Package org.apache.hadoop.gateway.services.security.token.impl

Examples of org.apache.hadoop.gateway.services.security.token.impl.JWTToken

69
70
71
72
73
74
75
76
77
78
79
   
    String header = ((HttpServletRequest) request).getHeader("Authorization");
    if (header != null && header.startsWith(BEARER)) {
      // what follows the bearer designator should be the JWT token being used to request or as an access token
      String wireToken = header.substring(BEARER.length());
      JWTToken token = JWTToken.parseToken(wireToken);
      // ensure that there is a valid jwt token available and that there isn't a misconfiguration of filters
      if (token != null) {
        authority.verifyToken(token);
      }
      else {
View Full Code Here
130
131
132
133
134
135
136
137
138
139
      public String getName() {
        // TODO Auto-generated method stub
        return principalName;
      }
    };
    JWTToken token = authority.issueToken(p, serviceName, "RS256", expires);
    accessToken = token.toString();
   
    return accessToken;
  }
View Full Code Here
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
  private static final String HEADER = "{\"alg\":\"RS256\"}";
  private static final String CLAIMS = "{\"iss\": \"gateway\", \"prn\": \"john.doe@example.com\", \"aud\": \"https://login.example.com\", \"exp\": \"1363360913\"}";
 
  @Test
  public void testTokenParsing() throws Exception {
    JWTToken token = JWTToken.parseToken(JWT_TOKEN);
   
    assertEquals(token.header, HEADER);
    assertEquals(token.claims, CLAIMS);
   
    assertEquals(token.getIssuer(), "gateway");
    assertEquals(token.getPrincipal(), "john.doe@example.com");
    assertEquals(token.getAudience(), "https://login.example.com");
    assertEquals(token.getExpires(), "1363360913");
  }
View Full Code Here
46
47
48
49
50
51
52
53
54
55
56
    String[] claims = new String[4];
    claims[0] = "3MVG99OxTyEMCQ3gNp2PjkqeZKxnmAiG1xV4oHh9AKL_rSK.BoSVPGZHQukXnVjzRgSuQqGn75NL7yfkQcyy7";
    claims[1] = "john.doe@example.com";
    claims[2] = "https://login.example.com";
    claims[3] = Long.toString( ( System.currentTimeMillis()/1000 ) + 300);
    JWTToken token = new JWTToken("RS256", claims);

    assertEquals(token.getIssuer(), "3MVG99OxTyEMCQ3gNp2PjkqeZKxnmAiG1xV4oHh9AKL_rSK.BoSVPGZHQukXnVjzRgSuQqGn75NL7yfkQcyy7");
    assertEquals(token.getPrincipal(), "john.doe@example.com");
    assertEquals(token.getAudience(), "https://login.example.com");
  }
View Full Code Here
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
      throws IOException, ServletException {
    String header = ((HttpServletRequest) request).getHeader("Authorization");
    if (header != null && header.startsWith(BEARER)) {
      // what follows the bearer designator should be the JWT token being used to request or as an access token
      String wireToken = header.substring(BEARER.length());
      JWTToken token = JWTToken.parseToken(wireToken);
      boolean verified = authority.verifyToken(token);
      if (verified) {
        // TODO: validate expiration
        // confirm that audience matches intended target - which for this filter must be HSSO
        if (token.getAudience().equals("HSSO")) {
          // TODO: verify that the user requesting access to the service/resource is authorized for it - need scopes?
          Subject subject = createSubjectFromToken(token);
          continueWithEstablishedSecurityContext(subject, (HttpServletRequest)request, (HttpServletResponse)response, chain);
        }
        else {
View Full Code Here
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
      FilterChain chain) throws IOException, ServletException {

      Subject subject = Subject.getSubject(AccessController.getContext());
      String principalName = getPrincipalName(subject);
      principalName = mapper.mapUserPrincipal(principalName);
      JWTToken authCode = authority.issueToken(subject, "RS256");
     
      // get the url for the token service
      String url = null;
      if (sr != null) {
        url = sr.lookupServiceURL("token", "TGS");
      }
     
      HashMap<String, Object> map = new HashMap<String, Object>();
      // TODO: populate map from JWT authorization code
      map.put("iss", authCode.getIssuer());
      map.put("sub", authCode.getPrincipal());
      map.put("aud", authCode.getAudience());
      map.put("exp", authCode.getExpires());
      map.put("code", authCode.toString());
      if (url != null) {
        map.put("tke", url);
      }
     
      String jsonResponse = JsonUtils.renderAsJsonString(map);
View Full Code Here
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
      throws IOException, ServletException {
    String header = ((HttpServletRequest) request).getHeader("Authorization");
    if (header != null && header.startsWith(BEARER)) {
      // what follows the bearer designator should be the JWT token being used to request or as an access token
      String wireToken = header.substring(BEARER.length());
      JWTToken token = JWTToken.parseToken(wireToken);
      boolean verified = authority.verifyToken(token);
      if (verified) {
        long expires = Long.parseLong(token.getExpires());
        if (expires > System.currentTimeMillis()) {
          if (((HttpServletRequest) request).getRequestURL().indexOf(token.getAudience().toLowerCase()) != -1) {
            Subject subject = createSubjectFromToken(token);
            continueWithEstablishedSecurityContext(subject, (HttpServletRequest)request, (HttpServletResponse)response, chain);
          }
          else {
            log.failedToValidateAudience();
View Full Code Here
72
73
74
75
76
77
78
79
80
81
82
83
84
    }
    else {
      claimArray[3] = String.valueOf(expires);
    }

    JWTToken token = null;
    if ("RS256".equals(algorithm)) {
      token = new JWTToken("RS256", claimArray);
      signToken(token);
    }
    else {
      // log inappropriate alg
    }
View Full Code Here
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
      throws IOException, ServletException {
    String header = ((HttpServletRequest) request).getHeader("Authorization");
    if (header != null && header.startsWith(BEARER)) {
      // what follows the bearer designator should be the JWT token being used to request or as an access token
      String wireToken = header.substring(BEARER.length());
      JWTToken token = JWTToken.parseToken(wireToken);
      boolean verified = authority.verifyToken(token);
      if (verified) {
        // TODO: validate expiration
        // TODO: confirm that audience matches intended target
        if (((HttpServletRequest) request).getRequestURL().indexOf(token.getAudience().toLowerCase()) != -1) {
          // TODO: verify that the user requesting access to the service/resource is authorized for it - need scopes?
          Subject subject = createSubjectFromToken(token);
          continueWithEstablishedSecurityContext(subject, (HttpServletRequest)request, (HttpServletResponse)response, chain);
        }
        else {
View Full Code Here
69
70
71
72
73
74
75
76
77
78
79
   
    String header = ((HttpServletRequest) request).getHeader("Authorization");
    if (header != null && header.startsWith(BEARER)) {
      // what follows the bearer designator should be the JWT token being used to request or as an access token
      String wireToken = header.substring(BEARER.length());
      JWTToken token = JWTToken.parseToken(wireToken);
      // ensure that there is a valid jwt token available and that there isn't a misconfiguration of filters
      if (token != null) {
        authority.verifyToken(token);
      }
      else {
View Full Code Here
TOP

Related Classes of org.apache.hadoop.gateway.services.security.token.impl.JWTToken

  • org.apache.hadoop.gateway.provider.federation.jwt.filter.AccessTokenFederationFilter
  • org.apache.hadoop.gateway.provider.federation.jwt.filter.JWTAccessTokenAssertionFilter
  • org.apache.hadoop.gateway.provider.federation.jwt.filter.JWTAuthCodeAssertionFilter
  • org.apache.hadoop.gateway.provider.federation.jwt.filter.JWTFederationFilter
  • org.apache.hadoop.gateway.provider.federation.JWTTokenTest
  • org.apache.hadoop.gateway.services.token.impl.DefaultTokenAuthorityService
  • java.text.MessageFormat
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.