public QuoineSignatureDigest( String tokenID, String userSecret, SynchronizedValueFactory<Long> nonceFactory) { this.tokenID = tokenID; this.userSecret = userSecret.getBytes(); this.nonceFactory = nonceFactory; this.builder = JWT.create(); }
@Override public String createNewToken(UUID jobId) { try { return JWT.create() .withIssuer(JWTTokenManager.ISSUER) .withClaim(JWTTokenManager.ID_CLAIM_KEY, jobId.toString()) .withExpiresAt(new Date(System.currentTimeMillis() + EXPIRATION_TIME_MILLIS)) .sign(algorithm); } catch (JWTCreationException e) { throw new RuntimeException("Error creating token for: " + jobId); } } }
JWTCreator.Builder builder = JWT.create(); builder .withClaim("access_key", accessKey)
@Override public String newId() { final Instant now = Instant.now(); final int un2 = ThreadLocalRandom.current().nextInt(Integer.MAX_VALUE) & 0x7fffffff; return JWT.create() .withIssuer(issuer) .withIssuedAt(Date.from(now)) .withExpiresAt(Date.from(now.plus(validSeconds, ChronoUnit.SECONDS))) // To make multiple tokens issued in the same second unique, we add uniquifiers. .withClaim(CLAIM_NAME_UNIQUIFIER1, un1) .withClaim(CLAIM_NAME_UNIQUIFIER2, un2) .sign(algorithm); }
@Test public void shouldCreateAnEmptyHMAC512SignedToken() throws Exception { String signed = JWT.create().sign(Algorithm.HMAC512("secret")); assertThat(signed, is(notNullValue())); String[] parts = signed.split("\\."); String headerJson = new String(Base64.decodeBase64(parts[0]), StandardCharsets.UTF_8); assertThat(headerJson, JsonMatcher.hasEntry("alg", "HS512")); assertThat(headerJson, JsonMatcher.hasEntry("typ", "JWT")); assertThat(parts[1], is("e30")); JWTVerifier verified = JWT.require(Algorithm.HMAC512("secret")) .build(); assertThat(verified, is(notNullValue())); }
@Test public void shouldCreateAnEmptyHMAC256SignedToken() throws Exception { String signed = JWT.create().sign(Algorithm.HMAC256("secret")); assertThat(signed, is(notNullValue())); String[] parts = signed.split("\\."); String headerJson = new String(Base64.decodeBase64(parts[0]), StandardCharsets.UTF_8); assertThat(headerJson, JsonMatcher.hasEntry("alg", "HS256")); assertThat(headerJson, JsonMatcher.hasEntry("typ", "JWT")); assertThat(parts[1], is("e30")); JWTVerifier verified = JWT.require(Algorithm.HMAC256("secret")) .build(); assertThat(verified, is(notNullValue())); }
@Test public void shouldCreateAnEmptyHMAC384SignedToken() throws Exception { String signed = JWT.create().sign(Algorithm.HMAC384("secret")); assertThat(signed, is(notNullValue())); String[] parts = signed.split("\\."); String headerJson = new String(Base64.decodeBase64(parts[0]), StandardCharsets.UTF_8); assertThat(headerJson, JsonMatcher.hasEntry("alg", "HS384")); assertThat(headerJson, JsonMatcher.hasEntry("typ", "JWT")); assertThat(parts[1], is("e30")); JWTVerifier verified = JWT.require(Algorithm.HMAC384("secret")) .build(); assertThat(verified, is(notNullValue())); }
@Test public void shouldCreateAnEmptyRSA512SignedToken() throws Exception { String signed = JWT.create().sign(Algorithm.RSA512((RSAKey) PemUtils.readPrivateKeyFromFile(PRIVATE_KEY_FILE_RSA, "RSA"))); assertThat(signed, is(notNullValue())); String[] parts = signed.split("\\."); String headerJson = new String(Base64.decodeBase64(parts[0]), StandardCharsets.UTF_8); assertThat(headerJson, JsonMatcher.hasEntry("alg", "RS512")); assertThat(headerJson, JsonMatcher.hasEntry("typ", "JWT")); assertThat(parts[1], is("e30")); JWTVerifier verified = JWT.require(Algorithm.RSA512((RSAKey) PemUtils.readPublicKeyFromFile(PUBLIC_KEY_FILE_RSA, "RSA"))) .build(); assertThat(verified, is(notNullValue())); }
@Test public void shouldCreateAnEmptyRSA384SignedToken() throws Exception { String signed = JWT.create().sign(Algorithm.RSA384((RSAKey) PemUtils.readPrivateKeyFromFile(PRIVATE_KEY_FILE_RSA, "RSA"))); assertThat(signed, is(notNullValue())); String[] parts = signed.split("\\."); String headerJson = new String(Base64.decodeBase64(parts[0]), StandardCharsets.UTF_8); assertThat(headerJson, JsonMatcher.hasEntry("alg", "RS384")); assertThat(headerJson, JsonMatcher.hasEntry("typ", "JWT")); assertThat(parts[1], is("e30")); JWTVerifier verified = JWT.require(Algorithm.RSA384((RSAKey) PemUtils.readPublicKeyFromFile(PUBLIC_KEY_FILE_RSA, "RSA"))) .build(); assertThat(verified, is(notNullValue())); }
@Test public void shouldCreateAnEmptyECDSA384SignedToken() throws Exception { String signed = JWT.create().sign(Algorithm.ECDSA384((ECKey) PemUtils.readPrivateKeyFromFile(PRIVATE_KEY_FILE_EC_384, "EC"))); assertThat(signed, is(notNullValue())); String[] parts = signed.split("\\."); String headerJson = new String(Base64.decodeBase64(parts[0]), StandardCharsets.UTF_8); assertThat(headerJson, JsonMatcher.hasEntry("alg", "ES384")); assertThat(headerJson, JsonMatcher.hasEntry("typ", "JWT")); assertThat(parts[1], is("e30")); JWTVerifier verified = JWT.require(Algorithm.ECDSA384((ECKey) PemUtils.readPublicKeyFromFile(PUBLIC_KEY_FILE_EC_384, "EC"))) .build(); assertThat(verified, is(notNullValue())); }
@Test public void shouldCreateAnEmptyRSA256SignedToken() throws Exception { String signed = JWT.create().sign(Algorithm.RSA256((RSAKey) PemUtils.readPrivateKeyFromFile(PRIVATE_KEY_FILE_RSA, "RSA"))); assertThat(signed, is(notNullValue())); String[] parts = signed.split("\\."); String headerJson = new String(Base64.decodeBase64(parts[0]), StandardCharsets.UTF_8); assertThat(headerJson, JsonMatcher.hasEntry("alg", "RS256")); assertThat(headerJson, JsonMatcher.hasEntry("typ", "JWT")); assertThat(parts[1], is("e30")); JWTVerifier verified = JWT.require(Algorithm.RSA256((RSAKey) PemUtils.readPublicKeyFromFile(PUBLIC_KEY_FILE_RSA, "RSA"))) .build(); assertThat(verified, is(notNullValue())); }
@Test public void shouldCreateAnEmptyECDSA256SignedToken() throws Exception { String signed = JWT.create().sign(Algorithm.ECDSA256((ECKey) PemUtils.readPrivateKeyFromFile(PRIVATE_KEY_FILE_EC_256, "EC"))); assertThat(signed, is(notNullValue())); String[] parts = signed.split("\\."); String headerJson = new String(Base64.decodeBase64(parts[0]), StandardCharsets.UTF_8); assertThat(headerJson, JsonMatcher.hasEntry("alg", "ES256")); assertThat(headerJson, JsonMatcher.hasEntry("typ", "JWT")); assertThat(parts[1], is("e30")); JWTVerifier verified = JWT.require(Algorithm.ECDSA256((ECKey) PemUtils.readPublicKeyFromFile(PUBLIC_KEY_FILE_EC_256, "EC"))) .build(); assertThat(verified, is(notNullValue())); }
@Test public void shouldCreateAnEmptyECDSA512SignedToken() throws Exception { String signed = JWT.create().sign(Algorithm.ECDSA512((ECKey) PemUtils.readPrivateKeyFromFile(PRIVATE_KEY_FILE_EC_512, "EC"))); assertThat(signed, is(notNullValue())); String[] parts = signed.split("\\."); String headerJson = new String(Base64.decodeBase64(parts[0]), StandardCharsets.UTF_8); assertThat(headerJson, JsonMatcher.hasEntry("alg", "ES512")); assertThat(headerJson, JsonMatcher.hasEntry("typ", "JWT")); assertThat(parts[1], is("e30")); JWTVerifier verified = JWT.require(Algorithm.ECDSA512((ECKey) PemUtils.readPublicKeyFromFile(PUBLIC_KEY_FILE_EC_512, "EC"))) .build(); assertThat(verified, is(notNullValue())); } }
/** * 生成签名,5min后过期 * @param username 用户名 * @param secret 用户的密码 * @return 加密的token */ public static String sign(String username, String secret) { try { Date date = new Date(System.currentTimeMillis()+EXPIRE_TIME); Algorithm algorithm = Algorithm.HMAC256(secret); // 附带username信息 return JWT.create() .withClaim("username", username) .withExpiresAt(date) .sign(algorithm); } catch (UnsupportedEncodingException e) { return null; } } }
public QuoineSignatureDigest( String tokenID, String userSecret, SynchronizedValueFactory<Long> nonceFactory) { this.tokenID = tokenID; this.userSecret = userSecret.getBytes(); this.nonceFactory = nonceFactory; this.builder = JWT.create(); }
@GetMapping("/token/generate/{uid}") String getToken(@PathVariable String uid) { String token = JWT.create() .withSubject(uid) .withExpiresAt(getExdate(3)) .sign(algorithm); return token; }
@Override public String newId() { final Instant now = Instant.now(); final int un2 = ThreadLocalRandom.current().nextInt(Integer.MAX_VALUE) & 0x7fffffff; return JWT.create() .withIssuer(issuer) .withIssuedAt(Date.from(now)) .withExpiresAt(Date.from(now.plus(validSeconds, ChronoUnit.SECONDS))) // To make multiple tokens issued in the same second unique, we add uniquifiers. .withClaim(CLAIM_NAME_UNIQUIFIER1, un1) .withClaim(CLAIM_NAME_UNIQUIFIER2, un2) .sign(algorithm); }
private String createToken() throws NoSuchAlgorithmException { KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA"); keyPairGenerator.initialize(2048); KeyPair keyPair = keyPairGenerator.generateKeyPair(); Algorithm algorithm = Algorithm.RSA256(( RSAPublicKey) keyPair.getPublic(), (RSAPrivateKey) keyPair.getPrivate()); return JWT.create() .withExpiresAt(Date.from(Instant.now().plusSeconds(120))) .withClaim("uid", "test") .sign(algorithm); }
public JWTBuilderImpl() { builder = JWT.create(); // default Nuxeo issuer, checked during validation builder.withIssuer(NUXEO_ISSUER); // default to current principal as subject String subject = ClientLoginModule.getCurrentPrincipal().getActingUser(); if (subject == null) { throw new NuxeoException("No currently logged-in user"); } builder.withSubject(subject); // default TTL withTTL(0); }
String generateJWT(final SmockinUser user) { return JWT.create() .withIssuer(jwtIssuer) .withClaim(jwtRoleKey, user.getRole().name()) .withClaim(jwtFullNameKey, user.getFullName()) .withClaim(jwtUserNameKey, user.getUsername()) .withSubject(jwtSubjectKey) .withIssuedAt(GeneralUtils.getCurrentDate()) .withExpiresAt(GeneralUtils.toDate(GeneralUtils.getCurrentDateTime().plusDays(99))) .sign(jwtAlgorithm); }