public static String getSignedRequestToken(String keystore, String storePass, String keyPass, String alias, int sigLifetime, String clientId, String realmInfoUrl) { KeyPair keypair = KeystoreUtil.loadKeyPairFromKeystore(keystore, storePass, keyPass, alias, KeystoreUtil.KeystoreFormat.JKS); JsonWebToken reqToken = new JsonWebToken(); reqToken.id(UUID.randomUUID().toString()); reqToken.issuer(clientId); reqToken.subject(clientId); reqToken.audience(realmInfoUrl); int now = Time.currentTime(); reqToken.issuedAt(now); reqToken.expiration(now + sigLifetime); reqToken.notBefore(now); String signedRequestToken = new JWSBuilder() .jsonContent(reqToken) .rsa256(keypair.getPrivate()); return signedRequestToken; } }
public static String getSignedRequestToken(String keystore, String storePass, String keyPass, String alias, int sigLifetime, String clientId, String realmInfoUrl) { KeyPair keypair = KeystoreUtil.loadKeyPairFromKeystore(keystore, storePass, keyPass, alias, KeystoreUtil.KeystoreFormat.JKS); JsonWebToken reqToken = new JsonWebToken(); reqToken.id(UUID.randomUUID().toString()); reqToken.issuer(clientId); reqToken.subject(clientId); reqToken.audience(realmInfoUrl); int now = Time.currentTime(); reqToken.issuedAt(now); reqToken.expiration(now + sigLifetime); reqToken.notBefore(now); String signedRequestToken = new JWSBuilder() .jsonContent(reqToken) .rsa256(keypair.getPrivate()); return signedRequestToken; } }
public String createSignedRequestToken(String clientId, String realmInfoUrl) { JsonWebToken jwt = createRequestToken(clientId, realmInfoUrl); return new JWSBuilder() .kid(publicKeyJwk.getKeyId()) .jsonContent(jwt) .rsa256(keyPair.getPrivate()); }
.rsa256(keyPair.getPrivate());
public static void verify(String privateKeyPem, String publicKeyPem) throws VerificationException { PrivateKey privateKey; try { privateKey = PemUtils.decodePrivateKey(privateKeyPem); } catch (Exception e) { throw new VerificationException("Failed to decode private key"); } PublicKey publicKey; try { publicKey = PemUtils.decodePublicKey(publicKeyPem); } catch (Exception e) { throw new VerificationException("Failed to decode public key"); } try { String jws = new JWSBuilder().content("content".getBytes()).rsa256(privateKey); if (!RSAProvider.verify(new JWSInput(jws), publicKey)) { throw new VerificationException("Keys don't match"); } } catch (Exception e) { throw new VerificationException("Keys don't match"); } }