@Override @SneakyThrows public JwtClaims validate(final String token) { val jsonWebKey = getSigningKey(); if (jsonWebKey.getPublicKey() == null) { throw new IllegalArgumentException("JSON web key used to validate the id token signature has no associated public key"); } val jwt = EncodingUtils.verifyJwsSignature(jsonWebKey.getPublicKey(), token); val result = new String(jwt, StandardCharsets.UTF_8); val claims = JwtClaims.parse(result); LOGGER.debug("Validated claims as [{}]", claims); if (StringUtils.isBlank(claims.getIssuer())) { throw new IllegalArgumentException("Claims do not container an issuer"); } if (claims.getIssuer().equalsIgnoreCase(this.issuer)) { throw new IllegalArgumentException("Issuer assigned to claims does not match " + this.issuer); } if (StringUtils.isBlank(claims.getStringClaimValue(OAuth20Constants.CLIENT_ID))) { throw new IllegalArgumentException("Claims do not contain a client id claim"); } return claims; }
try { val json = this.cipherExecutor.decode(token); val claims = JwtClaims.parse(json);
jwtClaims = JwtClaims.parse(payload, jwtContext); jwtContext.setJwtClaims(jwtClaims);
JwtClaims claims = JwtClaims.parse(payload);
@Nullable public static User parseToken(@NotNull JsonWebEncryption jwe, @NotNull String token, int tokenEnsureTime) { try { jwe.setCompactSerialization(token); final JwtClaims claims = JwtClaims.parse(jwe.getPayload()); final NumericDate now = NumericDate.now(); final NumericDate expire = NumericDate.fromMilliseconds(now.getValueInMillis()); if (tokenEnsureTime > 0) { expire.addSeconds(tokenEnsureTime); } if (claims.getExpirationTime() == null || claims.getExpirationTime().isBefore(expire)) { return null; } if (claims.getNotBefore() == null || claims.getNotBefore().isAfter(now)) { return null; } if (claims.getSubject() == null) { return User.getAnonymous(); } return User.create( claims.getSubject(), claims.getClaimValue("name", String.class), claims.getClaimValue("email", String.class), claims.getClaimValue("external", String.class) ); } catch (JoseException | MalformedClaimException | InvalidJwtException e) { log.warn("Token parsing error: " + e.getMessage()); return null; } }