throw new InvalidJwtException("MalformedClaimException", new ErrorCodeValidator.Error(ErrorCodes.MALFORMED_CLAIM, "Invalid ExpirationTime Format"), e, jwtContext);
logger.info("Rejected invalid OpenID token: {}", e.getMessage()); logger.debug("Invalid JWT received.", e);
/** * Indicates if the JWT was invalid because it had expired * (i.e. the expiration time "exp" claim identified a time in the past). * This is equivalent to calling * <code>hasErrorCode(ErrorCodes.EXPIRED)</code> * @return true if expiration is one of the reasons for the JWT being invalid and false otherwise */ public boolean hasExpired() { return hasErrorCode(ErrorCodes.EXPIRED); }
private JwtClaims(String jsonClaims, JwtContext jwtContext) throws InvalidJwtException { rawJson = jsonClaims; try { Map<String, Object> parsed = JsonUtil.parseJson(jsonClaims); claimsMap = new LinkedHashMap<>(parsed); } catch (JoseException e) { String msg = "Unable to parse what was expected to be the JWT Claim Set JSON: \"" + jsonClaims + "\""; ErrorCodeValidator.Error error = new ErrorCodeValidator.Error(ErrorCodes.JSON_INVALID, "Invalid JSON."); throw new InvalidJwtException(msg, error, e, jwtContext); } }
LOGGER.warn("Error decoding credentials: " + ex.getMessage(), ex); } catch (AuthenticationException ex) { LOGGER.warn("Error authenticating credentials", ex);
void validate(JwtContext jwtCtx) throws InvalidJwtException { List<ErrorCodeValidator.Error> issues = new ArrayList<>(); for (ErrorCodeValidator validator : validators) { ErrorCodeValidator.Error error; try { error = validator.validate(jwtCtx); } catch (MalformedClaimException e) { error = new ErrorCodeValidator.Error(MALFORMED_CLAIM, e.getMessage()); } catch (Exception e) { String msg = "Unexpected exception thrown from validator " + validator.getClass().getName() + ": " + ExceptionHelp.toStringWithCausesAndAbbreviatedStack(e, this.getClass()); error = new ErrorCodeValidator.Error(MISCELLANEOUS, msg); } if (error != null) { issues.add(error); } } if (!issues.isEmpty()) { String msg = "JWT (claims->" + jwtCtx.getJwtClaims().getRawJson() + ") rejected due to invalid claims."; throw new InvalidJwtException(msg, issues, jwtCtx); } }
LOGGER.warn("Error decoding credentials: " + ex.getMessage(), ex); } catch (AuthenticationException ex) { LOGGER.warn("Error authenticating credentials", ex);
throw new InvalidJwtException("The resolved decryption key is different than the one originally used to decrypt the JWE.", errors, jwtContext); throw new InvalidJwtException("JWT processing failed." , error, e, jwtContext); throw new InvalidJwtException("JWT processing failed." , error, e, jwtContext); throw new InvalidJwtException("The JWT has no signature but the JWT Consumer is configured to require one: " + jwtContext.getJwt(), errors, jwtContext); throw new InvalidJwtException("The JWT has no encryption but the JWT Consumer is configured to require it: " + jwtContext.getJwt(), errors, jwtContext); throw new InvalidJwtException("The JWT has no integrity protection (signature/MAC or symmetric AEAD encryption) " + "but the JWT Consumer is configured to require it: " + jwtContext.getJwt(), errors, jwtContext);
throw new InvalidJwtException("JWT processing failed.", error, e, jwtContext); throw new InvalidJwtException("JWT processing failed.", error, e, jwtContext);
throw new InvalidJwtException("MalformedClaimException", new ErrorCodeValidator.Error(ErrorCodes.MALFORMED_CLAIM, "Invalid ExpirationTime Format"), e, jwtContext);