Examples of org.jboss.resteasy.jose.jws.JWSInput

org.jboss.resteasy.jose.jws.JWSInput
@author Bill Burke @version $Revision: 1 $

   public static SkeletonKeyToken verifyToken(String tokenString, ResourceMetadata metadata) throws VerificationException
   {
      PublicKey realmKey = metadata.getRealmKey();
      String realm = metadata.getRealm();
      String resource = metadata.getResourceName();
      JWSInput input = new JWSInput(tokenString);
      boolean verified = false;
      try
      {
         verified = RSAProvider.verify(input, realmKey);
      }
      catch (Exception ignore)
      {


      }
      if (!verified) throw new VerificationException("Token signature not validated");


      SkeletonKeyToken token = null;
      try
      {
         token = JsonSerialization.fromBytes(SkeletonKeyToken.class, input.getContent());
      }
      catch (IOException e)
      {
         throw new VerificationException(e);
      }

View Full Code Here

              .content(tokenBytes)
              .rsa256(keyPair.getPrivate());


      System.out.println(encoded);


      JWSInput input = new JWSInput(encoded);
      byte[] content = input.getContent();


      token = JsonSerialization.fromBytes(SkeletonKeyToken.class, content);
      Assert.assertEquals("111", token.getId());
      Assert.assertTrue(RSAProvider.verify(input, keyPair.getPublic()));
   }

View Full Code Here

         return;
      }
      // always verify code and remove access code from map before authenticating user
      // if user authentication fails, we want the code to be removed irreguardless just in case we're under attack
      String code = request.getParameter("code");
      JWSInput input = new JWSInput(code, providers);
      boolean verifiedCode = false;
      try
      {
         verifiedCode = RSAProvider.verify(input, realmPublicKey);
      }
      catch (Exception ignored)
      {
         log.error("Failed to verify signature", ignored);
      }
      if (!verifiedCode)
      {
         Map<String, String> res = new HashMap<String, String>();
         res.put("error", "invalid_grant");
         res.put("error_description", "Unable to verify code signature");
         response.sendError(400);
         response.setContentType("application/json");
         mapWriter.writeValue(response.getOutputStream(), res);
         response.getOutputStream().flush();
         return;
      }
      String key = input.readContent(String.class);
      AccessCode accessCode = accessCodeMap.remove(key);
      String redirect = request.getParameter("redirect_uri");


      GenericPrincipal gp = basicAuth(request, response);
      if (gp == null)

View Full Code Here

         return Response.status(Response.Status.BAD_REQUEST).entity(error).type("application/json").build();
      }






      JWSInput input = new JWSInput(code, providers);
      boolean verifiedCode = false;
      try
      {
         verifiedCode = RSAProvider.verify(input, realm.getPublicKey());
      }
      catch (Exception ignored)
      {
         logger.debug("Failed to verify signature", ignored);
      }
      if (!verifiedCode)
      {
         Map<String, String> res = new HashMap<String, String>();
         res.put("error", "invalid_grant");
         res.put("error_description", "Unable to verify code signature");
         return Response.status(Response.Status.BAD_REQUEST).type(MediaType.APPLICATION_JSON_TYPE).entity(res).build();
      }
      String key = input.readContent(String.class);
      AccessCode accessCode = null;
      synchronized (accessCodeMap)
      {
         accessCode = accessCodeMap.remove(key);
      }

View Full Code Here

              .content("Hello World".getBytes("UTF-8"))
              .rsa256(keyPair.getPrivate());


      System.out.println(encoded);


      JWSInput input = new JWSInput(encoded, ResteasyProviderFactory.getInstance());
      String msg = (String)input.readContent(String.class, null, null, MediaType.TEXT_PLAIN_TYPE);
      Assert.assertEquals("Hello World", msg);
      Assert.assertTrue(RSAProvider.verify(input, keyPair.getPublic()));


   }

View Full Code Here

              .content("Hello World", MediaType.TEXT_PLAIN_TYPE)
              .rsa256(keyPair.getPrivate());


      System.out.println(encoded);


      JWSInput input = new JWSInput(encoded, ResteasyProviderFactory.getInstance());
      System.out.println(input.getHeader());
      String msg = (String)input.readContent(String.class);
      Assert.assertEquals("Hello World", msg);
      Assert.assertTrue(RSAProvider.verify(input, keyPair.getPublic()));


   }

View Full Code Here

              .content("Hello World", MediaType.TEXT_PLAIN_TYPE)
              .hmac256(key);


      System.out.println(encoded);


      JWSInput input = new JWSInput(encoded, ResteasyProviderFactory.getInstance());
      System.out.println(input.getHeader());
      String msg = (String)input.readContent(String.class);
      Assert.assertEquals("Hello World", msg);
      Assert.assertTrue(HMACProvider.verify(input, key));


   }

View Full Code Here

TOP

Related Classes of org.jboss.resteasy.jose.jws.JWSInput

org.jboss.resteasy.skeleton.key.as7.OAuthAuthenticationServerValve

org.jboss.resteasy.skeleton.key.idm.service.TokenManagement

org.jboss.resteasy.skeleton.key.RSATokenVerifier

org.jboss.resteasy.test.jose.jws.JWSTest

org.jboss.resteasy.test.skeleton.key.SkeletonKeyTokenTest

javax.ws.rs.ext.MessageBodyReader

java.io.ByteArrayInputStream

javax.ws.rs.core.MediaType

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.