/** * Convenience method for building and appending JWT claims related to a {@link com.atlassian.jwt.CanonicalHttpRequest}. * Encapsulates the knowledge of what claims we make regarding the request. * @param jsonBuilder {@link com.atlassian.jwt.writer.JwtJsonBuilder} that constructs the JWT payload * @param request {@link com.atlassian.jwt.CanonicalHttpRequest} representing the incoming or outgoing HTTP request * @throws UnsupportedEncodingException if {@link java.net.URLEncoder} cannot encode the request's characters * @throws NoSuchAlgorithmException if the hashing algorithm does not exist at runtime */ public static void appendHttpRequestClaims(JwtJsonBuilder jsonBuilder, CanonicalHttpRequest request) throws UnsupportedEncodingException, NoSuchAlgorithmException { jsonBuilder.queryHash(HttpRequestCanonicalizer.computeCanonicalRequestHash(request)); } }
/** * Encapsulate the building of requirements that we place upon JWTs in incoming requests. * @param request incoming request * @return {@link Map} of claim name to verifier for claims upon which we place requirements * @throws UnsupportedEncodingException if {@link java.net.URLEncoder} cannot encode the request's characters * @throws NoSuchAlgorithmException if the hashing algorithm does not exist at runtime */ public static Map<String, ? extends JwtClaimVerifier> build(CanonicalHttpRequest request) throws UnsupportedEncodingException, NoSuchAlgorithmException { return Collections.singletonMap(JwtConstants.Claims.QUERY_HASH, new JwtClaimEqualityVerifier(JwtConstants.Claims.QUERY_HASH, HttpRequestCanonicalizer.computeCanonicalRequestHash(request))); } }
public static String generateJwtSignature(HttpMethod httpMethod, URI uri, String addonKey, String secret, String contextPath, String subject) throws UnsupportedEncodingException, NoSuchAlgorithmException { JwtWriterFactory jwtWriterFactory = new NimbusJwtWriterFactory(); JwtWriter jwtWriter = jwtWriterFactory.macSigningWriter(SigningAlgorithm.HS256, secret); // Parse param values and build a map final List<NameValuePair> rawParams = URLEncodedUtils.parse(uri, "UTF-8"); final ImmutableMultimap.Builder<String, String> builder = ImmutableMultimap.builder(); for (NameValuePair rawParam : rawParams) { builder.put(rawParam.getName(), rawParam.getValue()); } final ImmutableMap.Builder<String, String[]> paramsMap = ImmutableMap.builder(); for (Map.Entry<String, Collection<String>> stringCollectionEntry : builder.build().asMap().entrySet()) { final Collection<String> collection = stringCollectionEntry.getValue(); paramsMap.put(stringCollectionEntry.getKey(), collection.toArray(new String[collection.size()])); } final JwtJsonBuilder jsonBuilder = new JsonSmartJwtJsonBuilder() .issuer(addonKey) .queryHash(HttpRequestCanonicalizer.computeCanonicalRequestHash(new CanonicalHttpUriRequest(httpMethod.name(), uri.getPath(), URI.create(contextPath).getPath(), paramsMap.build()))); if (null != subject) { jsonBuilder.subject(subject); } return jwtWriter.jsonToJwt(jsonBuilder.build()); } }
public static String generateJwtSignature(HttpMethod httpMethod, URI uri, String addonKey, String secret, String contextPath, String subject) throws UnsupportedEncodingException, NoSuchAlgorithmException { JwtWriterFactory jwtWriterFactory = new NimbusJwtWriterFactory(); JwtWriter jwtWriter = jwtWriterFactory.macSigningWriter(SigningAlgorithm.HS256, secret); // Parse param values and build a map final List<NameValuePair> rawParams = URLEncodedUtils.parse(uri, "UTF-8"); final ImmutableMultimap.Builder<String, String> builder = ImmutableMultimap.builder(); for (NameValuePair rawParam : rawParams) { builder.put(rawParam.getName(), rawParam.getValue()); } final ImmutableMap.Builder<String, String[]> paramsMap = ImmutableMap.builder(); for (Map.Entry<String, Collection<String>> stringCollectionEntry : builder.build().asMap().entrySet()) { final Collection<String> collection = stringCollectionEntry.getValue(); paramsMap.put(stringCollectionEntry.getKey(), collection.toArray(new String[collection.size()])); } final JwtJsonBuilder jsonBuilder = new JsonSmartJwtJsonBuilder() .issuer(addonKey) .queryHash(HttpRequestCanonicalizer.computeCanonicalRequestHash(new CanonicalHttpUriRequest(httpMethod.name(), uri.getPath(), URI.create(contextPath).getPath(), paramsMap.build()))); if (null != subject) { jsonBuilder.subject(subject); } return jwtWriter.jsonToJwt(jsonBuilder.build()); } }