MACSigner signer = new MACSigner((OctetSequenceKey) jwk); signers.put(id, signer);
public JWTCustomSigner() { try { this.signer = new MACSigner(JWTSecrets.DEFAULT_SECRET); } catch (KeyLengthException e) { this.signer = null; } }
byte[] bytes = new byte[32]; String message = "secret"; MessageDigest md = MessageDigest.getInstance("SHA-256"); bytes = md.digest(message.getBytes("UTF-8")); JWSSigner signer = new MACSigner(bytes);
private static MACSigner createMACSigner(String sharedSecret) { try { return new MACSigner(sharedSecret); } catch (KeyLengthException e) { throw new JwtMalformedSharedSecretException("Failed to create MAC signer with the provided secret key", e); } } }
public LemonJwsService(String secret) throws JOSEException { byte[] secretKey = secret.getBytes(); signer = new MACSigner(secret); verifier = new MACVerifier(secret); }
public static JWSSigner findSigner(KeyAndJwk randomKey) throws JOSEException{ if(randomKey.jwk instanceof RSAKey){ return new RSASSASigner((RSAKey)randomKey.jwk); } else if (randomKey.jwk instanceof ECKey){ return new ECDSASigner((ECKey)randomKey.jwk); } else if (randomKey.jwk instanceof OctetSequenceKey){ return new MACSigner((OctetSequenceKey)randomKey.jwk); } else { throw new IllegalStateException("Unknown key type: " + randomKey.jwk.getClass().getName()); } } }
// Generate random 256-bit (32-byte) shared secret SecureRandom random = new SecureRandom(); byte[] sharedSecret = new byte[32]; random.nextBytes(sharedSecret); // Create HMAC signer JWSSigner signer = new MACSigner(sharedSecret); // Prepare JWT with claims set JWTClaimsSet claimsSet = new JWTClaimsSet(); claimsSet.setSubject("alice"); claimsSet.setIssuer("https://c2id.com"); claimsSet.setExpirationTime(new Date(new Date().getTime() + 60 * 1000)); SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.HS256), claimsSet); // Apply the HMAC protection signedJWT.sign(signer); // Serialize to compact form, produces something like // eyJhbGciOiJIUzI1NiJ9.SGVsbG8sIHdvcmxkIQ.onO9Ihudz3WkiauDO2Uhyuz0Y18UASXlSc1eS0NkWyA String s = signedJWT.serialize();
if(algoPrefs==null) algoPrefs = JWSAlgorithm.Family.HMAC_SHA; jwsAlgorithm = selectAlgoPref(JWSAlgorithm.Family.HMAC_SHA, algoPrefs); if(jwsAlgorithm!=null)signer = new MACSigner((OctetSequenceKey) jwk); } else { throw new IllegalStateException("Key provided is not a signature key. Key must be of type JWS RSAKey or ECKey or OctetSequenceKey");
default String createToken(Object userId) { try { JWTClaimsSet.Builder builder = new JWTClaimsSet.Builder(); builder.issuer(getIssuer()); builder.subject(userId.toString()); builder.issueTime(new Date()); builder.notBeforeTime(new Date()); builder.expirationTime(new Date(new Date().getTime() + getExpirationDate())); builder.jwtID(UUID.randomUUID().toString()); JWTClaimsSet claimsSet = builder.build(); JWSHeader header = new JWSHeader(JWSAlgorithm.HS256); Payload payload = new Payload(claimsSet.toJSONObject()); JWSObject jwsObject = new JWSObject(header, payload); JWSSigner signer = new MACSigner(getSharedKey()); jwsObject.sign(signer); return jwsObject.serialize(); } catch (JOSEException ex) { return null; } }
@Override public SignedJWT sign(final JWTClaimsSet claims) { init(); try { final JWSSigner signer = new MACSigner(this.secret); final SignedJWT signedJWT = new SignedJWT(new JWSHeader(algorithm), claims); signedJWT.sign(signer); return signedJWT; } catch (final JOSEException e) { throw new TechnicalException(e); } }
public static JWSObject newJWSObject(JWTUser user) throws JOSEException { JWSSigner signer = new MACSigner(JWT.SHARED_SECRET); JWSObject jwsObject = new JWSObject(new JWSHeader(JWSAlgorithm.HS256), new Payload(user)); jwsObject.sign(signer); return jwsObject; }
@Test(groups = TCKConstants.TEST_GROUP_DEBUG, description = "Validate how to use the HS256 signature alg") public void testHS256() throws Exception { JWTClaimsSet claimsSet = JWTClaimsSet.parse("{\"sub\":\"jdoe\"}"); SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.HS256), claimsSet); SecureRandom random = new SecureRandom(); BigInteger secret = BigInteger.probablePrime(256, random); JWSSigner signer = new MACSigner(secret.toByteArray()); signedJWT.sign(signer); }
SecretKey.class.cast(key).getSecretKey(), "signing key needs to exist " + key.getUuid()); signer = new MACSigner(privateKey.getEncoded());
public static String serialize(JWTClaimsSet claimsSet, byte[] key) { try { // Create HMAC signer JWSSigner signer = new MACSigner(key); SignedJWT signedJWT = new SignedJWT(HEADER, claimsSet); // Apply the HMAC signedJWT.sign(signer); // Create JWE object with signed JWT as payload JWEObject jweObject = new JWEObject( JWE_HEADER, new Payload(signedJWT)); // Perform encryption jweObject.encrypt(new DirectEncrypter(key)); // Serialise to JWE compact form String jweString = jweObject.serialize(); return jweString; } catch (JOSEException e) { throw new IllegalStateException(e); } }
private JWSSigner createSigner() throws KrbException { // Create signer with the private key if (RSASSASigner.SUPPORTED_ALGORITHMS.contains(jwsAlgorithm)) { if (!(signKey instanceof RSAPrivateKey)) { throw new KrbException("An RSAPrivateKey key must be specified for signature"); } return new RSASSASigner((RSAPrivateKey) signKey); } else if (ECDSASigner.SUPPORTED_ALGORITHMS.contains(jwsAlgorithm)) { if (!(signKey instanceof ECPrivateKey)) { throw new KrbException("A ECPrivateKey key must be specified for signature"); } try { return new ECDSASigner((ECPrivateKey) signKey); } catch (JOSEException e) { throw new KrbException(e.getMessage(), e); } } else if (MACSigner.SUPPORTED_ALGORITHMS.contains(jwsAlgorithm)) { if (!(signKey instanceof byte[])) { throw new KrbException("A byte[] key must be specified for signature"); } try { return new MACSigner((byte[]) signKey); } catch (KeyLengthException e) { throw new KrbException(e.getMessage(), e); } } throw new KrbException("An unknown signature algorithm was specified"); }
private JWSSigner createSigner() throws KrbException { // Create signer with the private key if (RSASSASigner.SUPPORTED_ALGORITHMS.contains(jwsAlgorithm)) { if (!(signKey instanceof RSAPrivateKey)) { throw new KrbException("An RSAPrivateKey key must be specified for signature"); } return new RSASSASigner((RSAPrivateKey) signKey); } else if (ECDSASigner.SUPPORTED_ALGORITHMS.contains(jwsAlgorithm)) { if (!(signKey instanceof ECPrivateKey)) { throw new KrbException("A ECPrivateKey key must be specified for signature"); } try { return new ECDSASigner((ECPrivateKey) signKey); } catch (JOSEException e) { throw new KrbException(e.getMessage(), e); } } else if (MACSigner.SUPPORTED_ALGORITHMS.contains(jwsAlgorithm)) { if (!(signKey instanceof byte[])) { throw new KrbException("A byte[] key must be specified for signature"); } try { return new MACSigner((byte[]) signKey); } catch (KeyLengthException e) { throw new KrbException(e.getMessage(), e); } } throw new KrbException("An unknown signature algorithm was specified"); }
public String serialize(IdentityReference reference) throws Exception { // Create HMAC signer JWSSigner signer = new MACSigner(secretKey.getEncoded()); // Prepare JWT with claims set JWTClaimsSet claimsSet = new JWTClaimsSet.Builder() .subject(reference.getReference()) .issuer(reference.getSource()) .build(); SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.HS256), claimsSet); // Apply the HMAC protection signedJWT.sign(signer); // Create JWE object with signed JWT as payload JWEObject jweObject = new JWEObject( new JWEHeader.Builder(JWEAlgorithm.DIR, EncryptionMethod.A256GCM) .contentType("JWT") // required to signal nested JWT .build(), new Payload(signedJWT)); // Perform encryption jweObject.encrypt(new DirectEncrypter(secretKey.getEncoded())); // Serialize to compact form return new String(Base64.getEncoder().encode(jweObject.serialize().getBytes())); }
public String serialize(IdentityReference reference) throws Exception { // Create HMAC signer JWSSigner signer = new MACSigner(secretKey.getEncoded()); // Prepare JWT with claims set JWTClaimsSet claimsSet = new JWTClaimsSet.Builder() .subject(reference.getReference()) .issuer(reference.getSource()) .build(); SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.HS256), claimsSet); // Apply the HMAC protection signedJWT.sign(signer); // Create JWE object with signed JWT as payload JWEObject jweObject = new JWEObject( new JWEHeader.Builder(JWEAlgorithm.DIR, EncryptionMethod.A256GCM) .contentType("JWT") // required to signal nested JWT .build(), new Payload(signedJWT)); // Perform encryption jweObject.encrypt(new DirectEncrypter(secretKey.getEncoded())); // Serialize to compact form return new String(Base64.getEncoder().encode(jweObject.serialize().getBytes())); }
userSecret = user.getTokenSecret(); JWSSigner signer = new MACSigner(app.getSecret() + userSecret); SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.HS256), claimsSet.build()); signedJWT.sign(signer);
userSecret = user.getTokenSecret(); JWSSigner signer = new MACSigner(app.getSecret() + userSecret); SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.HS256), claimsSet.build()); signedJWT.sign(signer);