Java Code Examples for io.jsonwebtoken.JwsHeader#getKeyId()
The following examples show how to use
io.jsonwebtoken.JwsHeader#getKeyId() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: OpenIdSigningKeyResolver.java From line-sdk-android with Apache License 2.0 | 6 votes |
|
private Key resolveSigningKey(final JwsHeader header) {
final LineApiResponse<JWKSet> response = apiClient.getJWKSet();
if (!response.isSuccess()) {
Log.e(TAG, "failed to get LINE JSON Web Key Set [JWK] document.");
return null;
}
final JWKSet jwkSet = response.getResponseData();
final String keyId = header.getKeyId();
final JWK jwk = jwkSet.getJWK(keyId);
if (jwk == null) {
Log.e(TAG, "failed to find Key by Id: " + keyId);
return null;
}
final String algorithm = header.getAlgorithm();
final SignatureAlgorithm alg = SignatureAlgorithm.forName(algorithm);
if (alg.isEllipticCurve()) {
return generateECPublicKey(jwk);
}
throw new SecurityException("Unsupported signature algorithm '" + algorithm + '\'');
}
Example 2
| Source File: JsonWebTokenAuthenticator.java From presto with Apache License 2.0 | 5 votes |
|
private static String getKeyId(JwsHeader<?> header)
{
String keyId = header.getKeyId();
if (keyId == null) {
// allow for migration from system not using kid
return DEFAULT_KEY;
}
keyId = INVALID_KID_CHARS.replaceFrom(keyId, '_');
return keyId;
}
Example 3
| Source File: KeycloakSigningKeyResolver.java From che with Eclipse Public License 2.0 | 5 votes |
|
private synchronized PublicKey getJwtPublicKey(JwsHeader<?> header) {
String kid = header.getKeyId();
if (header.getKeyId() == null) {
LOG.warn(
"'kid' is missing in the JWT token header. This is not possible to validate the token with OIDC provider keys");
throw new JwtException("'kid' is missing in the JWT token header.");
}
try {
return jwkProvider.get(kid).getPublicKey();
} catch (JwkException e) {
throw new JwtException(
"Error during the retrieval of the public key during JWT token validation", e);
}
}
Example 4
| Source File: KeyStoreJwkKeyResolver.java From athenz with Apache License 2.0 | 4 votes |
|
@Override
@SuppressWarnings("rawtypes")
public Key resolveSigningKey(JwsHeader header, Claims claims) {
String keyId = header.getKeyId();
if (keyId == null || keyId.isEmpty()) {
if (LOG.isDebugEnabled()) {
LOG.debug("KeyStoreJwkKeyResolver:resolveSigningKey: invalid key ID " + keyId);
}
return null;
}
// 1. find in key store
String issuer = claims.getIssuer();
if (this.keyStore != null && issuer != null && !issuer.isEmpty()) {
String[] ds = AthenzUtils.splitPrincipalName(issuer);
if (ds == null) {
if (LOG.isDebugEnabled()) {
LOG.debug("KeyStoreJwkKeyResolver:resolveSigningKey: skip using KeyStore, invalid issuer " + issuer);
}
} else {
String domain = ds[0];
String service = ds[1];
if (!SYS_AUTH_DOMAIN.equals(domain)) {
LOG.debug("KeyStoreJwkKeyResolver:resolveSigningKey: skip using KeyStore, invalid domain " + domain);
} else {
String publicKey = this.keyStore.getPublicKey(domain, service, keyId);
if (publicKey != null && !publicKey.isEmpty()) {
try {
if (LOG.isDebugEnabled()) {
LOG.debug("KeyStoreJwkKeyResolver:resolveSigningKey: will use public key from key store: ({}, {}, {})", domain, service, keyId);
}
return Crypto.loadPublicKey(publicKey);
} catch (Throwable t) {
LOG.warn("KeyStoreJwkKeyResolver:resolveSigningKey: invalid public key format", t);
}
}
}
}
}
// 2. find in JWKS
if (LOG.isDebugEnabled()) {
LOG.debug("KeyStoreJwkKeyResolver:resolveSigningKey: will use public key from JWKS: ({})", keyId);
}
return this.jwksResolver.resolveSigningKey(header, claims);
}
