@Override public void validate(Jwt token, Errors.Collector collector) { token.issueTime().ifPresent(it -> { // must be issued in the past if (latest().isBefore(it)) { collector.fatal(token, "Token was not issued in the past: " + it); } }); } }
private Subject buildSubject(Jwt jwt, SignedJwt signedJwt) { Principal principal = buildPrincipal(jwt); TokenCredential.Builder builder = TokenCredential.builder(); jwt.issueTime().ifPresent(builder::issueTime); jwt.expirationTime().ifPresent(builder::expTime); jwt.issuer().ifPresent(builder::issuer); builder.token(signedJwt.tokenContent()); builder.addToken(Jwt.class, jwt); builder.addToken(SignedJwt.class, signedJwt); Optional<List<String>> scopes = jwt.scopes(); Subject.Builder subjectBuilder = Subject.builder() .principal(principal) .addPublicCredential(TokenCredential.class, builder.build()); scopes.ifPresent(scopeList -> scopeList.forEach(scope -> subjectBuilder.addGrant(Grant.builder() .name(scope) .type("scope") .build()))); return subjectBuilder.build(); }
Subject buildSubject(Jwt jwt, SignedJwt signedJwt) { Principal principal = buildPrincipal(jwt); TokenCredential.Builder builder = TokenCredential.builder(); jwt.issueTime().ifPresent(builder::issueTime); jwt.expirationTime().ifPresent(builder::expTime); jwt.issuer().ifPresent(builder::issuer); builder.token(signedJwt.tokenContent()); builder.addToken(Jwt.class, jwt); builder.addToken(SignedJwt.class, signedJwt); Optional<List<String>> scopes = jwt.scopes(); Subject.Builder subjectBuilder = Subject.builder() .principal(principal) .addPublicCredential(TokenCredential.class, builder.build()); scopes.ifPresent(scopeList -> { scopeList.forEach(scope -> subjectBuilder.addGrant(Grant.builder() .name(scope) .type("scope") .build())); }); return subjectBuilder.build(); }
Subject buildSubject(Jwt jwt, SignedJwt signedJwt) { JsonWebTokenImpl principal = buildPrincipal(jwt, signedJwt); TokenCredential.Builder builder = TokenCredential.builder(); jwt.issueTime().ifPresent(builder::issueTime); jwt.expirationTime().ifPresent(builder::expTime); jwt.issuer().ifPresent(builder::issuer); builder.token(signedJwt.tokenContent()); builder.addToken(JsonWebToken.class, principal); builder.addToken(Jwt.class, jwt); builder.addToken(SignedJwt.class, signedJwt); Subject.Builder subjectBuilder = Subject.builder() .principal(principal) .addPublicCredential(TokenCredential.class, builder.build()); Optional<List<String>> userGroups = jwt.userGroups(); userGroups.ifPresent(groups -> groups.forEach(group -> subjectBuilder.addGrant(Role.create(group)))); Optional<List<String>> scopes = jwt.scopes(); scopes.ifPresent(scopeList -> scopeList.forEach(scope -> subjectBuilder.addGrant(Grant.builder() .name(scope) .type("scope") .build()))); return subjectBuilder.build(); }
@Override public void validate(Jwt token, Errors.Collector collector) { token.issueTime().ifPresent(it -> { // must be issued in the past if (latest().isBefore(it)) { collector.fatal(token, "Token was not issued in the past: " + it); } }); } }
Subject buildSubject(Jwt jwt, SignedJwt signedJwt) { JsonWebTokenImpl principal = buildPrincipal(jwt, signedJwt); TokenCredential.Builder builder = TokenCredential.builder(); jwt.issueTime().ifPresent(builder::issueTime); jwt.expirationTime().ifPresent(builder::expTime); jwt.issuer().ifPresent(builder::issuer); builder.token(signedJwt.tokenContent()); builder.addToken(JsonWebToken.class, principal); builder.addToken(Jwt.class, jwt); builder.addToken(SignedJwt.class, signedJwt); Subject.Builder subjectBuilder = Subject.builder() .principal(principal) .addPublicCredential(TokenCredential.class, builder.build()); Optional<List<String>> userGroups = jwt.userGroups(); userGroups.ifPresent(groups -> groups.forEach(group -> subjectBuilder.addGrant(Role.create(group)))); Optional<List<String>> scopes = jwt.scopes(); scopes.ifPresent(scopeList -> scopeList.forEach(scope -> subjectBuilder.addGrant(Grant.builder() .name(scope) .type("scope") .build()))); return subjectBuilder.build(); }
Subject buildSubject(Jwt jwt, SignedJwt signedJwt) { Principal principal = buildPrincipal(jwt); TokenCredential.Builder builder = TokenCredential.builder(); jwt.issueTime().ifPresent(builder::issueTime); jwt.expirationTime().ifPresent(builder::expTime); jwt.issuer().ifPresent(builder::issuer); builder.token(signedJwt.tokenContent()); builder.addToken(Jwt.class, jwt); builder.addToken(SignedJwt.class, signedJwt); Optional<List<String>> scopes = jwt.scopes(); Subject.Builder subjectBuilder = Subject.builder() .principal(principal) .addPublicCredential(TokenCredential.class, builder.build()); scopes.ifPresent(scopeList -> { scopeList.forEach(scope -> subjectBuilder.addGrant(Grant.builder() .name(scope) .type("scope") .build())); }); return subjectBuilder.build(); }