org.springframework.security.jwt.crypto.sign.SignatureVerifier Java Examples

/**
 * Fetch a new public key from the AuthorizationServer.
 *
 * @return true, if we could fetch it; false, if we could not.
 */
private boolean tryCreateSignatureVerifier() {
    long t = System.currentTimeMillis();
    if (t - lastKeyFetchTimestamp < oAuth2Properties.getSignatureVerification().getPublicKeyRefreshRateLimit()) {
        return false;
    }
    try {
        SignatureVerifier verifier = signatureVerifierClient.getSignatureVerifier();
        if(verifier!=null) {
            setVerifier(verifier);
            lastKeyFetchTimestamp = t;
            log.debug("Public key retrieved from OAuth2 server to create SignatureVerifier");
            return true;
        }
    } catch (Throwable ex) {
        log.error("could not get public key from OAuth2 server to create SignatureVerifier", ex);
    }
    return false;
}
 

/**
 * Fetch a new public key from the AuthorizationServer.
 *
 * @return true, if we could fetch it; false, if we could not.
 */
private boolean tryCreateSignatureVerifier() {
    long t = System.currentTimeMillis();
    if (t - lastKeyFetchTimestamp < oAuth2Properties.getSignatureVerification().getPublicKeyRefreshRateLimit()) {
        return false;
    }
    try {
        SignatureVerifier verifier = signatureVerifierClient.getSignatureVerifier();
        if (verifier != null) {
            setVerifier(verifier);
            lastKeyFetchTimestamp = t;
            log.debug("Public key retrieved from OAuth2 server to create SignatureVerifier");
            return true;
        }
    } catch (Throwable ex) {
        log.error("could not get public key from OAuth2 server to create SignatureVerifier", ex);
    }
    return false;
}
 

/**
 * Fetch a new public key from the AuthorizationServer.
 *
 * @return true, if we could fetch it; false, if we could not.
 */
private boolean tryCreateSignatureVerifier() {
    long t = System.currentTimeMillis();
    if (t - lastKeyFetchTimestamp < oAuth2Properties.getSignatureVerification().getPublicKeyRefreshRateLimit()) {
        return false;
    }
    try {
        SignatureVerifier verifier = signatureVerifierClient.getSignatureVerifier();
        if(verifier!=null) {
            setVerifier(verifier);
            lastKeyFetchTimestamp = t;
            log.debug("Public key retrieved from OAuth2 server to create SignatureVerifier");
            return true;
        }
    } catch (Throwable ex) {
        log.error("could not get public key from OAuth2 server to create SignatureVerifier", ex);
    }
    return false;
}
 

/**
 * Fetch a new public key from the AuthorizationServer.
 *
 * @return true, if we could fetch it; false, if we could not.
 */
private boolean tryCreateSignatureVerifier() {
    long t = System.currentTimeMillis();
    if (t - lastKeyFetchTimestamp < oAuth2Properties.getSignatureVerification().getPublicKeyRefreshRateLimit()) {
        return false;
    }
    try {
        SignatureVerifier verifier = signatureVerifierClient.getSignatureVerifier();
        if (verifier != null) {
            setVerifier(verifier);
            lastKeyFetchTimestamp = t;
            log.debug("Public key retrieved from OAuth2 server to create SignatureVerifier");
            return true;
        }
    } catch (Throwable ex) {
        log.error("could not get public key from OAuth2 server to create SignatureVerifier", ex);
    }
    return false;
}
 

/**
 * Fetch a new public key from the AuthorizationServer.
 *
 * @return true, if we could fetch it; false, if we could not.
 */
private boolean tryCreateSignatureVerifier() {
    long t = System.currentTimeMillis();
    if (t - lastKeyFetchTimestamp < oAuth2Properties.getSignatureVerification().getPublicKeyRefreshRateLimit()) {
        return false;
    }
    try {
        SignatureVerifier verifier = signatureVerifierClient.getSignatureVerifier();
        if(verifier!=null) {
            setVerifier(verifier);
            lastKeyFetchTimestamp = t;
            log.debug("Public key retrieved from OAuth2 server to create SignatureVerifier");
            return true;
        }
    } catch (Throwable ex) {
        log.error("could not get public key from OAuth2 server to create SignatureVerifier", ex);
    }
    return false;
}
 

/**
 * Fetch a new public key from the AuthorizationServer.
 *
 * @return true, if we could fetch it; false, if we could not.
 */
private boolean tryCreateSignatureVerifier() {
    long t = System.currentTimeMillis();
    if (t - lastKeyFetchTimestamp < oAuth2Properties.getSignatureVerification().getPublicKeyRefreshRateLimit()) {
        return false;
    }
    try {
        SignatureVerifier verifier = signatureVerifierClient.getSignatureVerifier();
        if(verifier!=null) {
            setVerifier(verifier);
            lastKeyFetchTimestamp = t;
            log.debug("Public key retrieved from OAuth2 server to create SignatureVerifier");
            return true;
        }
    } catch (Throwable ex) {
        log.error("could not get public key from OAuth2 server to create SignatureVerifier", ex);
    }
    return false;
}
 

/**
 * Fetch a new public key from the AuthorizationServer.
 *
 * @return true, if we could fetch it; false, if we could not.
 */
private boolean tryCreateSignatureVerifier() {
    long t = System.currentTimeMillis();
    if (t - lastKeyFetchTimestamp < oAuth2Properties.getSignatureVerification().getPublicKeyRefreshRateLimit()) {
        return false;
    }
    try {
        SignatureVerifier verifier = signatureVerifierClient.getSignatureVerifier();
        if(verifier!=null) {
            setVerifier(verifier);
            lastKeyFetchTimestamp = t;
            log.debug("Public key retrieved from OAuth2 server to create SignatureVerifier");
            return true;
        }
    } catch (Throwable ex) {
        log.error("could not get public key from OAuth2 server to create SignatureVerifier", ex);
    }
    return false;
}
 

/**
 * Fetch a new public key from the AuthorizationServer.
 *
 * @return true, if we could fetch it; false, if we could not.
 */
private boolean tryCreateSignatureVerifier() {
    long t = System.currentTimeMillis();
    if (t - lastKeyFetchTimestamp < oAuth2Properties.getSignatureVerification().getPublicKeyRefreshRateLimit()) {
        return false;
    }
    try {
        SignatureVerifier verifier = signatureVerifierClient.getSignatureVerifier();
        if(verifier!=null) {
            setVerifier(verifier);
            lastKeyFetchTimestamp = t;
            log.debug("Public key retrieved from OAuth2 server to create SignatureVerifier");
            return true;
        }
    } catch (Throwable ex) {
        log.error("could not get public key from OAuth2 server to create SignatureVerifier", ex);
    }
    return false;
}
 

/**
 * Fetch a new public key from the AuthorizationServer.
 *
 * @return true, if we could fetch it; false, if we could not.
 */
private boolean tryCreateSignatureVerifier() {
    long t = System.currentTimeMillis();
    if (t - lastKeyFetchTimestamp < oAuth2Properties.getSignatureVerification().getPublicKeyRefreshRateLimit()) {
        return false;
    }
    try {
        SignatureVerifier verifier = signatureVerifierClient.getSignatureVerifier();
        if(verifier!=null) {
            setVerifier(verifier);
            lastKeyFetchTimestamp = t;
            log.debug("Public key retrieved from OAuth2 server to create SignatureVerifier");
            return true;
        }
    } catch (Throwable ex) {
        log.error("could not get public key from OAuth2 server to create SignatureVerifier", ex);
    }
    return false;
}
 

/**
 * Fetches the public key from the UAA.
 *
 * @return the public key used to verify JWT tokens; or null.
 */
@Override
public SignatureVerifier getSignatureVerifier() throws Exception {
    try {
        HttpEntity<Void> request = new HttpEntity<Void>(new HttpHeaders());
        String key = (String) restTemplate
            .exchange(getPublicKeyEndpoint(), HttpMethod.GET, request, Map.class).getBody()
            .get("value");
        return new RsaVerifier(key);
    } catch (IllegalStateException ex) {
        log.warn("could not contact UAA to get public key");
        return null;
    }
}
 

/**
 * Fetches the public key from the UAA.
 *
 * @return the public key used to verify JWT tokens; or null.
 */
@Override
public SignatureVerifier getSignatureVerifier() throws Exception {
    try {
        HttpEntity<Void> request = new HttpEntity<Void>(new HttpHeaders());
        String key = (String) restTemplate
            .exchange(getPublicKeyEndpoint(), HttpMethod.GET, request, Map.class).getBody()
            .get("value");
        return new RsaVerifier(key);
    } catch (IllegalStateException ex) {
        log.warn("could not contact UAA to get public key");
        return null;
    }
}
 

/**
 * Fetches the public key from the UAA.
 *
 * @return the public key used to verify JWT tokens; or null.
 */
@Override
public SignatureVerifier getSignatureVerifier() throws Exception {
    try {
        HttpEntity<Void> request = new HttpEntity<Void>(new HttpHeaders());
        String key = (String) restTemplate
            .exchange(getPublicKeyEndpoint(), HttpMethod.GET, request, Map.class).getBody()
            .get("value");
        return new RsaVerifier(key);
    } catch (IllegalStateException ex) {
        log.warn("could not contact UAA to get public key");
        return null;
    }
}
 

/**
 * Fetches the public key from the UAA.
 *
 * @return the public key used to verify JWT tokens; or null.
 */
@Override
public SignatureVerifier getSignatureVerifier() throws Exception {
    try {
        HttpEntity<Void> request = new HttpEntity<Void>(new HttpHeaders());
        String key = (String) restTemplate
            .exchange(getPublicKeyEndpoint(), HttpMethod.GET, request, Map.class).getBody()
            .get("value");
        return new RsaVerifier(key);
    } catch (IllegalStateException ex) {
        log.warn("could not contact UAA to get public key");
        return null;
    }
}
 

/**
 * Fetches the public key from the UAA.
 *
 * @return the public key used to verify JWT tokens; or null.
 */
@Override
public SignatureVerifier getSignatureVerifier() throws Exception {
    try {
        HttpEntity<Void> request = new HttpEntity<Void>(new HttpHeaders());
        String key = (String) restTemplate
            .exchange(getPublicKeyEndpoint(), HttpMethod.GET, request, Map.class).getBody()
            .get("value");
        return new RsaVerifier(key);
    } catch (IllegalStateException ex) {
        log.warn("could not contact UAA to get public key");
        return null;
    }
}
 

/**
 * Fetches the public key from the UAA.
 *
 * @return the public key used to verify JWT tokens; or null.
 */
@Override
public SignatureVerifier getSignatureVerifier() throws Exception {
    try {
        HttpEntity<Void> request = new HttpEntity<Void>(new HttpHeaders());
        String key = (String) restTemplate
            .exchange(getPublicKeyEndpoint(), HttpMethod.GET, request, Map.class).getBody()
            .get("value");
        return new RsaVerifier(key);
    } catch (IllegalStateException ex) {
        log.warn("could not contact UAA to get public key");
        return null;
    }
}
 

/**
 * Fetches the public key from the UAA.
 *
 * @return the public key used to verify JWT tokens; or null.
 */
@Override
public SignatureVerifier getSignatureVerifier() throws Exception {
    try {
        HttpEntity<Void> request = new HttpEntity<Void>(new HttpHeaders());
        String key = (String) restTemplate
            .exchange(getPublicKeyEndpoint(), HttpMethod.GET, request, Map.class).getBody()
            .get("value");
        return new RsaVerifier(key);
    } catch (IllegalStateException ex) {
        log.warn("could not contact UAA to get public key");
        return null;
    }
}
 

/**
 * Fetches the public key from the UAA.
 *
 * @return the public key used to verify JWT tokens; or null.
 */
@Override
public SignatureVerifier getSignatureVerifier() throws Exception {
    try {
        HttpEntity<Void> request = new HttpEntity<Void>(new HttpHeaders());
        String key = (String) restTemplate
            .exchange(getPublicKeyEndpoint(), HttpMethod.GET, request, Map.class).getBody()
            .get("value");
        return new RsaVerifier(key);
    } catch (IllegalStateException ex) {
        log.warn("could not contact UAA to get public key");
        return null;
    }
}
 

/**
 * Fetches the public key from the UAA.
 *
 * @return the public key used to verify JWT tokens; or null.
 */
@Override
public SignatureVerifier getSignatureVerifier() throws Exception {
    try {
        HttpEntity<Void> request = new HttpEntity<Void>(new HttpHeaders());
        String key = (String) restTemplate
            .exchange(getPublicKeyEndpoint(), HttpMethod.GET, request, Map.class).getBody()
            .get("value");
        return new RsaVerifier(key);
    } catch (IllegalStateException ex) {
        log.warn("could not contact UAA to get public key");
        return null;
    }
}
 

@Bean
public SignatureVerifier verifier() {
    return new MacSigner("non-prod");
}
 

/**
 * Returns the SignatureVerifier used to verify JWT tokens.
 * Fetches the public key from the Authorization server to create
 * this verifier.
 *
 * @return the new verifier used to verify JWT signatures.
 * Will be null if we cannot contact the token endpoint.
 * @throws Exception if we could not create a SignatureVerifier or contact the token endpoint.
 */
SignatureVerifier getSignatureVerifier() throws Exception;
 

/**
 * Returns the SignatureVerifier used to verify JWT tokens.
 * Fetches the public key from the Authorization server to create
 * this verifier.
 *
 * @return the new verifier used to verify JWT signatures.
 * Will be null if we cannot contact the token endpoint.
 * @throws Exception if we could not create a SignatureVerifier or contact the token endpoint.
 */
SignatureVerifier getSignatureVerifier() throws Exception;
 

/**
 * Returns the SignatureVerifier used to verify JWT tokens.
 * Fetches the public key from the Authorization server to create
 * this verifier.
 *
 * @return the new verifier used to verify JWT signatures.
 * Will be null if we cannot contact the token endpoint.
 * @throws Exception if we could not create a SignatureVerifier or contact the token endpoint.
 */
SignatureVerifier getSignatureVerifier() throws Exception;
 

/**
 * Returns the SignatureVerifier used to verify JWT tokens.
 * Fetches the public key from the Authorization server to create
 * this verifier.
 *
 * @return the new verifier used to verify JWT signatures.
 * Will be null if we cannot contact the token endpoint.
 * @throws Exception if we could not create a SignatureVerifier or contact the token endpoint.
 */
SignatureVerifier getSignatureVerifier() throws Exception;
 

/**
 * Returns the SignatureVerifier used to verify JWT tokens.
 * Fetches the public key from the Authorization server to create
 * this verifier.
 *
 * @return the new verifier used to verify JWT signatures.
 * Will be null if we cannot contact the token endpoint.
 * @throws Exception if we could not create a SignatureVerifier or contact the token endpoint.
 */
SignatureVerifier getSignatureVerifier() throws Exception;
 

/**
 * Returns the SignatureVerifier used to verify JWT tokens.
 * Fetches the public key from the Authorization server to create
 * this verifier.
 *
 * @return the new verifier used to verify JWT signatures.
 * Will be null if we cannot contact the token endpoint.
 * @throws Exception if we could not create a SignatureVerifier or contact the token endpoint.
 */
SignatureVerifier getSignatureVerifier() throws Exception;
 

/**
 * Returns the SignatureVerifier used to verify JWT tokens.
 * Fetches the public key from the Authorization server to create
 * this verifier.
 *
 * @return the new verifier used to verify JWT signatures.
 * Will be null if we cannot contact the token endpoint.
 * @throws Exception if we could not create a SignatureVerifier or contact the token endpoint.
 */
SignatureVerifier getSignatureVerifier() throws Exception;
 

/**
 * Returns the SignatureVerifier used to verify JWT tokens.
 * Fetches the public key from the Authorization server to create
 * this verifier.
 *
 * @return the new verifier used to verify JWT signatures.
 * Will be null if we cannot contact the token endpoint.
 * @throws Exception if we could not create a SignatureVerifier or contact the token endpoint.
 */
SignatureVerifier getSignatureVerifier() throws Exception;
 

/**
 * Returns the SignatureVerifier used to verify JWT tokens.
 * Fetches the public key from the Authorization server to create
 * this verifier.
 *
 * @return the new verifier used to verify JWT signatures.
 * Will be null if we cannot contact the token endpoint.
 * @throws Exception if we could not create a SignatureVerifier or contact the token endpoint.
 */
SignatureVerifier getSignatureVerifier() throws Exception;
 

/**
 * {"exp":1563256084,"user_name":"admin","authorities":["ADMIN"],"jti":"4ce02f54-3d1c-4461-8af1-73f0841a35df","client_id":"webApp","scope":["app"]}
 * @param jwtToken token值
 * @param rsaPublicKey 公钥
 * @return
 */
public static JSONObject decodeAndVerify(String jwtToken, RSAPublicKey rsaPublicKey) {
    SignatureVerifier rsaVerifier = new RsaVerifier(rsaPublicKey);
    Jwt jwt = JwtHelper.decodeAndVerify(jwtToken, rsaVerifier);
    return JSONObject.parseObject(jwt.getClaims());
}