Java Code Examples for com.nimbusds.jose.JWSObject#verify()

The following examples show how to use com.nimbusds.jose.JWSObject#verify() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: TokenUtil.java    From peer-os with Apache License 2.0 6 votes vote down vote up 
public static boolean verifySignature( String token, String sharedKey )
{
    boolean verifiedSignature = false;

    try
    {
        JWSObject jwsObject = JWSObject.parse( token );
        JWSVerifier verifier = new MACVerifier( sharedKey.getBytes() );
        verifiedSignature = jwsObject.verify( verifier );
    }
    catch ( Exception e )
    {
        LOG.warn( e.getMessage() );
    }

    return verifiedSignature;
}
Example 2
Source File: TokenUtil.java    From peer-os with Apache License 2.0 6 votes vote down vote up 
public static boolean verifyTokenRSA( PublicKey pKey, String token )
{
    try
    {
        Payload pl = new Payload( token );
        JWSObject jwsObject = new JWSObject( new JWSHeader( JWSAlgorithm.RS256 ), pl );
        JWSVerifier verifier = new RSASSAVerifier( ( RSAPublicKey ) pKey );

        return jwsObject.verify( verifier );
    }
    catch ( JOSEException e )
    {
        LOG.warn( "Error verifying RSA token", e.getMessage() );

        return false;
    }
}
Example 3
Source File: TokenUtil.java    From peer-os with Apache License 2.0 5 votes vote down vote up 
public static boolean verifySignatureAndDate( String token, String sharedKey ) throws SystemSecurityException
{
    try
    {
        JWSObject jwsObject = JWSObject.parse( token );
        JWSVerifier verifier = new MACVerifier( sharedKey.getBytes() );

        if ( jwsObject.verify( verifier ) )
        {
            long date = getDate( jwsObject );

            if ( date == 0 || System.currentTimeMillis() <= date )
            {
                return true;
            }
            else
            {
                throw new IdentityExpiredException();
            }
        }
        else
        {
            throw new InvalidLoginException();
        }
    }
    catch ( JOSEException | ParseException ex )
    {
        LOG.warn( ex.getMessage() );

        throw new InvalidLoginException();
    }
}
Example 4
Source File: Jwt.java    From JWT with MIT License 5 votes vote down vote up 
/**
    * 校验token是否合法,返回Map集合,集合中主要包含    state状态码   data鉴权成功后从token中提取的数据
    * 该方法在过滤器中调用,每次请求API时都校验
    * @param token
    * @return  Map<String, Object>
    */
public static Map<String, Object> validToken(String token) {
	Map<String, Object> resultMap = new HashMap<String, Object>();
	try {
		JWSObject jwsObject = JWSObject.parse(token);
		Payload payload = jwsObject.getPayload();
		JWSVerifier verifier = new MACVerifier(SECRET);

		if (jwsObject.verify(verifier)) {
			JSONObject jsonOBj = payload.toJSONObject();
			// token校验成功(此时没有校验是否过期)
			resultMap.put("state", TokenState.VALID.toString());
			// 若payload包含ext字段,则校验是否过期
			if (jsonOBj.containsKey("ext")) {
				long extTime = Long.valueOf(jsonOBj.get("ext").toString());
				long curTime = new Date().getTime();
				// 过期了
				if (curTime > extTime) {
					resultMap.clear();
					resultMap.put("state", TokenState.EXPIRED.toString());
				}
			}
			resultMap.put("data", jsonOBj);

		} else {
			// 校验失败
			resultMap.put("state", TokenState.INVALID.toString());
		}

	} catch (Exception e) {
		//e.printStackTrace();
		// token格式不合法导致的异常
		resultMap.clear();
		resultMap.put("state", TokenState.INVALID.toString());
	}
	return resultMap;
}
Example 5
Source File: PacketHandler.java    From BedrockConnect with GNU General Public License v3.0 4 votes vote down vote up 
private static boolean verifyJwt(JWSObject jwt, ECPublicKey key) throws JOSEException {
    return jwt.verify(new DefaultJWSVerifierFactory().createJWSVerifier(jwt.getHeader(), key));
}
Example 6
Source File: UpstreamPacketHandler.java    From ProxyPass with GNU Affero General Public License v3.0 4 votes vote down vote up 
private static boolean verifyJwt(JWSObject jwt, ECPublicKey key) throws JOSEException {
    return jwt.verify(new DefaultJWSVerifierFactory().createJWSVerifier(jwt.getHeader(), key));
}
Example 7
Source File: PoPAuthenticationManager.java    From OAuth-2.0-Cookbook with MIT License 4 votes vote down vote up 
@Override
public Authentication authenticate(Authentication authentication)
    throws AuthenticationException {
    Authentication authenticationResult = authenticationManager
        .authenticate(authentication);

    if (authenticationResult.isAuthenticated()) {
        // validates nonce because JWT is already valid
        if (authentication instanceof PoPAuthenticationToken) {
            PoPAuthenticationToken popAuthentication = (PoPAuthenticationToken) authentication;

            // starts validating nonce here
            String nonce = popAuthentication.getNonce();
            if (nonce == null) {
                throw new UnapprovedClientAuthenticationException(
                    "This request does not have a valid signed nonce");
            }

            String token = (String) popAuthentication.getPrincipal();

            System.out.println("access token:" + token);

            try {
                JWT jwt = JWTParser.parse(token);
                String publicKey = jwt.getJWTClaimsSet().getClaim("public_key").toString();
                JWK jwk = JWK.parse(publicKey);

                JWSObject jwsNonce = JWSObject.parse(nonce);
                JWSVerifier verifier = new RSASSAVerifier((RSAKey) jwk);
                if (!jwsNonce.verify(verifier)) {
                    throw new InvalidTokenException("Client hasn't possession of given token");
                }
            } catch (Exception e) {
                throw new RuntimeException(e);
            }

        }
    }

    return authenticationResult;
}
Example 8
Source File: ClientChainData.java    From Nukkit with GNU General Public License v3.0 4 votes vote down vote up 
private boolean verify(PublicKey key, JWSObject object) throws JOSEException {
    JWSVerifier verifier = new DefaultJWSVerifierFactory().createJWSVerifier(object.getHeader(), key);
    return object.verify(verifier);
}
Example 9
Source File: JWT.java    From api-server-seed with Apache License 2.0 4 votes vote down vote up 
public static boolean verify(JWSObject jwsObject) throws JOSEException {
	JWSVerifier verifier = new MACVerifier(JWT.SHARED_SECRET);
	return jwsObject.verify(verifier);
}
Example 10
Source File: ClientChainData.java    From Nukkit with GNU General Public License v3.0 4 votes vote down vote up 
private boolean verify(PublicKey key, JWSObject object) throws JOSEException {
    JWSVerifier verifier = new DefaultJWSVerifierFactory().createJWSVerifier(object.getHeader(), key);
    return object.verify(verifier);
}
Example 11
Source File: EncryptionUtils.java    From Protocol with Apache License 2.0 2 votes vote down vote up 
/**
 * Check whether a JWS object is valid for a given public key.
 *
 * @param jws object to be verified
 * @param key key to verify object with
 * @return true if the JWS object is valid
 * @throws JOSEException invalid key provided
 */
public static boolean verifyJwt(JWSObject jws, ECPublicKey key) throws JOSEException {
    return jws.verify(new ECDSAVerifier(key));
}