@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
final Jwt unvalidatedJwt;
try {
unvalidatedJwt = new SimpleJwtParser().parse(authentication.getCredentials().toString());
} catch (JwtParseException e) {
throw new BadCredentialsException("Invalid JWT", e);
}
final TenantContext tenantContext = clientRegistry.get(unvalidatedJwt.getIssuer()).get();
final String rawJwt = (String) authentication.getCredentials();
NimbusMacJwtReader reader = new NimbusMacJwtReader(tenantContext.getSharedSecret());
try {
final com.atlassian.jwt.Jwt verifiedJwt = reader.readAndVerify(rawJwt, Collections.<String, JwtClaimVerifier>emptyMap());
final TenantRequestContext tenantRequestContext = TenantRequestContext.initialise(tenantContext, verifiedJwt);
final JwtAuthentication jwtAuthentication = new JwtAuthentication(authentication.getPrincipal().toString(), verifiedJwt, tenantRequestContext);
log.info("Authenticated with JWT as principal {} from issuer {}", jwtAuthentication.getPrincipal(), verifiedJwt.getIssuer());
return jwtAuthentication;
} catch (JwtParseException | JwtVerificationException e) {
throw new BadCredentialsException("Invalid JWT", e);
}
}
}