com.auth0.jwk.JwkProvider Java Examples
The following examples show how to use
com.auth0.jwk.JwkProvider.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: AsymmetricSignatureVerifier.java From auth0-java-mvc-common with MIT License | 5 votes |
|
private static JWTVerifier createJWTVerifier(final JwkProvider jwkProvider) {
Algorithm alg = Algorithm.RSA256(new RSAKeyProvider() {
@Override
public RSAPublicKey getPublicKeyById(String keyId) {
try {
Jwk jwk = jwkProvider.get(keyId);
return (RSAPublicKey) jwk.getPublicKey();
} catch (JwkException ignored) {
// JwkException handled by Algorithm verify implementation from java-jwt
}
return null;
}
@Override
public RSAPrivateKey getPrivateKey() {
//NO-OP
return null;
}
@Override
public String getPrivateKeyId() {
//NO-OP
return null;
}
});
return JWT.require(alg)
.ignoreIssuedAt()
.build();
}
Example #2
| Source File: SignatureVerifierTest.java From auth0-java-mvc-common with MIT License | 5 votes |
|
@Test
public void failsWhenErrorGettingJwk() throws Exception {
JwkProvider jwkProvider = mock(JwkProvider.class);
when(jwkProvider.get("abc123")).thenThrow(JwkException.class);
exception.expect(TokenValidationException.class);
exception.expectMessage("Invalid token signature");
SignatureVerifier verifier = new AsymmetricSignatureVerifier(jwkProvider);
verifier.verifySignature(RS_JWT);
}
Example #3
| Source File: SignatureVerifierTest.java From auth0-java-mvc-common with MIT License | 5 votes |
|
private JwkProvider getRSProvider(String rsaPath) throws Exception {
JwkProvider jwkProvider = mock(JwkProvider.class);
Jwk jwk = mock(Jwk.class);
when(jwkProvider.get("abc123")).thenReturn(jwk);
RSAPublicKey key = readPublicKeyFromFile(rsaPath);
when(jwk.getPublicKey()).thenReturn(key);
return jwkProvider;
}
Example #4
| Source File: AuthenticationControllerTest.java From auth0-java-mvc-common with MIT License | 5 votes |
|
@Test
public void shouldCreateWithJwkProvider() {
JwkProvider provider = mock(JwkProvider.class);
AuthenticationController.newBuilder("domain", "clientId", "clientSecret")
.withJwkProvider(provider)
.build();
}
Example #5
| Source File: AuthenticationControllerProvider.java From auth0-servlet-sample with MIT License | 5 votes |
|
public static AuthenticationController getInstance(ServletConfig config) throws UnsupportedEncodingException {
String domain = config.getServletContext().getInitParameter("com.auth0.domain");
String clientId = config.getServletContext().getInitParameter("com.auth0.clientId");
String clientSecret = config.getServletContext().getInitParameter("com.auth0.clientSecret");
if (domain == null || clientId == null || clientSecret == null) {
throw new IllegalArgumentException("Missing domain, clientId, or clientSecret. Did you update src/main/webapp/WEB-INF/web.xml?");
}
// JwkProvider required for RS256 tokens. If using HS256, do not use.
JwkProvider jwkProvider = new JwkProviderBuilder(domain).build();
return AuthenticationController.newBuilder(domain, clientId, clientSecret)
.withJwkProvider(jwkProvider)
.build();
}
Example #6
| Source File: AppConfig.java From auth0-spring-security-mvc-sample with MIT License | 5 votes |
|
@Bean
public AuthenticationController authenticationController() throws UnsupportedEncodingException {
JwkProvider jwkProvider = new JwkProviderBuilder(domain).build();
return AuthenticationController.newBuilder(domain, clientId, clientSecret)
.withJwkProvider(jwkProvider)
.build();
}
Example #7
| Source File: KeycloakModule.java From che with Eclipse Public License 2.0 | 5 votes |
|
@Override
protected void configure() {
bind(HttpJsonRequestFactory.class)
.to(org.eclipse.che.multiuser.keycloak.server.KeycloakHttpJsonRequestFactory.class);
bind(TokenValidator.class).to(KeycloakTokenValidator.class);
bind(KeycloakConfigurationService.class);
bind(ProfileDao.class).to(KeycloakProfileDao.class);
bind(JwkProvider.class).toProvider(KeycloakJwkProvider.class);
bind(JwtParser.class).toProvider(KeycloakJwtParserProvider.class);
bind(PersonalAccountUserManager.class).to(KeycloakUserManager.class);
bind(OAuthAPI.class).toProvider(OAuthAPIProvider.class);
}
Example #8
| Source File: AuthConfig.java From tutorials with MIT License | 5 votes |
|
@Bean
public AuthenticationController authenticationController() throws UnsupportedEncodingException {
JwkProvider jwkProvider = new JwkProviderBuilder(domain).build();
return AuthenticationController.newBuilder(domain, clientId, clientSecret)
.withJwkProvider(jwkProvider)
.build();
}
Example #9
| Source File: AsymmetricSignatureVerifier.java From auth0-java-mvc-common with MIT License | 4 votes |
|
AsymmetricSignatureVerifier(JwkProvider jwkProvider) {
super(createJWTVerifier(jwkProvider), "RS256");
}
Example #10
| Source File: AuthenticationControllerTest.java From auth0-java-mvc-common with MIT License | 4 votes |
|
@Test
public void shouldCreateWithAsymmetricSignatureVerifierWhenJwkProviderIsExplicitlySet() {
JwkProvider jwkProvider = mock(JwkProvider.class);
AuthenticationController controller = builderSpy
.withResponseType("code id_token")
.withJwkProvider(jwkProvider)
.build();
SignatureVerifier signatureVerifier = signatureVerifierCaptor.getValue();
assertThat(signatureVerifier, is(notNullValue()));
assertThat(signatureVerifier, instanceOf(AsymmetricSignatureVerifier.class));
assertThat(verificationOptions, is(controller.getRequestProcessor().verifyOptions));
controller = builderSpy
.withResponseType("code token")
.withJwkProvider(jwkProvider)
.build();
signatureVerifier = signatureVerifierCaptor.getValue();
assertThat(signatureVerifier, is(notNullValue()));
assertThat(signatureVerifier, instanceOf(AsymmetricSignatureVerifier.class));
assertThat(verificationOptions, is(controller.getRequestProcessor().verifyOptions));
controller = builderSpy
.withResponseType("code id_token token")
.withJwkProvider(jwkProvider)
.build();
signatureVerifier = signatureVerifierCaptor.getValue();
assertThat(signatureVerifier, is(notNullValue()));
assertThat(signatureVerifier, instanceOf(AsymmetricSignatureVerifier.class));
assertThat(verificationOptions, is(controller.getRequestProcessor().verifyOptions));
controller = builderSpy
.withResponseType("code")
.withJwkProvider(jwkProvider)
.build();
signatureVerifier = signatureVerifierCaptor.getValue();
assertThat(signatureVerifier, is(notNullValue()));
assertThat(signatureVerifier, instanceOf(AsymmetricSignatureVerifier.class));
assertThat(verificationOptions, is(controller.getRequestProcessor().verifyOptions));
controller = builderSpy
.withResponseType("id_token")
.withJwkProvider(jwkProvider)
.build();
signatureVerifier = signatureVerifierCaptor.getValue();
assertThat(signatureVerifier, is(notNullValue()));
assertThat(signatureVerifier, instanceOf(AsymmetricSignatureVerifier.class));
assertThat(verificationOptions, is(controller.getRequestProcessor().verifyOptions));
controller = builderSpy
.withResponseType("token")
.withJwkProvider(jwkProvider)
.build();
signatureVerifier = signatureVerifierCaptor.getValue();
assertThat(signatureVerifier, is(notNullValue()));
assertThat(signatureVerifier, instanceOf(AsymmetricSignatureVerifier.class));
assertThat(verificationOptions, is(controller.getRequestProcessor().verifyOptions));
}
Example #11
| Source File: KeycloakJwkProvider.java From che with Eclipse Public License 2.0 | 4 votes |
|
@Override
public JwkProvider get() {
return jwkProvider;
}
Example #12
| Source File: KeycloakSigningKeyResolver.java From che with Eclipse Public License 2.0 | 4 votes |
|
@Inject
KeycloakSigningKeyResolver(JwkProvider jwkProvider) {
this.jwkProvider = jwkProvider;
}
Example #13
| Source File: JwtWebSecurityConfigurer.java From auth0-spring-security-api with MIT License | 2 votes |
|
/**
* Configures application authorization for JWT signed with RS256.
* Will try to validate the token using the public key downloaded from "$issuer/.well-known/jwks.json"
* and matched by the value of {@code kid} of the JWT header
* @param audience identifier of the API and must match the {@code aud} value in the token
* @param issuers array of allowed issuers of the token for this API and one of the entries must match the {@code iss} value in the token
* @return JwtWebSecurityConfigurer for further configuration
*/
@SuppressWarnings({"WeakerAccess", "SameParameterValue"})
public static JwtWebSecurityConfigurer forRS256(String audience, String[] issuers) {
final JwkProvider jwkProvider = new JwkProviderBuilder(issuers[0]).build(); // we use the first issuer for getting the jwkProvider
return new JwtWebSecurityConfigurer(audience, issuers, new JwtAuthenticationProvider(jwkProvider, issuers, audience));
}
Example #14
| Source File: AuthenticationController.java From auth0-java-mvc-common with MIT License | 2 votes |
|
/**
* Sets the Jwk Provider that will return the Public Key required to verify the token in case of Implicit Grant flows.
* This is required if the Auth0 Application is signing the tokens with the RS256 algorithm.
*
* @param jwkProvider a valid Jwk provider.
* @return this same builder instance.
*/
public Builder withJwkProvider(JwkProvider jwkProvider) {
Validate.notNull(jwkProvider);
this.jwkProvider = jwkProvider;
return this;
}
