public String createSignedRequestToken(String clientId, String realmInfoUrl) { JsonWebToken jwt = createRequestToken(clientId, realmInfoUrl); // JOSE header {"alg":"HS256","typ" : "JWT"} no need "kid" due to using only one registered client secret. // Use "HmacSHA256" consulting <a href="https://docs.oracle.com/javase/jp/8/docs/api/javax/crypto/Mac.html">java8 api</a>. // because it must be implemented in every java platform. return new JWSBuilder().jsonContent(jwt).hmac256(clientSecret); }
public String none() { StringBuilder buffer = new StringBuilder(); byte[] data = marshalContent(); encode(Algorithm.none, data, buffer); return encodeAll(buffer, null); }
protected void encode(String sigAlgName, byte[] data, StringBuilder encoding) { encoding.append(encodeHeader(sigAlgName)); encoding.append('.'); encoding.append(Base64Url.encode(data)); }
public String createSignedRequestToken(String clientId, String realmInfoUrl) { JsonWebToken jwt = createRequestToken(clientId, realmInfoUrl); return new JWSBuilder() .kid(publicKeyJwk.getKeyId()) .jsonContent(jwt) .rsa256(keyPair.getPrivate()); }
public static void verify(String privateKeyPem, String publicKeyPem) throws VerificationException { PrivateKey privateKey; try { privateKey = PemUtils.decodePrivateKey(privateKeyPem); } catch (Exception e) { throw new VerificationException("Failed to decode private key"); } PublicKey publicKey; try { publicKey = PemUtils.decodePublicKey(publicKeyPem); } catch (Exception e) { throw new VerificationException("Failed to decode public key"); } try { String jws = new JWSBuilder().content("content".getBytes()).rsa256(privateKey); if (!RSAProvider.verify(new JWSInput(jws), publicKey)) { throw new VerificationException("Keys don't match"); } } catch (Exception e) { throw new VerificationException("Keys don't match"); } }
protected void encode(Algorithm alg, byte[] data, StringBuilder encoding) { encode(alg.name(), data, encoding); }
public static String getSignedRequestToken(String keystore, String storePass, String keyPass, String alias, int sigLifetime, String clientId, String realmInfoUrl) { KeyPair keypair = KeystoreUtil.loadKeyPairFromKeystore(keystore, storePass, keyPass, alias, KeystoreUtil.KeystoreFormat.JKS); JsonWebToken reqToken = new JsonWebToken(); reqToken.id(UUID.randomUUID().toString()); reqToken.issuer(clientId); reqToken.subject(clientId); reqToken.audience(realmInfoUrl); int now = Time.currentTime(); reqToken.issuedAt(now); reqToken.expiration(now + sigLifetime); reqToken.notBefore(now); String signedRequestToken = new JWSBuilder() .jsonContent(reqToken) .rsa256(keypair.getPrivate()); return signedRequestToken; } }
@Deprecated public String hmac384(SecretKey sharedSecret) { StringBuilder buffer = new StringBuilder(); byte[] data = marshalContent(); encode(Algorithm.HS384, data, buffer); byte[] signature = null; try { signature = HMACProvider.sign(buffer.toString().getBytes("UTF-8"), Algorithm.HS384, sharedSecret); } catch (UnsupportedEncodingException e) { throw new RuntimeException(e); } return encodeAll(buffer, signature); }
public static String getSignedRequestToken(String keystore, String storePass, String keyPass, String alias, int sigLifetime, String clientId, String realmInfoUrl) { KeyPair keypair = KeystoreUtil.loadKeyPairFromKeystore(keystore, storePass, keyPass, alias, KeystoreUtil.KeystoreFormat.JKS); JsonWebToken reqToken = new JsonWebToken(); reqToken.id(UUID.randomUUID().toString()); reqToken.issuer(clientId); reqToken.subject(clientId); reqToken.audience(realmInfoUrl); int now = Time.currentTime(); reqToken.issuedAt(now); reqToken.expiration(now + sigLifetime); reqToken.notBefore(now); String signedRequestToken = new JWSBuilder() .jsonContent(reqToken) .rsa256(keypair.getPrivate()); return signedRequestToken; } }
@Deprecated public String hmac512(byte[] sharedSecret) { StringBuilder buffer = new StringBuilder(); byte[] data = marshalContent(); encode(Algorithm.HS512, data, buffer); byte[] signature = null; try { signature = HMACProvider.sign(buffer.toString().getBytes("UTF-8"), Algorithm.HS512, sharedSecret); } catch (UnsupportedEncodingException e) { throw new RuntimeException(e); } return encodeAll(buffer, signature); }
String jwt = new JWSBuilder() .jsonContent(token) .rsa256(keyPair.getPrivate());
@Deprecated public String hmac256(SecretKey sharedSecret) { StringBuilder buffer = new StringBuilder(); byte[] data = marshalContent(); encode(Algorithm.HS256, data, buffer); byte[] signature = null; try { signature = HMACProvider.sign(buffer.toString().getBytes("UTF-8"), Algorithm.HS256, sharedSecret); } catch (UnsupportedEncodingException e) { throw new RuntimeException(e); } return encodeAll(buffer, signature); }
@Deprecated public String hmac256(byte[] sharedSecret) { StringBuilder buffer = new StringBuilder(); byte[] data = marshalContent(); encode(Algorithm.HS256, data, buffer); byte[] signature = null; try { signature = HMACProvider.sign(buffer.toString().getBytes("UTF-8"), Algorithm.HS256, sharedSecret); } catch (UnsupportedEncodingException e) { throw new RuntimeException(e); } return encodeAll(buffer, signature); }
@Deprecated public String hmac384(byte[] sharedSecret) { StringBuilder buffer = new StringBuilder(); byte[] data = marshalContent(); encode(Algorithm.HS384, data, buffer); byte[] signature = null; try { signature = HMACProvider.sign(buffer.toString().getBytes("UTF-8"), Algorithm.HS384, sharedSecret); } catch (UnsupportedEncodingException e) { throw new RuntimeException(e); } return encodeAll(buffer, signature); }
@Deprecated public String sign(Algorithm algorithm, PrivateKey privateKey) { StringBuilder buffer = new StringBuilder(); byte[] data = marshalContent(); encode(algorithm, data, buffer); byte[] signature = null; try { signature = RSAProvider.sign(buffer.toString().getBytes("UTF-8"), algorithm, privateKey); } catch (UnsupportedEncodingException e) { throw new RuntimeException(e); } return encodeAll(buffer, signature); }
@Deprecated public String hmac512(SecretKey sharedSecret) { StringBuilder buffer = new StringBuilder(); byte[] data = marshalContent(); encode(Algorithm.HS512, data, buffer); byte[] signature = null; try { signature = HMACProvider.sign(buffer.toString().getBytes("UTF-8"), Algorithm.HS512, sharedSecret); } catch (UnsupportedEncodingException e) { throw new RuntimeException(e); } return encodeAll(buffer, signature); } }
public String sign(SignatureSignerContext signer) { kid = signer.getKid(); StringBuilder buffer = new StringBuilder(); byte[] data = marshalContent(); encode(signer.getAlgorithm(), data, buffer); byte[] signature = null; try { signature = signer.sign(buffer.toString().getBytes("UTF-8")); } catch (Exception e) { throw new RuntimeException(e); } return encodeAll(buffer, signature); }