/** * Return the set of User/Principal roles from the token. * @param principal the Principal associated with the token * @param subject the JAAS Subject associated with a successful validation of the token * @param token The JWTToken * @return the set of User/Principal roles from the token. */ public Set<Principal> parseRolesFromToken( Principal principal, Subject subject, JwtToken token ) { if (subject != null && useJaasSubject) { return super.parseRolesFromSubject(principal, subject); } Set<Principal> roles = null; if (roleClaim != null && token != null && token.getClaims().containsProperty(roleClaim)) { roles = new HashSet<>(); String role = token.getClaims().getStringProperty(roleClaim).trim(); for (String r : role.split(",")) { roles.add(new SimpleGroup(r)); } } else { roles = Collections.emptySet(); } return roles; }
/** * Return the set of User/Principal roles from the token. * @param principal the Principal associated with the token * @param subject the JAAS Subject associated with a successful validation of the token * @param token The JWTToken * @return the set of User/Principal roles from the token. */ public Set<Principal> parseRolesFromToken( Principal principal, Subject subject, JwtToken token ) { if (subject != null && useJaasSubject) { return super.parseRolesFromSubject(principal, subject); } Set<Principal> roles = null; if (roleClaim != null && token != null && token.getClaims().containsProperty(roleClaim)) { roles = new HashSet<>(); String role = token.getClaims().getStringProperty(roleClaim).trim(); for (String r : role.split(",")) { roles.add(new SimpleGroup(r)); } } else { roles = Collections.emptySet(); } return roles; }
public JwtTokenSecurityContext(JwtToken jwt, String roleClaim) { principal = new SimplePrincipal(jwt.getClaims().getSubject()); this.token = jwt; if (roleClaim != null && jwt.getClaims().containsProperty(roleClaim)) { roles = new HashSet<>(); String role = jwt.getClaims().getStringProperty(roleClaim).trim(); for (String r : role.split(",")) { roles.add(new SimpleGroup(r)); } } else { roles = Collections.emptySet(); } // Parse JwtToken into ClaimCollection jwt.getClaims().asMap().forEach((String name, Object values) -> { Claim claim = new Claim(); claim.setClaimType(name); if (values instanceof List<?>) { claim.setValues(CastUtils.cast((List<?>)values)); } else { claim.setValues(Collections.singletonList(values)); } claims.add(claim); }); }
&& !claims.getStringProperty(OAuthConstants.CLIENT_ID).equals(client.getClientId())) { throw new SecurityException();
&& !claims.getStringProperty(OAuthConstants.CLIENT_ID).equals(client.getClientId())) { throw new SecurityException();
String clientId = claims.getStringProperty(clientIdClaimName); Client c = clientProvider.getClient(clientId); String usernameClaimName = JwtTokenUtils.getClaimName(usernameProp, usernameProp, claimsMap); String username = claims.getStringProperty(usernameClaimName); String subject = claims.getSubject(); if (username != null) { String grantType = claims.getStringProperty(OAuthConstants.GRANT_TYPE); if (grantType != null) { at.setGrantType(grantType); String grantCode = claims.getStringProperty(OAuthConstants.AUTHORIZATION_CODE_GRANT); if (grantCode != null) { at.setGrantCode(grantCode); String codeVerifier = claims.getStringProperty(OAuthConstants.AUTHORIZATION_CODE_VERIFIER); if (codeVerifier != null) { at.setClientCodeVerifier(codeVerifier); String nonce = claims.getStringProperty(OAuthConstants.NONCE); if (nonce != null) { at.setNonce(nonce);
String clientId = claims.getStringProperty(clientIdClaimName); Client c = clientProvider.getClient(clientId); String usernameClaimName = JwtTokenUtils.getClaimName(usernameProp, usernameProp, claimsMap); String username = claims.getStringProperty(usernameClaimName); String subject = claims.getSubject(); if (username != null) { String grantType = claims.getStringProperty(OAuthConstants.GRANT_TYPE); if (grantType != null) { at.setGrantType(grantType); String grantCode = claims.getStringProperty(OAuthConstants.AUTHORIZATION_CODE_GRANT); if (grantCode != null) { at.setGrantCode(grantCode); String codeVerifier = claims.getStringProperty(OAuthConstants.AUTHORIZATION_CODE_VERIFIER); if (codeVerifier != null) { at.setClientCodeVerifier(codeVerifier); String nonce = claims.getStringProperty(OAuthConstants.NONCE); if (nonce != null) { at.setNonce(nonce);
private AccessTokenValidation convertClaimsToValidation(JwtClaims claims) { AccessTokenValidation atv = new AccessTokenValidation(); atv.setInitialValidationSuccessful(true); String clientId = claims.getStringProperty(OAuthConstants.CLIENT_ID); if (clientId != null) { atv.setClientId(clientId); String username = claims.getStringProperty(usernameClaimName); if (username != null) { UserSubject userSubject = new UserSubject(username);
private AccessTokenValidation convertClaimsToValidation(JwtClaims claims) { AccessTokenValidation atv = new AccessTokenValidation(); atv.setInitialValidationSuccessful(true); String clientId = claims.getStringProperty(OAuthConstants.CLIENT_ID); if (clientId != null) { atv.setClientId(clientId); String username = claims.getStringProperty(usernameClaimName); if (username != null) { UserSubject userSubject = new UserSubject(username);
assertTrue(jwtConsumer.verifySignatureWith(verifier)); JwtClaims claims = jwtConsumer.getJwtClaims(); assertEquals("consumer-id", claims.getStringProperty(OAuthConstants.CLIENT_ID)); assertEquals("alice", claims.getStringProperty("username"));