org.springframework.security.jwt.crypto.sign.RsaVerifier Java Examples

The following examples show how to use org.springframework.security.jwt.crypto.sign.RsaVerifier. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: TestJwt.java    From codeway_service with GNU General Public License v3.0 5 votes vote down vote up
@Test
 public void testVerify(){
     //公钥
     String publickey ="-----BEGIN PUBLIC KEY-----MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnASXh9oSvLRLxk901HANYM6KcYMzX8vFPnH/To2R+SrUVw1O9rEX6m1+rIaMzrEKPm12qPjVq3HMXDbRdUaJEXsB7NgGrAhepYAdJnYMizdltLdGsbfyjITUCOvzZ/QgM1M4INPMD+Ce859xse06jnOkCUzinZmasxrmgNV3Db1GtpyHIiGVUY0lSO1Frr9m5dpemylaT0BV3UwTQWVW9ljm6yR3dBncOdDENumT5tGbaDVyClV0FEB1XdSKd7VjiDCDbUAUbDTG1fm3K9sx7kO1uMGElbXLgMfboJ963HEJcU01km7BmFntqI5liyKheX+HBUCD4zbYNPw236U+7QIDAQAB-----END PUBLIC KEY-----";
//jwt令牌
     String jwtString = "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoiaXRjYXN0In0.lQOqL1s4DpDHROUAibkz6EMf6hcM7HmTPgmg-SlkacVoQAV7y3XQ7LXxiua6SJlN_uNX_EFjzIshEg_kyy972DtymtRMc2NIO5HzIF5I4oQCxNPsJdhu6qQni6sTas3q0JbAarMZSajDX7HhzVSYWPQJCussA4e1r9oFxDcoAo6TEAXOW8gRHzNIygQz1yCj6mdf4UOHI070kRy7f3BdhmrUJdOuDIMoRBYS4WsEOibAU1UCNPaJAXpZC0ihrtdY7SCg1N43fimeFOHrfpLb6OmRF7v7uvGMgrhg9JIYDbJ6nbode5OJkNceRx8QUICre2yKAe0ctlvXO0REf6OpRA";
     //校验jwt令牌
     Jwt jwt = JwtHelper.decodeAndVerify(jwtString, new RsaVerifier(publickey));

     //拿到jwt令牌中自定义的内容
     String claims = jwt.getClaims();
     System.out.println(claims);
 }
 
Example #2
Source File: JWTAuthentication.java    From codeway_service with GNU General Public License v3.0 5 votes vote down vote up
public static boolean invalidJwtAccessToken(String authentication) {
	//verifier = Optional.ofNullable(verifier).orElse(new MacSigner(signingKey));
	//是否无效true表示无效
	boolean invalid = Boolean.TRUE;
	try {
		String pubKey = JWTAuthentication.getPubKey(PUBLIC_KEY);
		RsaVerifier rsaVerifier = new RsaVerifier(pubKey);
		Jwt jwt = JwtHelper.decode(authentication);
		jwt.verifySignature(rsaVerifier);
		invalid = Boolean.FALSE;
	} catch (InvalidSignatureException | IllegalArgumentException ex) {
		LogBack.error("user token has expired or signature error");
	}
	return invalid;
}
 
Example #3
Source File: UaaSignatureVerifierClient.java    From cubeai with Apache License 2.0 5 votes vote down vote up
/**
 * Fetches the public key from the UAA.
 *
 * @return the public key used to verify JWT tokens; or null.
 */
@Override
public SignatureVerifier getSignatureVerifier() throws Exception {
    try {
        HttpEntity<Void> request = new HttpEntity<Void>(new HttpHeaders());
        String key = (String) restTemplate
            .exchange(getPublicKeyEndpoint(), HttpMethod.GET, request, Map.class).getBody()
            .get("value");
        return new RsaVerifier(key);
    } catch (IllegalStateException ex) {
        log.warn("could not contact UAA to get public key");
        return null;
    }
}
 
Example #4
Source File: UaaSignatureVerifierClient.java    From cubeai with Apache License 2.0 5 votes vote down vote up
/**
 * Fetches the public key from the UAA.
 *
 * @return the public key used to verify JWT tokens; or null.
 */
@Override
public SignatureVerifier getSignatureVerifier() throws Exception {
    try {
        HttpEntity<Void> request = new HttpEntity<Void>(new HttpHeaders());
        String key = (String) restTemplate
            .exchange(getPublicKeyEndpoint(), HttpMethod.GET, request, Map.class).getBody()
            .get("value");
        return new RsaVerifier(key);
    } catch (IllegalStateException ex) {
        log.warn("could not contact UAA to get public key");
        return null;
    }
}
 
Example #5
Source File: UaaSignatureVerifierClient.java    From cubeai with Apache License 2.0 5 votes vote down vote up
/**
 * Fetches the public key from the UAA.
 *
 * @return the public key used to verify JWT tokens; or null.
 */
@Override
public SignatureVerifier getSignatureVerifier() throws Exception {
    try {
        HttpEntity<Void> request = new HttpEntity<Void>(new HttpHeaders());
        String key = (String) restTemplate
            .exchange(getPublicKeyEndpoint(), HttpMethod.GET, request, Map.class).getBody()
            .get("value");
        return new RsaVerifier(key);
    } catch (IllegalStateException ex) {
        log.warn("could not contact UAA to get public key");
        return null;
    }
}
 
Example #6
Source File: UaaSignatureVerifierClient.java    From cubeai with Apache License 2.0 5 votes vote down vote up
/**
 * Fetches the public key from the UAA.
 *
 * @return the public key used to verify JWT tokens; or null.
 */
@Override
public SignatureVerifier getSignatureVerifier() throws Exception {
    try {
        HttpEntity<Void> request = new HttpEntity<Void>(new HttpHeaders());
        String key = (String) restTemplate
            .exchange(getPublicKeyEndpoint(), HttpMethod.GET, request, Map.class).getBody()
            .get("value");
        return new RsaVerifier(key);
    } catch (IllegalStateException ex) {
        log.warn("could not contact UAA to get public key");
        return null;
    }
}
 
Example #7
Source File: UaaSignatureVerifierClient.java    From cubeai with Apache License 2.0 5 votes vote down vote up
/**
 * Fetches the public key from the UAA.
 *
 * @return the public key used to verify JWT tokens; or null.
 */
@Override
public SignatureVerifier getSignatureVerifier() throws Exception {
    try {
        HttpEntity<Void> request = new HttpEntity<Void>(new HttpHeaders());
        String key = (String) restTemplate
            .exchange(getPublicKeyEndpoint(), HttpMethod.GET, request, Map.class).getBody()
            .get("value");
        return new RsaVerifier(key);
    } catch (IllegalStateException ex) {
        log.warn("could not contact UAA to get public key");
        return null;
    }
}
 
Example #8
Source File: UaaSignatureVerifierClient.java    From cubeai with Apache License 2.0 5 votes vote down vote up
/**
 * Fetches the public key from the UAA.
 *
 * @return the public key used to verify JWT tokens; or null.
 */
@Override
public SignatureVerifier getSignatureVerifier() throws Exception {
    try {
        HttpEntity<Void> request = new HttpEntity<Void>(new HttpHeaders());
        String key = (String) restTemplate
            .exchange(getPublicKeyEndpoint(), HttpMethod.GET, request, Map.class).getBody()
            .get("value");
        return new RsaVerifier(key);
    } catch (IllegalStateException ex) {
        log.warn("could not contact UAA to get public key");
        return null;
    }
}
 
Example #9
Source File: UaaSignatureVerifierClient.java    From cubeai with Apache License 2.0 5 votes vote down vote up
/**
 * Fetches the public key from the UAA.
 *
 * @return the public key used to verify JWT tokens; or null.
 */
@Override
public SignatureVerifier getSignatureVerifier() throws Exception {
    try {
        HttpEntity<Void> request = new HttpEntity<Void>(new HttpHeaders());
        String key = (String) restTemplate
            .exchange(getPublicKeyEndpoint(), HttpMethod.GET, request, Map.class).getBody()
            .get("value");
        return new RsaVerifier(key);
    } catch (IllegalStateException ex) {
        log.warn("could not contact UAA to get public key");
        return null;
    }
}
 
Example #10
Source File: TestJwt.java    From codeway_service with GNU General Public License v3.0 5 votes vote down vote up
@Test
 public void testVerify(){
     //公钥
     String publickey ="-----BEGIN PUBLIC KEY-----MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnASXh9oSvLRLxk901HANYM6KcYMzX8vFPnH/To2R+SrUVw1O9rEX6m1+rIaMzrEKPm12qPjVq3HMXDbRdUaJEXsB7NgGrAhepYAdJnYMizdltLdGsbfyjITUCOvzZ/QgM1M4INPMD+Ce859xse06jnOkCUzinZmasxrmgNV3Db1GtpyHIiGVUY0lSO1Frr9m5dpemylaT0BV3UwTQWVW9ljm6yR3dBncOdDENumT5tGbaDVyClV0FEB1XdSKd7VjiDCDbUAUbDTG1fm3K9sx7kO1uMGElbXLgMfboJ963HEJcU01km7BmFntqI5liyKheX+HBUCD4zbYNPw236U+7QIDAQAB-----END PUBLIC KEY-----";
//jwt令牌
     String jwtString = "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoiaXRjYXN0In0.lQOqL1s4DpDHROUAibkz6EMf6hcM7HmTPgmg-SlkacVoQAV7y3XQ7LXxiua6SJlN_uNX_EFjzIshEg_kyy972DtymtRMc2NIO5HzIF5I4oQCxNPsJdhu6qQni6sTas3q0JbAarMZSajDX7HhzVSYWPQJCussA4e1r9oFxDcoAo6TEAXOW8gRHzNIygQz1yCj6mdf4UOHI070kRy7f3BdhmrUJdOuDIMoRBYS4WsEOibAU1UCNPaJAXpZC0ihrtdY7SCg1N43fimeFOHrfpLb6OmRF7v7uvGMgrhg9JIYDbJ6nbode5OJkNceRx8QUICre2yKAe0ctlvXO0REf6OpRA";
     //校验jwt令牌
     Jwt jwt = JwtHelper.decodeAndVerify(jwtString, new RsaVerifier(publickey));

     //拿到jwt令牌中自定义的内容
     String claims = jwt.getClaims();
     System.out.println(claims);
 }
 
Example #11
Source File: JWTAuthentication.java    From codeway_service with GNU General Public License v3.0 5 votes vote down vote up
public static boolean invalidJwtAccessToken(String authentication) {
	//verifier = Optional.ofNullable(verifier).orElse(new MacSigner(signingKey));
	//是否无效true表示无效
	boolean invalid = Boolean.TRUE;
	try {
		String pubKey = JWTAuthentication.getPubKey(PUBLIC_KEY);
		RsaVerifier rsaVerifier = new RsaVerifier(pubKey);
		Jwt jwt = JwtHelper.decode(authentication);
		jwt.verifySignature(rsaVerifier);
		invalid = Boolean.FALSE;
	} catch (InvalidSignatureException | IllegalArgumentException ex) {
		LogBack.error("user token has expired or signature error");
	}
	return invalid;
}
 
Example #12
Source File: SampleSecureOAuth2ApplicationTests.java    From spring-security-oauth2-boot with Apache License 2.0 5 votes vote down vote up
@Test
public void tokenWhenUsingClientCredentialsThenIsValid() throws Exception {
	MvcResult result = this.mvc.perform(post("/oauth/token").with(CLIENT_CREDENTIALS)
			.param("grant_type", "client_credentials").param("scope", "any")).andExpect(status().isOk())
			.andReturn();

	String accessToken = extract(result, "access_token");

	JwtHelper.decodeAndVerify(accessToken, new RsaVerifier(privateKeyValue));
}
 
Example #13
Source File: KeyExchangeJwtAccessTokenConverter.java    From edison-microservice with Apache License 2.0 5 votes vote down vote up
private Map<String, Object> decodeJwtMap(final String token, final OAuthPublicKey keyExchangePublicKey) {
    final RsaVerifier rsaVerifier = new RsaVerifier(keyExchangePublicKey.getPublicKey());
    final Jwt jwt = JwtHelper.decodeAndVerify(token, rsaVerifier);

    final String content = jwt.getClaims();

    final Map<String, Object> map = objectMapper.parseMap(content);
    if (map.containsKey(EXP) && map.get(EXP) instanceof Integer) {
        final Integer intValue = (Integer) map.get(EXP);
        map.put(EXP, Long.valueOf(intValue));
    }
    return map;
}
 
Example #14
Source File: UaaSignatureVerifierClient.java    From tutorials with MIT License 5 votes vote down vote up
/**
 * Fetches the public key from the UAA.
 *
 * @return the public key used to verify JWT tokens; or null.
 */
@Override
public SignatureVerifier getSignatureVerifier() throws Exception {
    try {
        HttpEntity<Void> request = new HttpEntity<Void>(new HttpHeaders());
        String key = (String) restTemplate
            .exchange(getPublicKeyEndpoint(), HttpMethod.GET, request, Map.class).getBody()
            .get("value");
        return new RsaVerifier(key);
    } catch (IllegalStateException ex) {
        log.warn("could not contact UAA to get public key");
        return null;
    }
}
 
Example #15
Source File: UaaSignatureVerifierClient.java    From tutorials with MIT License 5 votes vote down vote up
/**
 * Fetches the public key from the UAA.
 *
 * @return the public key used to verify JWT tokens; or null.
 */
@Override
public SignatureVerifier getSignatureVerifier() throws Exception {
    try {
        HttpEntity<Void> request = new HttpEntity<Void>(new HttpHeaders());
        String key = (String) restTemplate
            .exchange(getPublicKeyEndpoint(), HttpMethod.GET, request, Map.class).getBody()
            .get("value");
        return new RsaVerifier(key);
    } catch (IllegalStateException ex) {
        log.warn("could not contact UAA to get public key");
        return null;
    }
}
 
Example #16
Source File: JwtUtils.java    From microservices-platform with Apache License 2.0 2 votes vote down vote up
/**
 * {"exp":1563256084,"user_name":"admin","authorities":["ADMIN"],"jti":"4ce02f54-3d1c-4461-8af1-73f0841a35df","client_id":"webApp","scope":["app"]}
 * @param jwtToken token值
 * @param rsaPublicKey 公钥
 * @return
 */
public static JSONObject decodeAndVerify(String jwtToken, RSAPublicKey rsaPublicKey) {
    SignatureVerifier rsaVerifier = new RsaVerifier(rsaPublicKey);
    Jwt jwt = JwtHelper.decodeAndVerify(jwtToken, rsaVerifier);
    return JSONObject.parseObject(jwt.getClaims());
}