Java Code Examples for org.keycloak.representations.JsonWebToken#notBefore()

The following examples show how to use org.keycloak.representations.JsonWebToken#notBefore() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: AuthUtil.java    From keycloak with Apache License 2.0 6 votes vote down vote up
public static String getSignedRequestToken(String keystore, String storePass, String keyPass, String alias, int sigLifetime, String clientId, String realmInfoUrl) {

        KeyPair keypair = KeystoreUtil.loadKeyPairFromKeystore(keystore, storePass, keyPass, alias, KeystoreUtil.KeystoreFormat.JKS);

        JsonWebToken reqToken = new JsonWebToken();
        reqToken.id(UUID.randomUUID().toString());
        reqToken.issuer(clientId);
        reqToken.subject(clientId);
        reqToken.audience(realmInfoUrl);

        int now = Time.currentTime();
        reqToken.issuedAt(now);
        reqToken.expiration(now + sigLifetime);
        reqToken.notBefore(now);

        String signedRequestToken = new JWSBuilder()
                .jsonContent(reqToken)
                .rsa256(keypair.getPrivate());
        return signedRequestToken;
    }
 
Example 2
Source File: AuthUtil.java    From keycloak with Apache License 2.0 6 votes vote down vote up
public static String getSignedRequestToken(String keystore, String storePass, String keyPass, String alias, int sigLifetime, String clientId, String realmInfoUrl) {

        KeyPair keypair = KeystoreUtil.loadKeyPairFromKeystore(keystore, storePass, keyPass, alias, KeystoreUtil.KeystoreFormat.JKS);

        JsonWebToken reqToken = new JsonWebToken();
        reqToken.id(UUID.randomUUID().toString());
        reqToken.issuer(clientId);
        reqToken.subject(clientId);
        reqToken.audience(realmInfoUrl);

        int now = Time.currentTime();
        reqToken.issuedAt(now);
        reqToken.expiration(now + sigLifetime);
        reqToken.notBefore(now);

        String signedRequestToken = new JWSBuilder()
                .jsonContent(reqToken)
                .rsa256(keypair.getPrivate());
        return signedRequestToken;
    }
 
Example 3
Source File: JWTClientSecretCredentialsProvider.java    From keycloak with Apache License 2.0 6 votes vote down vote up
private JsonWebToken createRequestToken(String clientId, String realmInfoUrl) {
    // According to <a href="http://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication">OIDC's client authentication spec</a>,
    // JWT claims is the same as one by private_key_jwt

    JsonWebToken reqToken = new JsonWebToken();
    reqToken.id(AdapterUtils.generateId());
    reqToken.issuer(clientId);
    reqToken.subject(clientId);
    reqToken.audience(realmInfoUrl);

    int now = Time.currentTime();
    reqToken.issuedAt(now);
    // the same as in KEYCLOAK-2986, JWTClientCredentialsProvider's timeout field
    reqToken.expiration(now + 10);
    reqToken.notBefore(now);
    return reqToken;
}
 
Example 4
Source File: ClientAuthSignedJWTTest.java    From keycloak with Apache License 2.0 5 votes vote down vote up
@Override
protected JsonWebToken createRequestToken(String clientId, String realmInfoUrl) {
    JsonWebToken reqToken = new JsonWebToken();
    if (isClaimEnabled("id")) reqToken.id(AdapterUtils.generateId());
    if (isClaimEnabled("issuer")) reqToken.issuer(clientId);
    if (isClaimEnabled("subject")) reqToken.subject(clientId);
    if (isClaimEnabled("audience")) reqToken.audience(realmInfoUrl);

    int now = Time.currentTime();
    if (isClaimEnabled("issuedAt")) reqToken.issuedAt(now);
    if (isClaimEnabled("expiration")) reqToken.expiration(now + getTokenTimeout());
    if (isClaimEnabled("notBefore")) reqToken.notBefore(now);

    return reqToken;
}
 
Example 5
Source File: ClientAuthSignedJWTTest.java    From keycloak with Apache License 2.0 5 votes vote down vote up
private JsonWebToken createRequestToken(String clientId, String realmInfoUrl) {
    JsonWebToken reqToken = new JsonWebToken();
    reqToken.id(AdapterUtils.generateId());
    reqToken.issuer(clientId);
    reqToken.subject(clientId);
    reqToken.audience(realmInfoUrl);

    int now = Time.currentTime();
    reqToken.issuedAt(now);
    reqToken.expiration(now + 10);
    reqToken.notBefore(now);

    return reqToken;
}
 
Example 6
Source File: JWTClientCredentialsProvider.java    From keycloak with Apache License 2.0 5 votes vote down vote up
protected JsonWebToken createRequestToken(String clientId, String realmInfoUrl) {
    JsonWebToken reqToken = new JsonWebToken();
    reqToken.id(AdapterUtils.generateId());
    reqToken.issuer(clientId);
    reqToken.subject(clientId);
    reqToken.audience(realmInfoUrl);

    int now = Time.currentTime();
    reqToken.issuedAt(now);
    reqToken.expiration(now + this.tokenTimeout);
    reqToken.notBefore(now);

    return reqToken;
}
 
Example 7
Source File: JsonWebTokenTest.java    From keycloak with Apache License 2.0 5 votes vote down vote up
@Test
public void isActiveReturnFalseWhenBeforeTimeInFuture() {
    int currentTime = Time.currentTime();
    int futureTime = currentTime + 10;
    JsonWebToken jsonWebToken = new JsonWebToken();
    jsonWebToken.notBefore(futureTime);
    assertFalse(jsonWebToken.isActive());
}
 
Example 8
Source File: JsonWebTokenTest.java    From keycloak with Apache License 2.0 5 votes vote down vote up
@Test
public void isActiveReturnTrueWhenBeforeTimeInPast() {
    int currentTime = Time.currentTime();
    int pastTime = currentTime - 10;
    JsonWebToken jsonWebToken = new JsonWebToken();
    jsonWebToken.notBefore(pastTime);
    assertTrue(jsonWebToken.isActive());
}
 
Example 9
Source File: JsonWebTokenTest.java    From keycloak with Apache License 2.0 5 votes vote down vote up
@Test
public void isActiveShouldReturnTrueWhenBeforeTimeInFutureWithinTimeSkew() {
    int notBeforeTime = Time.currentTime() + 5;
    int allowedClockSkew = 10;
    JsonWebToken jsonWebToken = new JsonWebToken();
    jsonWebToken.notBefore(notBeforeTime);
    assertTrue(jsonWebToken.isActive(allowedClockSkew));
}
 
Example 10
Source File: JsonWebTokenTest.java    From keycloak with Apache License 2.0 5 votes vote down vote up
@Test
public void isActiveShouldReturnFalseWhenWhenBeforeTimeInFutureOutsideTimeSkew() {
    int notBeforeTime = Time.currentTime() + 10;
    int allowedClockSkew = 5;
    JsonWebToken jsonWebToken = new JsonWebToken();
    jsonWebToken.notBefore(notBeforeTime);
    assertFalse(jsonWebToken.isActive(allowedClockSkew));
}