public EncodingBuilder content(byte[] bytes) { this.contentBytes = bytes; return new EncodingBuilder(); }
public boolean verify(String key) { if (header.getAlgorithm().getProvider() == null) { throw new RuntimeException("signing algorithm not supported"); } return header.getAlgorithm().getProvider().verify(this, key); }
public static IDToken extractIdToken(String idToken) { if (idToken == null) return null; try { JWSInput input = new JWSInput(idToken); return input.readJsonContent(IDToken.class); } catch (JWSInputException e) { throw new RuntimeException(e); } }
public String createSignedRequestToken(String clientId, String realmInfoUrl) { JsonWebToken jwt = createRequestToken(clientId, realmInfoUrl); return new JWSBuilder() .kid(publicKeyJwk.getKeyId()) .jsonContent(jwt) .rsa256(keyPair.getPrivate()); }
public static RefreshToken getRefreshToken(String refreshToken) throws JWSInputException { byte[] encodedContent = new JWSInput(refreshToken).getContent(); return getRefreshToken(encodedContent); }
public String createSignedRequestToken(String clientId, String realmInfoUrl) { JsonWebToken jwt = createRequestToken(clientId, realmInfoUrl); // JOSE header {"alg":"HS256","typ" : "JWT"} no need "kid" due to using only one registered client secret. // Use "HmacSHA256" consulting <a href="https://docs.oracle.com/javase/jp/8/docs/api/javax/crypto/Mac.html">java8 api</a>. // because it must be implemented in every java platform. return new JWSBuilder().jsonContent(jwt).hmac256(clientSecret); }
private void logToken(String name, String token) { try { JWSInput jwsInput = new JWSInput(token); String wireString = jwsInput.getWireString(); log.tracef("\t%s: %s", name, wireString.substring(0, wireString.lastIndexOf(".")) + ".signature"); } catch (JWSInputException e) { log.errorf(e, "Failed to parse %s: %s", name, token); } } }
public static boolean verify(JWSInput input, SecretKey key) { try { byte[] signature = sign(input.getEncodedSignatureInput().getBytes("UTF-8"), input.getHeader().getAlgorithm(), key); return MessageDigest.isEqual(signature, Base64Url.decode(input.getEncodedSignature())); } catch (Exception e) { throw new RuntimeException(e); } }
public static boolean verify(JWSInput input, PublicKey publicKey) { try { Signature verifier = getSignature(input.getHeader().getAlgorithm()); verifier.initVerify(publicKey); verifier.update(input.getEncodedSignatureInput().getBytes("UTF-8")); return verifier.verify(input.getSignature()); } catch (Exception e) { return false; } }
public String none() { StringBuilder buffer = new StringBuilder(); byte[] data = marshalContent(); encode(Algorithm.none, data, buffer); return encodeAll(buffer, null); }
@Deprecated public String rsa512(PrivateKey privateKey) { return sign(Algorithm.RS512, privateKey); }
public <T> T readJsonContent(Class<T> type) throws JWSInputException { try { return JsonSerialization.readValue(content, type); } catch (IOException e) { throw new JWSInputException(e); } }
public JWSHeader getHeader() throws VerificationException { parse(); return jws.getHeader(); }
protected void encode(String sigAlgName, byte[] data, StringBuilder encoding) { encoding.append(encodeHeader(sigAlgName)); encoding.append('.'); encoding.append(Base64Url.encode(data)); }
public static boolean verify(JWSInput input, byte[] sharedSecret) { try { byte[] signature = sign(input.getEncodedSignatureInput().getBytes("UTF-8"), input.getHeader().getAlgorithm(), sharedSecret); return MessageDigest.isEqual(signature, Base64Url.decode(input.getEncodedSignature())); } catch (Exception e) { throw new RuntimeException(e); } }
@Deprecated public String rsa384(PrivateKey privateKey) { return sign(Algorithm.RS384, privateKey); }
public EncodingBuilder jsonContent(Object object) { try { this.contentBytes = JsonSerialization.writeValueAsBytes(object); } catch (IOException e) { throw new RuntimeException(e); } return new EncodingBuilder(); }
/** * Return refresh token or offline token * * @param decodedToken * @return */ public static RefreshToken getRefreshToken(byte[] decodedToken) throws JWSInputException { try { return JsonSerialization.readValue(decodedToken, RefreshToken.class); } catch (IOException e) { throw new JWSInputException(e); } }
@Deprecated public String rsa256(PrivateKey privateKey) { return sign(Algorithm.RS256, privateKey); }