com.nimbusds.jwt.JWT.getJWTClaimsSet()方法的使用及代码示例
本文整理了Java中com.nimbusds.jwt.JWT.getJWTClaimsSet()方法的一些代码示例,展示了JWT.getJWTClaimsSet()的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。JWT.getJWTClaimsSet()方法的具体详情如下:
包路径:com.nimbusds.jwt.JWT
类名称:JWT
方法名:getJWTClaimsSet
JWT.getJWTClaimsSet介绍
[英]Gets the claims set of the JSON Web Token (JWT).
[中]获取JSON Web令牌(JWT)的声明集。
代码示例
代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server
private String getIssuer(String accessToken) {
try {
JWT jwt = JWTParser.parse(accessToken);
String issuer = jwt.getJWTClaimsSet().getIssuer();
return issuer;
} catch (ParseException e) {
throw new IllegalArgumentException("Unable to parse JWT", e);
}
}代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server
@Override
public Collection<? extends GrantedAuthority> mapAuthorities(JWT idToken, UserInfo userInfo) {
Set<GrantedAuthority> out = new HashSet<>();
try {
JWTClaimsSet claims = idToken.getJWTClaimsSet();
SubjectIssuerGrantedAuthority authority = new SubjectIssuerGrantedAuthority(claims.getSubject(), claims.getIssuer());
out.add(authority);
if (admins.contains(authority)) {
out.add(ROLE_ADMIN);
}
// everybody's a user by default
out.add(ROLE_USER);
} catch (ParseException e) {
logger.error("Unable to parse ID Token inside of authorities mapper (huh?)");
}
return out;
}代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server
/**
* Create an unauthenticated token with the given subject and jwt
* @param subject
* @param jwt
*/
public JWTBearerAssertionAuthenticationToken(JWT jwt) {
super(null);
try {
// save the subject of the JWT in case the credentials get erased later
this.subject = jwt.getJWTClaimsSet().getSubject();
} catch (ParseException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
this.jwt = jwt;
setAuthenticated(false);
}代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server
/**
* Create an authenticated token with the given clientID, jwt, and authorities set
* @param subject
* @param jwt
* @param authorities
*/
public JWTBearerAssertionAuthenticationToken(JWT jwt, Collection<? extends GrantedAuthority> authorities) {
super(authorities);
try {
// save the subject of the JWT in case the credentials get erased later
this.subject = jwt.getJWTClaimsSet().getSubject();
} catch (ParseException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
this.jwt = jwt;
setAuthenticated(true);
}代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server
/**
* Pull the assertion out of the request and send it up to the auth manager for processing.
*/
@Override
public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException, IOException, ServletException {
// check for appropriate parameters
String assertionType = request.getParameter("client_assertion_type");
String assertion = request.getParameter("client_assertion");
try {
JWT jwt = JWTParser.parse(assertion);
String clientId = jwt.getJWTClaimsSet().getSubject();
Authentication authRequest = new JWTBearerAssertionAuthenticationToken(jwt);
return this.getAuthenticationManager().authenticate(authRequest);
} catch (ParseException e) {
throw new BadCredentialsException("Invalid JWT credential: " + assertion);
}
}代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server
@Override
public boolean isValid(JWT assertion) {
if (!(assertion instanceof SignedJWT)) {
// unsigned assertion
return false;
}
JWTClaimsSet claims;
try {
claims = assertion.getJWTClaimsSet();
} catch (ParseException e) {
logger.debug("Invalid assertion claims");
return false;
}
// make sure the issuer exists
if (Strings.isNullOrEmpty(claims.getIssuer())) {
logger.debug("No issuer for assertion, rejecting");
return false;
}
// make sure the issuer is us
if (!claims.getIssuer().equals(config.getIssuer())) {
logger.debug("Issuer is not the same as this server, rejecting");
return false;
}
// validate the signature based on our public key
if (jwtService.validateSignature((SignedJWT) assertion)) {
return true;
} else {
return false;
}
}代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server
@Override
public boolean isValid(JWT assertion) {
if (!(assertion instanceof SignedJWT)) {
// unsigned assertion
return false;
}
JWTClaimsSet claims;
try {
claims = assertion.getJWTClaimsSet();
} catch (ParseException e) {
logger.debug("Invalid assertion claims");
return false;
}
if (Strings.isNullOrEmpty(claims.getIssuer())) {
logger.debug("No issuer for assertion, rejecting");
return false;
}
if (!whitelist.containsKey(claims.getIssuer())) {
logger.debug("Issuer is not in whitelist, rejecting");
return false;
}
String jwksUri = whitelist.get(claims.getIssuer());
JWTSigningAndValidationService validator = jwkCache.getValidator(jwksUri);
if (validator.validateSignature((SignedJWT) assertion)) {
return true;
} else {
return false;
}
}代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server
idTokenClaims = idToken.getJWTClaimsSet();代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server
@Override
public OAuth2Request createOAuth2Request(ClientDetails client, TokenRequest tokenRequest, JWT assertion) {
try {
JWTClaimsSet claims = assertion.getJWTClaimsSet();
Set<String> scope = OAuth2Utils.parseParameterList(claims.getStringClaim("scope"));
Set<String> resources = Sets.newHashSet(claims.getAudience());
return new OAuth2Request(tokenRequest.getRequestParameters(), client.getClientId(), client.getAuthorities(), true, scope, resources, null, null, null);
} catch (ParseException e) {
return null;
}
}代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server
private OAuth2AccessTokenEntity fetchValidRegistrationToken(OAuth2Authentication auth, ClientDetailsEntity client) {
OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails) auth.getDetails();
OAuth2AccessTokenEntity token = tokenService.readAccessToken(details.getTokenValue());
if (config.getRegTokenLifeTime() != null) {
try {
// Re-issue the token if it has been issued before [currentTime - validity]
Date validToDate = new Date(System.currentTimeMillis() - config.getRegTokenLifeTime() * 1000);
if(token.getJwt().getJWTClaimsSet().getIssueTime().before(validToDate)) {
logger.info("Rotating the registration access token for " + client.getClientId());
tokenService.revokeAccessToken(token);
OAuth2AccessTokenEntity newToken = connectTokenService.createResourceAccessToken(client);
tokenService.saveAccessToken(newToken);
return newToken;
} else {
// it's not expired, keep going
return token;
}
} catch (ParseException e) {
logger.error("Couldn't parse a known-valid token?", e);
return token;
}
} else {
// tokens don't expire, just return it
return token;
}
}代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server
private OAuth2AccessTokenEntity rotateRegistrationTokenIfNecessary(OAuth2Authentication auth, ClientDetailsEntity client) {
OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails) auth.getDetails();
OAuth2AccessTokenEntity token = tokenService.readAccessToken(details.getTokenValue());
if (config.getRegTokenLifeTime() != null) {
try {
// Re-issue the token if it has been issued before [currentTime - validity]
Date validToDate = new Date(System.currentTimeMillis() - config.getRegTokenLifeTime() * 1000);
if(token.getJwt().getJWTClaimsSet().getIssueTime().before(validToDate)) {
logger.info("Rotating the registration access token for " + client.getClientId());
tokenService.revokeAccessToken(token);
OAuth2AccessTokenEntity newToken = connectTokenService.createRegistrationAccessToken(client);
tokenService.saveAccessToken(newToken);
return newToken;
} else {
// it's not expired, keep going
return token;
}
} catch (ParseException e) {
logger.error("Couldn't parse a known-valid token?", e);
return token;
}
} else {
// tokens don't expire, just return it
return token;
}
}代码示例来源:origin: apache/nifi
claimsSet = successResponse.getUserInfo().toJWTClaimsSet();
} else {
claimsSet = successResponse.getUserInfoJWT().getJWTClaimsSet();代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server
JWTClaimsSet idClaims = idToken.getJWTClaimsSet();代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server
JWTClaimsSet claims = jwt.getJWTClaimsSet();代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server
JWTClaimsSet jwtClaims = jwt.getJWTClaimsSet();代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server
JWTClaimsSet claimSet = newClient.getSoftwareStatement().getJWTClaimsSet();
for (String claim : claimSet.getClaims().keySet()) {
switch (claim) {代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server
JWTClaimsSet claimSet = newClient.getSoftwareStatement().getJWTClaimsSet();
for (String claim : claimSet.getClaims().keySet()) {
switch (claim) {代码示例来源:origin: org.mitre/openid-connect-client
private String getIssuer(String accessToken) {
try {
JWT jwt = JWTParser.parse(accessToken);
String issuer = jwt.getJWTClaimsSet().getIssuer();
return issuer;
} catch (ParseException e) {
throw new IllegalArgumentException("Unable to parse JWT", e);
}
}代码示例来源:origin: org.wso2.carbon.identity.inbound.auth.oauth2/org.wso2.carbon.identity.oauth
@Override
public String getAccessTokenHash(String accessToken) throws OAuthSystemException {
try {
JWT parse = JWTParser.parse(accessToken);
return parse.getJWTClaimsSet().getJWTID();
} catch (ParseException e) {
if (log.isDebugEnabled() && IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.ACCESS_TOKEN)) {
log.debug("Error while getting JWTID from token: " + accessToken);
}
throw new OAuthSystemException("Error while getting access token hash", e);
}
}代码示例来源:origin: org.mitre/openid-connect-server
@Override
public OAuth2Request createOAuth2Request(ClientDetails client, TokenRequest tokenRequest, JWT assertion) {
try {
JWTClaimsSet claims = assertion.getJWTClaimsSet();
Set<String> scope = OAuth2Utils.parseParameterList(claims.getStringClaim("scope"));
Set<String> resources = Sets.newHashSet(claims.getAudience());
return new OAuth2Request(tokenRequest.getRequestParameters(), client.getClientId(), client.getAuthorities(), true, scope, resources, null, null, null);
} catch (ParseException e) {
return null;
}
}内容来源于网络,如有侵权,请联系作者删除!
