org.springframework.security.oauth2.jwt.Jwt.getAudience()方法的使用及代码示例

x33g5p2x  于2022-01-22 转载在 其他  
字(4.0k)|赞(0)|评价(0)|浏览(378)

本文整理了Java中org.springframework.security.oauth2.jwt.Jwt.getAudience()方法的一些代码示例,展示了Jwt.getAudience()的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。Jwt.getAudience()方法的具体详情如下:
包路径:org.springframework.security.oauth2.jwt.Jwt
类名称:Jwt
方法名:getAudience

Jwt.getAudience介绍

暂无

代码示例

代码示例来源:origin: spring-projects/spring-security

private static Map<String, Object> validateRequiredClaims(Jwt idToken) {
    Map<String, Object> requiredClaims = new HashMap<>();

    URL issuer = idToken.getIssuer();
    if (issuer == null) {
      requiredClaims.put(IdTokenClaimNames.ISS, issuer);
    }
    String subject = idToken.getSubject();
    if (subject == null) {
      requiredClaims.put(IdTokenClaimNames.SUB, subject);
    }
    List<String> audience = idToken.getAudience();
    if (CollectionUtils.isEmpty(audience)) {
      requiredClaims.put(IdTokenClaimNames.AUD, audience);
    }
    Instant expiresAt = idToken.getExpiresAt();
    if (expiresAt == null) {
      requiredClaims.put(IdTokenClaimNames.EXP, expiresAt);
    }
    Instant issuedAt = idToken.getIssuedAt();
    if (issuedAt == null) {
      requiredClaims.put(IdTokenClaimNames.IAT, issuedAt);
    }

    return requiredClaims;
  }
}

代码示例来源:origin: spring-projects/spring-security

if (!idToken.getAudience().contains(this.clientRegistration.getClientId())) {
  invalidClaims.put(IdTokenClaimNames.AUD, idToken.getAudience());
if (idToken.getAudience().size() > 1 && authorizedParty == null) {
  invalidClaims.put(IdTokenClaimNames.AZP, authorizedParty);

代码示例来源:origin: spring-projects/spring-security

@Test
  public void constructorWhenParametersProvidedAndValidThenCreated() {
    Jwt jwt = new Jwt(JWT_TOKEN_VALUE, Instant.ofEpochMilli(IAT_VALUE),
      Instant.ofEpochMilli(EXP_VALUE), HEADERS, CLAIMS);

    assertThat(jwt.getTokenValue()).isEqualTo(JWT_TOKEN_VALUE);
    assertThat(jwt.getHeaders()).isEqualTo(HEADERS);
    assertThat(jwt.getClaims()).isEqualTo(CLAIMS);
    assertThat(jwt.getIssuer().toString()).isEqualTo(ISS_VALUE);
    assertThat(jwt.getSubject()).isEqualTo(SUB_VALUE);
    assertThat(jwt.getAudience()).isEqualTo(AUD_VALUE);
    assertThat(jwt.getExpiresAt().toEpochMilli()).isEqualTo(EXP_VALUE);
    assertThat(jwt.getNotBefore().getEpochSecond()).isEqualTo(NBF_VALUE);
    assertThat(jwt.getIssuedAt().toEpochMilli()).isEqualTo(IAT_VALUE);
    assertThat(jwt.getId()).isEqualTo(JTI_VALUE);
  }
}

代码示例来源:origin: spring-cloud/spring-cloud-gcp

@Override
public OAuth2TokenValidatorResult validate(Jwt t) {
  if (t.getAudience() != null && t.getAudience().contains(this.audience)) {
    return OAuth2TokenValidatorResult.success();
  }
  else {
    if (LOGGER.isWarnEnabled()) {
      LOGGER.warn(String.format(
          "Expected audience %s did not match token audience %s", this.audience, t.getAudience()));
    }
    return OAuth2TokenValidatorResult.failure(INVALID_AUDIENCE);
  }
}

代码示例来源:origin: org.springframework.cloud/spring-cloud-gcp-security-iap

@Override
public OAuth2TokenValidatorResult validate(Jwt t) {
  if (t.getAudience() != null && t.getAudience().contains(this.audience)) {
    return OAuth2TokenValidatorResult.success();
  }
  else {
    if (LOGGER.isWarnEnabled()) {
      LOGGER.warn(String.format(
          "Expected audience %s did not match token audience %s", this.audience, t.getAudience()));
    }
    return OAuth2TokenValidatorResult.failure(INVALID_AUDIENCE);
  }
}

代码示例来源:origin: okta/okta-spring-boot

@Bean
@ConditionalOnMissingBean
JwtDecoder jwtDecoder(OAuth2ResourceServerProperties oAuth2ResourceServerProperties,
           OktaOAuth2Properties oktaOAuth2Properties) {
  List<OAuth2TokenValidator<Jwt>> validators = new ArrayList<>();
    validators.add(new JwtTimestampValidator());
    validators.add(new JwtIssuerValidator(oAuth2ResourceServerProperties.getJwt().getIssuerUri()));
    validators.add(token -> {
      Set<String> expectedAudience = new HashSet<>();
      expectedAudience.add(oktaOAuth2Properties.getAudience());
      return !Collections.disjoint(token.getAudience(), expectedAudience)
          ? OAuth2TokenValidatorResult.success()
          : OAuth2TokenValidatorResult.failure(INVALID_AUDIENCE);
    });
    OAuth2TokenValidator<Jwt> validator = new DelegatingOAuth2TokenValidator<>(validators);
    NimbusJwtDecoderJwkSupport decoder = new NimbusJwtDecoderJwkSupport(oAuth2ResourceServerProperties.getJwt().getJwkSetUri());
    decoder.setJwtValidator(validator);
    decoder.setRestOperations(restOperations());
    return decoder;
}

相关文章