Java Jwt.verifySignature方法代码示例(javajwt.verifysignature方法的典型用法代码示例)

科普8个月前 2023-09-19

本文整理汇总了Java中org.springframework.security.jwt.Jwt.verifySignature方法的典型用法代码示例。如果您正苦于以下问题:Java Jwt.verifySignature方法的具体用法?Java Jwt.verifySignature怎么用?Java Jwt.verifySignature使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在org.springframework.security.jwt.Jwt的用法示例。


Java Jwt.verifySignature方法代码示例(javajwt.verifysignature方法的典型用法代码示例)

在下文中一共展示了Jwt.verifySignature方法的3个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Java代码示例。

示例1: verifySignature

import org.springframework.security.jwt.Jwt; //导入方法依赖的package包/类
private static void verifySignature(Jwt jwt, String publicKey) {
    try {
        RsaVerifier rsaVerifier = new RsaVerifier(publicKey);
        jwt.verifySignature(rsaVerifier);
    } catch (Exception ex) {
        throw new AuthenticationServiceException("Error verifying signature of token");
    }
}
开发者ID:evoila,项目名称:cfsummiteu2017,代码行数:9,代码来源:UaaFilterUtils.java

示例2: authenticate

import org.springframework.security.jwt.Jwt; //导入方法依赖的package包/类
@Override
public Authentication authenticate(final Authentication authRequest) throws AuthenticationException {

    // Getting string token from authentication request object
    String token = Preconditions.notNull(StringUtils.trimToNull((String) authRequest.getCredentials()), ExceptionCode.AUTHENTICATION, "No jwt token present.");

    // Getting JWT object from string token
    Jwt jwt = JwtHelper.decode(token);

    // Getting payload of token
    String claims = jwt.getClaims();
    TokenPayload tokenPayload = this.gson.fromJson(claims, TokenPayload.class);

    // Checking if token already expired and throwing an AuthenticationException in this case
    checkIsExpired(tokenPayload.expirationTime);

    // Getting user id from token

    Long userId = Preconditions.notNull(tokenPayload.userId, ExceptionCode.AUTHENTICATION, "Token doesn't contains user id.");

    // Getting user from database
    HeapUser user = this.heapUserRepository.findOne(userId);

    // Validate token signature (to be sure that token doesn't change on client side)
    try {
        jwt.verifySignature(new MacSigner(user.getSecret()));
    } catch (Exception cause) {
        HeapException.throwNew(ExceptionCode.AUTHENTICATION, "Token verification failed.", cause);
    }

    // Return authenticated Authentication
    HeapUserDetails userDetails = new HeapUserDetails(user);
    userDetails.eraseCredentials();
    return new JwtAuthenticationToken(userDetails);
}
开发者ID:Heapy,项目名称:Heap,代码行数:36,代码来源:JwtAuthenticationProvider.java

示例3: decodeAndVerify

import org.springframework.security.jwt.Jwt; //导入方法依赖的package包/类
@Nullable
@Override
public BlueWebToken decodeAndVerify(@Nonnull final String idToken){

    final long now = System.currentTimeMillis();
    if(log.isTraceEnabled()){
        log.trace("Decoding token [" + idToken + "]");
    }
    try{

        Jwt jwt = JwtHelper.decode(idToken);
        // Get the key ID we need to use to verify the token
        String keyId = getKeyId(idToken);
        if("".equals(keyId.trim())){
            log.warn("Failed to retrieve key ID for token");
            return null;
        }
        BlueWebToken token = typeSecuredObjectMapper().readValue(
          jwt.getClaims(),
          BlueWebToken.class);
        // Get the key and verify the JWT signature
        RSAPublicKey key = rsaPublicKey(keyId, token.getAuthContextReference());
        jwt.verifySignature(new RsaVerifier(key));

        // Validate the nonce

        if(!nonceService.isValid(token.getNonce())){
            log.warn("Failed to validate nonce in token. This could be a replay attack.");
            return null;
        }
        if(!claimValidationService.validateAudience(token)){
            log.warn("Failed to validate audience in token. This could be a replay attack.");
            return null;
        }
        if(!claimValidationService.validateIssuer(token)){
            log.warn("Failed to validate issuer of token. This could be a replay attack.");
            return null;
        }
        if(!claimValidationService.validateNotBefore(token, now)){
            log.warn("Failed to validate notBefore time in token. This could be a replay attack. 'Now' milliseconds: " + now + "; 'NotBefore' milliseconds: " + token
              .getNotBefore()
              .toInstant()
              .toEpochMilli());
            return null;
        }
        if(!claimValidationService.validateExpiration(token, now)){
            log.warn("Failed to validate expiration time in token. This could be a replay attack. 'Now' milliseconds: " + now + "; 'Expiration' milliseconds: " + token
              .getExpiration()
              .toInstant()
              .toEpochMilli());
            return null;
        }

        return token;

    }catch(IOException | IllegalArgumentException | InvalidSignatureException x){
        log.warn("Failed to extract data from JWT token: " + x.getMessage(), x);
    }
    return null;
}
开发者ID:Xitikit,项目名称:xitikit-blue,代码行数:61,代码来源:SimpleB2CAuthenticationService.java

本文标签属性:

示例:示例志愿表

代码:代码转换器

java:java模拟器

Jwt:极为天堂

verifySignature:verifysignaturefailed是什么意思

文章标签:
上一篇:上海皇帝之雄霸天下的演职员表(...我只记得有个叫袁肃军的,还有个大胖子演的黄老板,求片名。)
下一篇:电视剧完美关系大结局(完美关系大结局)(《完美关系》大结局)

为您推荐

魔兽即将通关代码(魔兽世界代码大全)

魔兽即将通关代码(魔兽世界代码大全)

Java CronTriggerBean.setJobDetail方法代码示例

Java CronTriggerBean.setJobDetail方法代码示例

java破解游戏,如何破解java格式的游戏 高手指导

java破解游戏,如何破解java格式的游戏 高手指导

预言ol推广代码,暴雨通行证钻石用户的推广代码是什么

预言ol推广代码,暴雨通行证钻石用户的推广代码是什么

红钻代码,开通红钻代码多少?发短信回复就能开通

红钻代码,开通红钻代码多少?发短信回复就能开通

蓝钻代码,使用蓝钻代码获得更多特权

蓝钻代码,使用蓝钻代码获得更多特权