logger.warn("Software statement contained unknown field: " + claim + " with value " + claimSet.getClaim(claim)); break;
Preconditions.checkNotNull(claims.getClaim("email"));
/** * Return the claim value which matches the given claimName, from jwtClaimset * * @param claimName * @return Claim value object */ public Object getClaim(String claimName) { return claimsSet.getClaim(claimName); }
logger.warn("Software statement contained unknown field: " + claim + " with value " + claimSet.getClaim(claim)); break;
public String getUniqueName() { return jwtClaimsSet == null ? null : (String) jwtClaimsSet.getClaim("unique_name"); }
public Object getClaim() { return jwtClaimsSet == null ? null : jwtClaimsSet.getClaim("tid"); }
public String getUpn() { return jwtClaimsSet == null ? null : (String) jwtClaimsSet.getClaim("upn"); }
public Object getClaim() { return jwtClaimsSet == null ? null : jwtClaimsSet.getClaim("tid"); }
public String getUpn() { return jwtClaimsSet == null ? null : (String) jwtClaimsSet.getClaim("upn"); }
private boolean isIdToken(JWTClaimsSet claimsSet) { return claimsSet.getClaim("token_use").equals("id"); }
private Map<String, String> readSecretClaims() throws IOException { JWTClaimsSet credentials = null; Object credentialsObject = SecurityContextHolder.getContext().getAuthentication().getCredentials(); if(credentialsObject instanceof JWTClaimsSet){ credentials = (JWTClaimsSet)credentialsObject ; } else { return Collections.emptyMap(); } String secretClaim = (String)credentials.getClaim(secretClaimPropertyKey); return objectMapper.readValue(secretClaim, MAP_TYPE_REFERENCE); } }
public static UserDto getUserDto(JWTClaimsSet claims) { Object userClaim = claims.getClaim(BlueTokenService.USER_CLAIM); if (userClaim == null) return null; return LecUtils.deserialize((String) userClaim); } }
@Override public <T> T parseClaim(String token, String claim) { JWTClaimsSet claims = parseToken(token); return (T) claims.getClaim(claim); }
private Map<String, String> readSecretClaims() throws IOException { JWTClaimsSet credentials = null; Object credentialsObject = SecurityContextHolder.getContext().getAuthentication().getCredentials(); if(credentialsObject instanceof JWTClaimsSet){ credentials = (JWTClaimsSet)credentialsObject ; } else { return Collections.emptyMap(); } String secretClaim = (String)credentials.getClaim(secretClaimPropertyKey); return objectMapper.readValue(secretClaim, MAP_TYPE_REFERENCE); } }
public static String getStringClaimValue(JWTClaimsSet claims, String claimName) throws JwtParseException { try { return (String) claims.getClaim(claimName); } catch (ClassCastException e) { throw new JwtParseException("'" + claimName + "' claim parameter should be a string", e); } }
@Override public String get() { JWTClaimsSet claimsSet = (JWTClaimsSet) SecurityContextHolder.getContext().getAuthentication().getCredentials(); String secretClaimsAsText = (String) claimsSet.getClaim(secretClaimPropertyKey); Map<String, String> secretClaims; try { secretClaims = objectMapper.readValue(secretClaimsAsText); } catch (IOException e) { throw new RuntimeException(e); } return secretClaims.get(audience); } }
/** * Throws BadCredentialsException if * user's credentials were updated after the JWT was issued */ public static <U extends AbstractUser<ID>, ID extends Serializable> void ensureCredentialsUpToDate(JWTClaimsSet claims, U user) { long issueTime = (long) claims.getClaim(LemonTokenService.LEMON_IAT); LecUtils.ensureCredentials(issueTime >= user.getCredentialsUpdatedMillis(), "com.naturalprogrammer.spring.obsoleteToken"); } }
@Override public JWTClaimsSet parseToken(String token, String audience, long issuedAfter) { JWTClaimsSet claims = parseToken(token, audience); long issueTime = (long) claims.getClaim(LEMON_IAT); LecUtils.ensureCredentials(issueTime >= issuedAfter, "com.naturalprogrammer.spring.obsoleteToken"); return claims; }
/** * Throws BadCredentialsException if * user's credentials were updated after the JWT was issued */ public static <U extends AbstractMongoUser<ID>, ID extends Serializable> void ensureCredentialsUpToDate(JWTClaimsSet claims, U user) { long issueTime = (long) claims.getClaim(LemonTokenService.LEMON_IAT); log.debug("Ensuring credentials up to date. Issue time = " + issueTime + ". User's credentials updated at" + user.getCredentialsUpdatedMillis()); LecUtils.ensureCredentials(issueTime >= user.getCredentialsUpdatedMillis(), "com.naturalprogrammer.spring.obsoleteToken"); } }
protected U validateChangeEmail(Tuple2<U, MultiValueMap<String, String>> tuple) { U user = tuple.getT1(); String code = tuple.getT2().getFirst("code"); LexUtils.validate(StringUtils.isNotBlank(code), "com.naturalprogrammer.spring.blank", "code").go(); LexUtils.validate(StringUtils.isNotBlank(user.getNewEmail()), "com.naturalprogrammer.spring.blank.newEmail").go(); JWTClaimsSet claims = greenTokenService.parseToken(code, GreenTokenService.CHANGE_EMAIL_AUDIENCE, user.getCredentialsUpdatedMillis()); LecUtils.ensureAuthority( claims.getSubject().equals(user.getId().toString()) && claims.getClaim("newEmail").equals(user.getNewEmail()), "com.naturalprogrammer.spring.wrong.changeEmailCode"); return user; }