Examples of JWSInput

org.jboss.resteasy.jose.jws.JWSInput
@author Bill Burke @version $Revision: 1 $
org.keycloak.jose.jws.JWSInput
@author Bill Burke @version $Revision: 1 $

Examples of org.jboss.resteasy.jose.jws.JWSInput

   public static SkeletonKeyToken verifyToken(String tokenString, ResourceMetadata metadata) throws VerificationException
   {
      PublicKey realmKey = metadata.getRealmKey();
      String realm = metadata.getRealm();
      String resource = metadata.getResourceName();
      JWSInput input = new JWSInput(tokenString);
      boolean verified = false;
      try
      {
         verified = RSAProvider.verify(input, realmKey);
      }
      catch (Exception ignore)
      {


      }
      if (!verified) throw new VerificationException("Token signature not validated");


      SkeletonKeyToken token = null;
      try
      {
         token = JsonSerialization.fromBytes(SkeletonKeyToken.class, input.getContent());
      }
      catch (IOException e)
      {
         throw new VerificationException(e);
      }

View Full Code Here

Examples of org.jboss.resteasy.jose.jws.JWSInput

              .content(tokenBytes)
              .rsa256(keyPair.getPrivate());


      System.out.println(encoded);


      JWSInput input = new JWSInput(encoded);
      byte[] content = input.getContent();


      token = JsonSerialization.fromBytes(SkeletonKeyToken.class, content);
      Assert.assertEquals("111", token.getId());
      Assert.assertTrue(RSAProvider.verify(input, keyPair.getPublic()));
   }

View Full Code Here

Examples of org.jboss.resteasy.jose.jws.JWSInput

         return;
      }
      // always verify code and remove access code from map before authenticating user
      // if user authentication fails, we want the code to be removed irreguardless just in case we're under attack
      String code = request.getParameter("code");
      JWSInput input = new JWSInput(code, providers);
      boolean verifiedCode = false;
      try
      {
         verifiedCode = RSAProvider.verify(input, realmPublicKey);
      }
      catch (Exception ignored)
      {
         log.error("Failed to verify signature", ignored);
      }
      if (!verifiedCode)
      {
         Map<String, String> res = new HashMap<String, String>();
         res.put("error", "invalid_grant");
         res.put("error_description", "Unable to verify code signature");
         response.sendError(400);
         response.setContentType("application/json");
         mapWriter.writeValue(response.getOutputStream(), res);
         response.getOutputStream().flush();
         return;
      }
      String key = input.readContent(String.class);
      AccessCode accessCode = accessCodeMap.remove(key);
      String redirect = request.getParameter("redirect_uri");


      GenericPrincipal gp = basicAuth(request, response);
      if (gp == null)

View Full Code Here

Examples of org.jboss.resteasy.jose.jws.JWSInput

         return Response.status(Response.Status.BAD_REQUEST).entity(error).type("application/json").build();
      }






      JWSInput input = new JWSInput(code, providers);
      boolean verifiedCode = false;
      try
      {
         verifiedCode = RSAProvider.verify(input, realm.getPublicKey());
      }
      catch (Exception ignored)
      {
         logger.debug("Failed to verify signature", ignored);
      }
      if (!verifiedCode)
      {
         Map<String, String> res = new HashMap<String, String>();
         res.put("error", "invalid_grant");
         res.put("error_description", "Unable to verify code signature");
         return Response.status(Response.Status.BAD_REQUEST).type(MediaType.APPLICATION_JSON_TYPE).entity(res).build();
      }
      String key = input.readContent(String.class);
      AccessCode accessCode = null;
      synchronized (accessCodeMap)
      {
         accessCode = accessCodeMap.remove(key);
      }

View Full Code Here

Examples of org.jboss.resteasy.jose.jws.JWSInput

              .content("Hello World".getBytes("UTF-8"))
              .rsa256(keyPair.getPrivate());


      System.out.println(encoded);


      JWSInput input = new JWSInput(encoded, ResteasyProviderFactory.getInstance());
      String msg = (String)input.readContent(String.class, null, null, MediaType.TEXT_PLAIN_TYPE);
      Assert.assertEquals("Hello World", msg);
      Assert.assertTrue(RSAProvider.verify(input, keyPair.getPublic()));


   }

View Full Code Here

Examples of org.jboss.resteasy.jose.jws.JWSInput

              .content("Hello World", MediaType.TEXT_PLAIN_TYPE)
              .rsa256(keyPair.getPrivate());


      System.out.println(encoded);


      JWSInput input = new JWSInput(encoded, ResteasyProviderFactory.getInstance());
      System.out.println(input.getHeader());
      String msg = (String)input.readContent(String.class);
      Assert.assertEquals("Hello World", msg);
      Assert.assertTrue(RSAProvider.verify(input, keyPair.getPublic()));


   }

View Full Code Here

Examples of org.jboss.resteasy.jose.jws.JWSInput

              .content("Hello World", MediaType.TEXT_PLAIN_TYPE)
              .hmac256(key);


      System.out.println(encoded);


      JWSInput input = new JWSInput(encoded, ResteasyProviderFactory.getInstance());
      System.out.println(input.getHeader());
      String msg = (String)input.readContent(String.class);
      Assert.assertEquals("Hello World", msg);
      Assert.assertTrue(HMACProvider.verify(input, key));


   }

View Full Code Here

Examples of org.keycloak.jose.jws.JWSInput

        refreshToken = tokenResponse.getRefreshToken();
        idTokenString = tokenResponse.getIdToken();


        token = RSATokenVerifier.verifyToken(tokenString, deployment.getRealmKey(), deployment.getRealm());
        if (idTokenString != null) {
            JWSInput input = new JWSInput(idTokenString);
            try {
                idToken = input.readJsonContent(IDToken.class);
            } catch (IOException e) {
                throw new VerificationException();
            }
        }
    }

View Full Code Here

Examples of org.keycloak.jose.jws.JWSInput

        return validated;


    }


    public static boolean validPasswordToken(RealmModel realm, UserModel user, String encodedPasswordToken) {
        JWSInput jws = new JWSInput(encodedPasswordToken);
        if (!RSAProvider.verify(jws, realm.getPublicKey())) {
            return false;
        }
        try {
            PasswordToken passwordToken = jws.readJsonContent(PasswordToken.class);
            if (!passwordToken.getRealm().equals(realm.getName())) {
                return false;
            }
            if (!passwordToken.getUser().equals(user.getId())) {
                return false;

View Full Code Here

Examples of org.keycloak.jose.jws.JWSInput

        }
    }


    public RefreshToken verifyRefreshToken(String refreshToken) {
        try {
            JWSInput jws = new JWSInput(refreshToken);
            if (!RSAProvider.verify(jws, realmPublicKey)) {
                throw new RuntimeException("Invalid refresh token");
            }
            return jws.readJsonContent(RefreshToken.class);
        } catch (Exception e) {
            throw new RuntimeException("Invalid refresh token", e);
        }
    }

View Full Code Here

0 1 2

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.