKeyFromFile(rsaPath);
    when(jwk.getPublicKey()).thenReturn(key);
    return jwkProvider;
}
 
Example #4
Source File: AuthenticationControllerTest.java    From auth0-java-mvc-common with MIT License 5 votes vote down vote up
@Test
public void shouldCreateWithJwkProvider() {
    JwkProvider provider = mock(JwkProvider.class);
    AuthenticationController.newBuilder("domain", "clientId", "clientSecret")
            .withJwkProvider(provider)
            .build();
}
 
Example #5
Source File: AuthenticationControllerProvider.java    From auth0-servlet-sample with MIT License 5 votes vote down vote up
public static AuthenticationController getInstance(ServletConfig config) throws UnsupportedEncodingException {
    String domain = config.getServletContext().getInitParameter("com.auth0.domain");
    String clientId = config.getServletContext().getInitParameter("com.auth0.clientId");
    String clientSecret = config.getServletContext().getInitParameter("com.auth0.clientSecret");

    if (domain == null || clientId == null || clientSecret == null) {
        throw new IllegalArgumentException("Missing domain, clientId, or clientSecret. Did you update src/main/webapp/WEB-INF/web.xml?");
    }

    // JwkProvider required for RS256 tokens. If using HS256, do not use.
    JwkProvider jwkProvider = new JwkProviderBuilder(domain).build();
    return AuthenticationController.newBuilder(domain, clientId, clientSecret)
            .withJwkProvider(jwkProvider)
            .build();
}
 
Example #6
Source File: AppConfig.java    From auth0-spring-security-mvc-sample with MIT License 5 votes vote down vote up
@Bean
public AuthenticationController authenticationController() throws UnsupportedEncodingException {
    JwkProvider jwkProvider = new JwkProviderBuilder(domain).build();
    return AuthenticationController.newBuilder(domain, clientId, clientSecret)
            .withJwkProvider(jwkProvider)
            .build();
}
 
Example #7
Source File: KeycloakModule.java    From che with Eclipse Public License 2.0 5 votes vote down vote up
@Override
protected void configure() {

  bind(HttpJsonRequestFactory.class)
      .to(org.eclipse.che.multiuser.keycloak.server.KeycloakHttpJsonRequestFactory.class);
  bind(TokenValidator.class).to(KeycloakTokenValidator.class);
  bind(KeycloakConfigurationService.class);

  bind(ProfileDao.class).to(KeycloakProfileDao.class);
  bind(JwkProvider.class).toProvider(KeycloakJwkProvider.class);
  bind(JwtParser.class).toProvider(KeycloakJwtParserProvider.class);
  bind(PersonalAccountUserManager.class).to(KeycloakUserManager.class);

  bind(OAuthAPI.class).toProvider(OAuthAPIProvider.class);
}
 
Example #8
Source File: AuthConfig.java    From tutorials with MIT License 5 votes vote down vote up
@Bean
public AuthenticationController authenticationController() throws UnsupportedEncodingException {
    JwkProvider jwkProvider = new JwkProviderBuilder(domain).build();
    return AuthenticationController.newBuilder(domain, clientId, clientSecret)
        .withJwkProvider(jwkProvider)
        .build();
}
 
Example #9
Source File: AsymmetricSignatureVerifier.java    From auth0-java-mvc-common with MIT License 4 votes vote down vote up
AsymmetricSignatureVerifier(JwkProvider jwkProvider) {
    super(createJWTVerifier(jwkProvider), "RS256");
}
 
Example #10
Source File: AuthenticationControllerTest.java    From auth0-java-mvc-common with MIT License 4 votes vote down vote up
@Test
public void shouldCreateWithAsymmetricSignatureVerifierWhenJwkProviderIsExplicitlySet() {
    JwkProvider jwkProvider = mock(JwkProvider.class);
    AuthenticationController controller = builderSpy
            .withResponseType("code id_token")
            .withJwkProvider(jwkProvider)
            .build();

    SignatureVerifier signatureVerifier = signatureVerifierCaptor.getValue();
    assertThat(signatureVerifier, is(notNullValue()));
    assertThat(signatureVerifier, instanceOf(AsymmetricSignatureVerifier.class));
    assertThat(verificationOptions, is(controller.getRequestProcessor().verifyOptions));

    controller = builderSpy
            .withResponseType("code token")
            .withJwkProvider(jwkProvider)
            .build();

    signatureVerifier = signatureVerifierCaptor.getValue();
    assertThat(signatureVerifier, is(notNullValue()));
    assertThat(signatureVerifier, instanceOf(AsymmetricSignatureVerifier.class));
    assertThat(verificationOptions, is(controller.getRequestProcessor().verifyOptions));

    controller = builderSpy
            .withResponseType("code id_token token")
            .withJwkProvider(jwkProvider)
            .build();

    signatureVerifier = signatureVerifierCaptor.getValue();
    assertThat(signatureVerifier, is(notNullValue()));
    assertThat(signatureVerifier, instanceOf(AsymmetricSignatureVerifier.class));
    assertThat(verificationOptions, is(controller.getRequestProcessor().verifyOptions));

    controller = builderSpy
            .withResponseType("code")
            .withJwkProvider(jwkProvider)
            .build();

    signatureVerifier = signatureVerifierCaptor.getValue();
    assertThat(signatureVerifier, is(notNullValue()));
    assertThat(signatureVerifier, instanceOf(AsymmetricSignatureVerifier.class));
    assertThat(verificationOptions, is(controller.getRequestProcessor().verifyOptions));

    controller = builderSpy
            .withResponseType("id_token")
            .withJwkProvider(jwkProvider)
            .build();

    signatureVerifier = signatureVerifierCaptor.getValue();
    assertThat(signatureVerifier, is(notNullValue()));
    assertThat(signatureVerifier, instanceOf(AsymmetricSignatureVerifier.class));
    assertThat(verificationOptions, is(controller.getRequestProcessor().verifyOptions));

    controller = builderSpy
            .withResponseType("token")
            .withJwkProvider(jwkProvider)
            .build();

    signatureVerifier = signatureVerifierCaptor.getValue();
    assertThat(signatureVerifier, is(notNullValue()));
    assertThat(signatureVerifier, instanceOf(AsymmetricSignatureVerifier.class));
    assertThat(verificationOptions, is(controller.getRequestProcessor().verifyOptions));
}
 
Example #11
Source File: KeycloakJwkProvider.java    From che with Eclipse Public License 2.0 4 votes vote down vote up
@Override
public JwkProvider get() {
  return jwkProvider;
}
 
Example #12
Source File: KeycloakSigningKeyResolver.java    From che with Eclipse Public License 2.0 4 votes vote down vote up
@Inject
KeycloakSigningKeyResolver(JwkProvider jwkProvider) {
  this.jwkProvider = jwkProvider;
}
 
Example #13
Source File: JwtWebSecurityConfigurer.java    From auth0-spring-security-api with MIT License 2 votes vote down vote up
/**
 * Configures application authorization for JWT signed with RS256.
 * Will try to validate the token using the public key downloaded from "$issuer/.well-known/jwks.json"
 * and matched by the value of {@code kid} of the JWT header
 * @param audience identifier of the API and must match the {@code aud} value in the token
 * @param issuers array of allowed issuers of the token for this API and one of the entries must match the {@code iss} value in the token
 * @return JwtWebSecurityConfigurer for further configuration
 */
@SuppressWarnings({"WeakerAccess", "SameParameterValue"})
public static JwtWebSecurityConfigurer forRS256(String audience, String[] issuers) {
    final JwkProvider jwkProvider = new JwkProviderBuilder(issuers[0]).build(); // we use the first issuer for getting the jwkProvider
    return new JwtWebSecurityConfigurer(audience, issuers, new JwtAuthenticationProvider(jwkProvider, issuers, audience));
}
 
Example #14
Source File: AuthenticationController.java    From auth0-java-mvc-common with MIT License 2 votes vote down vote up
/**
 * Sets the Jwk Provider that will return the Public Key required to verify the token in case of Implicit Grant flows.
 * This is required if the Auth0 Application is signing the tokens with the RS256 algorithm.
 *
 * @param jwkProvider a valid Jwk provider.
 * @return this same builder instance.
 */
public Builder withJwkProvider(JwkProvider jwkProvider) {
    Validate.notNull(jwkProvider);
    this.jwkProvider = jwkProvider;
    return this;
}