JWTClaimsSet.Builder claims = new JWTClaimsSet.Builder();
JWTClaimsSet.Builder claims = new JWTClaimsSet.Builder();
private OAuth2RefreshTokenEntity createRefreshToken(ClientDetailsEntity client, AuthenticationHolderEntity authHolder) { OAuth2RefreshTokenEntity refreshToken = new OAuth2RefreshTokenEntity(); //refreshTokenFactory.createNewRefreshToken(); JWTClaimsSet.Builder refreshClaims = new JWTClaimsSet.Builder(); // make it expire if necessary if (client.getRefreshTokenValiditySeconds() != null) { Date expiration = new Date(System.currentTimeMillis() + (client.getRefreshTokenValiditySeconds() * 1000L)); refreshToken.setExpiration(expiration); refreshClaims.expirationTime(expiration); } // set a random identifier refreshClaims.jwtID(UUID.randomUUID().toString()); // TODO: add issuer fields, signature to JWT PlainJWT refreshJwt = new PlainJWT(refreshClaims.build()); refreshToken.setJwt(refreshJwt); //Add the authentication refreshToken.setAuthenticationHolder(authHolder); refreshToken.setClient(client); // save the token first so that we can set it to a member of the access token (NOTE: is this step necessary?) OAuth2RefreshTokenEntity savedRefreshToken = tokenRepository.saveRefreshToken(refreshToken); return savedRefreshToken; }
private OAuth2RefreshTokenEntity createRefreshToken(ClientDetailsEntity client, AuthenticationHolderEntity authHolder) { OAuth2RefreshTokenEntity refreshToken = new OAuth2RefreshTokenEntity(); //refreshTokenFactory.createNewRefreshToken(); JWTClaimsSet.Builder refreshClaims = new JWTClaimsSet.Builder(); // make it expire if necessary if (client.getRefreshTokenValiditySeconds() != null) { Date expiration = new Date(System.currentTimeMillis() + (client.getRefreshTokenValiditySeconds() * 1000L)); refreshToken.setExpiration(expiration); refreshClaims.expirationTime(expiration); } // set a random identifier refreshClaims.jwtID(UUID.randomUUID().toString()); // TODO: add issuer fields, signature to JWT PlainJWT refreshJwt = new PlainJWT(refreshClaims.build()); refreshToken.setJwt(refreshJwt); //Add the authentication refreshToken.setAuthenticationHolder(authHolder); refreshToken.setClient(client); // save the token first so that we can set it to a member of the access token (NOTE: is this step necessary?) OAuth2RefreshTokenEntity savedRefreshToken = tokenRepository.saveRefreshToken(refreshToken); return savedRefreshToken; }
/** * Generate a JWT from a map of claims. * * @param claims the map of claims * @return the created JWT */ public String generate(final Map<String, Object> claims) { // claims builder final JWTClaimsSet.Builder builder = new JWTClaimsSet.Builder(); // add claims for (final Map.Entry<String, Object> entry : claims.entrySet()) { builder.claim(entry.getKey(), entry.getValue()); } if (this.expirationTime != null) { builder.expirationTime(this.expirationTime); } return internalGenerate(builder.build()); }
public JWTToken(String alg, String[] claimsArray, List<String> audiences) { JWSHeader header = new JWSHeader(new JWSAlgorithm(alg)); if (claimsArray[2] != null) { if (audiences == null) { audiences = new ArrayList<>(); } audiences.add(claimsArray[2]); } JWTClaimsSet claims = null; JWTClaimsSet.Builder builder = new JWTClaimsSet.Builder() .issuer(claimsArray[0]) .subject(claimsArray[1]) .audience(audiences); if(claimsArray[3] != null) { builder = builder.expirationTime(new Date(Long.parseLong(claimsArray[3]))); } claims = builder.build(); jwt = new SignedJWT(header, claims); }
protected JWTClaimsSet buildJwtClaimsSet(final U profile) { // claims builder with subject and issue time final JWTClaimsSet.Builder builder = new JWTClaimsSet.Builder() .subject(profile.getTypedId()) .issueTime(new Date()); if (this.expirationTime != null) { builder.expirationTime(this.expirationTime); } // add attributes final Map<String, Object> attributes = profile.getAttributes(); for (final Map.Entry<String, Object> entry : attributes.entrySet()) { builder.claim(entry.getKey(), entry.getValue()); } builder.claim(INTERNAL_ROLES, profile.getRoles()); builder.claim(INTERNAL_PERMISSIONS, profile.getPermissions()); // claims return builder.build(); }
protected JWT getJwt() { String jti = (String) claims.get(ID_CLAIM); if (jti == null || jti.isEmpty()) { jti = UUID.randomUUID().toString(); claims.put(ID_CLAIM, jti); } JWTClaimsSet.Builder builder = new JWTClaimsSet.Builder(); for (Map.Entry<String, Object> entry : claims.entrySet()) { builder = builder.claim(entry.getKey(), entry.getValue()); } PlainHeader header = new PlainHeader(); PlainJWT jwt = new PlainJWT(header, builder.build()); return jwt; }
protected JWT getJwt() { String jti = (String) claims.get(ID_CLAIM); if (jti == null || jti.isEmpty()) { jti = UUID.randomUUID().toString(); claims.put(ID_CLAIM, jti); } JWTClaimsSet.Builder builder = new JWTClaimsSet.Builder(); for (Map.Entry<String, Object> entry : claims.entrySet()) { builder = builder.claim(entry.getKey(), entry.getValue()); } PlainHeader header = new PlainHeader(); PlainJWT jwt = new PlainJWT(header, builder.build()); return jwt; }
private static String signJWT(String uid, PrivateKey privateKey) { final JWSHeader header = new JWSHeader.Builder(JWSAlgorithm.RS256).type(JOSEObjectType.JWT).build(); final JWTClaimsSet payload = new JWTClaimsSet.Builder().claim("uid", uid).build(); final SignedJWT signedJWT = new SignedJWT(header, payload); try { signedJWT.sign(new RSASSASigner(privateKey)); return signedJWT.serialize(); } catch (JOSEException e) { throw new RuntimeException(e); } }
private static String signJWT(String uid, PrivateKey privateKey) { final JWSHeader header = new JWSHeader.Builder(JWSAlgorithm.RS256).type(JOSEObjectType.JWT).build(); final JWTClaimsSet payload = new JWTClaimsSet.Builder().claim("uid", uid).build(); final SignedJWT signedJWT = new SignedJWT(header, payload); try { signedJWT.sign(new RSASSASigner(privateKey)); return signedJWT.serialize(); } catch (JOSEException e) { throw new RuntimeException(e); } }
public static String serialize(LoginSessionToken loginSession, String callerPrincipal, List<String> roles) { JWTClaimsSet claimSet = new JWTClaimsSet.Builder().claim("principal", callerPrincipal).claim("roles", roles) .claim("loginSession", loginSession.getValue()).build(); String encryptedToken = EncryptedTokenSerializer.serialize(claimSet, getSecretKey()); return encryptedToken; }
protected Payload createPayload(String aud, String subject, Long expirationMillis, Map<String, Object> claimMap) { JWTClaimsSet.Builder builder = new JWTClaimsSet.Builder(); builder //.issueTime(new Date()) .expirationTime(new Date(System.currentTimeMillis() + expirationMillis)) .audience(aud) .subject(subject) .claim(LEMON_IAT, System.currentTimeMillis()); claimMap.forEach(builder::claim); JWTClaimsSet claims = builder.build(); return new Payload(claims.toJSONObject()); }
private static String getSignedJwt(ServiceAccountCredentials credentials, String iapClientId) throws Exception { Instant now = Instant.now(clock); long expirationTime = now.getEpochSecond() + EXPIRATION_TIME_IN_SECONDS; // generate jwt signed by service account // header must contain algorithm ("alg") and key ID ("kid") JWSHeader jwsHeader = new JWSHeader.Builder(JWSAlgorithm.RS256).keyID(credentials.getPrivateKeyId()).build(); // set required claims JWTClaimsSet claims = new JWTClaimsSet.Builder() .audience(OAUTH_TOKEN_URI) .issuer(credentials.getClientEmail()) .subject(credentials.getClientEmail()) .issueTime(Date.from(now)) .expirationTime(Date.from(Instant.ofEpochSecond(expirationTime))) .claim("target_audience", iapClientId) .build(); // sign using service account private key JWSSigner signer = new RSASSASigner(credentials.getPrivateKey()); SignedJWT signedJwt = new SignedJWT(jwsHeader, claims); signedJwt.sign(signer); return signedJwt.serialize(); }
JWTClaimsSet.Builder claimsSet = new JWTClaimsSet.Builder();
JWTClaimsSet.Builder idClaims = new JWTClaimsSet.Builder();
JWTClaimsSet claims = new JWTClaimsSet.Builder(JWTClaimsSet.parse(writer.toString())) .audience(Lists.newArrayList(client.getClientId())) .issuer(config.getIssuer())
ClientDetailsEntity client = clientService.loadClientByClientId(clientId); Builder builder = new JWTClaimsSet.Builder() .claim("azp", clientId) .issuer(configBean.getIssuer())
JWTClaimsSet.Builder claims = new JWTClaimsSet.Builder();
token.setAuthenticationHolder(authHolder); JWTClaimsSet claims = new JWTClaimsSet.Builder() .audience(Lists.newArrayList(client.getClientId())) .issuer(configBean.getIssuer())