io.vertx.ext.auth.jwt.JWTAuthOptions Java Examples
The following examples show how to use
io.vertx.ext.auth.jwt.JWTAuthOptions.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: AuthJWTExamples.java From vertx-auth with Apache License 2.0 | 6 votes |
|
public void example7(Vertx vertx, String username, String password) {
JWTAuthOptions config = new JWTAuthOptions()
.setKeyStore(new KeyStoreOptions()
.setPath("keystore.jceks")
.setPassword("secret"));
JWTAuth provider = JWTAuth.create(vertx, config);
// on the verify endpoint once you verify the identity
// of the user by its username/password
if ("paulo".equals(username) && "super_secret".equals(password)) {
String token = provider.generateToken(
new JsonObject().put("sub", "paulo"), new JWTOptions());
// now for any request to protected resources you should
// pass this string in the HTTP header Authorization as:
// Authorization: Bearer <token>
}
}
Example #2
| Source File: Examples.java From vertx-service-proxy with Apache License 2.0 | 6 votes |
|
public void secure(Vertx vertx) {
// Create an instance of your service implementation
SomeDatabaseService service = new SomeDatabaseServiceImpl();
// Register the handler
new ServiceBinder(vertx)
.setAddress("database-service-address")
// Secure the messages in transit
.addInterceptor(
new ServiceAuthInterceptor()
// Tokens will be validated using JWT authentication
.setAuthenticationProvider(JWTAuth.create(vertx, new JWTAuthOptions()))
// optionally we can secure permissions too:
// an admin
.addAuthorization(RoleBasedAuthorization.create("admin"))
// that can print
.addAuthorization(PermissionBasedAuthorization.create("print"))
// where the authorizations are loaded, let's assume from the token
// but they could be loaded from a database or a file if needed
.setAuthorizationProvider(
JWTAuthorization.create("permissions")))
.register(SomeDatabaseService.class, service);
}
Example #3
| Source File: AuthenticationService.java From besu with Apache License 2.0 | 6 votes |
|
private static Optional<AuthenticationService> create(
final Vertx vertx,
final boolean authenticationEnabled,
final String authenticationCredentialsFile,
final File authenticationPublicKeyFile) {
if (!authenticationEnabled) {
return Optional.empty();
}
final JWTAuthOptions jwtAuthOptions =
authenticationPublicKeyFile == null
? jwtAuthOptionsFactory.createWithGeneratedKeyPair()
: jwtAuthOptionsFactory.createForExternalPublicKey(authenticationPublicKeyFile);
final Optional<AuthProvider> credentialAuthProvider =
makeCredentialAuthProvider(vertx, authenticationEnabled, authenticationCredentialsFile);
return Optional.of(
new AuthenticationService(
JWTAuth.create(vertx, jwtAuthOptions), jwtAuthOptions, credentialAuthProvider));
}
Example #4
| Source File: JWTAuthProviderTest.java From vertx-auth with Apache License 2.0 | 6 votes |
|
@Test
public void testAlgNone() {
JWTAuth authProvider = JWTAuth.create(vertx, new JWTAuthOptions());
JsonObject payload = new JsonObject()
.put("sub", "UserUnderTest")
.put("aud", "OrganizationUnderTest")
.put("iat", 1431695313)
.put("exp", 1747055313)
.put("roles", new JsonArray().add("admin").add("developer").add("user"))
.put("permissions", new JsonArray().add("read").add("write").add("execute"));
final String token = authProvider.generateToken(payload, new JWTOptions().setSubject("UserUnderTest").setAlgorithm("none"));
assertNotNull(token);
TokenCredentials authInfo = new TokenCredentials(token);
authProvider.authenticate(authInfo, onSuccess(res -> {
assertNotNull(res);
testComplete();
}));
await();
}
Example #5
| Source File: JWTAuthProviderTest.java From vertx-auth with Apache License 2.0 | 6 votes |
|
@Test
public void testGenerateNewTokenForceAlgorithm() {
authProvider = JWTAuth.create(vertx, new JWTAuthOptions()
.setKeyStore(new KeyStoreOptions()
.setPath("keystore.jceks")
.setType("jceks")
.setPassword("secret")));
String token = authProvider.generateToken(new JsonObject(), new JWTOptions().setAlgorithm("RS256"));
assertNotNull(token);
// reverse
TokenCredentials authInfo = new TokenCredentials(token);
authProvider.authenticate(authInfo, onSuccess(res -> {
assertNotNull(res);
testComplete();
}));
await();
}
Example #6
| Source File: JWTAuthProviderTest.java From vertx-auth with Apache License 2.0 | 6 votes |
|
@Test
public void testGenerateNewTokenWithMacSecret() {
authProvider = JWTAuth.create(vertx, new JWTAuthOptions()
.addJwk(new JsonObject()
.put("kty", "oct")
.put("k", "notasecret"))
);
String token = authProvider.generateToken(new JsonObject(), new JWTOptions().setAlgorithm("HS256"));
assertNotNull(token);
// reverse
TokenCredentials authInfo = new TokenCredentials(token);
authProvider.authenticate(authInfo, onSuccess(res -> {
assertNotNull(res);
testComplete();
}));
await();
}
Example #7
| Source File: XYZHubRESTVerticle.java From xyz-hub with Apache License 2.0 | 6 votes |
|
/**
* Add the security handlers.
*/
private AuthHandler createJWTHandler() {
JWTAuthOptions authConfig = new JWTAuthOptions().addPubSecKey(
new PubSecKeyOptions().setAlgorithm("RS256")
.setPublicKey(Service.configuration.JWT_PUB_KEY));
JWTAuth authProvider = new XyzAuthProvider(vertx, authConfig);
ChainAuthHandler authHandler = ChainAuthHandler.create()
.append(JWTAuthHandler.create(authProvider))
.append(JWTURIHandler.create(authProvider));
if (Service.configuration.XYZ_HUB_AUTH == AuthorizationType.DUMMY) {
authHandler.append(JwtDummyHandler.create(authProvider));
}
return authHandler;
}
Example #8
| Source File: JWTAuthProviderTest.java From vertx-auth with Apache License 2.0 | 6 votes |
|
@Test
public void testGenerateNewTokenES256() {
authProvider = JWTAuth.create(vertx, new JWTAuthOptions()
.setKeyStore(new KeyStoreOptions()
.setPath("es256-keystore.jceks")
.setType("jceks")
.setPassword("secret")));
String token = authProvider.generateToken(new JsonObject().put("sub", "paulo"), new JWTOptions().setAlgorithm("ES256"));
assertNotNull(token);
TokenCredentials authInfo = new TokenCredentials(token);
authProvider.authenticate(authInfo, res -> {
if (res.failed()) {
res.cause().printStackTrace();
fail();
}
assertNotNull(res.result());
testComplete();
});
await();
}
Example #9
| Source File: WebExamples.java From vertx-web with Apache License 2.0 | 6 votes |
|
public void example52(Vertx vertx) {
JWTAuthOptions authConfig = new JWTAuthOptions()
.setKeyStore(new KeyStoreOptions()
.setType("jceks")
.setPath("keystore.jceks")
.setPassword("secret"));
JWTAuth authProvider = JWTAuth.create(vertx, authConfig);
authProvider
.generateToken(
new JsonObject()
.put("sub", "paulo")
.put("someKey", "some value"),
new JWTOptions());
}
Example #10
| Source File: AuthJWTExamples.java From vertx-auth with Apache License 2.0 | 6 votes |
|
public void example18(Vertx vertx) {
JWTAuth provider = JWTAuth.create(vertx, new JWTAuthOptions()
.addPubSecKey(new PubSecKeyOptions()
.setAlgorithm("ES256")
.setBuffer(
"-----BEGIN PUBLIC KEY-----\n" +
"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEraVJ8CpkrwTPRCPluUDdwC6b8+m4\n" +
"dEjwl8s+Sn0GULko+H95fsTREQ1A2soCFHS4wV3/23Nebq9omY3KuK9DKw==\n" +
"-----END PUBLIC KEY-----"))
.addPubSecKey(new PubSecKeyOptions()
.setAlgorithm("RS256")
.setBuffer(
"-----BEGIN PRIVATE KEY-----\n" +
"MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgeRyEfU1NSHPTCuC9\n" +
"rwLZMukaWCH2Fk6q5w+XBYrKtLihRANCAAStpUnwKmSvBM9EI+W5QN3ALpvz6bh0\n" +
"SPCXyz5KfQZQuSj4f3l+xNERDUDaygIUdLjBXf/bc15ur2iZjcq4r0Mr")
));
String token = provider.generateToken(
new JsonObject(),
new JWTOptions().setAlgorithm("ES256"));
}
Example #11
| Source File: AuthJWTExamples.java From vertx-auth with Apache License 2.0 | 6 votes |
|
public void example17(Vertx vertx) {
JWTAuth provider = JWTAuth.create(vertx, new JWTAuthOptions()
.addPubSecKey(new PubSecKeyOptions()
.setAlgorithm("ES256")
.setBuffer(
"-----BEGIN PRIVATE KEY-----\n" +
"MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgeRyEfU1NSHPTCuC9\n" +
"rwLZMukaWCH2Fk6q5w+XBYrKtLihRANCAAStpUnwKmSvBM9EI+W5QN3ALpvz6bh0\n" +
"SPCXyz5KfQZQuSj4f3l+xNERDUDaygIUdLjBXf/bc15ur2iZjcq4r0Mr\n" +
"-----END PRIVATE KEY-----\n")
));
String token = provider.generateToken(
new JsonObject(),
new JWTOptions().setAlgorithm("ES256"));
}
Example #12
| Source File: WebExamples.java From vertx-web with Apache License 2.0 | 6 votes |
|
public void example51(Vertx vertx) {
Router router = Router.router(vertx);
JWTAuthOptions authConfig = new JWTAuthOptions()
.setKeyStore(new KeyStoreOptions()
.setType("jceks")
.setPath("keystore.jceks")
.setPassword("secret"));
JWTAuth authProvider = JWTAuth.create(vertx, authConfig);
router.route("/protected/*").handler(JWTAuthHandler.create(authProvider));
router.route("/protected/somepage").handler(ctx -> {
// some handle code...
});
}
Example #13
| Source File: WebExamples.java From vertx-web with Apache License 2.0 | 6 votes |
|
public void example50(Vertx vertx) {
Router router = Router.router(vertx);
JWTAuthOptions authConfig = new JWTAuthOptions()
.setKeyStore(new KeyStoreOptions()
.setType("jceks")
.setPath("keystore.jceks")
.setPassword("secret"));
JWTAuth jwt = JWTAuth.create(vertx, authConfig);
router.route("/login").handler(ctx -> {
// this is an example, authentication should be done with another provider...
if (
"paulo".equals(ctx.request().getParam("username")) &&
"secret".equals(ctx.request().getParam("password"))) {
ctx.response()
.end(jwt.generateToken(new JsonObject().put("sub", "paulo")));
} else {
ctx.fail(401);
}
});
}
Example #14
| Source File: JWTAuthProviderTest.java From vertx-auth with Apache License 2.0 | 5 votes |
|
private JWTAuthOptions getConfig() {
return new JWTAuthOptions()
.setKeyStore(new KeyStoreOptions()
.setPath("keystore.jceks")
.setType("jceks")
.setPassword("secret"));
}
Example #15
| Source File: AuthJWTExamples.java From vertx-auth with Apache License 2.0 | 5 votes |
|
public void example8(Vertx vertx) {
JWTAuthOptions config = new JWTAuthOptions()
.addPubSecKey(new PubSecKeyOptions()
.setAlgorithm("RS256")
.setBuffer("BASE64-ENCODED-PUBLIC_KEY"));
AuthenticationProvider provider = JWTAuth.create(vertx, config);
}
Example #16
| Source File: AuthJWTExamples.java From vertx-auth with Apache License 2.0 | 5 votes |
|
public void example14(Vertx vertx) {
JsonObject config = new JsonObject()
.put("public-key", "BASE64-ENCODED-PUBLIC_KEY")
// since we're consuming keycloak JWTs we need
// to locate the permission claims in the token
.put("permissionsClaimKey", "realm_access/roles");
AuthenticationProvider provider =
JWTAuth.create(vertx, new JWTAuthOptions(config));
}
Example #17
| Source File: AuthJWTExamples.java From vertx-auth with Apache License 2.0 | 5 votes |
|
public void example16(Vertx vertx) {
JWTAuth provider = JWTAuth.create(vertx, new JWTAuthOptions()
.addPubSecKey(new PubSecKeyOptions()
.setAlgorithm("HS256")
.setBuffer("keyboard cat")));
String token = provider.generateToken(new JsonObject());
}
Example #18
| Source File: JWTAuthProviderTest.java From vertx-auth with Apache License 2.0 | 5 votes |
|
@Test
public void testValidateTokenWithIgnoreExpired() throws InterruptedException {
authProvider = JWTAuth.create(vertx, new JWTAuthOptions()
.addJwk(new JsonObject()
.put("kty", "oct")
.put("k", "AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow"))
.setJWTOptions(new JWTOptions()
.setIgnoreExpiration(true)));
String token = authProvider
.generateToken(
new JsonObject(),
new JWTOptions()
.setExpiresInSeconds(1)
.setSubject("subject")
.setAlgorithm("HS256"));
// force a sleep to invalidate the token
Thread.sleep(1001);
TokenCredentials authInfo = new TokenCredentials(token);
authProvider.authenticate(authInfo, onSuccess(res -> {
assertNotNull(res);
testComplete();
}));
await();
}
Example #19
| Source File: JWTAuthProviderTest.java From vertx-auth with Apache License 2.0 | 5 votes |
|
@Test
public void testValidateTokenWithInvalidMacSecret() {
String token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE1MDE3ODUyMDZ9.08K_rROcCmKTF1cKfPCli2GQFYIOP8dePxeS1SE4dc8";
authProvider = JWTAuth.create(vertx, new JWTAuthOptions()
.addJwk(new JsonObject()
.put("kty", "oct")
.put("k", "a bad secret"))
);
TokenCredentials authInfo = new TokenCredentials(token);
authProvider.authenticate(authInfo, onFailure(res -> {
assertNotNull(res);
testComplete();
}));
await();
}
Example #20
| Source File: JWTAuthProviderTest.java From vertx-auth with Apache License 2.0 | 5 votes |
|
@Test
public void testValidateTokenWithValidMacSecret() {
String token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE1MDE3ODUyMDZ9.08K_rROcCmKTF1cKfPCli2GQFYIOP8dePxeS1SE4dc8";
authProvider = JWTAuth.create(vertx, new JWTAuthOptions()
.addJwk(new JsonObject()
.put("kty", "oct")
.put("k", "notasecret"))
);
TokenCredentials authInfo = new TokenCredentials(token);
authProvider.authenticate(authInfo, onSuccess(res -> {
assertNotNull(res);
testComplete();
}));
await();
}
Example #21
| Source File: JWTAuthProviderTest.java From vertx-auth with Apache License 2.0 | 5 votes |
|
@Test
public void testJWKShouldNotCrash() {
authProvider = JWTAuth.create(vertx, new JWTAuthOptions().addJwk(
new JsonObject()
.put("kty", "RSA")
.put("n", "0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx4cbbfAAtVT86zwu1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMstn64tZ_2W-5JsGY4Hc5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2QvzqY368QQMicAtaSqzs8KJZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbISD08qNLyrdkt-bFTWhAI4vMQFh6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqbw0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw")
.put("e", "AQAB")
.put("alg", "RS256")
.put("kid", "2011-04-29")));
}
Example #22
| Source File: JWTAuthOptionsFactory.java From besu with Apache License 2.0 | 5 votes |
|
public JWTAuthOptions createForExternalPublicKey(final File externalPublicKeyFile) {
final byte[] externalJwtPublicKey = readPublicKey(externalPublicKeyFile);
final String base64EncodedPublicKey = Base64.getEncoder().encodeToString(externalJwtPublicKey);
return new JWTAuthOptions()
.setPermissionsClaimKey(PERMISSIONS)
.addPubSecKey(
new PubSecKeyOptions().setAlgorithm(ALGORITHM).setPublicKey(base64EncodedPublicKey));
}
Example #23
| Source File: SecureServiceBinderTest.java From vertx-service-proxy with Apache License 2.0 | 5 votes |
|
private JWTAuthOptions getJWTConfig() {
return new JWTAuthOptions()
.setKeyStore(new KeyStoreOptions()
.setPath("keystore.jceks")
.setType("jceks")
.setPassword("secret"));
}
Example #24
| Source File: JWTAuthOptionsFactory.java From besu with Apache License 2.0 | 5 votes |
|
public JWTAuthOptions createWithGeneratedKeyPair() {
final KeyPair keypair = generateJwtKeyPair();
return new JWTAuthOptions()
.setPermissionsClaimKey(PERMISSIONS)
.addPubSecKey(
new PubSecKeyOptions()
.setAlgorithm(ALGORITHM)
.setPublicKey(Base64.getEncoder().encodeToString(keypair.getPublic().getEncoded()))
.setSecretKey(
Base64.getEncoder().encodeToString(keypair.getPrivate().getEncoded())));
}
Example #25
| Source File: AuthenticationService.java From besu with Apache License 2.0 | 5 votes |
|
private AuthenticationService(
final JWTAuth jwtAuthProvider,
final JWTAuthOptions jwtAuthOptions,
final Optional<AuthProvider> credentialAuthProvider) {
this.jwtAuthProvider = jwtAuthProvider;
this.jwtAuthOptions = jwtAuthOptions;
this.credentialAuthProvider = credentialAuthProvider;
}
Example #26
| Source File: JWTAuthOptionsFactoryTest.java From besu with Apache License 2.0 | 5 votes |
|
@Test
public void createsOptionsWithGeneratedKeyPair() {
final JWTAuthOptionsFactory jwtAuthOptionsFactory = new JWTAuthOptionsFactory();
final JWTAuthOptions jwtAuthOptions = jwtAuthOptionsFactory.createWithGeneratedKeyPair();
assertThat(jwtAuthOptions.getPubSecKeys()).isNotNull();
assertThat(jwtAuthOptions.getPubSecKeys()).hasSize(1);
assertThat(jwtAuthOptions.getPubSecKeys().get(0).getAlgorithm()).isEqualTo("RS256");
assertThat(jwtAuthOptions.getPubSecKeys().get(0).getPublicKey()).isNotEmpty();
assertThat(jwtAuthOptions.getPubSecKeys().get(0).getSecretKey()).isNotEmpty();
}
Example #27
| Source File: JWTAuthOptionsFactoryTest.java From besu with Apache License 2.0 | 5 votes |
|
@Test
public void createsOptionsWithGeneratedKeyPairThatIsDifferentEachTime() {
final JWTAuthOptionsFactory jwtAuthOptionsFactory = new JWTAuthOptionsFactory();
final JWTAuthOptions jwtAuthOptions1 = jwtAuthOptionsFactory.createWithGeneratedKeyPair();
final JWTAuthOptions jwtAuthOptions2 = jwtAuthOptionsFactory.createWithGeneratedKeyPair();
final PubSecKeyOptions pubSecKeyOptions1 = jwtAuthOptions1.getPubSecKeys().get(0);
final PubSecKeyOptions pubSecKeyOptions2 = jwtAuthOptions2.getPubSecKeys().get(0);
assertThat(pubSecKeyOptions1.getPublicKey()).isNotEqualTo(pubSecKeyOptions2.getPublicKey());
assertThat(pubSecKeyOptions1.getSecretKey()).isNotEqualTo(pubSecKeyOptions2.getSecretKey());
}
Example #28
| Source File: JWTAuthOptionsFactoryTest.java From besu with Apache License 2.0 | 5 votes |
|
@Test
public void createsOptionsUsingPublicKeyFile() throws URISyntaxException {
final JWTAuthOptionsFactory jwtAuthOptionsFactory = new JWTAuthOptionsFactory();
final File enclavePublicKeyFile =
Paths.get(ClassLoader.getSystemResource("authentication/jwt_public_key").toURI())
.toAbsolutePath()
.toFile();
final JWTAuthOptions jwtAuthOptions =
jwtAuthOptionsFactory.createForExternalPublicKey(enclavePublicKeyFile);
assertThat(jwtAuthOptions.getPubSecKeys()).hasSize(1);
assertThat(jwtAuthOptions.getPubSecKeys().get(0).getAlgorithm()).isEqualTo("RS256");
assertThat(jwtAuthOptions.getPubSecKeys().get(0).getSecretKey()).isNull();
assertThat(jwtAuthOptions.getPubSecKeys().get(0).getPublicKey()).isEqualTo(JWT_PUBLIC_KEY);
}
Example #29
| Source File: AuthenticationUtilsTest.java From besu with Apache License 2.0 | 5 votes |
|
@Test
public void getUserFailsIfTokenDoesNotHaveExpiryClaim() {
final AuthenticationService authenticationService = mock(AuthenticationService.class);
final JWTAuth jwtAuth = new JWTAuthProviderImpl(null, new JWTAuthOptions());
final StubUserHandler handler = new StubUserHandler();
when(authenticationService.getJwtAuthProvider()).thenReturn(jwtAuth);
AuthenticationUtils.getUser(
Optional.of(authenticationService), INVALID_TOKEN_WITHOUT_EXP, handler);
assertThat(handler.getEvent()).isEmpty();
}
Example #30
| Source File: AuthenticationUtilsTest.java From besu with Apache License 2.0 | 5 votes |
|
@Test
public void getUserSucceedsWithValidToken() {
final AuthenticationService authenticationService = mock(AuthenticationService.class);
final JWTAuth jwtAuth = new JWTAuthProviderImpl(null, new JWTAuthOptions());
final StubUserHandler handler = new StubUserHandler();
when(authenticationService.getJwtAuthProvider()).thenReturn(jwtAuth);
AuthenticationUtils.getUser(Optional.of(authenticationService), VALID_TOKEN, handler);
assertThat(handler.getEvent().get().principal())
.isEqualTo(new JsonObject(VALID_TOKEN_DECODED_PAYLOAD));
}
