org.springframework.security.oauth2.jwt.NimbusJwtDecoder Java Examples

The following examples show how to use org.springframework.security.oauth2.jwt.NimbusJwtDecoder. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: UndertowSpringSecurityAutoConfiguration.java    From camel-spring-boot with Apache License 2.0 5 votes vote down vote up
@Bean
public JwtDecoder jwtDecoderByIssuerUri() {
    final String jwkSetUri = getClientRegistration().getProviderDetails().getJwkSetUri();
    final NimbusJwtDecoder jwtDecoder = NimbusJwtDecoder.withJwkSetUri(jwkSetUri).build();
    jwtDecoder.setClaimSetConverter(new KeycloakUsernameSubClaimAdapter(getProvider().getUserNameAttribute()));;
    return jwtDecoder;
}
 
Example #2
Source File: XsuaaResourceServerJwkAutoConfigurationTest.java    From cloud-security-xsuaa-integration with Apache License 2.0 5 votes vote down vote up
@Test
public void userConfigurationCanOverrideDefaultBeans() {
	contextRunner.withUserConfiguration(UserConfiguration.class)
			.run((context) -> {
				assertThat(context.containsBean("xsuaaJwtDecoder"), is(false));
				assertThat(context.containsBean("customJwtDecoder"), is(true));
				assertThat(context.getBean("customJwtDecoder"),
						instanceOf(NimbusJwtDecoder.class));
			});
}
 
Example #3
Source File: DefaultJwtAuthenticationProvider.java    From feast with Apache License 2.0 5 votes vote down vote up
/**
 * @param options String K/V pair of options to initialize the AuthenticationProvider with. Only
 *     one option is currently configurable, the jwkEndpointURI.
 */
public DefaultJwtAuthenticationProvider(Map<String, String> options) {
  // Endpoint used to retrieve certificates to validate JWT token
  String jwkEndpointURI = options.get("jwkEndpointURI");

  // Provide a custom endpoint to retrieve certificates
  authProvider =
      new JwtAuthenticationProvider(NimbusJwtDecoder.withJwkSetUri(jwkEndpointURI).build());
  authProvider.setJwtAuthenticationConverter(new JwtAuthenticationConverter());
}
 
Example #4
Source File: FirebaseJwtTokenDecoder.java    From spring-cloud-gcp with Apache License 2.0 5 votes vote down vote up
private void refresh() {
	if (!isExpired()) {
		return;
	}
	try {
		ResponseEntity<Map<String, String>> response = restClient.exchange(googlePublicKeysEndpoint, HttpMethod.GET, null, new ParameterizedTypeReference<Map<String, String>>() {
		});
		Long expiresAt = parseCacheControlHeaders(response.getHeaders());
		this.expires = expiresAt > -1L ? (System.currentTimeMillis() + expiresAt * 1000) : 0L;
		if (!response.getStatusCode().is2xxSuccessful()) {
			throw new JwtException("Error retrieving public certificates from remote endpoint");
		}
		delegates.clear();
		for (String key : response.getBody().keySet()) {
			try {
				NimbusJwtDecoder nimbusJwtDecoder = NimbusJwtDecoder.withPublicKey((RSAPublicKey) convertToX509Cert(response.getBody().get(key)).getPublicKey())
						.signatureAlgorithm(SignatureAlgorithm.from("RS256"))
						.build();
				nimbusJwtDecoder.setJwtValidator(tokenValidator);
				delegates.put(key, nimbusJwtDecoder);
			}
			catch (Exception ce) {
				logger.error("Could not read certificate for key {}", key);
			}
		}
	}
	catch (Exception e) {
		throw new JwtException("Error fetching public keys", e);
	}
}
 
Example #5
Source File: XsuaaResourceServerJwkAutoConfigurationTest.java    From cloud-security-xsuaa-integration with Apache License 2.0 4 votes vote down vote up
@Bean
public JwtDecoder customJwtDecoder() {
	return NimbusJwtDecoder.withJwkSetUri("http://localhost:8080/uaa/oauth/token_keys").build();
}
 
Example #6
Source File: WebSecurityConfiguration.java    From spring-cloud-demo with Apache License 2.0 4 votes vote down vote up
@Bean
JwtDecoder jwtDecoder() {
    return NimbusJwtDecoder.withJwkSetUri(this.jwkSetUri).build();
}
 
Example #7
Source File: SecurityConfiguration.java    From grpc-spring-boot-starter with MIT License 4 votes vote down vote up
@Bean
JwtDecoder jwtDecoder() {
    // Uses local Keycloak instance running on port 8080 with the realm: TestRealm
    final String endpointURI = "http://localhost:8080/auth/realms/TestRealm/protocol/openid-connect/certs";
    return NimbusJwtDecoder.withJwkSetUri(endpointURI).build();
}
 
Example #8
Source File: SecurityConfiguration.java    From grpc-spring-boot-starter with MIT License 4 votes vote down vote up
@Bean
JwtDecoder jwtDecoder() {
    // Uses local Keycloak instance running on port 8080 with the realm: TestRealm
    final String endpointURI = "http://localhost:8080/auth/realms/TestRealm/protocol/openid-connect/certs";
    return NimbusJwtDecoder.withJwkSetUri(endpointURI).build();
}
 
Example #9
Source File: SecurityConfig.java    From platform with Apache License 2.0 4 votes vote down vote up
@Bean
public JwtDecoder jwtDecoder(KeyPair keyPair) {
    return NimbusJwtDecoder.withPublicKey((RSAPublicKey) keyPair.getPublic()).build();
}