JWTSSOProvider jwtSSOProvider = dataAccessor.getJWTSSOProvider(consumer.getJwtClaims().getIssuer()); if (!consumer.verifySignatureWith(jwtSSOProvider)) { throw new BadCredentialsException("Invalid signature found in JWT");
JWTSSOProvider jwtSSOProvider = dataAccessor.getJWTSSOProvider(consumer.getJwtClaims().getIssuer()); if (!consumer.verifySignatureWith(jwtSSOProvider)) { throw new BadCredentialsException("Invalid signature found in JWT");
if (!iss.equals(claims.getIssuer())) { throw new SecurityException();
if (!iss.equals(claims.getIssuer())) { throw new SecurityException();
authorities = getAdminAuthorities(); } else { JWTSSOProvider jwtSSOProvider = getJWTSSOProvider(authentication.getClaims().getIssuer()); Pair<User, Set<SyncopeGrantedAuthority>> resolved = jwtSSOProvider.resolve(authentication.getClaims()); if (resolved == null || resolved.getLeft() == null) { LOG.debug("JWT {} issued by {} resolved to User {} with authorities {}", authentication.getClaims().getTokenId(), authentication.getClaims().getIssuer(), username, authorities);
authorities = getAdminAuthorities(); } else { JWTSSOProvider jwtSSOProvider = getJWTSSOProvider(authentication.getClaims().getIssuer()); Pair<User, Set<SyncopeGrantedAuthority>> resolved = jwtSSOProvider.resolve(authentication.getClaims()); if (resolved == null || resolved.getLeft() == null) { LOG.debug("JWT {} issued by {} resolved to User {} with authorities {}", authentication.getClaims().getTokenId(), authentication.getClaims().getIssuer(), username, authorities);
protected void validateClaims(Client client, JwtClaims claims) { if (getAudience() != null) { JAXRSUtils.getCurrentMessage().put(JwtConstants.EXPECTED_CLAIM_AUDIENCE, getAudience()); } JwtUtils.validateTokenClaims(claims, ttl, clockOffset, true); validateIssuer(claims.getIssuer()); validateSubject(client, claims.getSubject()); // We must have an Expiry if (claims.getClaim(JwtConstants.CLAIM_EXPIRY) == null) { throw new OAuthServiceException(OAuthConstants.INVALID_GRANT); } }
protected void validateClaims(Client client, JwtClaims claims) { if (getAudience() != null) { JAXRSUtils.getCurrentMessage().put(JwtConstants.EXPECTED_CLAIM_AUDIENCE, getAudience()); } JwtUtils.validateTokenClaims(claims, ttl, clockOffset, true); validateIssuer(claims.getIssuer()); validateSubject(client, claims.getSubject()); // We must have an Expiry if (claims.getClaim(JwtConstants.CLAIM_EXPIRY) == null) { throw new OAuthServiceException(OAuthConstants.INVALID_GRANT); } }
String issuer = claims.getIssuer(); if (issuer != null) { at.setIssuer(issuer);
String issuer = claims.getIssuer(); if (issuer != null) { at.setIssuer(issuer);
String issuer = claims.getIssuer(); if (issuer == null && validateClaimsAlways) { throw new OAuthServiceException("Invalid issuer");
String issuer = claims.getIssuer(); if (issuer == null && validateClaimsAlways) { throw new OAuthServiceException("Invalid issuer");