com.nimbusds.jose.proc.BadJOSEException Java Examples

The following examples show how to use com.nimbusds.jose.proc.BadJOSEException. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.

Example #1

Source File: BootstrapTests.java From authmore-framework with Apache License 2.0

7 votes

@Test
public void testJSONWebTokenManager() throws ParseException, JOSEException, BadJOSEException {

    JSONWebTokenManager tokens = new JSONWebTokenManager(clients, keyPair);
    ClientDetails client = clients.findAll().get(0);
    String userId = "user_1";
    TokenResponse tokenResponse = tokens.create(client, userId, Collections.emptySet());
    String accessToken;
    assertNotNull(tokenResponse);
    assertNotNull(accessToken = tokenResponse.getAccess_token());
    ConfigurableJWTProcessor<SecurityContext> jwtProcessor = new DefaultJWTProcessor<>();
    JWKSource<SecurityContext> keySource = new ImmutableJWKSet<>(jwkSet);
    JWSAlgorithm expectedJWSAlg = JWSAlgorithm.RS256;
    JWSKeySelector<SecurityContext> keySelector = new JWSVerificationKeySelector<>(expectedJWSAlg, keySource);
    jwtProcessor.setJWSKeySelector(keySelector);
    JWTClaimsSet claimsSet = jwtProcessor.process(accessToken, null);
    assertEquals(userId, claimsSet.getClaim(OAuthProperties.TOKEN_USER_ID));
}

Example #2

Source File: DefaultTokenAuthorityService.java From knox with Apache License 2.0

6 votes

@Override
public boolean verifyToken(JWT token, String jwksurl, String algorithm) throws TokenServiceException {
  boolean verified = false;
  try {
    if (algorithm != null && jwksurl != null) {
      JWSAlgorithm expectedJWSAlg = JWSAlgorithm.parse(algorithm);
      JWKSource<SecurityContext> keySource = new RemoteJWKSet<>(new URL(jwksurl));
      JWSKeySelector<SecurityContext> keySelector = new JWSVerificationKeySelector<>(expectedJWSAlg, keySource);

      // Create a JWT processor for the access tokens
      ConfigurableJWTProcessor<SecurityContext> jwtProcessor = new DefaultJWTProcessor<>();
      jwtProcessor.setJWSKeySelector(keySelector);
      JWTClaimsSetVerifier<SecurityContext> claimsVerifier = new DefaultJWTClaimsVerifier<>();
      jwtProcessor.setJWTClaimsSetVerifier(claimsVerifier);

      // Process the token
      SecurityContext ctx = null; // optional context parameter, not required here
      jwtProcessor.process(token.toString(), ctx);
      verified = true;
    }
  } catch (BadJOSEException | JOSEException | ParseException | MalformedURLException e) {
    throw new TokenServiceException("Cannot verify token.", e);
  }
  return verified;
}

Example #3

Source File: AbstractJWKSTest.java From microprofile-jwt-auth with Apache License 2.0

5 votes

/**
 * Ensure a token is validated by the provider using the JWKS URL for the public key associated
 * with the signer.
 *
 * @throws Exception
 */
@Test(expectedExceptions = {InvalidJwtException.class, BadJOSEException.class, JWTVerificationException.class})
public void testNoMatchingKID() throws Exception {
    PrivateKey pk = loadPrivateKey();
    String token = TokenUtils.generateTokenString(pk, "invalid-kid", "/Token1.json", null, null);
    int expGracePeriodSecs = 60;
    validateToken(token, new URL(endpoint), TEST_ISSUER, expGracePeriodSecs);
}

Example #4

Source File: AuthResource.java From eplmp with Eclipse Public License 1.0

5 votes

private IDTokenClaimsSet validateToken(OAuthProvider provider, OAuthLoginRequestDTO oAuthLoginRequestDTO)
        throws MalformedURLException, ParseException, BadJOSEException, JOSEException {
    Issuer iss = new Issuer(provider.getIssuer());
    ClientID clientID = new ClientID(provider.getClientID());
    Nonce nonce = new Nonce(oAuthLoginRequestDTO.getNonce());
    URL jwkSetURL = new URL(provider.getJwkSetURL());
    JWSAlgorithm jwsAlg = JWSAlgorithm.parse(provider.getJwsAlgorithm());
    IDTokenValidator validator = new IDTokenValidator(iss, clientID, jwsAlg, jwkSetURL);
    JWT idToken = JWTParser.parse(oAuthLoginRequestDTO.getIdToken());
    return validator.validate(idToken, nonce);
}

Example #5

Source File: OAuth2GenericAuthenticationProviderTest_idToken.java From graviteeio-access-management with Apache License 2.0

5 votes

@Test
public void shouldLoadUserByUsername_authentication() throws ParseException, JOSEException, BadJOSEException {
    JWTClaimsSet claims = new JWTClaimsSet.Builder().subject("bob").build();

    when(configuration.getResponseType()).thenReturn(ResponseType.ID_TOKEN);
    when(jwtProcessor.process("test", null)).thenReturn(claims);

    TestObserver<User> testObserver = authenticationProvider.loadUserByUsername(new Authentication() {
        @Override
        public Object getCredentials() {
            return "__social__";
        }

        @Override
        public Object getPrincipal() {
            return "__social__";
        }

        @Override
        public AuthenticationContext getContext() {
            DummyRequest dummyRequest = new DummyRequest();
            dummyRequest.setParameters(Collections.singletonMap("urlHash", Collections.singletonList("#id_token=test")));
            return new DummyAuthenticationContext(Collections.singletonMap("id_token", "test"), dummyRequest);
        }
    }).test();

    testObserver.assertComplete();
    testObserver.assertNoErrors();
    testObserver.assertValue(u -> "bob".equals(u.getUsername()));
}

Example #6

Source File: OAuth2GenericAuthenticationProviderTest_idToken.java From graviteeio-access-management with Apache License 2.0

5 votes

@Test
public void shouldLoadUserByUsername_authentication_badToken() throws ParseException, JOSEException, BadJOSEException {
    when(jwtProcessor.process("test", null)).thenThrow(new JOSEException("jose exception"));

    when(configuration.getResponseType()).thenReturn(ResponseType.ID_TOKEN);
    TestObserver<User> testObserver = authenticationProvider.loadUserByUsername(new Authentication() {
        @Override
        public Object getCredentials() {
            return "__social__";
        }

        @Override
        public Object getPrincipal() {
            return "__social__";
        }

        @Override
        public AuthenticationContext getContext() {
            DummyRequest dummyRequest = new DummyRequest();
            dummyRequest.setParameters(Collections.singletonMap("urlHash", Collections.singletonList("#id_token=test")));
            return new DummyAuthenticationContext(Collections.singletonMap("id_token", "test"), dummyRequest);
        }
    }).test();

    testObserver.awaitTerminalEvent();
    testObserver.assertError(BadCredentialsException.class);
}

Example #7

Source File: DefaultValidatingJWTProcessor.java From hammock with Apache License 2.0

5 votes

@Override
public JsonObject process(String jwt) throws JWTException {
    try {
        String rawJwt = delegate.process(jwt, null).toString();
        return Json.createReader(new StringReader(rawJwt)).readObject();
    } catch (ParseException | BadJOSEException | JOSEException e) {
        throw new JWTException("Unable to parse jwt", e);
    }
}