Examples of JwtClaims

Examples of com.unblau.javajwt.model.JWTClaims

    String algorithm = algorithms.get(jwtHeader.getAlg());




      // get JWTClaims JSON object


      JWTClaims jwtClaims = (JWTClaims) decodeAndParse(pieces[1], JWTClaims.class);


      
      // check signature
      
      if (!"none".equals(algorithm))
      {
        if (pieces.length!=3) 
          throw new IllegalStateException("wrong number of segments: " + pieces.length);


        if (args.getKey()==null) 
          throw new IllegalStateException("key not set");


        Mac hmac = Mac.getInstance(algorithm);
        hmac.init(new SecretKeySpec(decoder.decodeBase64(args.getKey()), algorithm));
        byte[] sig = hmac.doFinal(new StringBuilder(pieces[0]).append(".").append(pieces[1]).toString().getBytes());


        if (!Arrays.equals(sig, decoder.decodeBase64(pieces[2]))) 
          throw new SignatureException("signature verification failed");
      }




      // additional JWTClaims checks


      if (jwtClaims.getExp()!=0 && System.currentTimeMillis()/1000L >= jwtClaims.getExp()) 
        throw new IllegalStateException("jwt expired");


      if ((jwtClaims.getIss()!=null && (args.getIss()==null || !args.getIss().equals(jwtClaims.getIss()))) ||
          (jwtClaims.getIss()==null && args.getIss()!=null)) throw new IllegalStateException("jwt issuer invalid");


      if ((jwtClaims.getAud()!=null && (args.getAud()==null || args!=null && !args.getAud().equals(jwtClaims.getAud()))) ||
          (jwtClaims.getAud()==null && args.getAud()!=null)) throw new IllegalStateException("jwt audience invalid");
    }

View Full Code Here

Examples of org.apache.cxf.rs.security.oauth2.jwt.JwtClaims

    
    @Test
    public void testWriteReadJwsUnsigned() throws Exception {
        JwtHeaders headers = new JwtHeaders(JwtConstants.PLAIN_TEXT_ALGO);
        
        JwtClaims claims = new JwtClaims();
        claims.setIssuer("https://jwt-idp.example.com");
        claims.setSubject("mailto:mike@example.com");
        claims.setAudience("https://jwt-rp.example.net");
        claims.setNotBefore(1300815780);
        claims.setExpiryTime(1300819380);
        claims.setClaim("http://claims.example.com/member", true);
        
        JwsCompactProducer writer = new JwsJwtCompactProducer(headers, claims);
        String signed = writer.getSignedEncodedJws();
        
        JwsJwtCompactConsumer reader = new JwsJwtCompactConsumer(signed);

View Full Code Here

Examples of org.apache.cxf.rs.security.oauth2.jwt.JwtClaims

    private void doTestWriteJwsWithJwkSignedByMac(Object jsonWebKey) throws Exception {
        JwtHeaders headers = new JwtHeaders(Algorithm.HmacSHA256.getJwtName());
        
        headers.setHeader(JwtConstants.HEADER_JSON_WEB_KEY, jsonWebKey);
        
        JwtClaims claims = new JwtClaims();
        claims.setIssuer("joe");
        claims.setExpiryTime(1300819380);
        claims.setClaim("http://example.com/is_root", Boolean.TRUE);
        
        JwtToken token = new JwtToken(headers, claims);
        JwsCompactProducer jws = new JwsJwtCompactProducer(token, getWriter());
        jws.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY));

View Full Code Here

Examples of org.apache.cxf.rs.security.oauth2.jwt.JwtClaims

        validateSpecClaim(token.getClaims());
    }
    
    private JwsCompactProducer initSpecJwtTokenWriter(JwtHeaders headers) throws Exception {
        
        JwtClaims claims = new JwtClaims();
        claims.setIssuer("joe");
        claims.setExpiryTime(1300819380);
        claims.setClaim("http://example.com/is_root", Boolean.TRUE);
        
        JwtToken token = new JwtToken(headers, claims);
        return new JwsJwtCompactProducer(token, getWriter());
    }

View Full Code Here

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.