Java Code Examples for org.springframework.security.jwt.Jwt#getClaims()
The following examples show how to use
org.springframework.security.jwt.Jwt#getClaims() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: OAuth2ClientCredentialsService.java From flair-registry with Apache License 2.0 | 6 votes |
|
public String getAccessToken() {
if (accessToken == null) {
retrieveNewAccessToken();
}
Jwt jwt = JwtHelper.decode(accessToken);
String claims = jwt.getClaims();
JsonParser jsonParser = JsonParserFactory.getJsonParser();
Map<String, Object> claimMap = jsonParser.parseMap(claims);
Integer exp = (Integer) claimMap.get("exp");
int now = (int) (System.currentTimeMillis() / 1000L);
if (exp < now) {
retrieveNewAccessToken();
}
return accessToken;
}
Example 2
| Source File: GrantByResourceOwnerPasswordCredentialTest.java From demo-spring-boot-security-oauth2 with MIT License | 6 votes |
|
@SuppressWarnings({"rawtypes", "unchecked"})
@Test
public void getJwtTokenByClientCredentialForUser() throws JsonParseException, JsonMappingException, IOException {
ResponseEntity<String> response = new TestRestTemplate("trusted-app", "secret").postForEntity("http://localhost:" + port + "/oauth/token?grant_type=password&username=user&password=password", null, String.class);
String responseText = response.getBody();
assertEquals(HttpStatus.OK, response.getStatusCode());
HashMap jwtMap = new ObjectMapper().readValue(responseText, HashMap.class);
assertEquals("bearer", jwtMap.get("token_type"));
assertEquals("read write", jwtMap.get("scope"));
assertTrue(jwtMap.containsKey("access_token"));
assertTrue(jwtMap.containsKey("expires_in"));
assertTrue(jwtMap.containsKey("jti"));
String accessToken = (String) jwtMap.get("access_token");
Jwt jwtToken = JwtHelper.decode(accessToken);
String claims = jwtToken.getClaims();
HashMap claimsMap = new ObjectMapper().readValue(claims, HashMap.class);
assertEquals("spring-boot-application", ((List<String>) claimsMap.get("aud")).get(0));
assertEquals("trusted-app", claimsMap.get("client_id"));
assertEquals("user", claimsMap.get("user_name"));
assertEquals("read", ((List<String>) claimsMap.get("scope")).get(0));
assertEquals("write", ((List<String>) claimsMap.get("scope")).get(1));
assertEquals("ROLE_USER", ((List<String>) claimsMap.get("authorities")).get(0));
}
Example 3
| Source File: GrantByResourceOwnerPasswordCredentialTest.java From demo-spring-boot-security-oauth2 with MIT License | 6 votes |
|
@SuppressWarnings({"rawtypes", "unchecked"})
@Test
public void getJwtTokenByClientCredentialForAdmin() throws JsonParseException, JsonMappingException, IOException {
ResponseEntity<String> response = new TestRestTemplate("trusted-app", "secret").postForEntity("http://localhost:" + port + "/oauth/token?grant_type=password&username=admin&password=password", null, String.class);
String responseText = response.getBody();
assertEquals(HttpStatus.OK, response.getStatusCode());
HashMap jwtMap = new ObjectMapper().readValue(responseText, HashMap.class);
assertEquals("bearer", jwtMap.get("token_type"));
assertEquals("read write", jwtMap.get("scope"));
assertTrue(jwtMap.containsKey("access_token"));
assertTrue(jwtMap.containsKey("expires_in"));
assertTrue(jwtMap.containsKey("jti"));
String accessToken = (String) jwtMap.get("access_token");
Jwt jwtToken = JwtHelper.decode(accessToken);
String claims = jwtToken.getClaims();
HashMap claimsMap = new ObjectMapper().readValue(claims, HashMap.class);
assertEquals("spring-boot-application", ((List<String>) claimsMap.get("aud")).get(0));
assertEquals("trusted-app", claimsMap.get("client_id"));
assertEquals("admin", claimsMap.get("user_name"));
assertEquals("read", ((List<String>) claimsMap.get("scope")).get(0));
assertEquals("write", ((List<String>) claimsMap.get("scope")).get(1));
assertEquals("ROLE_ADMIN", ((List<String>) claimsMap.get("authorities")).get(0));
}
Example 4
| Source File: TestJwt.java From codeway_service with GNU General Public License v3.0 | 5 votes |
|
@Test
public void testVerify(){
//公钥
String publickey ="-----BEGIN PUBLIC KEY-----MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnASXh9oSvLRLxk901HANYM6KcYMzX8vFPnH/To2R+SrUVw1O9rEX6m1+rIaMzrEKPm12qPjVq3HMXDbRdUaJEXsB7NgGrAhepYAdJnYMizdltLdGsbfyjITUCOvzZ/QgM1M4INPMD+Ce859xse06jnOkCUzinZmasxrmgNV3Db1GtpyHIiGVUY0lSO1Frr9m5dpemylaT0BV3UwTQWVW9ljm6yR3dBncOdDENumT5tGbaDVyClV0FEB1XdSKd7VjiDCDbUAUbDTG1fm3K9sx7kO1uMGElbXLgMfboJ963HEJcU01km7BmFntqI5liyKheX+HBUCD4zbYNPw236U+7QIDAQAB-----END PUBLIC KEY-----";
//jwt令牌
String jwtString = "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoiaXRjYXN0In0.lQOqL1s4DpDHROUAibkz6EMf6hcM7HmTPgmg-SlkacVoQAV7y3XQ7LXxiua6SJlN_uNX_EFjzIshEg_kyy972DtymtRMc2NIO5HzIF5I4oQCxNPsJdhu6qQni6sTas3q0JbAarMZSajDX7HhzVSYWPQJCussA4e1r9oFxDcoAo6TEAXOW8gRHzNIygQz1yCj6mdf4UOHI070kRy7f3BdhmrUJdOuDIMoRBYS4WsEOibAU1UCNPaJAXpZC0ihrtdY7SCg1N43fimeFOHrfpLb6OmRF7v7uvGMgrhg9JIYDbJ6nbode5OJkNceRx8QUICre2yKAe0ctlvXO0REf6OpRA";
//校验jwt令牌
Jwt jwt = JwtHelper.decodeAndVerify(jwtString, new RsaVerifier(publickey));
//拿到jwt令牌中自定义的内容
String claims = jwt.getClaims();
System.out.println(claims);
}
Example 5
| Source File: OAuth2CookieHelper.java From cubeai with Apache License 2.0 | 5 votes |
|
/**
* Retrieve the given claim from the given token.
*
* @param refreshToken the JWT token to examine.
* @param claimName name of the claim to get.
* @param clazz the Class we expect to find there.
* @return the desired claim.
* @throws InvalidTokenException if we cannot find the claim in the token or it is of wrong type.
*/
@SuppressWarnings("unchecked")
private <T> T getClaim(String refreshToken, String claimName, Class<T> clazz) {
Jwt jwt = JwtHelper.decode(refreshToken);
String claims = jwt.getClaims();
Map<String, Object> claimsMap = jsonParser.parseMap(claims);
Object claimValue = claimsMap.get(claimName);
if (claimValue == null) {
return null;
}
if (!clazz.isAssignableFrom(claimValue.getClass())) {
throw new InvalidTokenException("claim is not of expected type: " + claimName);
}
return (T) claimValue;
}
Example 6
| Source File: TestJwt.java From codeway_service with GNU General Public License v3.0 | 5 votes |
|
@Test
public void testVerify(){
//公钥
String publickey ="-----BEGIN PUBLIC KEY-----MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnASXh9oSvLRLxk901HANYM6KcYMzX8vFPnH/To2R+SrUVw1O9rEX6m1+rIaMzrEKPm12qPjVq3HMXDbRdUaJEXsB7NgGrAhepYAdJnYMizdltLdGsbfyjITUCOvzZ/QgM1M4INPMD+Ce859xse06jnOkCUzinZmasxrmgNV3Db1GtpyHIiGVUY0lSO1Frr9m5dpemylaT0BV3UwTQWVW9ljm6yR3dBncOdDENumT5tGbaDVyClV0FEB1XdSKd7VjiDCDbUAUbDTG1fm3K9sx7kO1uMGElbXLgMfboJ963HEJcU01km7BmFntqI5liyKheX+HBUCD4zbYNPw236U+7QIDAQAB-----END PUBLIC KEY-----";
//jwt令牌
String jwtString = "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoiaXRjYXN0In0.lQOqL1s4DpDHROUAibkz6EMf6hcM7HmTPgmg-SlkacVoQAV7y3XQ7LXxiua6SJlN_uNX_EFjzIshEg_kyy972DtymtRMc2NIO5HzIF5I4oQCxNPsJdhu6qQni6sTas3q0JbAarMZSajDX7HhzVSYWPQJCussA4e1r9oFxDcoAo6TEAXOW8gRHzNIygQz1yCj6mdf4UOHI070kRy7f3BdhmrUJdOuDIMoRBYS4WsEOibAU1UCNPaJAXpZC0ihrtdY7SCg1N43fimeFOHrfpLb6OmRF7v7uvGMgrhg9JIYDbJ6nbode5OJkNceRx8QUICre2yKAe0ctlvXO0REf6OpRA";
//校验jwt令牌
Jwt jwt = JwtHelper.decodeAndVerify(jwtString, new RsaVerifier(publickey));
//拿到jwt令牌中自定义的内容
String claims = jwt.getClaims();
System.out.println(claims);
}
Example 7
| Source File: GrantByClientCredentialTest.java From demo-spring-boot-security-oauth2 with MIT License | 5 votes |
|
@SuppressWarnings({"rawtypes", "unchecked"})
@Test
public void getJwtTokenByTrustedClient() throws JsonParseException, JsonMappingException, IOException {
ResponseEntity<String> response = new TestRestTemplate("trusted-app", "secret").postForEntity("http://localhost:" + port + "/oauth/token?client_id=trusted-app&grant_type=client_credentials", null, String.class);
String responseText = response.getBody();
assertEquals(HttpStatus.OK, response.getStatusCode());
HashMap jwtMap = new ObjectMapper().readValue(responseText, HashMap.class);
assertEquals("bearer", jwtMap.get("token_type"));
assertEquals("read write", jwtMap.get("scope"));
assertTrue(jwtMap.containsKey("access_token"));
assertTrue(jwtMap.containsKey("expires_in"));
assertTrue(jwtMap.containsKey("jti"));
String accessToken = (String) jwtMap.get("access_token");
Jwt jwtToken = JwtHelper.decode(accessToken);
String claims = jwtToken.getClaims();
logJson(claims);
HashMap claimsMap = new ObjectMapper().readValue(claims, HashMap.class);
assertEquals("spring-boot-application", ((List<String>) claimsMap.get("aud")).get(0));
assertEquals("trusted-app", claimsMap.get("client_id"));
assertEquals("read", ((List<String>) claimsMap.get("scope")).get(0));
assertEquals("write", ((List<String>) claimsMap.get("scope")).get(1));
List<String> authorities = (List<String>) claimsMap.get("authorities");
assertEquals(1, authorities.size());
assertEquals("ROLE_TRUSTED_CLIENT", authorities.get(0));
}
Example 8
| Source File: KeyExchangeJwtAccessTokenConverter.java From edison-microservice with Apache License 2.0 | 5 votes |
|
private Map<String, Object> decodeJwtMap(final String token, final OAuthPublicKey keyExchangePublicKey) {
final RsaVerifier rsaVerifier = new RsaVerifier(keyExchangePublicKey.getPublicKey());
final Jwt jwt = JwtHelper.decodeAndVerify(token, rsaVerifier);
final String content = jwt.getClaims();
final Map<String, Object> map = objectMapper.parseMap(content);
if (map.containsKey(EXP) && map.get(EXP) instanceof Integer) {
final Integer intValue = (Integer) map.get(EXP);
map.put(EXP, Long.valueOf(intValue));
}
return map;
}
Example 9
| Source File: OAuth2CookieHelper.java From tutorials with MIT License | 5 votes |
|
/**
* Retrieve the given claim from the given token.
*
* @param refreshToken the JWT token to examine.
* @param claimName name of the claim to get.
* @param clazz the Class we expect to find there.
* @return the desired claim.
* @throws InvalidTokenException if we cannot find the claim in the token or it is of wrong type.
*/
@SuppressWarnings("unchecked")
private <T> T getClaim(String refreshToken, String claimName, Class<T> clazz) {
Jwt jwt = JwtHelper.decode(refreshToken);
String claims = jwt.getClaims();
Map<String, Object> claimsMap = jsonParser.parseMap(claims);
Object claimValue = claimsMap.get(claimName);
if (claimValue == null) {
return null;
}
if (!clazz.isAssignableFrom(claimValue.getClass())) {
throw new InvalidTokenException("claim is not of expected type: " + claimName);
}
return (T) claimValue;
}
