io.smallrye.jwt.auth.principal.ParseException Java Examples

The following examples show how to use io.smallrye.jwt.auth.principal.ParseException. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: MpJwtValidator.java    From quarkus with Apache License 2.0 7 votes vote down vote up
@Override
public Uni<SecurityIdentity> authenticate(TokenAuthenticationRequest request,
        AuthenticationRequestContext context) {
    return Uni.createFrom().emitter(new Consumer<UniEmitter<? super SecurityIdentity>>() {
        @Override
        public void accept(UniEmitter<? super SecurityIdentity> uniEmitter) {
            try {
                JsonWebToken jwtPrincipal = parser.parse(request.getToken().getToken());
                uniEmitter.complete(QuarkusSecurityIdentity.builder().setPrincipal(jwtPrincipal)
                        .addRoles(jwtPrincipal.getGroups())
                        .addAttribute(SecurityIdentity.USER_ATTRIBUTE, jwtPrincipal).build());

            } catch (ParseException e) {
                log.debug("Authentication failed", e);
                uniEmitter.fail(new AuthenticationFailedException(e));
            }
        }
    });

}
 
Example #2
Source File: TestTokenRequiredClaims.java    From smallrye-jwt with Apache License 2.0 5 votes vote down vote up
@Test
public void missingRequiredClaim() throws Exception {
    String token = TokenUtils.generateTokenString("/Token1.json");
    PublicKey publicKey = TokenUtils.readPublicKey("/publicKey.pem");
    JWTAuthContextInfo contextInfo = new JWTAuthContextInfo((RSAPublicKey) publicKey, TEST_ISSUER);
    contextInfo.setRequiredClaims(Collections.singleton("something"));
    JWTCallerPrincipalFactory factory = JWTCallerPrincipalFactory.instance();

    final ParseException exception = assertThrows(ParseException.class, () -> factory.parse(token, contextInfo));
    assertTrue(exception.getCause() instanceof InvalidJwtException);
}
 
Example #3
Source File: TestTokenRequiredClaims.java    From smallrye-jwt with Apache License 2.0 5 votes vote down vote up
@Test
public void missingRequiredClaims() throws Exception {
    String token = TokenUtils.generateTokenString("/Token1.json");
    PublicKey publicKey = TokenUtils.readPublicKey("/publicKey.pem");
    JWTAuthContextInfo contextInfo = new JWTAuthContextInfo((RSAPublicKey) publicKey, TEST_ISSUER);
    contextInfo.setRequiredClaims(Stream.of("something", "else").collect(toSet()));
    JWTCallerPrincipalFactory factory = JWTCallerPrincipalFactory.instance();

    final ParseException exception = assertThrows(ParseException.class, () -> factory.parse(token, contextInfo));
    assertTrue(exception.getCause() instanceof InvalidJwtException);
}
 
Example #4
Source File: TestTokenRequiredClaims.java    From smallrye-jwt with Apache License 2.0 5 votes vote down vote up
@Test
public void requiredAndMissingClaims() throws Exception {
    String token = TokenUtils.generateTokenString("/Token1.json");
    PublicKey publicKey = TokenUtils.readPublicKey("/publicKey.pem");
    JWTAuthContextInfo contextInfo = new JWTAuthContextInfo((RSAPublicKey) publicKey, TEST_ISSUER);
    contextInfo.setRequiredClaims(
            Stream.of("roles", "customObject", "customDoubleArray", "something").collect(toSet()));
    JWTCallerPrincipalFactory factory = JWTCallerPrincipalFactory.instance();

    final ParseException exception = assertThrows(ParseException.class, () -> factory.parse(token, contextInfo));
    assertTrue(exception.getCause() instanceof InvalidJwtException);
}
 
Example #5
Source File: TestJsonWebToken.java    From smallrye-jwt with Apache License 2.0 5 votes vote down vote up
@Test(expectedExceptions = { ParseException.class }, description = "Illustrate validation of issuer")
public void testFailIssuer() throws Exception {
    HashSet<TokenUtils.InvalidClaims> invalidFields = new HashSet<>();
    invalidFields.add(TokenUtils.InvalidClaims.ISSUER);
    String token = TokenUtils.generateTokenString("/Token1.json", invalidFields);
    RSAPublicKey publicKey = (RSAPublicKey) TokenUtils.readPublicKey("/publicKey.pem");
    JWTAuthContextInfo contextInfo = new JWTAuthContextInfo(publicKey, "https://server.example.com");
    contextInfo.setExpGracePeriodSecs(60);
    JsonWebToken jwt = validateToken(token, contextInfo);
}
 
Example #6
Source File: TestJsonWebToken.java    From smallrye-jwt with Apache License 2.0 5 votes vote down vote up
@Test(expectedExceptions = { ParseException.class }, description = "Illustrate validation of signer")
public void testNimbusFailSignature() throws Exception {
    HashSet<TokenUtils.InvalidClaims> invalidFields = new HashSet<>();
    invalidFields.add(TokenUtils.InvalidClaims.SIGNER);
    String token = TokenUtils.generateTokenString("/Token1.json", invalidFields);
    RSAPublicKey publicKey = (RSAPublicKey) TokenUtils.readPublicKey("/publicKey.pem");
    JWTAuthContextInfo contextInfo = new JWTAuthContextInfo(publicKey, "https://server.example.com");
    contextInfo.setExpGracePeriodSecs(60);
    JsonWebToken jwt = validateToken(token, contextInfo);
}
 
Example #7
Source File: TestJsonWebToken.java    From smallrye-jwt with Apache License 2.0 5 votes vote down vote up
@Test(expectedExceptions = { ParseException.class }, description = "Illustrate validation of exp")
public void testNimbusFailExpired() throws Exception {
    HashMap<String, Long> timeClaims = new HashMap<>();
    HashSet<TokenUtils.InvalidClaims> invalidFields = new HashSet<>();
    invalidFields.add(TokenUtils.InvalidClaims.EXP);
    String token = TokenUtils.generateTokenString("/Token1.json", invalidFields, timeClaims);
    RSAPublicKey publicKey = (RSAPublicKey) TokenUtils.readPublicKey("/publicKey.pem");
    JWTAuthContextInfo contextInfo = new JWTAuthContextInfo(publicKey, "https://server.example.com");
    contextInfo.setExpGracePeriodSecs(60);
    JsonWebToken jwt = validateToken(token, contextInfo);
}
 
Example #8
Source File: TestJsonWebToken.java    From smallrye-jwt with Apache License 2.0 5 votes vote down vote up
@Test(expectedExceptions = { ParseException.class }, description = "Illustrate validation of exp that has just expired")
public void testNimbusFailJustExpired() throws Exception {
    HashMap<String, Long> timeClaims = new HashMap<>();
    // Set exp to 61 seconds in past
    long exp = TokenUtils.currentTimeInSecs() - 61;
    timeClaims.put(Claims.exp.name(), exp);
    String token = TokenUtils.generateTokenString("/Token1.json", null, timeClaims);
    RSAPublicKey publicKey = (RSAPublicKey) TokenUtils.readPublicKey("/publicKey.pem");
    JWTAuthContextInfo contextInfo = new JWTAuthContextInfo(publicKey, "https://server.example.com");
    contextInfo.setExpGracePeriodSecs(60);
    JsonWebToken jwt = validateToken(token, contextInfo);
}
 
Example #9
Source File: TestTokenRequireSub.java    From smallrye-jwt with Apache License 2.0 5 votes vote down vote up
@Test(groups = TEST_GROUP_JWT, description = "validate sub fail", expectedExceptions = ParseException.class)
public void defaultSubNotAvailable() throws Exception {
    HashMap<String, Long> timeClaims = new HashMap<>();
    String token = TokenUtils.generateTokenString("/TokenSubPath.json", null, timeClaims);
    PublicKey publicKey = TokenUtils.readPublicKey("/publicKey.pem");
    if (publicKey == null) {
        throw new IllegalStateException("Failed to load /publicKey.pem resource");
    }

    JWTAuthContextInfo contextInfo = new JWTAuthContextInfo((RSAPublicKey) publicKey, TEST_ISSUER);
    JWTCallerPrincipalFactory factory = JWTCallerPrincipalFactory.instance();
    factory.parse(token, contextInfo);
}
 
Example #10
Source File: KeycloakJWTCallerPrincipalFactory.java    From thorntail with Apache License 2.0 5 votes vote down vote up
@Override
public JWTCallerPrincipal parse(final String token, final JWTAuthContextInfo authContextInfo) throws ParseException {
    try {
        JWSInput jwsInput = new JWSInput(token);
        AccessToken accessToken = AdapterTokenVerifier.verifyToken(jwsInput.getWireString(), deployment);
        return new KeycloakJWTCallerPrincipal(jwsInput.readContentAsString(), accessToken);
    } catch (Throwable ex) {
        throw new ParseException("Failure to parse the token", ex);
    }
}
 
Example #11
Source File: TestJsonWebToken.java    From smallrye-jwt with Apache License 2.0 4 votes vote down vote up
private JsonWebToken validateToken(String token, JWTAuthContextInfo contextInfo) throws ParseException {
    JWTCallerPrincipalFactory factory = JWTCallerPrincipalFactory.instance();
    JWTCallerPrincipal callerPrincipal = factory.parse(token, contextInfo);
    return callerPrincipal;
}
 
Example #12
Source File: JWTLoginModule.java    From thorntail with Apache License 2.0 2 votes vote down vote up
/**
 * Validate the bearer token passed in with the authorization header
 *
 * @param jwtCredential - the input bearer token
 * @return return the validated JWTCallerPrincipal
 * @throws ParseException - thrown on token parse or validation failure
 */
protected JWTCallerPrincipal validate(JWTCredential jwtCredential) throws ParseException {
    JWTCallerPrincipalFactory factory = JWTCallerPrincipalFactory.instance();
    JWTCallerPrincipal callerPrincipal = factory.parse(jwtCredential.getBearerToken(), jwtCredential.getAuthContextInfo());
    return callerPrincipal;
}