protected JwsSignatureVerifier getInitializedSignatureVerifier(JwtToken jwt) { return super.getInitializedSignatureVerifier(jwt.getJwsHeaders()); }
protected JwsSignatureVerifier getInitializedSignatureVerifier(JwtToken jwt) { return super.getInitializedSignatureVerifier(jwt.getJwsHeaders()); }
protected JwsJwtCompactProducer(JwtToken token, JsonMapObjectReaderWriter w) { super(new JwsHeaders(token.getJwsHeaders()), w, JwtUtils.claimsToJson(token.getClaims(), w)); }
protected JwsJwtCompactProducer(JwtToken token, JsonMapObjectReaderWriter w) { super(new JwsHeaders(token.getJwsHeaders()), w, JwtUtils.claimsToJson(token.getClaims(), w)); }
public static void validateAccessTokenHash(String accessToken, JwtToken jwt, boolean required) { if (required) { validateHash(accessToken, (String)jwt.getClaims().getClaim(IdToken.ACCESS_TOKEN_HASH_CLAIM), jwt.getJwsHeaders().getSignatureAlgorithm()); } } public static void validateCodeHash(String code, JwtToken jwt) {
public static void validateCodeHash(String code, JwtToken jwt, boolean required) { if (required) { validateHash(code, (String)jwt.getClaims().getClaim(IdToken.AUTH_CODE_HASH_CLAIM), jwt.getJwsHeaders().getSignatureAlgorithm()); } } private static void validateHash(String value, String theHash, SignatureAlgorithm joseAlgo) {
public static void validateCodeHash(String code, JwtToken jwt, boolean required) { if (required) { validateHash(code, (String)jwt.getClaims().getClaim(IdToken.AUTH_CODE_HASH_CLAIM), jwt.getJwsHeaders().getSignatureAlgorithm()); } } private static void validateHash(String value, String theHash, SignatureAlgorithm joseAlgo) {
public static void validateAccessTokenHash(String accessToken, JwtToken jwt, boolean required) { if (required) { validateHash(accessToken, (String)jwt.getClaims().getClaim(IdToken.ACCESS_TOKEN_HASH_CLAIM), jwt.getJwsHeaders().getSignatureAlgorithm()); } } public static void validateCodeHash(String code, JwtToken jwt) {
String keyId = jwt.getJwsHeaders().getKeyId(); key = keyId != null ? keyMap.get(keyId) : null; if (key == null && jwkSetClient != null) { theJwsVerifier = JwsUtils.getSignatureVerifier(key, jwt.getJwsHeaders().getSignatureAlgorithm()); } else { theJwsVerifier = super.getInitializedSignatureVerifier(jwt.getJwsHeaders());
String keyId = jwt.getJwsHeaders().getKeyId(); key = keyId != null ? keyMap.get(keyId) : null; if (key == null && jwkSetClient != null) { theJwsVerifier = JwsUtils.getSignatureVerifier(key, jwt.getJwsHeaders().getSignatureAlgorithm()); } else { theJwsVerifier = super.getInitializedSignatureVerifier(jwt.getJwsHeaders());
JsonWebKey verifyingKey = null; if (jwksUri != null && jwt.getJwsHeaders() != null && jwt.getJwsHeaders().containsHeader(JoseConstants.HEADER_KEY_ID)) { String kid = (String)jwt.getJwsHeaders().getHeader(JoseConstants.HEADER_KEY_ID); LOG.debug("Attemping to retrieve key id {} from uri {}", kid, jwksUri); List<Object> jsonKeyProviders = new ArrayList<>();
if (jwt != null && jwt.getJwsHeaders() != null && LOG.isDebugEnabled()) { LOG.debug("Received JWS Headers:"); for (Map.Entry<String, Object> header : jwt.getJwsHeaders().asMap().entrySet()) { LOG.debug(header.getKey() + ": " + header.getValue());
JwsUtils.loadSignatureVerifier(verificationProperties, jwt.getJwsHeaders());
JwsUtils.loadSignatureVerifier(verificationProperties, jwt.getJwsHeaders());
@Override public ServerAccessToken createAccessToken(Client client, MultivaluedMap<String, String> params) throws OAuthServiceException { String assertion = params.getFirst(Constants.CLIENT_GRANT_ASSERTION_PARAM); if (assertion == null) { throw new OAuthServiceException(OAuthConstants.INVALID_GRANT); } try { JwsJwtCompactConsumer jwsReader = getJwsReader(assertion); JwtToken jwtToken = jwsReader.getJwtToken(); validateSignature(new JwsHeaders(jwtToken.getJwsHeaders()), jwsReader.getUnsignedEncodedSequence(), jwsReader.getDecodedSignature()); validateClaims(client, jwtToken.getClaims()); UserSubject grantSubject = new UserSubject(jwtToken.getClaims().getSubject()); return doCreateAccessToken(client, grantSubject, Constants.JWT_BEARER_GRANT, OAuthUtils.parseScope(params.getFirst(OAuthConstants.SCOPE))); } catch (OAuthServiceException ex) { throw ex; } catch (Exception ex) { throw new OAuthServiceException(OAuthConstants.INVALID_GRANT, ex); } }
@Override public ServerAccessToken createAccessToken(Client client, MultivaluedMap<String, String> params) throws OAuthServiceException { String assertion = params.getFirst(Constants.CLIENT_GRANT_ASSERTION_PARAM); if (assertion == null) { throw new OAuthServiceException(OAuthConstants.INVALID_GRANT); } try { JwsJwtCompactConsumer jwsReader = getJwsReader(assertion); JwtToken jwtToken = jwsReader.getJwtToken(); validateSignature(new JwsHeaders(jwtToken.getJwsHeaders()), jwsReader.getUnsignedEncodedSequence(), jwsReader.getDecodedSignature()); validateClaims(client, jwtToken.getClaims()); UserSubject grantSubject = new UserSubject(jwtToken.getClaims().getSubject()); return doCreateAccessToken(client, grantSubject, Constants.JWT_BEARER_GRANT, OAuthUtils.parseScope(params.getFirst(OAuthConstants.SCOPE))); } catch (OAuthServiceException ex) { throw ex; } catch (Exception ex) { throw new OAuthServiceException(OAuthConstants.INVALID_GRANT, ex); } }
JwtToken jwt = jwtConsumer.getJwtToken(); jwt = new JwtToken(jwt.getJwsHeaders(), jweHeaders, jwt.getClaims());
JwtToken jwt = jwtConsumer.getJwtToken(); jwt = new JwtToken(jwt.getJwsHeaders(), jweHeaders, jwt.getClaims());