Java Code Examples for com.nimbusds.jwt.JWTClaimsSet#toJSONObject()
The following examples show how to use
com.nimbusds.jwt.JWTClaimsSet#toJSONObject() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: UserRepository.java From shiro-jwt with MIT License | 6 votes |
default String createToken(Object userId) { try { JWTClaimsSet.Builder builder = new JWTClaimsSet.Builder(); builder.issuer(getIssuer()); builder.subject(userId.toString()); builder.issueTime(new Date()); builder.notBeforeTime(new Date()); builder.expirationTime(new Date(new Date().getTime() + getExpirationDate())); builder.jwtID(UUID.randomUUID().toString()); JWTClaimsSet claimsSet = builder.build(); JWSHeader header = new JWSHeader(JWSAlgorithm.HS256); Payload payload = new Payload(claimsSet.toJSONObject()); JWSObject jwsObject = new JWSObject(header, payload); JWSSigner signer = new MACSigner(getSharedKey()); jwsObject.sign(signer); return jwsObject.serialize(); } catch (JOSEException ex) { return null; } }
Example 2
Source File: MACVerifierExtendedTest.java From shiro-jwt with MIT License | 6 votes |
@Test public void validToken() throws JOSEException, ParseException { JWTClaimsSet jwtClaims = getJWTClaimsSet("issuer", "subject", new Date(), new Date(), new Date(new Date().getTime() + 100000)); JWSHeader header = new JWSHeader(JWSAlgorithm.HS256); Payload payload = new Payload(jwtClaims.toJSONObject()); JWSObject jwsObject = new JWSObject(header, payload); JWSSigner signer = new MACSigner(sharedKey); jwsObject.sign(signer); String token = jwsObject.serialize(); SignedJWT signed = SignedJWT.parse(token); JWSVerifier verifier = new MACVerifierExtended(sharedKey, signed.getJWTClaimsSet()); signed.verify(verifier); Assert.assertTrue("Must be valid", signed.verify(verifier)); }
Example 3
Source File: MACVerifierExtendedTest.java From shiro-jwt with MIT License | 6 votes |
@Test public void invalidTokenNotBeforeTime() throws JOSEException, ParseException { JWTClaimsSet jwtClaims = getJWTClaimsSet("issuer", "subject", new Date(), new Date(new Date().getTime() + 100000), new Date(new Date().getTime() + 200000)); JWSHeader header = new JWSHeader(JWSAlgorithm.HS256); Payload payload = new Payload(jwtClaims.toJSONObject()); JWSObject jwsObject = new JWSObject(header, payload); JWSSigner signer = new MACSigner(sharedKey); jwsObject.sign(signer); String token = jwsObject.serialize(); SignedJWT signed = SignedJWT.parse(token); JWSVerifier verifier = new MACVerifierExtended(sharedKey, signed.getJWTClaimsSet()); signed.verify(verifier); Assert.assertFalse("Must be invalid", signed.verify(verifier)); }
Example 4
Source File: MACVerifierExtendedTest.java From shiro-jwt with MIT License | 6 votes |
@Test public void invalidTokenExpirationTime() throws JOSEException, ParseException { JWTClaimsSet jwtClaims = getJWTClaimsSet("issuer", "subject", new Date(), new Date(), new Date()); JWSHeader header = new JWSHeader(JWSAlgorithm.HS256); Payload payload = new Payload(jwtClaims.toJSONObject()); JWSObject jwsObject = new JWSObject(header, payload); JWSSigner signer = new MACSigner(sharedKey); jwsObject.sign(signer); String token = jwsObject.serialize(); SignedJWT signed = SignedJWT.parse(token); JWSVerifier verifier = new MACVerifierExtended(sharedKey, signed.getJWTClaimsSet()); signed.verify(verifier); Assert.assertFalse("Must be invalid", signed.verify(verifier)); }
Example 5
Source File: CookieCsrfSignedTokenRepository.java From graviteeio-access-management with Apache License 2.0 | 5 votes |
@Override public void saveToken(CsrfToken token, HttpServletRequest request, HttpServletResponse response) { if(request.getAttribute(DEFAULT_CSRF_COOKIE_NAME) != null) { // Token already persisted in cookie. return; } if(token == null) { // Null token means delete it. response.addCookie(jwtGenerator.generateCookie(DEFAULT_CSRF_COOKIE_NAME, null, true)); return; } String tokenValue = token.getToken(); try { JWTClaimsSet claims = new JWTClaimsSet.Builder() .issuer(issuer) .issueTime(new Date()) .claim(TOKEN_CLAIM, tokenValue) .build(); JWSObject jwsObject = new JWSObject(new JWSHeader((JWSAlgorithm.HS256)), new Payload(claims.toJSONObject())); jwsObject.sign(signer); Cookie cookie = jwtGenerator.generateCookie(DEFAULT_CSRF_COOKIE_NAME, jwsObject.serialize(), true); response.addCookie(cookie); request.setAttribute(DEFAULT_CSRF_COOKIE_NAME, true); } catch (JOSEException ex) { LOGGER.error("Unable to generate CSRF token", ex); } }
Example 6
Source File: ZendeskRedirectServlet.java From codenvy with Eclipse Public License 1.0 | 5 votes |
@Override protected void service(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { if (shared_key == null || subdomain == null) throw new ServletException("Zendesk is not configured."); // Given a user instance // Compose the JWT claims set JWTClaimsSet jwtClaims = new JWTClaimsSet(); jwtClaims.setIssueTime(new Date()); jwtClaims.setJWTID(UUID.randomUUID().toString()); Subject subject = EnvironmentContext.getCurrent().getSubject(); jwtClaims.setCustomClaim("name", getName()); jwtClaims.setCustomClaim("email", subject.getUserName()); // Create JWS header with HS256 algorithm JWSHeader header = new JWSHeader(JWSAlgorithm.HS256); JWSObject jwsObject = new JWSObject(header, new Payload(jwtClaims.toJSONObject())); // Create HMAC signer JWSSigner signer = new MACSigner(shared_key.getBytes()); try { jwsObject.sign(signer); } catch (JOSEException e) { String msg = String.format("Error signing JWT: %s", e.getMessage()); LOG.warn(msg); response.sendError(500, msg); } // Serialise to JWT compact form String jwtString = jwsObject.serialize(); String redirectUrl = "https://" + subdomain + ".zendesk.com/access/jwt?jwt=" + jwtString; response.sendRedirect(redirectUrl); }
Example 7
Source File: CookieCsrfSignedTokenRepository.java From gravitee-management-rest-api with Apache License 2.0 | 5 votes |
@Override public void saveToken(CsrfToken token, HttpServletRequest request, HttpServletResponse response) { if(request.getAttribute(DEFAULT_CSRF_COOKIE_NAME) != null) { // Token already persisted in cookie. return; } if(token == null) { // Null token means delete it. response.addCookie(cookieGenerator.generate(DEFAULT_CSRF_COOKIE_NAME, null)); return; } String tokenValue = token.getToken(); try { JWTClaimsSet claims = new JWTClaimsSet.Builder() .issuer(issuer) .issueTime(new Date()) .claim(TOKEN_CLAIM, tokenValue) .build(); JWSObject jwsObject = new JWSObject(new JWSHeader((JWSAlgorithm.HS256)), new Payload(claims.toJSONObject())); jwsObject.sign(signer); Cookie cookie = cookieGenerator.generate(DEFAULT_CSRF_COOKIE_NAME, jwsObject.serialize(), true); response.addCookie(cookie); request.setAttribute(DEFAULT_CSRF_COOKIE_NAME, true); } catch (JOSEException ex) { LOGGER.error("Unable to generate CSRF token", ex); } }