protected String encode(OAuth2AccessToken accessToken, OAuth2Authentication authentication) { String content; try { content = objectMapper.formatMap(tokenConverter.convertAccessToken(accessToken, authentication)); } catch (Exception e) { throw new IllegalStateException("Cannot convert access token to JSON", e); } String token = JwtHelper.encode(content, signer).getEncoded(); return token; }
protected Map<String, Object> decode(String token) { try { Jwt jwt = JwtHelper.decodeAndVerify(token, verifier); String claimsStr = jwt.getClaims(); Map<String, Object> claims = objectMapper.parseMap(claimsStr); if (claims.containsKey(EXP) && claims.get(EXP) instanceof Integer) { Integer intValue = (Integer) claims.get(EXP); claims.put(EXP, new Long(intValue)); } this.getJwtClaimsSetVerifier().verify(claims); return claims; } catch (Exception e) { throw new InvalidTokenException("Cannot convert access token to JSON", e); } }
private String getZoneIdFromToken(String token) { Jwt tokenJwt; try { tokenJwt = JwtHelper.decode(token); } catch (Throwable t) { throw new IllegalStateException("Cannot decode token", t); } Map<String, Object> claims; try { claims = JsonUtils.readValue(tokenJwt.getClaims(), new TypeReference<Map<String, Object>>() {}); } catch (JsonUtils.JsonUtilException e) { throw new IllegalStateException("Cannot read token claims", e); } return (String)claims.get(ClaimConstants.ZONE_ID); } }
Jwt jwt = JwtHelper.decode(token); jwt.verifySignature(verifier); Map<String, Object> claims = this.jsonParser.parseMap(jwt.getClaims()); if (claims.containsKey(EXP) && claims.get(EXP) instanceof Integer) { Integer expiryInt = (Integer) claims.get(EXP);
public static Jwt decodeAndVerify(String token, SignatureVerifier verifier) { Jwt jwt = decode(token); jwt.verifySignature(verifier); return jwt; }
static JwtHeader create(Signer signer, Map<String, String> params) { Map<String, String> map = new LinkedHashMap<String, String>(params); map.put("alg", sigAlg(signer.algorithm())); HeaderParameters p = new HeaderParameters(map); return new JwtHeader(serializeParams(p), p); }
default String getId() { return this.getClaimAsString(JwtClaim.JTI); } }
private IntrospectionClaims getClaimsForToken(String token) { org.springframework.security.jwt.Jwt tokenJwt; tokenJwt = JwtHelper.decode(token); IntrospectionClaims claims; try { // we assume token.getClaims is never null due to previously parsing token when verifying the token claims = JsonUtils.readValue(tokenJwt.getClaims(), IntrospectionClaims.class); } catch (JsonUtils.JsonUtilException e) { logger.error("Can't parse introspection claims in token. Is it a valid JSON?"); throw new InvalidTokenException("Cannot read token claims", e); } return claims; }
private String getPrincipalId() { OAuth2AccessToken token = getSource(); Jwt jwt = JwtHelper.decode(token.getValue()); Map<String, Object> claims = JsonUtils.readValue(jwt.getClaims(), new TypeReference<Map<String, Object>>() {}); return (claims.get("user_id") != null ? claims.get("user_id") : claims.get("client_id")).toString(); } }
private Claims getClaimsForToken(String token) { Jwt tokenJwt; try { tokenJwt = JwtHelper.decode(token); } catch (Throwable t) { throw new InvalidTokenException("Invalid token (could not decode): " + token); } Claims claims; try { claims = JsonUtils.readValue(tokenJwt.getClaims(), Claims.class); } catch (JsonUtils.JsonUtilException e) { throw new InvalidTokenException("Cannot read token claims", e); } return claims; }
protected void appendTokenDetails(Authentication caller, StringBuilder builder) { String tokenValue = null; if (caller instanceof UaaOauth2Authentication) { tokenValue = ((UaaOauth2Authentication)caller).getTokenValue(); } else if (caller.getDetails() instanceof OAuth2AuthenticationDetails) { tokenValue = ((OAuth2AuthenticationDetails)authentication.getDetails()).getTokenValue(); } if (hasText(tokenValue)) { if (isJwtToken(tokenValue)) { try { Jwt token = JwtHelper.decode(tokenValue); Map<String, Object> claims = JsonUtils.readValue(token.getClaims(), new TypeReference<Map<String, Object>>() { }); String issuer = claims.get(ClaimConstants.ISS).toString(); String subject = claims.get(ClaimConstants.SUB).toString(); builder.append(", sub=").append(subject).append(", ").append("iss=").append(issuer); } catch (Exception e) { builder.append(", <token extraction failed>"); } } else { builder.append(", opaque-token=present"); } } }
private void validateToken(String paramName, Map params, String[] scopes, String[] aud) throws java.io.IOException { Jwt access_token = JwtHelper.decode((String)params.get(paramName)); Map<String, Object> claims = JsonUtils.readValue(access_token.getClaims(), new TypeReference<Map<String, Object>>() { }); Assert.assertThat(claims.get("jti"), is(params.get("jti"))); Assert.assertThat(claims.get("client_id"), is("cf")); Assert.assertThat(claims.get("cid"), is("cf")); Assert.assertThat(claims.get("user_name"), is(user.getUserName())); Assert.assertThat(((List<String>) claims.get(ClaimConstants.SCOPE)), containsInAnyOrder(scopes)); Assert.assertThat(((List<String>) claims.get(ClaimConstants.AUD)), containsInAnyOrder(aud)); }
public void testSuccessfulAuthorizationCodeFlow_Internal() throws Exception { AuthorizationCodeResourceDetails resource = testAccounts.getDefaultAuthorizationCodeResource(); Map<String, String> body = IntegrationTestUtils.getAuthorizationCodeTokenMap(serverRunning, testAccounts, resource.getClientId(), resource.getClientSecret(), testAccounts.getUserName(), testAccounts.getPassword()); Jwt token = JwtHelper.decode(body.get("access_token")); assertTrue("Wrong claims: " + token.getClaims(), token.getClaims().contains("\"aud\"")); assertTrue("Wrong claims: " + token.getClaims(), token.getClaims().contains("\"user_id\"")); } }
private void exchangeCodeForToken(String clientId, String redirectUri, String clientSecret, String value, MultiValueMap<String, String> formData) { formData.clear(); formData.add("client_id", clientId); formData.add("redirect_uri", redirectUri); formData.add("grant_type", GRANT_TYPE_AUTHORIZATION_CODE); formData.add("code", value); HttpHeaders tokenHeaders = new HttpHeaders(); tokenHeaders.set("Authorization", testAccounts.getAuthorizationHeader(clientId, clientSecret)); @SuppressWarnings("rawtypes") ResponseEntity<Map> tokenResponse = serverRunning.postForMap("/oauth/token", formData, tokenHeaders); assertEquals(HttpStatus.OK, tokenResponse.getStatusCode()); @SuppressWarnings("unchecked") Map<String, String> body = tokenResponse.getBody(); Jwt token = JwtHelper.decode(body.get("access_token")); assertTrue("Wrong claims: " + token.getClaims(), token.getClaims().contains("\"aud\"")); assertTrue("Wrong claims: " + token.getClaims(), token.getClaims().contains("\"user_id\"")); }
Map<String, Object> claims = JsonUtils.readValue(access_token.getClaims(), new TypeReference<Map<String, Object>>() { });
Map<String, Object> claims = JsonUtils.readValue(idTokenClaims.getClaims(), new TypeReference<Map<String, Object>>() { });
Map<String, Object> claims = JsonUtils.readValue(idTokenClaims.getClaims(), new TypeReference<Map<String, Object>>() {}); claims = JsonUtils.readValue(idTokenClaims.getClaims(), new TypeReference<Map<String, Object>>() {}); assertNull(claims.get(ClaimConstants.USER_ATTRIBUTES)); assertNull(claims.get(ClaimConstants.ROLES));
Map<String, Object> claims = JsonUtils.readValue(idTokenClaims.getClaims(), new TypeReference<Map<String, Object>>() { });