private String getZoneIdFromToken(String token) { Jwt tokenJwt; try { tokenJwt = JwtHelper.decode(token); } catch (Throwable t) { throw new IllegalStateException("Cannot decode token", t); } Map<String, Object> claims; try { claims = JsonUtils.readValue(tokenJwt.getClaims(), new TypeReference<Map<String, Object>>() {}); } catch (JsonUtils.JsonUtilException e) { throw new IllegalStateException("Cannot read token claims", e); } return (String)claims.get(ClaimConstants.ZONE_ID); } }
private String getPrincipalId() { OAuth2AccessToken token = getSource(); Jwt jwt = JwtHelper.decode(token.getValue()); Map<String, Object> claims = JsonUtils.readValue(jwt.getClaims(), new TypeReference<Map<String, Object>>() {}); return (claims.get("user_id") != null ? claims.get("user_id") : claims.get("client_id")).toString(); } }
protected Map<String, Object> decode(String token) { try { Jwt jwt = JwtHelper.decodeAndVerify(token, verifier); String claimsStr = jwt.getClaims(); Map<String, Object> claims = objectMapper.parseMap(claimsStr); if (claims.containsKey(EXP) && claims.get(EXP) instanceof Integer) { Integer intValue = (Integer) claims.get(EXP); claims.put(EXP, new Long(intValue)); } this.getJwtClaimsSetVerifier().verify(claims); return claims; } catch (Exception e) { throw new InvalidTokenException("Cannot convert access token to JSON", e); } }
private IntrospectionClaims getClaimsForToken(String token) { org.springframework.security.jwt.Jwt tokenJwt; tokenJwt = JwtHelper.decode(token); IntrospectionClaims claims; try { // we assume token.getClaims is never null due to previously parsing token when verifying the token claims = JsonUtils.readValue(tokenJwt.getClaims(), IntrospectionClaims.class); } catch (JsonUtils.JsonUtilException e) { logger.error("Can't parse introspection claims in token. Is it a valid JSON?"); throw new InvalidTokenException("Cannot read token claims", e); } return claims; }
protected void appendTokenDetails(Authentication caller, StringBuilder builder) { String tokenValue = null; if (caller instanceof UaaOauth2Authentication) { tokenValue = ((UaaOauth2Authentication)caller).getTokenValue(); } else if (caller.getDetails() instanceof OAuth2AuthenticationDetails) { tokenValue = ((OAuth2AuthenticationDetails)authentication.getDetails()).getTokenValue(); } if (hasText(tokenValue)) { if (isJwtToken(tokenValue)) { try { Jwt token = JwtHelper.decode(tokenValue); Map<String, Object> claims = JsonUtils.readValue(token.getClaims(), new TypeReference<Map<String, Object>>() { }); String issuer = claims.get(ClaimConstants.ISS).toString(); String subject = claims.get(ClaimConstants.SUB).toString(); builder.append(", sub=").append(subject).append(", ").append("iss=").append(issuer); } catch (Exception e) { builder.append(", <token extraction failed>"); } } else { builder.append(", opaque-token=present"); } } }
private void exchangeCodeForToken(String clientId, String redirectUri, String clientSecret, String value, MultiValueMap<String, String> formData) { formData.clear(); formData.add("client_id", clientId); formData.add("redirect_uri", redirectUri); formData.add("grant_type", GRANT_TYPE_AUTHORIZATION_CODE); formData.add("code", value); HttpHeaders tokenHeaders = new HttpHeaders(); tokenHeaders.set("Authorization", testAccounts.getAuthorizationHeader(clientId, clientSecret)); @SuppressWarnings("rawtypes") ResponseEntity<Map> tokenResponse = serverRunning.postForMap("/oauth/token", formData, tokenHeaders); assertEquals(HttpStatus.OK, tokenResponse.getStatusCode()); @SuppressWarnings("unchecked") Map<String, String> body = tokenResponse.getBody(); Jwt token = JwtHelper.decode(body.get("access_token")); assertTrue("Wrong claims: " + token.getClaims(), token.getClaims().contains("\"aud\"")); assertTrue("Wrong claims: " + token.getClaims(), token.getClaims().contains("\"user_id\"")); }
private Claims getClaimsForToken(String token) { Jwt tokenJwt; try { tokenJwt = JwtHelper.decode(token); } catch (Throwable t) { throw new InvalidTokenException("Invalid token (could not decode): " + token); } Claims claims; try { claims = JsonUtils.readValue(tokenJwt.getClaims(), Claims.class); } catch (JsonUtils.JsonUtilException e) { throw new InvalidTokenException("Cannot read token claims", e); } return claims; }
private void validateToken(String paramName, Map params, String[] scopes, String[] aud) throws java.io.IOException { Jwt access_token = JwtHelper.decode((String)params.get(paramName)); Map<String, Object> claims = JsonUtils.readValue(access_token.getClaims(), new TypeReference<Map<String, Object>>() { }); Assert.assertThat(claims.get("jti"), is(params.get("jti"))); Assert.assertThat(claims.get("client_id"), is("cf")); Assert.assertThat(claims.get("cid"), is("cf")); Assert.assertThat(claims.get("user_name"), is(user.getUserName())); Assert.assertThat(((List<String>) claims.get(ClaimConstants.SCOPE)), containsInAnyOrder(scopes)); Assert.assertThat(((List<String>) claims.get(ClaimConstants.AUD)), containsInAnyOrder(aud)); }
public void testSuccessfulAuthorizationCodeFlow_Internal() throws Exception { AuthorizationCodeResourceDetails resource = testAccounts.getDefaultAuthorizationCodeResource(); Map<String, String> body = IntegrationTestUtils.getAuthorizationCodeTokenMap(serverRunning, testAccounts, resource.getClientId(), resource.getClientSecret(), testAccounts.getUserName(), testAccounts.getPassword()); Jwt token = JwtHelper.decode(body.get("access_token")); assertTrue("Wrong claims: " + token.getClaims(), token.getClaims().contains("\"aud\"")); assertTrue("Wrong claims: " + token.getClaims(), token.getClaims().contains("\"user_id\"")); } }
jwt.verifySignature(verifier); Map<String, Object> claims = this.jsonParser.parseMap(jwt.getClaims()); if (claims.containsKey(EXP) && claims.get(EXP) instanceof Integer) { Integer expiryInt = (Integer) claims.get(EXP);
try { Map<String, Object> claims = objectMapper .parseMap(JwtHelper.decode(refreshToken.getValue()).getClaims()); if (claims.containsKey(TOKEN_ID)) { encodedRefreshToken.setValue(claims.get(TOKEN_ID).toString());
Map<String, Object> claims = JsonUtils.readValue(access_token.getClaims(), new TypeReference<Map<String, Object>>() { });
Map<String, Object> claims = JsonUtils.readValue(idTokenClaims.getClaims(), new TypeReference<Map<String, Object>>() { });
Map<String, Object> claims = JsonUtils.readValue(idTokenClaims.getClaims(), new TypeReference<Map<String, Object>>() { });
Map<String, Object> claims = JsonUtils.readValue(idTokenClaims.getClaims(), new TypeReference<Map<String, Object>>() {}); claims = JsonUtils.readValue(idTokenClaims.getClaims(), new TypeReference<Map<String, Object>>() {}); assertNull(claims.get(ClaimConstants.USER_ATTRIBUTES)); assertNull(claims.get(ClaimConstants.ROLES));
public static Claims createFrom(ObjectMapper jsonMapper, OAuth2AccessToken accessToken) { try { String idToken = accessToken.getAdditionalInformation().get("id_token").toString(); Jwt decodedToken = JwtHelper.decode(idToken); return jsonMapper.readValue(decodedToken.getClaims(), Claims.class); } catch (IOException e) { throw new RuntimeException(e); } }
public static Claims createFrom(ObjectMapper jsonMapper, OAuth2AccessToken accessToken) { try { String idToken = accessToken.getAdditionalInformation().get("id_token").toString(); Jwt decodedToken = JwtHelper.decode(idToken); return jsonMapper.readValue(decodedToken.getClaims(), Claims.class); } catch (IOException e) { throw new RuntimeException(e); } }
private Map<String, Object> decodeJwtMap(final String token, final OAuthPublicKey keyExchangePublicKey) { final RsaVerifier rsaVerifier = new RsaVerifier(keyExchangePublicKey.getPublicKey()); final Jwt jwt = JwtHelper.decodeAndVerify(token, rsaVerifier); final String content = jwt.getClaims(); final Map<String, Object> map = objectMapper.parseMap(content); if (map.containsKey(EXP) && map.get(EXP) instanceof Integer) { final Integer intValue = (Integer) map.get(EXP); map.put(EXP, Long.valueOf(intValue)); } return map; } }
protected Map<String, Object> decode(String token) { try { Jwt jwt = JwtHelper.decodeAndVerify(token, verifier); String claimsStr = jwt.getClaims(); Map<String, Object> claims = objectMapper.parseMap(claimsStr); if (claims.containsKey(EXP) && claims.get(EXP) instanceof Integer) { Integer intValue = (Integer) claims.get(EXP); claims.put(EXP, new Long(intValue)); } this.getJwtClaimsSetVerifier().verify(claims); return claims; } catch (Exception e) { throw new InvalidTokenException("Cannot convert access token to JSON", e); } }