com.nimbusds.jose.proc.BadJOSEException Java Examples
The following examples show how to use
com.nimbusds.jose.proc.BadJOSEException.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: BootstrapTests.java From authmore-framework with Apache License 2.0 | 7 votes |
@Test public void testJSONWebTokenManager() throws ParseException, JOSEException, BadJOSEException { JSONWebTokenManager tokens = new JSONWebTokenManager(clients, keyPair); ClientDetails client = clients.findAll().get(0); String userId = "user_1"; TokenResponse tokenResponse = tokens.create(client, userId, Collections.emptySet()); String accessToken; assertNotNull(tokenResponse); assertNotNull(accessToken = tokenResponse.getAccess_token()); ConfigurableJWTProcessor<SecurityContext> jwtProcessor = new DefaultJWTProcessor<>(); JWKSource<SecurityContext> keySource = new ImmutableJWKSet<>(jwkSet); JWSAlgorithm expectedJWSAlg = JWSAlgorithm.RS256; JWSKeySelector<SecurityContext> keySelector = new JWSVerificationKeySelector<>(expectedJWSAlg, keySource); jwtProcessor.setJWSKeySelector(keySelector); JWTClaimsSet claimsSet = jwtProcessor.process(accessToken, null); assertEquals(userId, claimsSet.getClaim(OAuthProperties.TOKEN_USER_ID)); }
Example #2
Source File: DefaultTokenAuthorityService.java From knox with Apache License 2.0 | 6 votes |
@Override public boolean verifyToken(JWT token, String jwksurl, String algorithm) throws TokenServiceException { boolean verified = false; try { if (algorithm != null && jwksurl != null) { JWSAlgorithm expectedJWSAlg = JWSAlgorithm.parse(algorithm); JWKSource<SecurityContext> keySource = new RemoteJWKSet<>(new URL(jwksurl)); JWSKeySelector<SecurityContext> keySelector = new JWSVerificationKeySelector<>(expectedJWSAlg, keySource); // Create a JWT processor for the access tokens ConfigurableJWTProcessor<SecurityContext> jwtProcessor = new DefaultJWTProcessor<>(); jwtProcessor.setJWSKeySelector(keySelector); JWTClaimsSetVerifier<SecurityContext> claimsVerifier = new DefaultJWTClaimsVerifier<>(); jwtProcessor.setJWTClaimsSetVerifier(claimsVerifier); // Process the token SecurityContext ctx = null; // optional context parameter, not required here jwtProcessor.process(token.toString(), ctx); verified = true; } } catch (BadJOSEException | JOSEException | ParseException | MalformedURLException e) { throw new TokenServiceException("Cannot verify token.", e); } return verified; }
Example #3
Source File: AbstractJWKSTest.java From microprofile-jwt-auth with Apache License 2.0 | 5 votes |
/** * Ensure a token is validated by the provider using the JWKS URL for the public key associated * with the signer. * * @throws Exception */ @Test(expectedExceptions = {InvalidJwtException.class, BadJOSEException.class, JWTVerificationException.class}) public void testNoMatchingKID() throws Exception { PrivateKey pk = loadPrivateKey(); String token = TokenUtils.generateTokenString(pk, "invalid-kid", "/Token1.json", null, null); int expGracePeriodSecs = 60; validateToken(token, new URL(endpoint), TEST_ISSUER, expGracePeriodSecs); }
Example #4
Source File: AuthResource.java From eplmp with Eclipse Public License 1.0 | 5 votes |
private IDTokenClaimsSet validateToken(OAuthProvider provider, OAuthLoginRequestDTO oAuthLoginRequestDTO) throws MalformedURLException, ParseException, BadJOSEException, JOSEException { Issuer iss = new Issuer(provider.getIssuer()); ClientID clientID = new ClientID(provider.getClientID()); Nonce nonce = new Nonce(oAuthLoginRequestDTO.getNonce()); URL jwkSetURL = new URL(provider.getJwkSetURL()); JWSAlgorithm jwsAlg = JWSAlgorithm.parse(provider.getJwsAlgorithm()); IDTokenValidator validator = new IDTokenValidator(iss, clientID, jwsAlg, jwkSetURL); JWT idToken = JWTParser.parse(oAuthLoginRequestDTO.getIdToken()); return validator.validate(idToken, nonce); }
Example #5
Source File: OAuth2GenericAuthenticationProviderTest_idToken.java From graviteeio-access-management with Apache License 2.0 | 5 votes |
@Test public void shouldLoadUserByUsername_authentication() throws ParseException, JOSEException, BadJOSEException { JWTClaimsSet claims = new JWTClaimsSet.Builder().subject("bob").build(); when(configuration.getResponseType()).thenReturn(ResponseType.ID_TOKEN); when(jwtProcessor.process("test", null)).thenReturn(claims); TestObserver<User> testObserver = authenticationProvider.loadUserByUsername(new Authentication() { @Override public Object getCredentials() { return "__social__"; } @Override public Object getPrincipal() { return "__social__"; } @Override public AuthenticationContext getContext() { DummyRequest dummyRequest = new DummyRequest(); dummyRequest.setParameters(Collections.singletonMap("urlHash", Collections.singletonList("#id_token=test"))); return new DummyAuthenticationContext(Collections.singletonMap("id_token", "test"), dummyRequest); } }).test(); testObserver.assertComplete(); testObserver.assertNoErrors(); testObserver.assertValue(u -> "bob".equals(u.getUsername())); }
Example #6
Source File: OAuth2GenericAuthenticationProviderTest_idToken.java From graviteeio-access-management with Apache License 2.0 | 5 votes |
@Test public void shouldLoadUserByUsername_authentication_badToken() throws ParseException, JOSEException, BadJOSEException { when(jwtProcessor.process("test", null)).thenThrow(new JOSEException("jose exception")); when(configuration.getResponseType()).thenReturn(ResponseType.ID_TOKEN); TestObserver<User> testObserver = authenticationProvider.loadUserByUsername(new Authentication() { @Override public Object getCredentials() { return "__social__"; } @Override public Object getPrincipal() { return "__social__"; } @Override public AuthenticationContext getContext() { DummyRequest dummyRequest = new DummyRequest(); dummyRequest.setParameters(Collections.singletonMap("urlHash", Collections.singletonList("#id_token=test"))); return new DummyAuthenticationContext(Collections.singletonMap("id_token", "test"), dummyRequest); } }).test(); testObserver.awaitTerminalEvent(); testObserver.assertError(BadCredentialsException.class); }
Example #7
Source File: DefaultValidatingJWTProcessor.java From hammock with Apache License 2.0 | 5 votes |
@Override public JsonObject process(String jwt) throws JWTException { try { String rawJwt = delegate.process(jwt, null).toString(); return Json.createReader(new StringReader(rawJwt)).readObject(); } catch (ParseException | BadJOSEException | JOSEException e) { throw new JWTException("Unable to parse jwt", e); } }