@Override public AuthDataPair decrypt(String encrypted, PrivateKey privateKey) { try { RSADecrypter decrypter = new RSADecrypter(privateKey); JWEObject object = JWEObject.parse(encrypted); object.decrypt(decrypter); return objectMapper.readValue(object.getPayload().toString(), AuthDataPair.class); } catch (IOException | ParseException | JOSEException e) { throw new SecurityException("Error decrypting auth tokens", e); } } }
@Override public String getPayload() { Payload payload = jwt.getPayload(); return payload.toString(); }
@Override public String getPayload() { Payload payload = jwt.getPayload(); return payload.toString(); }
/** * Returns a signed JSON Web Token (JWT) representation of this * payload. Intended for signed then encrypted JWTs. * * @return The signed JWT representation, {@code null} if the payload * couldn't be converted to a signed JWT. */ public SignedJWT toSignedJWT() { if (signedJWT != null) { return signedJWT; } try { return SignedJWT.parse(toString()); } catch (ParseException e) { return null; } }
/** * Returns a JWS object representation of this payload. Intended for * signed then encrypted JOSE objects. * * @return The JWS object representation, {@code null} if the payload * couldn't be converted to a JWS object. */ public JWSObject toJWSObject() { if (jwsObject != null) { return jwsObject; } try { return JWSObject.parse(toString()); } catch (ParseException e) { return null; } }
/** * Returns a JSON object representation of this payload. * * @return The JSON object representation, {@code null} if the payload * couldn't be converted to a JSON object. */ public JSONObject toJSONObject() { if (jsonObject != null) { return jsonObject; } // Convert String s = toString(); if (s == null) { // to string conversion failed return null; } try { return JSONObjectUtils.parse(s); } catch (ParseException e) { // Payload not a JSON object return null; } }
/** * Returns a byte array representation of this payload. * * @return The byte array representation. */ public byte[] toBytes() { if (bytes != null) { return bytes; } // Convert if (base64URL != null) { return base64URL.decode(); } return stringToByteArray(toString()); }
/** * Decrypt jwe encrypted payload. * * @param encryptedJwePayload the encryptedJwePayload encrypted payload input. * @param privateKey the private key. * @param responseType the response type. * @return payload the decrypted payload json string. * @throws SDKConversionException */ public static <T> T getJweDecryptedPayload(String encryptedJwePayload, PrivateKey privateKey, Class<? extends T> responseType) throws SDKConversionException { if (null == responseType) { log.error(ERR_MSG_RESP_TYPE_NOT_NULL); throw new SDKConversionException(ERR_MSG_RESP_TYPE_NOT_NULL); } return responseBodyConverter(getDecryptedPayload(encryptedJwePayload, privateKey).toString(), responseType); }
private String decrypt(String encrypted, byte[] key) { try { JWEObject jweObject = JWEObject.parse(encrypted); jweObject.decrypt(new DirectDecrypter(key)); return jweObject.getPayload().toString(); } catch (JOSEException | ParseException e) { throw new IllegalStateException(e); } }
String decrypted = jweObject.getPayload().toString(); return Optional.of(decrypted);
/** * Decrypt encrypted payload, verify signature and convert it to response type. * @param payload the payload json string. * @param signature the signature. * @param privateKey the private key. * @param publicKey the public key provided by the masterpass. * @param responseType the response type. * @return payload the decrypted payload json string. * @throws SDKValidationException */ public static <T> T decryptAndVerify(String payload, String signature, PrivateKey privateKey, PublicKey publicKey, Class<? extends T> responseType) { if (null == responseType) { log.error(ERR_MSG_RESP_TYPE_NOT_NULL); throw new SDKValidationException(ERR_MSG_RESP_TYPE_NOT_NULL); } String decryptedPayload = getDecryptedPayload(payload, privateKey).toString(); if (!verifySignature(decryptedPayload, signature, publicKey)) { log.error("Signature verification failed."); throw new SDKValidationException("Signature verification failed."); } return responseBodyConverter(decryptedPayload, responseType); }
public JWTAuthenticationToken createToken(String token) { try { JWSObject jwsObject = JWSObject.parse(token); String decrypted = jwsObject.getPayload().toString(); try (JsonReader jr = Json.createReader(new StringReader(decrypted))) { JsonObject object = jr.readObject(); String userId = object.getString("sub", null); return new JWTAuthenticationToken(userId, token); } } catch (ParseException ex) { throw new AuthenticationException(ex); } }
JsonNode payloadNode = VoxelwindServer.MAPPER.readTree(object.getPayload().toString()); JsonNode ipkNode = payloadNode.get("identityPublicKey"); Verify.verify(ipkNode != null && ipkNode.getNodeType() == JsonNodeType.STRING, "identityPublicKey node is missing in chain");
@Override public JsonObject process(String jwt) throws JWTException { String[] parts = jwt.split("\\."); if(parts.length == 3) { Base64URL first = new Base64URL(parts[0]); Base64URL second = new Base64URL(parts[1]); Base64URL third = new Base64URL(parts[2]); try { String rawJwt = new JWSObject(first, second, third).getPayload().toString(); return Json.createReader(new StringReader(rawJwt)).readObject(); } catch (ParseException e) { throw new JWTException("Unable to parse JWT", e); } } else { return null; } } }
@Nonnull @Override public Jwt parse(String jwt) throws JwtParseException { JWSObject jwsObject = parseJWSObject(jwt); try { JWTClaimsSet claims = JWTClaimsSet.parse(jwsObject.getPayload().toJSONObject()); return new SimpleJwt(claims.getIssuer(), claims.getSubject(), jwsObject.getPayload().toString()); } catch (ParseException e) { throw new JwtParseException(e); } }
private boolean testDecryptNimbusJoseJwt(String jwe) { try { EncryptedJWT encryptedJwt = EncryptedJWT.parse(jwe); //EncryptedJWT encryptedJwt = EncryptedJWT.parse(encryptWithGluu()); //EncryptedJWT encryptedJwt = EncryptedJWT.parse(encryptWithNimbus()); JWK jwk = JWK.parse(recipientJwkJson); RSAPrivateKey rsaPrivateKey = ((RSAKey) jwk).toRSAPrivateKey(); JWEDecrypter decrypter = new RSADecrypter(rsaPrivateKey); decrypter.getJCAContext().setProvider(BouncyCastleProviderSingleton.getInstance()); encryptedJwt.decrypt(decrypter); final String decryptedPayload = new String(Base64Util.base64urldecode(encryptedJwt.getPayload().toString())); System.out.println("Nimbusds decrypt succeed: " + decryptedPayload); if (decryptedPayload.equals(PAYLOAD)) { return true; } } catch (Exception e) { System.out.println("Nimbusds decrypt failed: " + e.getMessage()); e.printStackTrace(); } return false; }
public String decrypt(String encrypted) throws SecretDecryptionException { JWEObject jweObject; try { jweObject = JWEObject.parse(encrypted); } catch (ParseException e) { throw new SecretDecryptionException(e); } String keyID = jweObject.getHeader().getKeyID(); Key key = keyMapProvider.getKey(keyID); if (key == null) { throw new IllegalStateException("No suitable key found"); } JWEDecrypter decrypter; try { decrypter = decrypterFactory.createJWEDecrypter(jweObject.getHeader(), key); } catch (JOSEException e) { throw new SecretDecryptionException(e); } try { jweObject.decrypt(decrypter); } catch (JOSEException e) { throw new SecretDecryptionException(e); } return jweObject.getPayload().toString(); } }
@Override public String decrypt(String encrypted) { JWEObject jweObject; try { jweObject = JWEObject.parse(encrypted); } catch (ParseException e) { throw new EncryptionException(e); } String keyID = jweObject.getHeader().getKeyID(); Key key = keyProvider.getKeyForDecryption(keyID); if (key == null) { throw new IllegalStateException("No suitable key found"); } JWEDecrypter decrypter; try { decrypter = decrypterFactory.createJWEDecrypter(jweObject.getHeader(), key); } catch (JOSEException e) { throw new EncryptionException(e); } try { jweObject.decrypt(decrypter); } catch (JOSEException e) { throw new EncryptionException(e); } return jweObject.getPayload().toString(); }
public SimpleUnverifiedJwt parse(String jwt) throws JwtParseException { JWSObject jwsObject = parseJWSObject(jwt); try { JWTClaimsSet claims = JWTClaimsSet.parse(jwsObject.getPayload().toJSONObject()); return new SimpleUnverifiedJwt(jwsObject.getHeader().getAlgorithm().getName(), claims.getIssuer(), claims.getSubject(), jwsObject.getPayload().toString()); } catch (ParseException e) { throw new JwtParseException(e); } }