Java Code Examples for io.vertx.ext.auth.jwt.JWTAuth

The following examples show how to use io.vertx.ext.auth.jwt.JWTAuth. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source Project: besu   Source File: AuthenticationService.java    License: Apache License 2.0 6 votes vote down vote up
private static Optional<AuthenticationService> create(
    final Vertx vertx,
    final boolean authenticationEnabled,
    final String authenticationCredentialsFile,
    final File authenticationPublicKeyFile) {
  if (!authenticationEnabled) {
    return Optional.empty();
  }

  final JWTAuthOptions jwtAuthOptions =
      authenticationPublicKeyFile == null
          ? jwtAuthOptionsFactory.createWithGeneratedKeyPair()
          : jwtAuthOptionsFactory.createForExternalPublicKey(authenticationPublicKeyFile);

  final Optional<AuthProvider> credentialAuthProvider =
      makeCredentialAuthProvider(vertx, authenticationEnabled, authenticationCredentialsFile);

  return Optional.of(
      new AuthenticationService(
          JWTAuth.create(vertx, jwtAuthOptions), jwtAuthOptions, credentialAuthProvider));
}
 
Example 2
Source Project: xyz-hub   Source File: XYZHubRESTVerticle.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * Add the security handlers.
 */
private AuthHandler createJWTHandler() {
  JWTAuthOptions authConfig = new JWTAuthOptions().addPubSecKey(
      new PubSecKeyOptions().setAlgorithm("RS256")
          .setPublicKey(Service.configuration.JWT_PUB_KEY));

  JWTAuth authProvider = new XyzAuthProvider(vertx, authConfig);

  ChainAuthHandler authHandler = ChainAuthHandler.create()
      .append(JWTAuthHandler.create(authProvider))
      .append(JWTURIHandler.create(authProvider));

  if (Service.configuration.XYZ_HUB_AUTH == AuthorizationType.DUMMY) {
    authHandler.append(JwtDummyHandler.create(authProvider));
  }

  return authHandler;
}
 
Example 3
Source Project: vertx-web   Source File: WebExamples.java    License: Apache License 2.0 6 votes vote down vote up
public void example50(Vertx vertx) {

    Router router = Router.router(vertx);

    JWTAuthOptions authConfig = new JWTAuthOptions()
      .setKeyStore(new KeyStoreOptions()
        .setType("jceks")
        .setPath("keystore.jceks")
        .setPassword("secret"));

    JWTAuth jwt = JWTAuth.create(vertx, authConfig);

    router.route("/login").handler(ctx -> {
      // this is an example, authentication should be done with another provider...
      if (
        "paulo".equals(ctx.request().getParam("username")) &&
          "secret".equals(ctx.request().getParam("password"))) {
        ctx.response()
          .end(jwt.generateToken(new JsonObject().put("sub", "paulo")));
      } else {
        ctx.fail(401);
      }
    });
  }
 
Example 4
Source Project: vertx-web   Source File: WebExamples.java    License: Apache License 2.0 6 votes vote down vote up
public void example51(Vertx vertx) {

    Router router = Router.router(vertx);

    JWTAuthOptions authConfig = new JWTAuthOptions()
      .setKeyStore(new KeyStoreOptions()
        .setType("jceks")
        .setPath("keystore.jceks")
        .setPassword("secret"));

    JWTAuth authProvider = JWTAuth.create(vertx, authConfig);

    router.route("/protected/*").handler(JWTAuthHandler.create(authProvider));

    router.route("/protected/somepage").handler(ctx -> {
      // some handle code...
    });
  }
 
Example 5
Source Project: vertx-web   Source File: WebExamples.java    License: Apache License 2.0 6 votes vote down vote up
public void example52(Vertx vertx) {

    JWTAuthOptions authConfig = new JWTAuthOptions()
      .setKeyStore(new KeyStoreOptions()
        .setType("jceks")
        .setPath("keystore.jceks")
        .setPassword("secret"));

    JWTAuth authProvider = JWTAuth.create(vertx, authConfig);

    authProvider
      .generateToken(
        new JsonObject()
          .put("sub", "paulo")
          .put("someKey", "some value"),
        new JWTOptions());
  }
 
Example 6
Source Project: vertx-service-proxy   Source File: Examples.java    License: Apache License 2.0 6 votes vote down vote up
public void secure(Vertx vertx) {
  // Create an instance of your service implementation
  SomeDatabaseService service = new SomeDatabaseServiceImpl();
  // Register the handler
  new ServiceBinder(vertx)
    .setAddress("database-service-address")
    // Secure the messages in transit
    .addInterceptor(
      new ServiceAuthInterceptor()
        // Tokens will be validated using JWT authentication
        .setAuthenticationProvider(JWTAuth.create(vertx, new JWTAuthOptions()))
        // optionally we can secure permissions too:

        // an admin
        .addAuthorization(RoleBasedAuthorization.create("admin"))
        // that can print
        .addAuthorization(PermissionBasedAuthorization.create("print"))

        // where the authorizations are loaded, let's assume from the token
        // but they could be loaded from a database or a file if needed
        .setAuthorizationProvider(
          JWTAuthorization.create("permissions")))

    .register(SomeDatabaseService.class, service);
}
 
Example 7
Source Project: vertx-auth   Source File: AuthJWTExamples.java    License: Apache License 2.0 6 votes vote down vote up
public void example7(Vertx vertx, String username, String password) {

    JWTAuthOptions config = new JWTAuthOptions()
      .setKeyStore(new KeyStoreOptions()
        .setPath("keystore.jceks")
        .setPassword("secret"));

    JWTAuth provider = JWTAuth.create(vertx, config);

    // on the verify endpoint once you verify the identity
    // of the user by its username/password
    if ("paulo".equals(username) && "super_secret".equals(password)) {
      String token = provider.generateToken(
        new JsonObject().put("sub", "paulo"), new JWTOptions());

      // now for any request to protected resources you should
      // pass this string in the HTTP header Authorization as:
      // Authorization: Bearer <token>
    }
  }
 
Example 8
Source Project: vertx-auth   Source File: AuthJWTExamples.java    License: Apache License 2.0 6 votes vote down vote up
public void example10(JWTAuth jwtAuth) {

    // This string is what you see after the string "Bearer" in the
    // HTTP Authorization header

    // In this case we are forcing the provider to ignore the `exp` field
    jwtAuth.authenticate(
      new JsonObject()
        .put("jwt", "BASE64-ENCODED-STRING")
        .put("options", new JsonObject()
          .put("ignoreExpiration", true)))
      .onSuccess(user -> System.out.println("User: " + user.principal()))
      .onFailure(err -> {
        // Failed!
      });
  }
 
Example 9
Source Project: vertx-auth   Source File: AuthJWTExamples.java    License: Apache License 2.0 6 votes vote down vote up
public void example11(JWTAuth jwtAuth) {

    // This string is what you see after the string "Bearer" in the
    // HTTP Authorization header

    // In this case we are forcing the provider to verify the aud field
    jwtAuth.authenticate(
      new JsonObject()
        .put("jwt", "BASE64-ENCODED-STRING")
        .put("options", new JsonObject()
          .put("audience", new JsonArray().add("[email protected]"))))
      .onSuccess(user -> System.out.println("User: " + user.principal()))
      .onFailure(err -> {
        // Failed!
      });
  }
 
Example 10
Source Project: vertx-auth   Source File: AuthJWTExamples.java    License: Apache License 2.0 6 votes vote down vote up
public void example12(JWTAuth jwtAuth) {

    // This string is what you see after the string "Bearer" in the
    // HTTP Authorization header

    // In this case we are forcing the provider to verify the issuer
    jwtAuth.authenticate(
      new JsonObject()
        .put("jwt", "BASE64-ENCODED-STRING")
        .put("options", new JsonObject()
          .put("issuer", "mycorp.com")))
      .onSuccess(user -> System.out.println("User: " + user.principal()))
      .onFailure(err -> {
        // Failed!
      });
  }
 
Example 11
Source Project: vertx-auth   Source File: AuthJWTExamples.java    License: Apache License 2.0 6 votes vote down vote up
public void example17(Vertx vertx) {
  JWTAuth provider = JWTAuth.create(vertx, new JWTAuthOptions()
    .addPubSecKey(new PubSecKeyOptions()
      .setAlgorithm("ES256")
      .setBuffer(
        "-----BEGIN PRIVATE KEY-----\n" +
          "MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgeRyEfU1NSHPTCuC9\n" +
          "rwLZMukaWCH2Fk6q5w+XBYrKtLihRANCAAStpUnwKmSvBM9EI+W5QN3ALpvz6bh0\n" +
          "SPCXyz5KfQZQuSj4f3l+xNERDUDaygIUdLjBXf/bc15ur2iZjcq4r0Mr\n" +
          "-----END PRIVATE KEY-----\n")
    ));

  String token = provider.generateToken(
    new JsonObject(),
    new JWTOptions().setAlgorithm("ES256"));
}
 
Example 12
Source Project: vertx-auth   Source File: AuthJWTExamples.java    License: Apache License 2.0 6 votes vote down vote up
public void example18(Vertx vertx) {
  JWTAuth provider = JWTAuth.create(vertx, new JWTAuthOptions()
    .addPubSecKey(new PubSecKeyOptions()
      .setAlgorithm("ES256")
      .setBuffer(
        "-----BEGIN PUBLIC KEY-----\n" +
          "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEraVJ8CpkrwTPRCPluUDdwC6b8+m4\n" +
          "dEjwl8s+Sn0GULko+H95fsTREQ1A2soCFHS4wV3/23Nebq9omY3KuK9DKw==\n" +
          "-----END PUBLIC KEY-----"))
    .addPubSecKey(new PubSecKeyOptions()
      .setAlgorithm("RS256")
      .setBuffer(
        "-----BEGIN PRIVATE KEY-----\n" +
          "MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgeRyEfU1NSHPTCuC9\n" +
          "rwLZMukaWCH2Fk6q5w+XBYrKtLihRANCAAStpUnwKmSvBM9EI+W5QN3ALpvz6bh0\n" +
          "SPCXyz5KfQZQuSj4f3l+xNERDUDaygIUdLjBXf/bc15ur2iZjcq4r0Mr")
    ));

  String token = provider.generateToken(
    new JsonObject(),
    new JWTOptions().setAlgorithm("ES256"));
}
 
Example 13
Source Project: vertx-auth   Source File: JWTAuthProviderTest.java    License: Apache License 2.0 6 votes vote down vote up
@Test
public void testBadIssuer() {

  authProvider = JWTAuth.create(vertx, getConfig().setJWTOptions(new JWTOptions().setIssuer("https://vertx.io")));

  JsonObject payload = new JsonObject().put("sub", "Paulo");

  final String token = authProvider.generateToken(payload, new JWTOptions().setIssuer("https://auth0.io"));
  assertNotNull(token);

  TokenCredentials authInfo = new TokenCredentials(token);

  authProvider.authenticate(authInfo, onFailure(thr -> {
    assertNotNull(thr);
    testComplete();
  }));
  await();
}
 
Example 14
Source Project: vertx-auth   Source File: JWTAuthProviderTest.java    License: Apache License 2.0 6 votes vote down vote up
@Test
public void testGoodAudience() {

  authProvider = JWTAuth.create(vertx, getConfig().setJWTOptions(
    new JWTOptions()
      .addAudience("b")
      .addAudience("d")));

  JsonObject payload = new JsonObject()
    .put("sub", "Paulo");

  final String token = authProvider.generateToken(payload,
    new JWTOptions().addAudience("a").addAudience("b").addAudience("c"));

  assertNotNull(token);

  TokenCredentials authInfo = new TokenCredentials(token);

  authProvider.authenticate(authInfo, onSuccess(res -> {
    assertNotNull(res);
    testComplete();
  }));
  await();
}
 
Example 15
Source Project: vertx-auth   Source File: JWTAuthProviderTest.java    License: Apache License 2.0 6 votes vote down vote up
@Test
public void testBadAudience() {

  authProvider = JWTAuth.create(vertx, getConfig().setJWTOptions(
    new JWTOptions()
      .addAudience("e")
      .addAudience("d")));

  JsonObject payload = new JsonObject()
    .put("sub", "Paulo");

  final String token = authProvider.generateToken(payload,
    new JWTOptions().addAudience("a").addAudience("b").addAudience("c"));

  assertNotNull(token);

  TokenCredentials authInfo = new TokenCredentials(token);

  authProvider.authenticate(authInfo, onFailure(thr -> {
    assertNotNull(thr);
    testComplete();
  }));
  await();
}
 
Example 16
Source Project: vertx-auth   Source File: JWTAuthProviderTest.java    License: Apache License 2.0 6 votes vote down vote up
@Test
public void testGoodScopes() {
  //JWT is valid because required scopes "a" & "b" are well included in the access_token.
  authProvider = JWTAuth.create(vertx, getConfig().setJWTOptions(
    new JWTOptions()
      .addScope("a")
      .addScope("b")));

  JsonObject payload = new JsonObject()
    .put("sub", "Paulo");

  final String token = authProvider.generateToken(payload,
    new JWTOptions().addScope("a").addScope("b").addScope("c"));

  assertNotNull(token);

  TokenCredentials authInfo = new TokenCredentials(token);

  authProvider.authenticate(authInfo, onSuccess(res -> {
    assertNotNull(res);
    testComplete();
  }));
  await();
}
 
Example 17
Source Project: vertx-auth   Source File: JWTAuthProviderTest.java    License: Apache License 2.0 6 votes vote down vote up
@Test
public void testGoodScopesWithDelimiter() {
  //JWT is valid because required scopes "a" & "b" are well included in the access_token.
  authProvider = JWTAuth.create(vertx, getConfig().setJWTOptions(
    new JWTOptions()
      .addScope("a")
      .addScope("b")
      .withScopeDelimiter(",")));

  JsonObject payload = new JsonObject()
    .put("sub", "Paulo");

  final String token = authProvider.generateToken(payload,
    new JWTOptions().addScope("a").addScope("b").addScope("c").withScopeDelimiter(","));

  assertNotNull(token);

  TokenCredentials authInfo = new TokenCredentials(token);

  authProvider.authenticate(authInfo, onSuccess(res -> {
    assertNotNull(res);
    testComplete();
  }));
  await();
}
 
Example 18
Source Project: vertx-auth   Source File: JWTAuthProviderTest.java    License: Apache License 2.0 6 votes vote down vote up
@Test
public void testGoodScopesWithDefaultDelimiter() {
  //JWT is valid because required scopes "a" & "b" are well included in the access_token.
  authProvider = JWTAuth.create(vertx, getConfig().setJWTOptions(
    new JWTOptions()
      .addScope("a")
      .addScope("b")));

  JsonObject payload = new JsonObject()
    .put("sub", "Paulo");

  final String token = authProvider.generateToken(payload,
    new JWTOptions().addScope("a").addScope("b").addScope("c").withScopeDelimiter(" "));

  assertNotNull(token);

  TokenCredentials authInfo = new TokenCredentials(token);

  authProvider.authenticate(authInfo, onSuccess(res -> {
    assertNotNull(res);
    testComplete();
  }));
  await();
}
 
Example 19
Source Project: vertx-auth   Source File: JWTAuthProviderTest.java    License: Apache License 2.0 6 votes vote down vote up
@Test
public void testBadScopes() {
  //JWT is not valid because the required scopes "d" is not included in the access_token.
  authProvider = JWTAuth.create(vertx, getConfig().setJWTOptions(
    new JWTOptions()
      .addScope("b")
      .addScope("d")));

  JsonObject payload = new JsonObject()
    .put("sub", "Paulo");

  final String token = authProvider.generateToken(payload,
    new JWTOptions().addScope("a").addScope("b").addScope("c"));

  assertNotNull(token);

  TokenCredentials authInfo = new TokenCredentials(token);

  authProvider.authenticate(authInfo, onFailure(thr -> {
    assertNotNull(thr);
    testComplete();
  }));
  await();
}
 
Example 20
Source Project: vertx-auth   Source File: JWTAuthProviderTest.java    License: Apache License 2.0 6 votes vote down vote up
@Test
public void testBadScopesFormat() {
  //JWT is not valid because the authProvider is expecting an array of scope while the JWT has a string scope.
  authProvider = JWTAuth.create(vertx, getConfig().setJWTOptions(
    new JWTOptions()
      .addScope("a")
      .addScope("b")));

  JsonObject payload = new JsonObject()
    .put("sub", "Paulo");

  final String token = authProvider.generateToken(payload,
    new JWTOptions().addScope("a").addScope("b").addScope("c").withScopeDelimiter(","));

  assertNotNull(token);

  TokenCredentials authInfo = new TokenCredentials(token);

  authProvider.authenticate(authInfo, onFailure(thr -> {
    assertNotNull(thr);
    testComplete();
  }));
  await();
}
 
Example 21
Source Project: vertx-auth   Source File: JWTAuthProviderTest.java    License: Apache License 2.0 6 votes vote down vote up
@Test
public void testGenerateNewTokenES256() {
  authProvider = JWTAuth.create(vertx, new JWTAuthOptions()
    .setKeyStore(new KeyStoreOptions()
      .setPath("es256-keystore.jceks")
      .setType("jceks")
      .setPassword("secret")));

  String token = authProvider.generateToken(new JsonObject().put("sub", "paulo"), new JWTOptions().setAlgorithm("ES256"));
  assertNotNull(token);

  TokenCredentials authInfo = new TokenCredentials(token);

  authProvider.authenticate(authInfo, res -> {
    if (res.failed()) {
      res.cause().printStackTrace();
      fail();
    }

    assertNotNull(res.result());
    testComplete();
  });
  await();
}
 
Example 22
Source Project: vertx-auth   Source File: JWTAuthProviderTest.java    License: Apache License 2.0 6 votes vote down vote up
@Test
public void testGenerateNewTokenWithMacSecret() {
  authProvider = JWTAuth.create(vertx, new JWTAuthOptions()
    .addJwk(new JsonObject()
      .put("kty", "oct")
      .put("k", "notasecret"))
  );

  String token = authProvider.generateToken(new JsonObject(), new JWTOptions().setAlgorithm("HS256"));
  assertNotNull(token);

  // reverse
  TokenCredentials authInfo = new TokenCredentials(token);
  authProvider.authenticate(authInfo, onSuccess(res -> {
    assertNotNull(res);
    testComplete();
  }));
  await();
}
 
Example 23
Source Project: vertx-auth   Source File: JWTAuthProviderTest.java    License: Apache License 2.0 6 votes vote down vote up
@Test
public void testGenerateNewTokenForceAlgorithm() {
  authProvider = JWTAuth.create(vertx, new JWTAuthOptions()
    .setKeyStore(new KeyStoreOptions()
      .setPath("keystore.jceks")
      .setType("jceks")
      .setPassword("secret")));

  String token = authProvider.generateToken(new JsonObject(), new JWTOptions().setAlgorithm("RS256"));
  assertNotNull(token);

  // reverse
  TokenCredentials authInfo = new TokenCredentials(token);
  authProvider.authenticate(authInfo, onSuccess(res -> {
    assertNotNull(res);
    testComplete();
  }));
  await();
}
 
Example 24
Source Project: vertx-auth   Source File: JWTAuthProviderTest.java    License: Apache License 2.0 6 votes vote down vote up
@Test
public void testAlgNone() {

  JWTAuth authProvider = JWTAuth.create(vertx, new JWTAuthOptions());

  JsonObject payload = new JsonObject()
    .put("sub", "UserUnderTest")
    .put("aud", "OrganizationUnderTest")
    .put("iat", 1431695313)
    .put("exp", 1747055313)
    .put("roles", new JsonArray().add("admin").add("developer").add("user"))
    .put("permissions", new JsonArray().add("read").add("write").add("execute"));

  final String token = authProvider.generateToken(payload, new JWTOptions().setSubject("UserUnderTest").setAlgorithm("none"));
  assertNotNull(token);

  TokenCredentials authInfo = new TokenCredentials(token);

  authProvider.authenticate(authInfo, onSuccess(res -> {
    assertNotNull(res);
    testComplete();
  }));
  await();
}
 
Example 25
Source Project: vertx-auth   Source File: JWTAuthProviderTest.java    License: Apache License 2.0 6 votes vote down vote up
@Test
public void testLeeway() {
  authProvider = JWTAuth.create(vertx, getConfig().setJWTOptions(new JWTOptions().setLeeway(0)));

  long now = System.currentTimeMillis() / 1000;

  JsonObject payload = new JsonObject()
    .put("sub", "Paulo")
    .put("exp", now);

  String token = authProvider.generateToken(payload);
  assertNotNull(token);

  TokenCredentials authInfo = new TokenCredentials(token);
  // fail because exp is <= to now
  authProvider.authenticate(authInfo, onFailure(t -> testComplete()));
  await();
}
 
Example 26
Source Project: vertx-auth   Source File: JWTAuthProviderTest.java    License: Apache License 2.0 6 votes vote down vote up
@Test
public void testLeeway2() {
  authProvider = JWTAuth.create(vertx, getConfig().setJWTOptions(new JWTOptions().setLeeway(0)));

  long now = (System.currentTimeMillis() / 1000) + 2;

  JsonObject payload = new JsonObject()
    .put("sub", "Paulo")
    .put("iat", now);

  String token = authProvider.generateToken(payload);
  assertNotNull(token);

  TokenCredentials authInfo = new TokenCredentials(token);
  // fail because iat is > now (clock drifted 2 sec)
  authProvider.authenticate(authInfo, onFailure(t -> testComplete()));
  await();
}
 
Example 27
Source Project: vertx-auth   Source File: JWTAuthProviderTest.java    License: Apache License 2.0 6 votes vote down vote up
@Test
public void testLeeway3() {
  authProvider = JWTAuth.create(vertx, getConfig().setJWTOptions(new JWTOptions().setLeeway(5)));

  long now = System.currentTimeMillis() / 1000;

  JsonObject payload = new JsonObject()
    .put("sub", "Paulo")
    .put("exp", now)
    .put("iat", now);

  String token = authProvider.generateToken(payload);
  assertNotNull(token);

  TokenCredentials authInfo = new TokenCredentials(token);
  // fail because exp is <= to now
  authProvider.authenticate(authInfo, onSuccess(t -> testComplete()));
  await();
}
 
Example 28
Source Project: vertx-auth   Source File: JWTAuthProviderTest.java    License: Apache License 2.0 6 votes vote down vote up
@Test
public void testLeeway4() {
  authProvider = JWTAuth.create(vertx, getConfig().setJWTOptions(new JWTOptions().setLeeway(5)));

  long now = (System.currentTimeMillis() / 1000) + 2;

  JsonObject payload = new JsonObject()
    .put("sub", "Paulo")
    .put("iat", now);

  String token = authProvider.generateToken(payload);
  assertNotNull(token);

  TokenCredentials authInfo = new TokenCredentials(token);
  // pass because iat is > now (clock drifted 2 sec) and we have a leeway of 5sec
  authProvider.authenticate(authInfo, onSuccess(t -> testComplete()));
  await();
}
 
Example 29
Source Project: besu   Source File: AuthenticationService.java    License: Apache License 2.0 5 votes vote down vote up
private AuthenticationService(
    final JWTAuth jwtAuthProvider,
    final JWTAuthOptions jwtAuthOptions,
    final Optional<AuthProvider> credentialAuthProvider) {
  this.jwtAuthProvider = jwtAuthProvider;
  this.jwtAuthOptions = jwtAuthOptions;
  this.credentialAuthProvider = credentialAuthProvider;
}
 
Example 30
Source Project: besu   Source File: AuthenticationUtilsTest.java    License: Apache License 2.0 5 votes vote down vote up
@Test
public void getUserFailsIfTokenDoesNotHaveExpiryClaim() {
  final AuthenticationService authenticationService = mock(AuthenticationService.class);
  final JWTAuth jwtAuth = new JWTAuthProviderImpl(null, new JWTAuthOptions());
  final StubUserHandler handler = new StubUserHandler();
  when(authenticationService.getJwtAuthProvider()).thenReturn(jwtAuth);

  AuthenticationUtils.getUser(
      Optional.of(authenticationService), INVALID_TOKEN_WITHOUT_EXP, handler);

  assertThat(handler.getEvent()).isEmpty();
}