io.jsonwebtoken.SignatureAlgorithm类的使用及代码示例
本文整理了Java中io.jsonwebtoken.SignatureAlgorithm类的一些代码示例,展示了SignatureAlgorithm类的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。SignatureAlgorithm类的具体详情如下:
包路径:io.jsonwebtoken.SignatureAlgorithm
类名称:SignatureAlgorithm
SignatureAlgorithm介绍
[英]Type-safe representation of standard JWT signature algorithm names as defined in the JSON Web Algorithms specification.
[中][JSON Web Algorithms](https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-31)规范中定义的标准JWT签名算法名称的类型安全表示。
代码示例
代码示例来源:origin: jwtk/jjwt
@Override
public Key resolveSigningKey(JwsHeader header, Claims claims) {
SignatureAlgorithm alg = SignatureAlgorithm.forName(header.getAlgorithm());
Assert.isTrue(alg.isHmac(), "The default resolveSigningKey(JwsHeader, Claims) implementation cannot be " +
"used for asymmetric key algorithms (RSA, Elliptic Curve). " +
"Override the resolveSigningKey(JwsHeader, Claims) method instead and return a " +
"Key instance appropriate for the " + alg.name() + " algorithm.");
byte[] keyBytes = resolveSigningKeyBytes(header, claims);
return new SecretKeySpec(keyBytes, alg.getJcaName());
}代码示例来源:origin: jwtk/jjwt
/**
* Looks up and returns the corresponding {@code SignatureAlgorithm} enum instance based on a
* case-<em>insensitive</em> name comparison.
*
* @param value The case-insensitive name of the {@code SignatureAlgorithm} instance to return
* @return the corresponding {@code SignatureAlgorithm} enum instance based on a
* case-<em>insensitive</em> name comparison.
* @throws SignatureException if the specified value does not match any {@code SignatureAlgorithm}
* name.
*/
public static SignatureAlgorithm forName(String value) throws SignatureException {
for (SignatureAlgorithm alg : values()) {
if (alg.getValue().equalsIgnoreCase(value)) {
return alg;
}
}
throw new SignatureException("Unsupported signature algorithm '" + value + "'");
}
}代码示例来源:origin: jwtk/jjwt
} else if (isHmac()) {
String msg = this.familyName + " " + keyType(signing) + " keys must be SecretKey instances.";
throw new InvalidKeyException(msg);
throw new InvalidKeyException("The " + keyType(signing) + " key's encoded bytes cannot be null.");
throw new InvalidKeyException("The " + keyType(signing) + " key's algorithm cannot be null.");
!HS384.jcaName.equalsIgnoreCase(alg) &&
!HS512.jcaName.equalsIgnoreCase(alg)) {
throw new InvalidKeyException("The " + keyType(signing) + " key's algorithm '" + alg +
"' does not equal a valid HmacSHA* algorithm name and cannot be used with " + name() + ".");
String msg = "The " + keyType(signing) + " key's size is " + size + " bits which " +
"is not secure enough for the " + name() + " algorithm. The JWT " +
"JWA Specification (RFC 7518, Section 3.2) states that keys used with " + name() + " MUST have a " +
"size >= " + minKeyLength + " bits (the key size must be greater than or equal to the hash " +
"output size). Consider using the " + Keys.class.getName() + " class's " +
"'secretKeyFor(SignatureAlgorithm." + name() + ")' method to create a key guaranteed to be " +
"secure enough for " + name() + ". See " +
"https://tools.ietf.org/html/rfc7518#section-3.2 for more information.";
throw new WeakKeyException(msg);
if (isEllipticCurve()) {
String msg = familyName + " " + keyType(signing) + " keys must be ECKey instances.";
throw new InvalidKeyException(msg);代码示例来源:origin: prestodb/presto
public Key getKey(SignatureAlgorithm algorithm)
{
if (algorithm.isHmac()) {
if (hmacKey == null) {
throw new UnsupportedJwtException(format("JWT is signed with %s, but no HMAC key is configured", algorithm));
}
return new SecretKeySpec(hmacKey, algorithm.getJcaName());
}
if (publicKey == null) {
throw new UnsupportedJwtException(format("JWT is signed with %s, but no key is configured", algorithm));
}
return publicKey;
}
}代码示例来源:origin: jwtk/jjwt
String alg = jwsHeader.getAlgorithm();
if (Strings.hasText(alg)) {
algorithm = SignatureAlgorithm.forName(alg);
Assert.isTrue(algorithm.isHmac(),
"Key bytes can only be specified for HMAC signatures. Please specify a PublicKey or PrivateKey instance.");
key = new SecretKeySpec(keyBytes, algorithm.getJcaName());
algorithm.assertValidVerificationKey(key); //since 0.10.0: https://github.com/jwtk/jjwt/issues/334
validator = createSignatureValidator(algorithm, key);
} catch (WeakKeyException e) {
throw e;
} catch (InvalidKeyException | IllegalArgumentException e) {
String algName = algorithm.getValue();
String msg = "The parsed JWT indicates it was signed with the " + algName + " signature " +
"algorithm, but the specified signing key of type " + key.getClass().getName() +代码示例来源:origin: jwtk/jjwt
protected Signature getSignatureInstance() throws NoSuchAlgorithmException {
return Signature.getInstance(alg.getJcaName());
}代码示例来源:origin: prestodb/presto
@Override
public Key apply(JwsHeader<?> header)
{
SignatureAlgorithm algorithm = SignatureAlgorithm.forName(header.getAlgorithm());
return key.getKey(algorithm);
}
}代码示例来源:origin: jwtk/jjwt
protected Mac getMacInstance() throws SignatureException {
try {
return doGetMacInstance();
} catch (NoSuchAlgorithmException e) {
String msg = "Unable to obtain JCA MAC algorithm '" + alg.getJcaName() + "': " + e.getMessage();
throw new SignatureException(msg, e);
} catch (InvalidKeyException e) {
String msg = "The specified signing key is not a valid " + alg.name() + " key: " + e.getMessage();
throw new SignatureException(msg, e);
}
}代码示例来源:origin: jwtk/jjwt
protected Signature createSignatureInstance() {
try {
return getSignatureInstance();
} catch (NoSuchAlgorithmException e) {
String msg = "Unavailable " + alg.getFamilyName() + " Signature algorithm '" + alg.getJcaName() + "'.";
if (!alg.isJdkStandard() && !isBouncyCastleAvailable()) {
msg += " This is not a standard JDK algorithm. Try including BouncyCastle in the runtime classpath.";
}
throw new SignatureException(msg, e);
}
}代码示例来源:origin: cn.home1/oss-lib-common-spring-boot-1.4.2.RELEASE
public JwtKey(final KeyExpression keyExpression) {
this.keyExpression = keyExpression;
this.signatureAlgorithm = SignatureAlgorithm.forName(this.keyExpression.getSpec());
this.signatureKey = new SecretKeySpec( //
TextCodec.BASE64.decode(this.keyExpression.getValue()), //
this.signatureAlgorithm.getJcaName() //
);
}代码示例来源:origin: jwtk/jjwt
/**
* Creates a new SecretKey instance for use with HMAC-SHA algorithms based on the specified key byte array.
*
* @param bytes the key byte array
* @return a new SecretKey instance for use with HMAC-SHA algorithms based on the specified key byte array.
* @throws WeakKeyException if the key byte array length is less than 256 bits (32 bytes) as mandated by the
* <a href="https://tools.ietf.org/html/rfc7518#section-3.2">JWT JWA Specification
* (RFC 7518, Section 3.2)</a>
*/
public static SecretKey hmacShaKeyFor(byte[] bytes) throws WeakKeyException {
if (bytes == null) {
throw new InvalidKeyException("SecretKey byte array cannot be null.");
}
int bitLength = bytes.length * 8;
for (SignatureAlgorithm alg : PREFERRED_HMAC_ALGS) {
if (bitLength >= alg.getMinKeyLength()) {
return new SecretKeySpec(bytes, alg.getJcaName());
}
}
String msg = "The specified key byte array is " + bitLength + " bits which " +
"is not secure enough for any JWT HMAC-SHA algorithm. The JWT " +
"JWA Specification (RFC 7518, Section 3.2) states that keys used with HMAC-SHA algorithms MUST have a " +
"size >= 256 bits (the key size must be greater than or equal to the hash " +
"output size). Consider using the " + Keys.class.getName() + "#secretKeyFor(SignatureAlgorithm) method " +
"to create a key guaranteed to be secure enough for your preferred HMAC-SHA algorithm. See " +
"https://tools.ietf.org/html/rfc7518#section-3.2 for more information.";
throw new WeakKeyException(msg);
}代码示例来源:origin: io.jsonwebtoken/jjwt
key = new SecretKeySpec(keyBytes, algorithm.getJcaName());
jwsHeader.setAlgorithm(algorithm.getValue());
} else {
jwsHeader.setAlgorithm(SignatureAlgorithm.NONE.getValue());代码示例来源:origin: com.holon-platform.core/holon-auth-jwt
? SignatureAlgorithm.forName(jwtSignatureAlgorithm.getValue())
: SignatureAlgorithm.NONE;
if (sharedKey == null) {
throw new InvalidJwtConfigurationException("A shared (symmetric) key is "
+ "required for signature algorithm " + signatureAlgorithm.getDescription());
"Unsupported JWT signature algorithm: " + signatureAlgorithm.getValue()));代码示例来源:origin: jwtk/jjwt
/**
* Returns the expected signature byte array length (R + S parts) for
* the specified ECDSA algorithm.
*
* @param alg The ECDSA algorithm. Must be supported and not
* {@code null}.
* @return The expected byte array length for the signature.
* @throws JwtException If the algorithm is not supported.
*/
public static int getSignatureByteArrayLength(final SignatureAlgorithm alg)
throws JwtException {
switch (alg) {
case ES256:
return 64;
case ES384:
return 96;
case ES512:
return 132;
default:
throw new JwtException("Unsupported Algorithm: " + alg.name());
}
}代码示例来源:origin: jwtk/jjwt
public MacSigner(SignatureAlgorithm alg, Key key) {
super(alg, key);
Assert.isTrue(alg.isHmac(), "The MacSigner only supports HMAC signature algorithms.");
if (!(key instanceof SecretKey)) {
String msg = "MAC signatures must be computed and verified using a SecretKey. The specified key of " +
"type " + key.getClass().getName() + " is not a SecretKey.";
throw new IllegalArgumentException(msg);
}
}代码示例来源:origin: line/line-sdk-android
private Key resolveSigningKey(final JwsHeader header) {
final LineApiResponse<JWKSet> response = apiClient.getJWKSet();
if (!response.isSuccess()) {
Log.e(TAG, "failed to get LINE JSON Web Key Set [JWK] document.");
return null;
}
final JWKSet jwkSet = response.getResponseData();
final String keyId = header.getKeyId();
final JWK jwk = jwkSet.getJWK(keyId);
if (jwk == null) {
Log.e(TAG, "failed to find Key by Id: " + keyId);
return null;
}
final String algorithm = header.getAlgorithm();
final SignatureAlgorithm alg = SignatureAlgorithm.forName(algorithm);
if (alg.isEllipticCurve()) {
return generateECPublicKey(jwk);
}
throw new SecurityException("Unsupported signature algorithm '" + algorithm + '\'');
}
}代码示例来源:origin: jwtk/jjwt
jwsHeader.setAlgorithm(algorithm.getValue());
} else {
jwsHeader.setAlgorithm(SignatureAlgorithm.NONE.getValue());代码示例来源:origin: com.stormpath.sdk/stormpath-sdk-servlet
@Override
public Key getSigningKey(HttpServletRequest request, HttpServletResponse response, AuthenticationResult result, SignatureAlgorithm alg) {
Assert.isTrue(!alg.isRsa(), RSA_ERR_MSG);
Assert.isTrue(!alg.isEllipticCurve(), EC_ERR_MSG);
return getSigningKey(request, alg);
}代码示例来源:origin: jwtk/jjwt
protected EllipticCurveProvider(SignatureAlgorithm alg, Key key) {
super(alg, key);
Assert.isTrue(alg.isEllipticCurve(), "SignatureAlgorithm must be an Elliptic Curve algorithm.");
}代码示例来源:origin: io.jsonwebtoken/jjwt
String alg = jwsHeader.getAlgorithm();
if (Strings.hasText(alg)) {
algorithm = SignatureAlgorithm.forName(alg);
Assert.isTrue(algorithm.isHmac(),
"Key bytes can only be specified for HMAC signatures. Please specify a PublicKey or PrivateKey instance.");
key = new SecretKeySpec(keyBytes, algorithm.getJcaName());
validator = createSignatureValidator(algorithm, key);
} catch (IllegalArgumentException e) {
String algName = algorithm.getValue();
String msg = "The parsed JWT indicates it was signed with the " + algName + " signature " +
"algorithm, but the specified signing key of type " + key.getClass().getName() +内容来源于网络,如有侵权,请联系作者删除!
