Java Code Examples for com.nimbusds.jwt.JWTClaimsSet#getSubject()
The following examples show how to use
com.nimbusds.jwt.JWTClaimsSet#getSubject() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: KnoxService.java From nifi with Apache License 2.0 | 6 votes |
/** * Extracts the authentication from the token and verify it. * * @param jwt signed jwt string * @return the user authentication * @throws ParseException if the payload of the jwt doesn't represent a valid json object and a jwt claims set * @throws JOSEException if the JWS object couldn't be verified */ public String getAuthenticationFromToken(final String jwt) throws ParseException, JOSEException { if (!configuration.isKnoxEnabled()) { throw new IllegalStateException("Apache Knox SSO is not enabled."); } // attempt to parse the signed jwt final SignedJWT signedJwt = SignedJWT.parse(jwt); // validate the token if (validateToken(signedJwt)) { final JWTClaimsSet claimsSet = signedJwt.getJWTClaimsSet(); if (claimsSet == null) { logger.info("Claims set is missing from Knox JWT."); throw new InvalidAuthenticationException("The Knox JWT token is not valid."); } // extract the user identity from the token return claimsSet.getSubject(); } else { throw new InvalidAuthenticationException("The Knox JWT token is not valid."); } }
Example 2
Source File: CellerySignedJWTValidator.java From cellery-security with Apache License 2.0 | 5 votes |
private void validateMandatoryJWTClaims(JWTClaimsSet claimsSet) throws IdentityOAuth2Exception { String subject = claimsSet.getSubject(); List<String> audience = claimsSet.getAudience(); String jti = claimsSet.getJWTID(); if (StringUtils.isEmpty(claimsSet.getIssuer()) || StringUtils.isEmpty(subject) || claimsSet.getExpirationTime() == null || audience == null || jti == null) { throw new IdentityOAuth2Exception("Mandatory fields(Issuer, Subject, Expiration time, jtl or Audience) " + "are empty in the given Token."); } }