/** * JWT校验器,也就是目前设置的ParameterClient进行的校验器,是rest/或者前后端分离的核心校验器 * * @return */ @Bean protected JwtAuthenticator jwtAuthenticator() { JwtAuthenticator jwtAuthenticator = new JwtAuthenticator(); jwtAuthenticator.addSignatureConfiguration(new SecretSignatureConfiguration(salt)); jwtAuthenticator.addEncryptionConfiguration(new SecretEncryptionConfiguration(salt)); return jwtAuthenticator; }
public JwtAuthenticator(final SignatureConfiguration signatureConfiguration, final EncryptionConfiguration encryptionConfiguration) { setSignatureConfiguration(signatureConfiguration); setEncryptionConfiguration(encryptionConfiguration); }
final JwtAuthenticator a = new JwtAuthenticator(); a.setSignatureConfiguration(new SecretSignatureConfiguration(signingSecret, signingAlg)); a.setEncryptionConfiguration(new SecretEncryptionConfiguration(encryptionSecret, encAlg, encMethod)); } else { LOGGER.warn("JWT authentication is configured to share a single key for both signing/encryption");
@Override protected Authenticator getAuthenticator(final Credential credential) { final TokenCredential tokenCredential = (TokenCredential) credential; logger.debug("Locating token secret for service [{}]", tokenCredential.getService()); final RegisteredService service = this.servicesManager.findServiceBy(tokenCredential.getService()); final String signingSecret = getRegisteredServiceJwtSigningSecret(service); final String encryptionSecret = getRegisteredServiceJwtEncryptionSecret(service); if (StringUtils.isNotBlank(signingSecret)) { if (StringUtils.isBlank(encryptionSecret)) { logger.warn("JWT authentication is configured to share a single key for both signing/encryption"); return new JwtAuthenticator(signingSecret); } return new JwtAuthenticator(signingSecret, encryptionSecret); } logger.warn("No token signing secret is defined for service [{}]. Ensure [{}] property is defined for service", service.getServiceId(), TokenConstants.PROPERTY_NAME_TOKEN_SECRET_SIGNING); return null; }
public JwtAuthenticator(final SignatureConfiguration signatureConfiguration) { setSignatureConfiguration(signatureConfiguration); }
public void setEncryptionConfiguration(final EncryptionConfiguration encryptionConfiguration) { addEncryptionConfiguration(encryptionConfiguration); }
public void setSignatureConfiguration(final SignatureConfiguration signatureConfiguration) { addSignatureConfiguration(signatureConfiguration); }
@Override public void validate(final TokenCredentials credentials, final WebContext context) { init(); final String token = credentials.getToken(); createJwtProfile(credentials, jwt);
val jwtAuthenticator = new JwtAuthenticator(); val secretBytes = getSecretBytes(signingSecret, secretsAreBase64Encoded); jwtAuthenticator.setSignatureConfiguration(new SecretSignatureConfiguration(secretBytes, signingAlg)); jwtAuthenticator.setEncryptionConfiguration(new SecretEncryptionConfiguration(encSecretBytes, encAlg, encMethod)); } else { LOGGER.warn("JWT authentication is configured to share jwtAuthenticator single key for both signing/encryption");
ParameterClient parameterClient = new ParameterClient("token", new JwtAuthenticator(new SecretSignatureConfiguration(salt))); parameterClient.setSupportGetRequest(true); parameterClient.setSupportPostRequest(false);
final JwtAuthenticator authenticator = new JwtAuthenticator(); authenticator.setSignatureConfiguration(secretSignatureConfiguration); authenticator.setEncryptionConfiguration(secretEncryptionConfiguration); ParameterClient parameterClient = new ParameterClient("token", authenticator); parameterClient.setSupportGetRequest(true);