private OAuth2RefreshTokenEntity createRefreshToken(ClientDetailsEntity client, AuthenticationHolderEntity authHolder) { OAuth2RefreshTokenEntity refreshToken = new OAuth2RefreshTokenEntity(); //refreshTokenFactory.createNewRefreshToken(); JWTClaimsSet.Builder refreshClaims = new JWTClaimsSet.Builder(); // make it expire if necessary if (client.getRefreshTokenValiditySeconds() != null) { Date expiration = new Date(System.currentTimeMillis() + (client.getRefreshTokenValiditySeconds() * 1000L)); refreshToken.setExpiration(expiration); refreshClaims.expirationTime(expiration); } // set a random identifier refreshClaims.jwtID(UUID.randomUUID().toString()); // TODO: add issuer fields, signature to JWT PlainJWT refreshJwt = new PlainJWT(refreshClaims.build()); refreshToken.setJwt(refreshJwt); //Add the authentication refreshToken.setAuthenticationHolder(authHolder); refreshToken.setClient(client); // save the token first so that we can set it to a member of the access token (NOTE: is this step necessary?) OAuth2RefreshTokenEntity savedRefreshToken = tokenRepository.saveRefreshToken(refreshToken); return savedRefreshToken; }
.issuer(config.getIssuer()) .issueTime(new Date()) .jwtID(UUID.randomUUID().toString()) // set a random NONCE in the middle of it .build();
claimsSet.subject(clientConfig.getClientId()); claimsSet.audience(Lists.newArrayList(serverConfig.getTokenEndpointUri())); claimsSet.jwtID(UUID.randomUUID().toString());
jwtClaimsSetBuilder.claim(AUTHORIZATION_PARTY, consumerKey); jwtClaimsSetBuilder.issueTime(new Date(curTimeInMillis)); jwtClaimsSetBuilder.jwtID(UUID.randomUUID().toString()); jwtClaimsSetBuilder.notBeforeTime(new Date(curTimeInMillis));
.issueTime(new Date()) .expirationTime(token.getExpiration()) .jwtID(UUID.randomUUID().toString()) .build();
.audience(serviceAudience) .issuer(casSeverPrefix) .jwtID(jwtId) .issueTime(issueDate) .subject(subject);
builder.jwtID(JSONObjectUtils.getString(json, JWT_ID_CLAIM));
.audience(service.getId()) .issuer(casProperties.getServer().getPrefix()) .jwtID(ticketId) .issueTime(assertion.getAuthenticationDate()) .subject(assertion.getPrincipal().getName());
.audience(Collections.singletonList(jwtAudience)) .issuer(credential.getClientId()) .jwtID(UUID.randomUUID().toString()) .notBeforeTime(new Date(time)) .expirationTime(new Date(time
claims.jwtID(UUID.randomUUID().toString());
jwtClaimsSetBuilder.claim(AUTHORIZATION_PARTY, consumerKey); jwtClaimsSetBuilder.issueTime(new Date(curTimeInMillis)); jwtClaimsSetBuilder.jwtID(UUID.randomUUID().toString()); jwtClaimsSetBuilder.notBeforeTime(new Date(curTimeInMillis)); jwtClaimsSetBuilder.claim(SCOPE, scope.toString());
.issueTime(new Date()) .expirationTime(token.getExpiration()) .jwtID(UUID.randomUUID().toString()) // set a random NONCE in the middle of it .build();
.audience(Collections.singletonList(jwtAudience)) .issuer(credential.getClientId()) .jwtID(UUID.randomUUID().toString()) .notBeforeTime(new Date(time)) .expirationTime(new Date(time
claims.expirationTime(new Date(now.getTime() + (1000l * Integer.toUnsignedLong(readValiditySeconds) ))); claims.issueTime(now); claims.jwtID(UUID.randomUUID().toString()); if (nonce != null) claims.claim(OrcidOauth2Constants.NONCE, nonce);
default String createToken(Object userId) { try { JWTClaimsSet.Builder builder = new JWTClaimsSet.Builder(); builder.issuer(getIssuer()); builder.subject(userId.toString()); builder.issueTime(new Date()); builder.notBeforeTime(new Date()); builder.expirationTime(new Date(new Date().getTime() + getExpirationDate())); builder.jwtID(UUID.randomUUID().toString()); JWTClaimsSet claimsSet = builder.build(); JWSHeader header = new JWSHeader(JWSAlgorithm.HS256); Payload payload = new Payload(claimsSet.toJSONObject()); JWSObject jwsObject = new JWSObject(header, payload); JWSSigner signer = new MACSigner(getSharedKey()); jwsObject.sign(signer); return jwsObject.serialize(); } catch (JOSEException ex) { return null; } }
private OAuth2RefreshTokenEntity createRefreshToken(ClientDetailsEntity client, AuthenticationHolderEntity authHolder) { OAuth2RefreshTokenEntity refreshToken = new OAuth2RefreshTokenEntity(); //refreshTokenFactory.createNewRefreshToken(); JWTClaimsSet.Builder refreshClaims = new JWTClaimsSet.Builder(); // make it expire if necessary if (client.getRefreshTokenValiditySeconds() != null) { Date expiration = new Date(System.currentTimeMillis() + (client.getRefreshTokenValiditySeconds() * 1000L)); refreshToken.setExpiration(expiration); refreshClaims.expirationTime(expiration); } // set a random identifier refreshClaims.jwtID(UUID.randomUUID().toString()); // TODO: add issuer fields, signature to JWT PlainJWT refreshJwt = new PlainJWT(refreshClaims.build()); refreshToken.setJwt(refreshJwt); //Add the authentication refreshToken.setAuthenticationHolder(authHolder); refreshToken.setClient(client); // save the token first so that we can set it to a member of the access token (NOTE: is this step necessary?) OAuth2RefreshTokenEntity savedRefreshToken = tokenRepository.saveRefreshToken(refreshToken); return savedRefreshToken; }
idClaims.subject(sub); idClaims.audience(Lists.newArrayList(client.getClientId())); idClaims.jwtID(UUID.randomUUID().toString()); // set a random NONCE in the middle of it
.expirationTime(token.getExpiration()) .subject(authentication.getName()) .jwtID(UUID.randomUUID().toString()); // set a random NONCE in the middle of it
claims.jwtID(UUID.randomUUID().toString());
.issueTime(new Date()) .expirationTime(token.getExpiration()) .jwtID(UUID.randomUUID().toString()) // set a random NONCE in the middle of it .build();