org.springframework.security.jwt.crypto.sign.SignatureVerifier Java Examples

The following examples show how to use org.springframework.security.jwt.crypto.sign.SignatureVerifier. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: OAuth2JwtAccessTokenConverter.java    From cubeai with Apache License 2.0 7 votes vote down vote up
/**
 * Fetch a new public key from the AuthorizationServer.
 *
 * @return true, if we could fetch it; false, if we could not.
 */
private boolean tryCreateSignatureVerifier() {
    long t = System.currentTimeMillis();
    if (t - lastKeyFetchTimestamp < oAuth2Properties.getSignatureVerification().getPublicKeyRefreshRateLimit()) {
        return false;
    }
    try {
        SignatureVerifier verifier = signatureVerifierClient.getSignatureVerifier();
        if(verifier!=null) {
            setVerifier(verifier);
            lastKeyFetchTimestamp = t;
            log.debug("Public key retrieved from OAuth2 server to create SignatureVerifier");
            return true;
        }
    } catch (Throwable ex) {
        log.error("could not get public key from OAuth2 server to create SignatureVerifier", ex);
    }
    return false;
}
 
Example #2
Source File: OAuth2JwtAccessTokenConverter.java    From tutorials with MIT License 6 votes vote down vote up
/**
 * Fetch a new public key from the AuthorizationServer.
 *
 * @return true, if we could fetch it; false, if we could not.
 */
private boolean tryCreateSignatureVerifier() {
    long t = System.currentTimeMillis();
    if (t - lastKeyFetchTimestamp < oAuth2Properties.getSignatureVerification().getPublicKeyRefreshRateLimit()) {
        return false;
    }
    try {
        SignatureVerifier verifier = signatureVerifierClient.getSignatureVerifier();
        if (verifier != null) {
            setVerifier(verifier);
            lastKeyFetchTimestamp = t;
            log.debug("Public key retrieved from OAuth2 server to create SignatureVerifier");
            return true;
        }
    } catch (Throwable ex) {
        log.error("could not get public key from OAuth2 server to create SignatureVerifier", ex);
    }
    return false;
}
 
Example #3
Source File: OAuth2JwtAccessTokenConverter.java    From cubeai with Apache License 2.0 6 votes vote down vote up
/**
 * Fetch a new public key from the AuthorizationServer.
 *
 * @return true, if we could fetch it; false, if we could not.
 */
private boolean tryCreateSignatureVerifier() {
    long t = System.currentTimeMillis();
    if (t - lastKeyFetchTimestamp < oAuth2Properties.getSignatureVerification().getPublicKeyRefreshRateLimit()) {
        return false;
    }
    try {
        SignatureVerifier verifier = signatureVerifierClient.getSignatureVerifier();
        if(verifier!=null) {
            setVerifier(verifier);
            lastKeyFetchTimestamp = t;
            log.debug("Public key retrieved from OAuth2 server to create SignatureVerifier");
            return true;
        }
    } catch (Throwable ex) {
        log.error("could not get public key from OAuth2 server to create SignatureVerifier", ex);
    }
    return false;
}
 
Example #4
Source File: OAuth2JwtAccessTokenConverter.java    From tutorials with MIT License 6 votes vote down vote up
/**
 * Fetch a new public key from the AuthorizationServer.
 *
 * @return true, if we could fetch it; false, if we could not.
 */
private boolean tryCreateSignatureVerifier() {
    long t = System.currentTimeMillis();
    if (t - lastKeyFetchTimestamp < oAuth2Properties.getSignatureVerification().getPublicKeyRefreshRateLimit()) {
        return false;
    }
    try {
        SignatureVerifier verifier = signatureVerifierClient.getSignatureVerifier();
        if (verifier != null) {
            setVerifier(verifier);
            lastKeyFetchTimestamp = t;
            log.debug("Public key retrieved from OAuth2 server to create SignatureVerifier");
            return true;
        }
    } catch (Throwable ex) {
        log.error("could not get public key from OAuth2 server to create SignatureVerifier", ex);
    }
    return false;
}
 
Example #5
Source File: OAuth2JwtAccessTokenConverter.java    From cubeai with Apache License 2.0 6 votes vote down vote up
/**
 * Fetch a new public key from the AuthorizationServer.
 *
 * @return true, if we could fetch it; false, if we could not.
 */
private boolean tryCreateSignatureVerifier() {
    long t = System.currentTimeMillis();
    if (t - lastKeyFetchTimestamp < oAuth2Properties.getSignatureVerification().getPublicKeyRefreshRateLimit()) {
        return false;
    }
    try {
        SignatureVerifier verifier = signatureVerifierClient.getSignatureVerifier();
        if(verifier!=null) {
            setVerifier(verifier);
            lastKeyFetchTimestamp = t;
            log.debug("Public key retrieved from OAuth2 server to create SignatureVerifier");
            return true;
        }
    } catch (Throwable ex) {
        log.error("could not get public key from OAuth2 server to create SignatureVerifier", ex);
    }
    return false;
}
 
Example #6
Source File: OAuth2JwtAccessTokenConverter.java    From cubeai with Apache License 2.0 6 votes vote down vote up
/**
 * Fetch a new public key from the AuthorizationServer.
 *
 * @return true, if we could fetch it; false, if we could not.
 */
private boolean tryCreateSignatureVerifier() {
    long t = System.currentTimeMillis();
    if (t - lastKeyFetchTimestamp < oAuth2Properties.getSignatureVerification().getPublicKeyRefreshRateLimit()) {
        return false;
    }
    try {
        SignatureVerifier verifier = signatureVerifierClient.getSignatureVerifier();
        if(verifier!=null) {
            setVerifier(verifier);
            lastKeyFetchTimestamp = t;
            log.debug("Public key retrieved from OAuth2 server to create SignatureVerifier");
            return true;
        }
    } catch (Throwable ex) {
        log.error("could not get public key from OAuth2 server to create SignatureVerifier", ex);
    }
    return false;
}
 
Example #7
Source File: OAuth2JwtAccessTokenConverter.java    From cubeai with Apache License 2.0 6 votes vote down vote up
/**
 * Fetch a new public key from the AuthorizationServer.
 *
 * @return true, if we could fetch it; false, if we could not.
 */
private boolean tryCreateSignatureVerifier() {
    long t = System.currentTimeMillis();
    if (t - lastKeyFetchTimestamp < oAuth2Properties.getSignatureVerification().getPublicKeyRefreshRateLimit()) {
        return false;
    }
    try {
        SignatureVerifier verifier = signatureVerifierClient.getSignatureVerifier();
        if(verifier!=null) {
            setVerifier(verifier);
            lastKeyFetchTimestamp = t;
            log.debug("Public key retrieved from OAuth2 server to create SignatureVerifier");
            return true;
        }
    } catch (Throwable ex) {
        log.error("could not get public key from OAuth2 server to create SignatureVerifier", ex);
    }
    return false;
}
 
Example #8
Source File: OAuth2JwtAccessTokenConverter.java    From cubeai with Apache License 2.0 6 votes vote down vote up
/**
 * Fetch a new public key from the AuthorizationServer.
 *
 * @return true, if we could fetch it; false, if we could not.
 */
private boolean tryCreateSignatureVerifier() {
    long t = System.currentTimeMillis();
    if (t - lastKeyFetchTimestamp < oAuth2Properties.getSignatureVerification().getPublicKeyRefreshRateLimit()) {
        return false;
    }
    try {
        SignatureVerifier verifier = signatureVerifierClient.getSignatureVerifier();
        if(verifier!=null) {
            setVerifier(verifier);
            lastKeyFetchTimestamp = t;
            log.debug("Public key retrieved from OAuth2 server to create SignatureVerifier");
            return true;
        }
    } catch (Throwable ex) {
        log.error("could not get public key from OAuth2 server to create SignatureVerifier", ex);
    }
    return false;
}
 
Example #9
Source File: OAuth2JwtAccessTokenConverter.java    From cubeai with Apache License 2.0 6 votes vote down vote up
/**
 * Fetch a new public key from the AuthorizationServer.
 *
 * @return true, if we could fetch it; false, if we could not.
 */
private boolean tryCreateSignatureVerifier() {
    long t = System.currentTimeMillis();
    if (t - lastKeyFetchTimestamp < oAuth2Properties.getSignatureVerification().getPublicKeyRefreshRateLimit()) {
        return false;
    }
    try {
        SignatureVerifier verifier = signatureVerifierClient.getSignatureVerifier();
        if(verifier!=null) {
            setVerifier(verifier);
            lastKeyFetchTimestamp = t;
            log.debug("Public key retrieved from OAuth2 server to create SignatureVerifier");
            return true;
        }
    } catch (Throwable ex) {
        log.error("could not get public key from OAuth2 server to create SignatureVerifier", ex);
    }
    return false;
}
 
Example #10
Source File: UaaSignatureVerifierClient.java    From cubeai with Apache License 2.0 5 votes vote down vote up
/**
 * Fetches the public key from the UAA.
 *
 * @return the public key used to verify JWT tokens; or null.
 */
@Override
public SignatureVerifier getSignatureVerifier() throws Exception {
    try {
        HttpEntity<Void> request = new HttpEntity<Void>(new HttpHeaders());
        String key = (String) restTemplate
            .exchange(getPublicKeyEndpoint(), HttpMethod.GET, request, Map.class).getBody()
            .get("value");
        return new RsaVerifier(key);
    } catch (IllegalStateException ex) {
        log.warn("could not contact UAA to get public key");
        return null;
    }
}
 
Example #11
Source File: UaaSignatureVerifierClient.java    From tutorials with MIT License 5 votes vote down vote up
/**
 * Fetches the public key from the UAA.
 *
 * @return the public key used to verify JWT tokens; or null.
 */
@Override
public SignatureVerifier getSignatureVerifier() throws Exception {
    try {
        HttpEntity<Void> request = new HttpEntity<Void>(new HttpHeaders());
        String key = (String) restTemplate
            .exchange(getPublicKeyEndpoint(), HttpMethod.GET, request, Map.class).getBody()
            .get("value");
        return new RsaVerifier(key);
    } catch (IllegalStateException ex) {
        log.warn("could not contact UAA to get public key");
        return null;
    }
}
 
Example #12
Source File: UaaSignatureVerifierClient.java    From tutorials with MIT License 5 votes vote down vote up
/**
 * Fetches the public key from the UAA.
 *
 * @return the public key used to verify JWT tokens; or null.
 */
@Override
public SignatureVerifier getSignatureVerifier() throws Exception {
    try {
        HttpEntity<Void> request = new HttpEntity<Void>(new HttpHeaders());
        String key = (String) restTemplate
            .exchange(getPublicKeyEndpoint(), HttpMethod.GET, request, Map.class).getBody()
            .get("value");
        return new RsaVerifier(key);
    } catch (IllegalStateException ex) {
        log.warn("could not contact UAA to get public key");
        return null;
    }
}
 
Example #13
Source File: UaaSignatureVerifierClient.java    From cubeai with Apache License 2.0 5 votes vote down vote up
/**
 * Fetches the public key from the UAA.
 *
 * @return the public key used to verify JWT tokens; or null.
 */
@Override
public SignatureVerifier getSignatureVerifier() throws Exception {
    try {
        HttpEntity<Void> request = new HttpEntity<Void>(new HttpHeaders());
        String key = (String) restTemplate
            .exchange(getPublicKeyEndpoint(), HttpMethod.GET, request, Map.class).getBody()
            .get("value");
        return new RsaVerifier(key);
    } catch (IllegalStateException ex) {
        log.warn("could not contact UAA to get public key");
        return null;
    }
}
 
Example #14
Source File: UaaSignatureVerifierClient.java    From cubeai with Apache License 2.0 5 votes vote down vote up
/**
 * Fetches the public key from the UAA.
 *
 * @return the public key used to verify JWT tokens; or null.
 */
@Override
public SignatureVerifier getSignatureVerifier() throws Exception {
    try {
        HttpEntity<Void> request = new HttpEntity<Void>(new HttpHeaders());
        String key = (String) restTemplate
            .exchange(getPublicKeyEndpoint(), HttpMethod.GET, request, Map.class).getBody()
            .get("value");
        return new RsaVerifier(key);
    } catch (IllegalStateException ex) {
        log.warn("could not contact UAA to get public key");
        return null;
    }
}
 
Example #15
Source File: UaaSignatureVerifierClient.java    From cubeai with Apache License 2.0 5 votes vote down vote up
/**
 * Fetches the public key from the UAA.
 *
 * @return the public key used to verify JWT tokens; or null.
 */
@Override
public SignatureVerifier getSignatureVerifier() throws Exception {
    try {
        HttpEntity<Void> request = new HttpEntity<Void>(new HttpHeaders());
        String key = (String) restTemplate
            .exchange(getPublicKeyEndpoint(), HttpMethod.GET, request, Map.class).getBody()
            .get("value");
        return new RsaVerifier(key);
    } catch (IllegalStateException ex) {
        log.warn("could not contact UAA to get public key");
        return null;
    }
}
 
Example #16
Source File: UaaSignatureVerifierClient.java    From cubeai with Apache License 2.0 5 votes vote down vote up
/**
 * Fetches the public key from the UAA.
 *
 * @return the public key used to verify JWT tokens; or null.
 */
@Override
public SignatureVerifier getSignatureVerifier() throws Exception {
    try {
        HttpEntity<Void> request = new HttpEntity<Void>(new HttpHeaders());
        String key = (String) restTemplate
            .exchange(getPublicKeyEndpoint(), HttpMethod.GET, request, Map.class).getBody()
            .get("value");
        return new RsaVerifier(key);
    } catch (IllegalStateException ex) {
        log.warn("could not contact UAA to get public key");
        return null;
    }
}
 
Example #17
Source File: UaaSignatureVerifierClient.java    From cubeai with Apache License 2.0 5 votes vote down vote up
/**
 * Fetches the public key from the UAA.
 *
 * @return the public key used to verify JWT tokens; or null.
 */
@Override
public SignatureVerifier getSignatureVerifier() throws Exception {
    try {
        HttpEntity<Void> request = new HttpEntity<Void>(new HttpHeaders());
        String key = (String) restTemplate
            .exchange(getPublicKeyEndpoint(), HttpMethod.GET, request, Map.class).getBody()
            .get("value");
        return new RsaVerifier(key);
    } catch (IllegalStateException ex) {
        log.warn("could not contact UAA to get public key");
        return null;
    }
}
 
Example #18
Source File: UaaSignatureVerifierClient.java    From cubeai with Apache License 2.0 5 votes vote down vote up
/**
 * Fetches the public key from the UAA.
 *
 * @return the public key used to verify JWT tokens; or null.
 */
@Override
public SignatureVerifier getSignatureVerifier() throws Exception {
    try {
        HttpEntity<Void> request = new HttpEntity<Void>(new HttpHeaders());
        String key = (String) restTemplate
            .exchange(getPublicKeyEndpoint(), HttpMethod.GET, request, Map.class).getBody()
            .get("value");
        return new RsaVerifier(key);
    } catch (IllegalStateException ex) {
        log.warn("could not contact UAA to get public key");
        return null;
    }
}
 
Example #19
Source File: OAuth2ResourceServer.java    From OAuth-2.0-Cookbook with MIT License 4 votes vote down vote up
@Bean
public SignatureVerifier verifier() {
    return new MacSigner("non-prod");
}
 
Example #20
Source File: OAuth2SignatureVerifierClient.java    From cubeai with Apache License 2.0 2 votes vote down vote up
/**
 * Returns the SignatureVerifier used to verify JWT tokens.
 * Fetches the public key from the Authorization server to create
 * this verifier.
 *
 * @return the new verifier used to verify JWT signatures.
 * Will be null if we cannot contact the token endpoint.
 * @throws Exception if we could not create a SignatureVerifier or contact the token endpoint.
 */
SignatureVerifier getSignatureVerifier() throws Exception;
 
Example #21
Source File: OAuth2SignatureVerifierClient.java    From cubeai with Apache License 2.0 2 votes vote down vote up
/**
 * Returns the SignatureVerifier used to verify JWT tokens.
 * Fetches the public key from the Authorization server to create
 * this verifier.
 *
 * @return the new verifier used to verify JWT signatures.
 * Will be null if we cannot contact the token endpoint.
 * @throws Exception if we could not create a SignatureVerifier or contact the token endpoint.
 */
SignatureVerifier getSignatureVerifier() throws Exception;
 
Example #22
Source File: OAuth2SignatureVerifierClient.java    From cubeai with Apache License 2.0 2 votes vote down vote up
/**
 * Returns the SignatureVerifier used to verify JWT tokens.
 * Fetches the public key from the Authorization server to create
 * this verifier.
 *
 * @return the new verifier used to verify JWT signatures.
 * Will be null if we cannot contact the token endpoint.
 * @throws Exception if we could not create a SignatureVerifier or contact the token endpoint.
 */
SignatureVerifier getSignatureVerifier() throws Exception;
 
Example #23
Source File: OAuth2SignatureVerifierClient.java    From cubeai with Apache License 2.0 2 votes vote down vote up
/**
 * Returns the SignatureVerifier used to verify JWT tokens.
 * Fetches the public key from the Authorization server to create
 * this verifier.
 *
 * @return the new verifier used to verify JWT signatures.
 * Will be null if we cannot contact the token endpoint.
 * @throws Exception if we could not create a SignatureVerifier or contact the token endpoint.
 */
SignatureVerifier getSignatureVerifier() throws Exception;
 
Example #24
Source File: OAuth2SignatureVerifierClient.java    From cubeai with Apache License 2.0 2 votes vote down vote up
/**
 * Returns the SignatureVerifier used to verify JWT tokens.
 * Fetches the public key from the Authorization server to create
 * this verifier.
 *
 * @return the new verifier used to verify JWT signatures.
 * Will be null if we cannot contact the token endpoint.
 * @throws Exception if we could not create a SignatureVerifier or contact the token endpoint.
 */
SignatureVerifier getSignatureVerifier() throws Exception;
 
Example #25
Source File: OAuth2SignatureVerifierClient.java    From cubeai with Apache License 2.0 2 votes vote down vote up
/**
 * Returns the SignatureVerifier used to verify JWT tokens.
 * Fetches the public key from the Authorization server to create
 * this verifier.
 *
 * @return the new verifier used to verify JWT signatures.
 * Will be null if we cannot contact the token endpoint.
 * @throws Exception if we could not create a SignatureVerifier or contact the token endpoint.
 */
SignatureVerifier getSignatureVerifier() throws Exception;
 
Example #26
Source File: OAuth2SignatureVerifierClient.java    From tutorials with MIT License 2 votes vote down vote up
/**
 * Returns the SignatureVerifier used to verify JWT tokens.
 * Fetches the public key from the Authorization server to create
 * this verifier.
 *
 * @return the new verifier used to verify JWT signatures.
 * Will be null if we cannot contact the token endpoint.
 * @throws Exception if we could not create a SignatureVerifier or contact the token endpoint.
 */
SignatureVerifier getSignatureVerifier() throws Exception;
 
Example #27
Source File: OAuth2SignatureVerifierClient.java    From cubeai with Apache License 2.0 2 votes vote down vote up
/**
 * Returns the SignatureVerifier used to verify JWT tokens.
 * Fetches the public key from the Authorization server to create
 * this verifier.
 *
 * @return the new verifier used to verify JWT signatures.
 * Will be null if we cannot contact the token endpoint.
 * @throws Exception if we could not create a SignatureVerifier or contact the token endpoint.
 */
SignatureVerifier getSignatureVerifier() throws Exception;
 
Example #28
Source File: OAuth2SignatureVerifierClient.java    From tutorials with MIT License 2 votes vote down vote up
/**
 * Returns the SignatureVerifier used to verify JWT tokens.
 * Fetches the public key from the Authorization server to create
 * this verifier.
 *
 * @return the new verifier used to verify JWT signatures.
 * Will be null if we cannot contact the token endpoint.
 * @throws Exception if we could not create a SignatureVerifier or contact the token endpoint.
 */
SignatureVerifier getSignatureVerifier() throws Exception;
 
Example #29
Source File: JwtUtils.java    From microservices-platform with Apache License 2.0 2 votes vote down vote up
/**
 * {"exp":1563256084,"user_name":"admin","authorities":["ADMIN"],"jti":"4ce02f54-3d1c-4461-8af1-73f0841a35df","client_id":"webApp","scope":["app"]}
 * @param jwtToken token值
 * @param rsaPublicKey 公钥
 * @return
 */
public static JSONObject decodeAndVerify(String jwtToken, RSAPublicKey rsaPublicKey) {
    SignatureVerifier rsaVerifier = new RsaVerifier(rsaPublicKey);
    Jwt jwt = JwtHelper.decodeAndVerify(jwtToken, rsaVerifier);
    return JSONObject.parseObject(jwt.getClaims());
}