@Override public AuthDataPair decrypt(String encrypted, PrivateKey privateKey) { try { RSADecrypter decrypter = new RSADecrypter(privateKey); JWEObject object = JWEObject.parse(encrypted); object.decrypt(decrypter); return objectMapper.readValue(object.getPayload().toString(), AuthDataPair.class); } catch (IOException | ParseException | JOSEException e) { throw new SecurityException("Error decrypting auth tokens", e); } } }
/** * Creates a new unsecured (plain) JSON Web Token (JWT) with the * specified header and claims set. * * @param header The unsecured header. Must not be {@code null}. * @param claimsSet The JWT claims set. Must not be {@code null}. */ public PlainJWT(final PlainHeader header, final JWTClaimsSet claimsSet) { super(header, new Payload(claimsSet.toJSONObject())); }
@Nonnull @Override public Jwt parse(String jwt) throws JwtParseException { JWSObject jwsObject = parseJWSObject(jwt); try { JWTClaimsSet claims = JWTClaimsSet.parse(jwsObject.getPayload().toJSONObject()); return new SimpleJwt(claims.getIssuer(), claims.getSubject(), jwsObject.getPayload().toString()); } catch (ParseException e) { throw new JwtParseException(e); } }
/** * Returns a byte array representation of this payload. * * @return The byte array representation. */ public byte[] toBytes() { if (bytes != null) { return bytes; } // Convert if (base64URL != null) { return base64URL.decode(); } return stringToByteArray(toString()); }
@Override public JWTClaimsSet getJWTClaimsSet() throws ParseException { JSONObject json = getPayload().toJSONObject(); if (json == null) { throw new ParseException("Payload of unsecured JOSE object is not a valid JSON object", 0); } return JWTClaimsSet.parse(json); }
public IdentityReference deserialize(String token) throws Exception { String sToken = new String(Base64.getDecoder().decode(token)); // Parse the JWE string JWEObject jweObject = JWEObject.parse(sToken); // Decrypt with shared key jweObject.decrypt(new DirectDecrypter(secretKey.getEncoded())); // Extract payload SignedJWT signedJWT = jweObject.getPayload().toSignedJWT(); // Check the HMAC signedJWT.verify(new MACVerifier(secretKey.getEncoded())); // Retrieve the JWT claims return new IdentityReference(signedJWT.getJWTClaimsSet().getIssuer(), signedJWT.getJWTClaimsSet().getSubject()); } }
/** * Returns a Base64URL representation of this payload. * * @return The Base64URL representation. */ public Base64URL toBase64URL() { if (base64URL != null) { return base64URL; } // Convert return Base64URL.encode(toBytes()); }
/** * Creates a new to-be-encrypted JSON Web Token (JWT) with the specified * header and claims set. The initial state will be * {@link com.nimbusds.jose.JWEObject.State#UNENCRYPTED unencrypted}. * * @param header The JWE header. Must not be {@code null}. * @param claimsSet The JWT claims set. Must not be {@code null}. */ public EncryptedJWT(final JWEHeader header, final JWTClaimsSet claimsSet) { super(header, new Payload(claimsSet.toJSONObject())); }
public SimpleUnverifiedJwt parse(String jwt) throws JwtParseException { JWSObject jwsObject = parseJWSObject(jwt); try { JWTClaimsSet claims = JWTClaimsSet.parse(jwsObject.getPayload().toJSONObject()); return new SimpleUnverifiedJwt(jwsObject.getHeader().getAlgorithm().getName(), claims.getIssuer(), claims.getSubject(), jwsObject.getPayload().toString()); } catch (ParseException e) { throw new JwtParseException(e); } }
@Override public JWTClaimsSet getJWTClaimsSet() throws ParseException { JSONObject json = getPayload().toJSONObject(); if (json == null) { throw new ParseException("Payload of JWS object is not a valid JSON object", 0); } return JWTClaimsSet.parse(json); }
public IdentityReference deserialize(String token) throws Exception { String sToken = new String(Base64.getDecoder().decode(token)); // Parse the JWE string JWEObject jweObject = JWEObject.parse(sToken); // Decrypt with shared key jweObject.decrypt(new DirectDecrypter(secretKey.getEncoded())); // Extract payload SignedJWT signedJWT = jweObject.getPayload().toSignedJWT(); // Check the HMAC signedJWT.verify(new MACVerifier(secretKey.getEncoded())); // Retrieve the JWT claims return new IdentityReference(signedJWT.getJWTClaimsSet().getIssuer(), signedJWT.getJWTClaimsSet().getSubject()); } }
@Override public Optional<DecryptedData> decryptData(byte[] data, String password) { try { SecretKey key = getSecretKey(password); JWEObject jweObject = JWEObject.parse(new String(data)); JWEDecrypter decrypter = new AESDecrypter(key.getEncoded()); jweObject.decrypt(decrypter); return Optional.of(new DecryptedData(jweObject.getPayload().toBytes())); } catch (Exception e) { log.error("Error encryption data. Data can't be parsed : {}", e); } return Optional.empty(); }
/** * Creates a new to-be-signed JSON Web Token (JWT) with the specified * header and claims set. The initial state will be * {@link com.nimbusds.jose.JWSObject.State#UNSIGNED unsigned}. * * @param header The JWS header. Must not be {@code null}. * @param claimsSet The JWT claims set. Must not be {@code null}. */ public SignedJWT(final JWSHeader header, final JWTClaimsSet claimsSet) { super(header, new Payload(claimsSet.toJSONObject())); }
@Override public String getPayload() { Payload payload = jwt.getPayload(); return payload.toString(); }
@Override public JWTClaimsSet getJWTClaimsSet() throws ParseException { Payload payload = getPayload(); if (payload == null) { return null; } JSONObject json = payload.toJSONObject(); if (json == null) { throw new ParseException("Payload of JWE object is not a valid JSON object", 0); } return JWTClaimsSet.parse(json); }
public static JWTClaimsSet deserialize(String serializedToken, byte[] key) { try { JWEObject jweObject = JWEObject.parse(serializedToken); jweObject.decrypt(new DirectDecrypter(key)); SignedJWT signedJWT = jweObject.getPayload().toSignedJWT(); signedJWT.verify(new MACVerifier(key)); JWTClaimsSet jwtClaimsSet = signedJWT.getJWTClaimsSet(); return jwtClaimsSet; } catch (ParseException e) { throw new IllegalStateException(e); } catch (JOSEException e) { throw new IllegalStateException(e); } } }
@Override public Optional<DecryptedData> decryptData(byte[] data, String password) { try { SecretKey key = getSecretKey(password); JWEObject jweObject = JWEObject.parse(new String(data)); JWEDecrypter decrypter = new AESDecrypter(key.getEncoded()); jweObject.decrypt(decrypter); return Optional.of(new DecryptedData(jweObject.getPayload().toBytes())); } catch (Exception e) { log.error("Error encryption data. Data can't be parsed : {}", e); } return Optional.empty(); }
/** * Creates a new unsecured (plain) JSON Web Token (JWT) with a default * {@link com.nimbusds.jose.PlainHeader} and the specified claims * set. * * @param claimsSet The JWT claims set. Must not be {@code null}. */ public PlainJWT(final JWTClaimsSet claimsSet) { super(new Payload(claimsSet.toJSONObject())); }
@Override public String getPayload() { Payload payload = jwt.getPayload(); return payload.toString(); }
private Map<String, Object> getJSONObject(JOSEObject jose, boolean encrypted) throws TokenException { Long exp = (Long) jose.getPayload().toJSONObject().get("exp"); if (exp != null && exp * 1000 <= System.currentTimeMillis()) { throw new TokenException("Expired Token"); } return jose.getPayload().toJSONObject(); }