@Override public boolean validateSignature(SignedJWT jwt) { for (JWSVerifier verifier : verifiers.values()) { try { if (jwt.verify(verifier)) { return true; } } catch (JOSEException e) { logger.error("Failed to validate signature with " + verifier + " error message: " + e.getMessage()); } } return false; }
/** * Validate the jwt signature. * * @param jwtToken knox jwt * @return whether this jwt signature is valid * @throws JOSEException if the jws object couldn't be verified */ private boolean validateSignature(final SignedJWT jwtToken) throws JOSEException { boolean valid = false; // ensure the token is signed if (JWSObject.State.SIGNED.equals(jwtToken.getState())) { // ensure the signature is present if (jwtToken.getSignature() != null) { // verify the token valid = jwtToken.verify(verifier); } } if (!valid) { logger.error("The Knox JWT has an invalid signature."); } return valid; }
return signedJwt.verify(jwsVerifier);
try { JWSVerifier verifier = new RSASSAVerifier(SecurityUtils.parseRSAPublicKey(getKnoxKey())); if (jwtToken.verify(verifier)) { LOG.debug("SSO token has been successfully verified"); return true;
@Override public boolean isValidSignature(JWT jwt, JWK jwk) { try { SignedJWT signedJwt = (SignedJWT)jwt; return signedJwt.verify(this.verifier(jwk)); } catch (ClassCastException | JOSEException ex) { LOGGER.error(ex.getMessage(),ex); return false; } }
public boolean verify(JWSVerifier verifier) { boolean rc = false; try { rc = jwt.verify(verifier); } catch (JOSEException e) { log.unableToVerifyToken(e); } return rc; } }
public static boolean isSignatureValid(String token) { // Parse the JWS and verify its RSA signature SignedJWT signedJWT; try { signedJWT = SignedJWT.parse(token); JWSVerifier verifier = new RSASSAVerifier((RSAPublicKey) publicKey); return signedJWT.verify(verifier); } catch (ParseException | JOSEException e) { return false; } }
@Override public boolean verify(JWSVerifier verifier) { boolean rc = false; try { rc = jwt.verify(verifier); } catch (JOSEException e) { log.unableToVerifyToken(e); } return rc; } }
@Override public boolean isValidSignature(JWT jwt, JWK jwk) { try { SignedJWT signedJwt = (SignedJWT)jwt; return signedJwt.verify(this.verifier(jwk)); } catch (ClassCastException | JOSEException ex) { LOGGER.error(ex.getMessage(),ex); return false; } }
/** verify an id_token was signed by us * * @param signed * @return */ public boolean verify(SignedJWT signed) { try { JWSVerifier verifier = new RSASSAVerifier(publicJWK); return signed.verify(verifier); } catch (JOSEException e) { throw new RuntimeException(e); } }
/** * verify the Signed JWT * * @throws java.io.IOException e * @param signedJWT a signed JWT * @return whether verify success */ public boolean verifySignedJWT(SignedJWT signedJWT) throws IOException { try { JWSVerifier verifier = getVerifier(); return signedJWT.verify(verifier); } catch (JOSEException | KrbException e) { throw new IOException("Failed to verify the signed JWT", e); } }
/** * verify the Signed JWT * * @throws java.io.IOException e * @param signedJWT a signed JWT * @return whether verify success */ public boolean verifySignedJWT(SignedJWT signedJWT) throws IOException { try { JWSVerifier verifier = getVerifier(); return signedJWT.verify(verifier); } catch (JOSEException | KrbException e) { throw new IOException("Failed to verify the signed JWT", e); } }
@Override public boolean verify(final SignedJWT jwt) throws JOSEException { init(); final JWSVerifier verifier = new MACVerifier(this.secret); return jwt.verify(verifier); }
private boolean verifySignature(String jwt) { try { SignedJWT signedJWT = SignedJWT.parse(jwt); if (new Date().before(signedJWT.getJWTClaimsSet().getExpirationTime())) { JWSVerifier verifier = new RSASSAVerifier((RSAPublicKey) getPublicKey(KEYSTORE, KEYSTORE_PASSWORD, ALIAS)); return signedJWT.verify(verifier); } else { log.info("Token has expired"); } } catch (ParseException | IOException | KeyStoreException | CertificateException | NoSuchAlgorithmException | UnrecoverableKeyException | JOSEException e) { log.error("Error occurred while JWT signature verification. JWT=" + jwt, e); } return false; }
@Override public boolean verify(final SignedJWT jwt) throws JOSEException { init(); CommonHelper.assertNotNull("publicKey", publicKey); final JWSVerifier verifier = new RSASSAVerifier(this.publicKey); return jwt.verify(verifier); }
@Override public boolean verify(final SignedJWT jwt) throws JOSEException { init(); CommonHelper.assertNotNull("publicKey", publicKey); final JWSVerifier verifier = new ECDSAVerifier(this.publicKey); return jwt.verify(verifier); }
default boolean validateToken(String token) { try { SignedJWT signed = SignedJWT.parse(token); JWSVerifier verifier = new MACVerifierExtended(getSharedKey(), signed.getJWTClaimsSet()); return signed.verify(verifier); } catch (ParseException ex) { return false; } catch (JOSEException ex) { return false; } } }
public IdentityReference deserialize(String token) throws Exception { String sToken = new String(Base64.getDecoder().decode(token)); // Parse the JWE string JWEObject jweObject = JWEObject.parse(sToken); // Decrypt with shared key jweObject.decrypt(new DirectDecrypter(secretKey.getEncoded())); // Extract payload SignedJWT signedJWT = jweObject.getPayload().toSignedJWT(); // Check the HMAC signedJWT.verify(new MACVerifier(secretKey.getEncoded())); // Retrieve the JWT claims return new IdentityReference(signedJWT.getJWTClaimsSet().getIssuer(), signedJWT.getJWTClaimsSet().getSubject()); } }
public IdentityReference deserialize(String token) throws Exception { String sToken = new String(Base64.getDecoder().decode(token)); // Parse the JWE string JWEObject jweObject = JWEObject.parse(sToken); // Decrypt with shared key jweObject.decrypt(new DirectDecrypter(secretKey.getEncoded())); // Extract payload SignedJWT signedJWT = jweObject.getPayload().toSignedJWT(); // Check the HMAC signedJWT.verify(new MACVerifier(secretKey.getEncoded())); // Retrieve the JWT claims return new IdentityReference(signedJWT.getJWTClaimsSet().getIssuer(), signedJWT.getJWTClaimsSet().getSubject()); } }
public static JWTClaimsSet deserialize(String serializedToken, byte[] key) { try { JWEObject jweObject = JWEObject.parse(serializedToken); jweObject.decrypt(new DirectDecrypter(key)); SignedJWT signedJWT = jweObject.getPayload().toSignedJWT(); signedJWT.verify(new MACVerifier(key)); JWTClaimsSet jwtClaimsSet = signedJWT.getJWTClaimsSet(); return jwtClaimsSet; } catch (ParseException e) { throw new IllegalStateException(e); } catch (JOSEException e) { throw new IllegalStateException(e); } } }