claims = jwtContext.getJwtClaims(); JsonWebStructure structure = jwtContext.getJoseObjects().get(0); claims = jwtContext.getJwtClaims(); if(Boolean.TRUE.equals(enableJwtCache)) { cache.put(jwt, claims);
@Override public Error validate(JwtContext jwtContext) throws MalformedClaimException { String subject = jwtContext.getJwtClaims().getJwtId(); return (subject == null && requireJti) ? MISSING_JTI : null; } }
public JwtClaims processToClaims(String jwt) throws InvalidJwtException { return process(jwt).getJwtClaims(); }
@Override public Error validate(JwtContext jwtContext) throws MalformedClaimException { JwtClaims jwtClaims = jwtContext.getJwtClaims(); String subject = jwtClaims.getSubject(); if (subject == null && requireSubject) { return MISSING_SUB; } else if (expectedSubject != null && !expectedSubject.equals(subject)) { String msg = "Subject (sub) claim value (" + subject + ") doesn't match expected value of " + expectedSubject; return new Error(ErrorCodes.SUBJECT_INVALID, msg); } return null; } }
public static boolean isExpired(JwtContext context) { try { return context.getJwtClaims().getExpirationTime().isBefore(NumericDate.now()); } catch (MalformedClaimException e) { logger.debug("failed to validate token {}", e); return false; } } }
@Override public Error validate(JwtContext jwtContext) throws MalformedClaimException final JwtClaims jwtClaims = jwtContext.getJwtClaims();
/** * Validates an existing {@link User} once their corresponding JWT's signature has been verified. * i.e. this method is called after signature verification. * * //TODO potentially blacklist tokens here until their expiry if a user has * //TODO logged out &or changed her password. * * @param jwtContext * @return * @throws AuthenticationException */ @Override public Optional<User> authenticate(JwtContext jwtContext) throws AuthenticationException { try { if (TokenGenerator.isExpired(jwtContext)) { return Optional.empty(); } User u = userDao.findByEmail(jwtContext.getJwtClaims().getSubject()); return u != null ? Optional.of(u) : Optional.empty(); } catch (MalformedClaimException e) { return Optional.empty(); } } }
final long start = System.nanoTime(); try { final JwtClaims claims = jwtContext.getJwtClaims(); final StringBuilder builder = new StringBuilder(); final String clientId = claims.getClaimValue("client_id", String.class);
private static URI extractIssuer(final String jwt) throws InvalidJwtException, MalformedClaimException { // Parse JWT without validation final JwtConsumer jwtConsumer = new JwtConsumerBuilder() .setSkipAllValidators() .setDisableRequireSignature() .setSkipSignatureVerification() .build(); final JwtContext jwtContext = jwtConsumer.process(jwt); // Resolve Json Web Key Set URI by the issuer String issuer = jwtContext.getJwtClaims().getIssuer(); if (issuer.endsWith("/")) { issuer = issuer.substring(0, issuer.length() - 1); } return URI.create(issuer); }
@Override public Error validate(JwtContext jwtContext) throws MalformedClaimException { String issuer = jwtContext.getJwtClaims().getIssuer(); if (issuer == null) { return requireIssuer ? new Error(ErrorCodes.ISSUER_MISSING, "No Issuer (iss) claim present but was expecting " + expectedValue()) : null; } if (expectedIssuers != null && !expectedIssuers.contains(issuer)) { return new Error(ErrorCodes.ISSUER_INVALID, "Issuer (iss) claim value (" + issuer + ") doesn't match expected value of " + expectedValue()); } return null; }
/** * Extract the subject information * * @param jwt * the token to use * @return the subject, never returns {@code null} * @throws ShiroException * in case the subject could not be extracted */ private String extractExternalId(String jwt) { final String id; try { final JwtContext ctx = jwtProcessor.process(jwt); id = ctx.getJwtClaims().getSubject(); } catch (final Exception e) { throw new ShiroException("Failed to parse JWT", e); } if (id == null || id.isEmpty()) { throw new ShiroException("'subject' missing on JWT"); } return id; }
void validate(JwtContext jwtCtx) throws InvalidJwtException { List<ErrorCodeValidator.Error> issues = new ArrayList<>(); for (ErrorCodeValidator validator : validators) { ErrorCodeValidator.Error error; try { error = validator.validate(jwtCtx); } catch (MalformedClaimException e) { error = new ErrorCodeValidator.Error(MALFORMED_CLAIM, e.getMessage()); } catch (Exception e) { String msg = "Unexpected exception thrown from validator " + validator.getClass().getName() + ": " + ExceptionHelp.toStringWithCausesAndAbbreviatedStack(e, this.getClass()); error = new ErrorCodeValidator.Error(MISCELLANEOUS, msg); } if (error != null) { issues.add(error); } } if (!issues.isEmpty()) { String msg = "JWT (claims->" + jwtCtx.getJwtClaims().getRawJson() + ") rejected due to invalid claims."; throw new InvalidJwtException(msg, issues, jwtCtx); } }
/** * Extract the subject information * * @param jwt * the token to use * @return the subject, never returns {@code null} * @throws ShiroException * in case the subject could not be extracted */ private String extractExternalId(String jwt) { final String id; try { final JwtContext ctx = jwtProcessor.process(jwt); id = ctx.getJwtClaims().getSubject(); } catch (final Exception e) { throw new ShiroException("Failed to parse JWT", e); } if (id == null || id.isEmpty()) { throw new ShiroException("'subject' missing on JWT"); } return id; }
private Optional<User> internalCreateUser(JwtContext context) throws Exception { String name = context.getJwtClaims().getClaimValue(claimName, String.class); if (name == null || name.isEmpty()) { return Optional.empty(); String email = context.getJwtClaims().getClaimValue("email", String.class); if (email == null || email.isEmpty()) { return Optional.empty(); String displayName = context.getJwtClaims().getClaimValue("name", String.class); String subject = context.getJwtClaims().getSubject();
claims = jwtContext.getJwtClaims(); JsonWebStructure structure = jwtContext.getJoseObjects().get(0); claims = jwtContext.getJwtClaims(); if(Boolean.TRUE.equals(enableJwtCache)) { cache.put(jwt, claims);
JwtClaims claimsSet = jwtContext.getJwtClaims();
JwtClaims claimsSet = jwtContext.getJwtClaims();
@Override public Error validate(JwtContext jwtContext) throws MalformedClaimException JwtClaims jwtClaims = jwtContext.getJwtClaims(); NumericDate expirationTime = jwtClaims.getExpirationTime(); NumericDate issuedAt = jwtClaims.getIssuedAt();
JwtClaims claimsSet = jwtContext.getJwtClaims();