public static IDToken extractIdToken(String idToken) { if (idToken == null) return null; try { JWSInput input = new JWSInput(idToken); return input.readJsonContent(IDToken.class); } catch (JWSInputException e) { throw new RuntimeException(e); } }
@POST @Consumes(MediaType.TEXT_PLAIN) @Path("/admin/k_logout") public void adminLogout(String data) throws JWSInputException { adminLogoutActions.add(new JWSInput(data).readJsonContent(LogoutAction.class)); }
@POST @Consumes(MediaType.TEXT_PLAIN) @Path("/admin/k_push_not_before") public void adminPushNotBefore(String data) throws JWSInputException { adminPushNotBeforeActions.add(new JWSInput(data).readJsonContent(PushNotBeforeAction.class)); }
@POST @Consumes(MediaType.TEXT_PLAIN) @Path("/admin/k_test_available") public void testAvailable(String data) throws JWSInputException { adminTestAvailabilityAction.add(new JWSInput(data).readJsonContent(TestAvailabilityAction.class)); }
public TokenVerifier<T> parse() throws VerificationException { if (jws == null) { if (tokenString == null) { throw new VerificationException("Token not set"); } try { jws = new JWSInput(tokenString); } catch (JWSInputException e) { throw new VerificationException("Failed to parse JWT", e); } try { token = jws.readJsonContent(clazz); } catch (JWSInputException e) { throw new VerificationException("Failed to read access token from JWT", e); } } return this; }
public static boolean validPasswordToken(RealmModel realm, UserModel user, String encodedPasswordToken) { try { JWSInput jws = new JWSInput(encodedPasswordToken); if (!RSAProvider.verify(jws, realm.getPublicKey())) { return false; } PasswordToken passwordToken = jws.readJsonContent(PasswordToken.class); if (!passwordToken.getRealm().equals(realm.getName())) { return false; } if (!passwordToken.getUser().equals(user.getId())) { return false; } if (Time.currentTime() - passwordToken.getTimestamp() > realm.getAccessCodeLifespanUserAction()) { return false; } return true; } catch (JWSInputException e) { return false; } }
try { JWSInput input = new JWSInput(idTokenString); idToken = input.readJsonContent(IDToken.class); } catch (JWSInputException e) { throw new VerificationException(e);
private void parseAccessToken(AccessTokenResponse tokenResponse) throws VerificationException { tokenString = tokenResponse.getToken(); refreshToken = tokenResponse.getRefreshToken(); idTokenString = tokenResponse.getIdToken(); token = RSATokenVerifier.verifyToken(tokenString, deployment.getRealmKey(), deployment.getRealm()); if (idTokenString != null) { JWSInput input = new JWSInput(idTokenString); try { idToken = input.readJsonContent(IDToken.class); } catch (IOException e) { throw new VerificationException(); } } }
token = input.readJsonContent(AccessToken.class); } catch (JWSInputException e) { throw new NotAuthorizedException("Bearer token format error");
throw new IdentityBrokerException("token signature validation failed"); token = jws.readJsonContent(JsonWebToken.class); } catch (JWSInputException e) { throw new IdentityBrokerException("Invalid token", e);
private AccessToken parseToken(String tokenString) throws VerificationException { JWSInput input = new JWSInput(tokenString); AccessToken token; try { token = input.readJsonContent(AccessToken.class); } catch (IOException e) { throw new VerificationException(e); } PublicKey publicKey; try { publicKey = config.getPublicKey(token.getAudience()); } catch (Exception e) { throw new VerificationException("Failed to get public key", e); } boolean verified = false; try { verified = RSAProvider.verify(input, publicKey); } catch (Exception ignore) { } if (!verified) throw new VerificationException("Token signature not validated"); if (token.getSubject() == null) { throw new VerificationException("Token user was null"); } if (!token.isActive()) { throw new VerificationException("Token is not active."); } return token; }