/** * Validate the jwt signature. * * @param jwtToken knox jwt * @return whether this jwt signature is valid * @throws JOSEException if the jws object couldn't be verified */ private boolean validateSignature(final SignedJWT jwtToken) throws JOSEException { boolean valid = false; // ensure the token is signed if (JWSObject.State.SIGNED.equals(jwtToken.getState())) { // ensure the signature is present if (jwtToken.getSignature() != null) { // verify the token valid = jwtToken.verify(verifier); } } if (!valid) { logger.error("The Knox JWT has an invalid signature."); } return valid; }
if (JWSObject.State.SIGNED == jwtToken.getState()) { LOG.debug("SSO token is in a SIGNED state"); if (jwtToken.getSignature() != null) {
/** * Creates a new payload from the specified signed JSON Web Token * (JWT). Intended for signed then encrypted JWTs. * * @param signedJWT The signed JWT representing the payload. Must be in * a signed state and not {@code null}. */ public Payload(final SignedJWT signedJWT) { if (signedJWT == null) { throw new IllegalArgumentException("The signed JWT must not be null"); } if (signedJWT.getState() == JWSObject.State.UNSIGNED) { throw new IllegalArgumentException("The JWT must be signed"); } jsonObject = null; string = null; bytes = null; base64URL = null; this.signedJWT = signedJWT; jwsObject = signedJWT; // The signed JWT is also a JWS origin = Origin.SIGNED_JWT; }
if (JWSObject.State.SIGNED == jwtToken.getState()) { if (LOG.isDebugEnabled()) { LOG.debug("SSO token is in a SIGNED state");
/** * Verify the signature of the JWT token in this method. This method depends * on the public key that was established during init based upon the * provisioned public key. Override this method in subclasses in order to * customize the signature verification behavior. * * @param jwtToken the token that contains the signature to be validated * @return valid true if signature verifies successfully; false otherwise */ protected boolean validateSignature(SignedJWT jwtToken) { boolean valid = false; if (JWSObject.State.SIGNED == jwtToken.getState()) { LOG.debug("JWT token is in a SIGNED state"); if (jwtToken.getSignature() != null) { LOG.debug("JWT token signature is not null"); try { JWSVerifier verifier = new RSASSAVerifier(publicKey); if (jwtToken.verify(verifier)) { valid = true; LOG.debug("JWT token has been successfully verified"); } else { LOG.warn("JWT signature verification failed."); } } catch (JOSEException je) { LOG.warn("Error while validating signature", je); } } } return valid; }
/** * Verify the signature of the JWT token in this method. This method depends * on the public key that was established during init based upon the * provisioned public key. Override this method in subclasses in order to * customize the signature verification behavior. * * @param jwtToken the token that contains the signature to be validated * @return valid true if signature verifies successfully; false otherwise */ protected boolean validateSignature(SignedJWT jwtToken) { boolean valid = false; if (JWSObject.State.SIGNED == jwtToken.getState()) { LOG.debug("JWT token is in a SIGNED state"); if (jwtToken.getSignature() != null) { LOG.debug("JWT token signature is not null"); try { JWSVerifier verifier = new RSASSAVerifier(publicKey); if (jwtToken.verify(verifier)) { valid = true; LOG.debug("JWT token has been successfully verified"); } else { LOG.warn("JWT signature verification failed."); } } catch (JOSEException je) { LOG.warn("Error while validating signature", je); } } } return valid; }
/** * Verify the signature of the JWT token in this method. This method depends * on the public key that was established during init based upon the * provisioned public key. Override this method in subclasses in order to * customize the signature verification behavior. * * @param jwtToken the token that contains the signature to be validated * @return valid true if signature verifies successfully; false otherwise */ protected boolean validateSignature(SignedJWT jwtToken) { boolean valid = false; if (JWSObject.State.SIGNED == jwtToken.getState()) { LOG.debug("JWT token is in a SIGNED state"); if (jwtToken.getSignature() != null) { LOG.debug("JWT token signature is not null"); try { JWSVerifier verifier = new RSASSAVerifier(publicKey); if (jwtToken.verify(verifier)) { valid = true; LOG.debug("JWT token has been successfully verified"); } else { LOG.warn("JWT signature verification failed."); } } catch (JOSEException je) { LOG.warn("Error while validating signature", je); } } } return valid; }
/** * Verify the signature of the JWT token in this method. This method depends * on the public key that was established during init based upon the * provisioned public key. Override this method in subclasses in order to * customize the signature verification behavior. * * @param jwtToken the token that contains the signature to be validated * @return valid true if signature verifies successfully; false otherwise */ protected boolean validateSignature(SignedJWT jwtToken) { boolean valid = false; if (JWSObject.State.SIGNED == jwtToken.getState()) { LOG.debug("JWT token is in a SIGNED state"); if (jwtToken.getSignature() != null) { LOG.debug("JWT token signature is not null"); try { JWSVerifier verifier = new RSASSAVerifier(publicKey); if (jwtToken.verify(verifier)) { valid = true; LOG.debug("JWT token has been successfully verified"); } else { LOG.warn("JWT signature verification failed."); } } catch (JOSEException je) { LOG.warn("Error while validating signature", je); } } } return valid; }
/** * Verify the signature of the JWT token in this method. This method depends * on the public key that was established during init based upon the * provisioned public key. Override this method in subclasses in order to * customize the signature verification behavior. * * @param jwtToken the token that contains the signature to be validated * @return valid true if signature verifies successfully; false otherwise */ protected boolean validateSignature(SignedJWT jwtToken) { boolean valid = false; if (JWSObject.State.SIGNED == jwtToken.getState()) { LOG.debug("JWT token is in a SIGNED state"); if (jwtToken.getSignature() != null) { LOG.debug("JWT token signature is not null"); try { JWSVerifier verifier = new RSASSAVerifier(publicKey); if (jwtToken.verify(verifier)) { valid = true; LOG.debug("JWT token has been successfully verified"); } else { LOG.warn("JWT signature verification failed."); } } catch (JOSEException je) { LOG.warn("Error while validating signature", je); } } } return valid; }
/** * Validate the jwt signature. * * @param jwtToken knox jwt * @return whether this jwt signature is valid * @throws JOSEException if the jws object couldn't be verified */ private boolean validateSignature(final SignedJWT jwtToken) throws JOSEException { boolean valid = false; // ensure the token is signed if (JWSObject.State.SIGNED.equals(jwtToken.getState())) { // ensure the signature is present if (jwtToken.getSignature() != null) { // verify the token valid = jwtToken.verify(verifier); } } if (!valid) { logger.error("The Knox JWT has an invalid signature."); } return valid; }