private static Payload jwtPayload(String targetAudience, String serviceAccountId, String tokenServerUrl) { final Payload payload = new Payload(); final long currentTime = System.currentTimeMillis(); payload.put("target_audience", targetAudience); payload.setIssuer(serviceAccountId); payload.setAudience(tokenServerUrl); payload.setIssuedAtTimeSeconds(currentTime / 1000); payload.setExpirationTimeSeconds(currentTime / 1000 + 3600); return payload; }
private String generateJwtAccess(URI uri) throws IOException { JsonWebSignature.Header header = new JsonWebSignature.Header(); header.setAlgorithm("RS256"); header.setType("JWT"); header.setKeyId(privateKeyId); JsonWebToken.Payload payload = new JsonWebToken.Payload(); long currentTime = clock.currentTimeMillis(); // Both copies of the email are required payload.setIssuer(clientEmail); payload.setSubject(clientEmail); payload.setAudience(uri.toString()); payload.setIssuedAtTimeSeconds(currentTime / 1000); payload.setExpirationTimeSeconds(currentTime / 1000 + LIFE_SPAN_SECS); JsonFactory jsonFactory = OAuth2Utils.JSON_FACTORY; String assertion; try { assertion = JsonWebSignature.signUsingRsaSha256( privateKey, jsonFactory, header, payload); } catch (GeneralSecurityException e) { throw new IOException("Error signing service account JWT access header with private key.", e); } return assertion; }
private String generateJwtAccess(URI uri) throws IOException { JsonWebSignature.Header header = new JsonWebSignature.Header(); header.setAlgorithm("RS256"); header.setType("JWT"); header.setKeyId(privateKeyId); JsonWebToken.Payload payload = new JsonWebToken.Payload(); long currentTime = clock.currentTimeMillis(); // Both copies of the email are required payload.setIssuer(clientEmail); payload.setSubject(clientEmail); payload.setAudience(uri.toString()); payload.setIssuedAtTimeSeconds(currentTime / 1000); payload.setExpirationTimeSeconds(currentTime / 1000 + LIFE_SPAN_SECS); JsonFactory jsonFactory = OAuth2Utils.JSON_FACTORY; String assertion; try { assertion = JsonWebSignature.signUsingRsaSha256( privateKey, jsonFactory, header, payload); } catch (GeneralSecurityException e) { throw new IOException("Error signing service account JWT access header with private key.", e); } return assertion; }
new JsonWebToken.Payload() .setIssuer(getServiceAccountId()) .setAudience(getTokenServerEncodedUrl())
new JsonWebToken.Payload() .setIssuer(getServiceAccountId()) .setAudience(getTokenServerEncodedUrl())
header.setType("JWT"); header.setKeyId(serviceAccountPrivateKeyId); JsonWebToken.Payload payload = new JsonWebToken.Payload(); long currentTime = getClock().currentTimeMillis(); payload.setIssuer(serviceAccountId);
String createAssertion(JsonFactory jsonFactory, long currentTime, String audience) throws IOException { JsonWebSignature.Header header = new JsonWebSignature.Header(); header.setAlgorithm("RS256"); header.setType("JWT"); header.setKeyId(privateKeyId); JsonWebToken.Payload payload = new JsonWebToken.Payload(); payload.setIssuer(clientEmail); payload.setIssuedAtTimeSeconds(currentTime / 1000); payload.setExpirationTimeSeconds(currentTime / 1000 + 3600); payload.setSubject(serviceAccountUser); payload.put("scope", Joiner.on(' ').join(scopes)); if (audience == null) { payload.setAudience(OAuth2Utils.TOKEN_SERVER_URI.toString()); } else { payload.setAudience(audience); } String assertion; try { assertion = JsonWebSignature.signUsingRsaSha256( privateKey, jsonFactory, header, payload); } catch (GeneralSecurityException e) { throw new IOException( "Error signing service account access token request with private key.", e); } return assertion; }
String createAssertion(JsonFactory jsonFactory, long currentTime, String audience) throws IOException { JsonWebSignature.Header header = new JsonWebSignature.Header(); header.setAlgorithm("RS256"); header.setType("JWT"); header.setKeyId(privateKeyId); JsonWebToken.Payload payload = new JsonWebToken.Payload(); payload.setIssuer(clientEmail); payload.setIssuedAtTimeSeconds(currentTime / 1000); payload.setExpirationTimeSeconds(currentTime / 1000 + 3600); payload.setSubject(serviceAccountUser); payload.put("scope", Joiner.on(' ').join(scopes)); if (audience == null) { payload.setAudience(OAuth2Utils.TOKEN_SERVER_URI.toString()); } else { payload.setAudience(audience); } String assertion; try { assertion = JsonWebSignature.signUsingRsaSha256( privateKey, jsonFactory, header, payload); } catch (GeneralSecurityException e) { throw new IOException( "Error signing service account access token request with private key.", e); } return assertion; }