com.nimbusds.jwt.JWT.getJWTClaimsSet()方法的使用及代码示例

x33g5p2x  于2022-01-22 转载在 其他  
字(9.5k)|赞(0)|评价(0)|浏览(312)

本文整理了Java中com.nimbusds.jwt.JWT.getJWTClaimsSet()方法的一些代码示例,展示了JWT.getJWTClaimsSet()的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。JWT.getJWTClaimsSet()方法的具体详情如下:
包路径:com.nimbusds.jwt.JWT
类名称:JWT
方法名:getJWTClaimsSet

JWT.getJWTClaimsSet介绍

[英]Gets the claims set of the JSON Web Token (JWT).
[中]获取JSON Web令牌(JWT)的声明集。

代码示例

代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server

private String getIssuer(String accessToken) {
  try {
    JWT jwt = JWTParser.parse(accessToken);
    String issuer = jwt.getJWTClaimsSet().getIssuer();
    return issuer;
  } catch (ParseException e) {
    throw new IllegalArgumentException("Unable to parse JWT", e);
  }
}

代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server

@Override
public Collection<? extends GrantedAuthority> mapAuthorities(JWT idToken, UserInfo userInfo) {
  Set<GrantedAuthority> out = new HashSet<>();
  try {
    JWTClaimsSet claims = idToken.getJWTClaimsSet();
    SubjectIssuerGrantedAuthority authority = new SubjectIssuerGrantedAuthority(claims.getSubject(), claims.getIssuer());
    out.add(authority);
    if (admins.contains(authority)) {
      out.add(ROLE_ADMIN);
    }
    // everybody's a user by default
    out.add(ROLE_USER);
  } catch (ParseException e) {
    logger.error("Unable to parse ID Token inside of authorities mapper (huh?)");
  }
  return out;
}

代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server

/**
 * Create an unauthenticated token with the given subject and jwt
 * @param subject
 * @param jwt
 */
public JWTBearerAssertionAuthenticationToken(JWT jwt) {
  super(null);
  try {
    // save the subject of the JWT in case the credentials get erased later
    this.subject = jwt.getJWTClaimsSet().getSubject();
  } catch (ParseException e) {
    // TODO Auto-generated catch block
    e.printStackTrace();
  }
  this.jwt = jwt;
  setAuthenticated(false);
}

代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server

/**
 * Create an authenticated token with the given clientID, jwt, and authorities set
 * @param subject
 * @param jwt
 * @param authorities
 */
public JWTBearerAssertionAuthenticationToken(JWT jwt, Collection<? extends GrantedAuthority> authorities) {
  super(authorities);
  try {
    // save the subject of the JWT in case the credentials get erased later
    this.subject = jwt.getJWTClaimsSet().getSubject();
  } catch (ParseException e) {
    // TODO Auto-generated catch block
    e.printStackTrace();
  }
  this.jwt = jwt;
  setAuthenticated(true);
}

代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server

/**
 * Pull the assertion out of the request and send it up to the auth manager for processing.
 */
@Override
public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException, IOException, ServletException {
  // check for appropriate parameters
  String assertionType = request.getParameter("client_assertion_type");
  String assertion = request.getParameter("client_assertion");
  try {
    JWT jwt = JWTParser.parse(assertion);
    String clientId = jwt.getJWTClaimsSet().getSubject();
    Authentication authRequest = new JWTBearerAssertionAuthenticationToken(jwt);
    return this.getAuthenticationManager().authenticate(authRequest);
  } catch (ParseException e) {
    throw new BadCredentialsException("Invalid JWT credential: " + assertion);
  }
}

代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server

@Override
public boolean isValid(JWT assertion) {
  if (!(assertion instanceof SignedJWT)) {
    // unsigned assertion
    return false;
  }
  JWTClaimsSet claims;
  try {
    claims = assertion.getJWTClaimsSet();
  } catch (ParseException e) {
    logger.debug("Invalid assertion claims");
    return false;
  }
  // make sure the issuer exists
  if (Strings.isNullOrEmpty(claims.getIssuer())) {
    logger.debug("No issuer for assertion, rejecting");
    return false;
  }
  // make sure the issuer is us
  if (!claims.getIssuer().equals(config.getIssuer())) {
    logger.debug("Issuer is not the same as this server, rejecting");
    return false;
  }
  // validate the signature based on our public key
  if (jwtService.validateSignature((SignedJWT) assertion)) {
    return true;
  } else {
    return false;
  }
}

代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server

@Override
public boolean isValid(JWT assertion) {
  if (!(assertion instanceof SignedJWT)) {
    // unsigned assertion
    return false;
  }
  JWTClaimsSet claims;
  try {
    claims = assertion.getJWTClaimsSet();
  } catch (ParseException e) {
    logger.debug("Invalid assertion claims");
    return false;
  }
  if (Strings.isNullOrEmpty(claims.getIssuer())) {
    logger.debug("No issuer for assertion, rejecting");
    return false;
  }
  if (!whitelist.containsKey(claims.getIssuer())) {
    logger.debug("Issuer is not in whitelist, rejecting");
    return false;
  }
  String jwksUri = whitelist.get(claims.getIssuer());
  JWTSigningAndValidationService validator = jwkCache.getValidator(jwksUri);
  if (validator.validateSignature((SignedJWT) assertion)) {
    return true;
  } else {
    return false;
  }
}

代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server

idTokenClaims = idToken.getJWTClaimsSet();

代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server

@Override
public OAuth2Request createOAuth2Request(ClientDetails client, TokenRequest tokenRequest, JWT assertion) {
  try {
    JWTClaimsSet claims = assertion.getJWTClaimsSet();
    Set<String> scope = OAuth2Utils.parseParameterList(claims.getStringClaim("scope"));
    Set<String> resources = Sets.newHashSet(claims.getAudience());
    return new OAuth2Request(tokenRequest.getRequestParameters(), client.getClientId(), client.getAuthorities(), true, scope, resources, null, null, null);
  } catch (ParseException e) {
    return null;
  }
}

代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server

private OAuth2AccessTokenEntity fetchValidRegistrationToken(OAuth2Authentication auth, ClientDetailsEntity client) {
  OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails) auth.getDetails();
  OAuth2AccessTokenEntity token = tokenService.readAccessToken(details.getTokenValue());
  if (config.getRegTokenLifeTime() != null) {
    try {
      // Re-issue the token if it has been issued before [currentTime - validity]
      Date validToDate = new Date(System.currentTimeMillis() - config.getRegTokenLifeTime() * 1000);
      if(token.getJwt().getJWTClaimsSet().getIssueTime().before(validToDate)) {
        logger.info("Rotating the registration access token for " + client.getClientId());
        tokenService.revokeAccessToken(token);
        OAuth2AccessTokenEntity newToken = connectTokenService.createResourceAccessToken(client);
        tokenService.saveAccessToken(newToken);
        return newToken;
      } else {
        // it's not expired, keep going
        return token;
      }
    } catch (ParseException e) {
      logger.error("Couldn't parse a known-valid token?", e);
      return token;
    }
  } else {
    // tokens don't expire, just return it
    return token;
  }
}

代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server

private OAuth2AccessTokenEntity rotateRegistrationTokenIfNecessary(OAuth2Authentication auth, ClientDetailsEntity client) {
  OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails) auth.getDetails();
  OAuth2AccessTokenEntity token = tokenService.readAccessToken(details.getTokenValue());
  if (config.getRegTokenLifeTime() != null) {
    try {
      // Re-issue the token if it has been issued before [currentTime - validity]
      Date validToDate = new Date(System.currentTimeMillis() - config.getRegTokenLifeTime() * 1000);
      if(token.getJwt().getJWTClaimsSet().getIssueTime().before(validToDate)) {
        logger.info("Rotating the registration access token for " + client.getClientId());
        tokenService.revokeAccessToken(token);
        OAuth2AccessTokenEntity newToken = connectTokenService.createRegistrationAccessToken(client);
        tokenService.saveAccessToken(newToken);
        return newToken;
      } else {
        // it's not expired, keep going
        return token;
      }
    } catch (ParseException e) {
      logger.error("Couldn't parse a known-valid token?", e);
      return token;
    }
  } else {
    // tokens don't expire, just return it
    return token;
  }
}

代码示例来源:origin: apache/nifi

claimsSet = successResponse.getUserInfo().toJWTClaimsSet();
} else {
  claimsSet = successResponse.getUserInfoJWT().getJWTClaimsSet();

代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server

JWTClaimsSet idClaims = idToken.getJWTClaimsSet();

代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server

JWTClaimsSet claims = jwt.getJWTClaimsSet();

代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server

JWTClaimsSet jwtClaims = jwt.getJWTClaimsSet();

代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server

JWTClaimsSet claimSet = newClient.getSoftwareStatement().getJWTClaimsSet();
for (String claim : claimSet.getClaims().keySet()) {
  switch (claim) {

代码示例来源:origin: mitreid-connect/OpenID-Connect-Java-Spring-Server

JWTClaimsSet claimSet = newClient.getSoftwareStatement().getJWTClaimsSet();
for (String claim : claimSet.getClaims().keySet()) {
  switch (claim) {

代码示例来源:origin: org.mitre/openid-connect-client

private String getIssuer(String accessToken) {
  try {
    JWT jwt = JWTParser.parse(accessToken);
    String issuer = jwt.getJWTClaimsSet().getIssuer();
    return issuer;
  } catch (ParseException e) {
    throw new IllegalArgumentException("Unable to parse JWT", e);
  }
}

代码示例来源:origin: org.wso2.carbon.identity.inbound.auth.oauth2/org.wso2.carbon.identity.oauth

@Override
public String getAccessTokenHash(String accessToken) throws OAuthSystemException {
  try {
    JWT parse = JWTParser.parse(accessToken);
    return parse.getJWTClaimsSet().getJWTID();
  } catch (ParseException e) {
    if (log.isDebugEnabled() && IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.ACCESS_TOKEN)) {
      log.debug("Error while getting JWTID from token: " + accessToken);
    }
    throw new OAuthSystemException("Error while getting access token hash", e);
  }
}

代码示例来源:origin: org.mitre/openid-connect-server

@Override
public OAuth2Request createOAuth2Request(ClientDetails client, TokenRequest tokenRequest, JWT assertion) {
  try {
    JWTClaimsSet claims = assertion.getJWTClaimsSet();
    Set<String> scope = OAuth2Utils.parseParameterList(claims.getStringClaim("scope"));
    Set<String> resources = Sets.newHashSet(claims.getAudience());
    return new OAuth2Request(tokenRequest.getRequestParameters(), client.getClientId(), client.getAuthorities(), true, scope, resources, null, null, null);
  } catch (ParseException e) {
    return null;
  }
}

相关文章