JWSHeader.Builder headerBuilder = new JWSHeader.Builder((JWSAlgorithm) signatureAlgorithm); headerBuilder.keyID(getThumbPrint(tenantDomain, tenantId)); headerBuilder.x509CertThumbprint(new Base64URL(getThumbPrint(tenantDomain, tenantId))); SignedJWT signedJWT = new SignedJWT(headerBuilder.build(), jwtClaimsSet); signedJWT.sign(signer);
header = header.x509CertURL(JSONObjectUtils.getURI(jsonObject, name)); } else if("x5t".equals(name)) { header = header.x509CertThumbprint(new Base64URL(JSONObjectUtils.getString(jsonObject, name))); } else if("x5t#S256".equals(name)) { header = header.x509CertSHA256Thumbprint(new Base64URL(JSONObjectUtils.getString(jsonObject, name)));
certs.add(new Base64(credential.getPublicCertificate())); builder.x509CertChain(certs); builder.x509CertThumbprint(new Base64URL(credential .getPublicCertificateHash())); jwt = new SignedJWT(builder.build(), claimsSet);
String certThumbPrint = OAuth2Util.getThumbPrint(tenantDomain, tenantId); headerBuilder.keyID(certThumbPrint); headerBuilder.x509CertThumbprint(new Base64URL(certThumbPrint)); SignedJWT signedJWT = new SignedJWT(headerBuilder.build(), jwtClaimsSet); signedJWT.sign(signer);
certs.add(new Base64(credential.getPublicCertificate())); builder.x509CertChain(certs); builder.x509CertThumbprint(new Base64URL(credential .getPublicCertificateHash())); jwt = new SignedJWT(builder.build(), claimsSet);
certs.add(new Base64(credential.getPublicCertificate())); builder.x509CertChain(certs); builder.x509CertThumbprint(new Base64URL(credential .getPublicCertificateHash())); jwt = new SignedJWT(builder.build(), claimsSet);
private String signJwt(JWTClaimsSet jwtClaimsSet) throws AuthException { if (JWSAlgorithm.RS256.equals(signatureAlgorithm) || JWSAlgorithm.RS384.equals(signatureAlgorithm) || JWSAlgorithm.RS512.equals(signatureAlgorithm)) { try { JWSSigner signer = new RSASSASigner(ServiceReferenceHolder.getInstance().getPrivateKey()); JWSAlgorithm jwsAlgorithm; if (signatureAlgorithm instanceof JWSAlgorithm) { jwsAlgorithm = (JWSAlgorithm) signatureAlgorithm; } else { throw new AuthException("Signature Algorithm couldn't convert to JWSAlgorithm"); } JWSHeader.Builder headerBuilder = new JWSHeader.Builder(jwsAlgorithm); String certThumbPrint = getThumbPrint(ServiceReferenceHolder.getInstance().getPublicKey()); headerBuilder.keyID(certThumbPrint); headerBuilder.x509CertThumbprint(new Base64URL(certThumbPrint)); SignedJWT signedJWT = new SignedJWT(headerBuilder.build(), jwtClaimsSet); signedJWT.sign(signer); return signedJWT.serialize(); } catch (NoSuchAlgorithmException | CertificateEncodingException | JOSEException e) { throw new AuthException("Invalid signature algorithm provided. " + signatureAlgorithm); } } else { throw new AuthException("Invalid signature algorithm provided. " + signatureAlgorithm); } }