Java Code Examples for org.springframework.security.oauth2.jwt.NimbusJwtDecoder

The following examples show how to use org.springframework.security.oauth2.jwt.NimbusJwtDecoder. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
@Bean
public JwtDecoder jwtDecoderByIssuerUri() {
    final String jwkSetUri = getClientRegistration().getProviderDetails().getJwkSetUri();
    final NimbusJwtDecoder jwtDecoder = NimbusJwtDecoder.withJwkSetUri(jwkSetUri).build();
    jwtDecoder.setClaimSetConverter(new KeycloakUsernameSubClaimAdapter(getProvider().getUserNameAttribute()));;
    return jwtDecoder;
}
 
Example 2
@Test
public void userConfigurationCanOverrideDefaultBeans() {
	contextRunner.withUserConfiguration(UserConfiguration.class)
			.run((context) -> {
				assertThat(context.containsBean("xsuaaJwtDecoder"), is(false));
				assertThat(context.containsBean("customJwtDecoder"), is(true));
				assertThat(context.getBean("customJwtDecoder"),
						instanceOf(NimbusJwtDecoder.class));
			});
}
 
Example 3
Source Project: feast   Source File: DefaultJwtAuthenticationProvider.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * @param options String K/V pair of options to initialize the AuthenticationProvider with. Only
 *     one option is currently configurable, the jwkEndpointURI.
 */
public DefaultJwtAuthenticationProvider(Map<String, String> options) {
  // Endpoint used to retrieve certificates to validate JWT token
  String jwkEndpointURI = options.get("jwkEndpointURI");

  // Provide a custom endpoint to retrieve certificates
  authProvider =
      new JwtAuthenticationProvider(NimbusJwtDecoder.withJwkSetUri(jwkEndpointURI).build());
  authProvider.setJwtAuthenticationConverter(new JwtAuthenticationConverter());
}
 
Example 4
Source Project: spring-cloud-gcp   Source File: FirebaseJwtTokenDecoder.java    License: Apache License 2.0 5 votes vote down vote up
private void refresh() {
	if (!isExpired()) {
		return;
	}
	try {
		ResponseEntity<Map<String, String>> response = restClient.exchange(googlePublicKeysEndpoint, HttpMethod.GET, null, new ParameterizedTypeReference<Map<String, String>>() {
		});
		Long expiresAt = parseCacheControlHeaders(response.getHeaders());
		this.expires = expiresAt > -1L ? (System.currentTimeMillis() + expiresAt * 1000) : 0L;
		if (!response.getStatusCode().is2xxSuccessful()) {
			throw new JwtException("Error retrieving public certificates from remote endpoint");
		}
		delegates.clear();
		for (String key : response.getBody().keySet()) {
			try {
				NimbusJwtDecoder nimbusJwtDecoder = NimbusJwtDecoder.withPublicKey((RSAPublicKey) convertToX509Cert(response.getBody().get(key)).getPublicKey())
						.signatureAlgorithm(SignatureAlgorithm.from("RS256"))
						.build();
				nimbusJwtDecoder.setJwtValidator(tokenValidator);
				delegates.put(key, nimbusJwtDecoder);
			}
			catch (Exception ce) {
				logger.error("Could not read certificate for key {}", key);
			}
		}
	}
	catch (Exception e) {
		throw new JwtException("Error fetching public keys", e);
	}
}
 
Example 5
@Bean
public JwtDecoder customJwtDecoder() {
	return NimbusJwtDecoder.withJwkSetUri("http://localhost:8080/uaa/oauth/token_keys").build();
}
 
Example 6
@Bean
JwtDecoder jwtDecoder() {
    return NimbusJwtDecoder.withJwkSetUri(this.jwkSetUri).build();
}
 
Example 7
Source Project: grpc-spring-boot-starter   Source File: SecurityConfiguration.java    License: MIT License 4 votes vote down vote up
@Bean
JwtDecoder jwtDecoder() {
    // Uses local Keycloak instance running on port 8080 with the realm: TestRealm
    final String endpointURI = "http://localhost:8080/auth/realms/TestRealm/protocol/openid-connect/certs";
    return NimbusJwtDecoder.withJwkSetUri(endpointURI).build();
}
 
Example 8
Source Project: grpc-spring-boot-starter   Source File: SecurityConfiguration.java    License: MIT License 4 votes vote down vote up
@Bean
JwtDecoder jwtDecoder() {
    // Uses local Keycloak instance running on port 8080 with the realm: TestRealm
    final String endpointURI = "http://localhost:8080/auth/realms/TestRealm/protocol/openid-connect/certs";
    return NimbusJwtDecoder.withJwkSetUri(endpointURI).build();
}
 
Example 9
Source Project: platform   Source File: SecurityConfig.java    License: Apache License 2.0 4 votes vote down vote up
@Bean
public JwtDecoder jwtDecoder(KeyPair keyPair) {
    return NimbusJwtDecoder.withPublicKey((RSAPublicKey) keyPair.getPublic()).build();
}