@Override public T onClaimsJws(Jws<Claims> jws) { throw new UnsupportedJwtException("Signed Claims JWSs are not supported."); } }
@Override public T onPlaintextJwt(Jwt<Header, String> jwt) { throw new UnsupportedJwtException("Unsigned plaintext JWTs are not supported."); }
@Override public T onPlaintextJws(Jws<String> jws) { throw new UnsupportedJwtException("Signed plaintext JWSs are not supported."); }
@Override public T onClaimsJwt(Jwt<Header, Claims> jwt) { throw new UnsupportedJwtException("Unsigned Claims JWTs are not supported."); }
/** * Convenience method invoked by {@link #resolveSigningKey(JwsHeader, Claims)} that obtains the necessary signing * key bytes. This implementation simply throws an exception: if the JWS parsed is a Claims JWS, you must * override this method or the {@link #resolveSigningKey(JwsHeader, Claims)} method instead. * * <p><b>NOTE:</b> You cannot override this method when validating RSA signatures. If you expect RSA signatures, * you must override the {@link #resolveSigningKey(JwsHeader, Claims)} method instead.</p> * * @param header the parsed {@link JwsHeader} * @param claims the parsed {@link Claims} * @return the signing key bytes to use to verify the JWS signature. */ public byte[] resolveSigningKeyBytes(JwsHeader header, Claims claims) { throw new UnsupportedJwtException("The specified SigningKeyResolver implementation does not support " + "Claims JWS signing key resolution. Consider overriding either the " + "resolveSigningKey(JwsHeader, Claims) method or, for HMAC algorithms, the " + "resolveSigningKeyBytes(JwsHeader, Claims) method."); }
/** * Convenience method invoked by {@link #resolveSigningKey(JwsHeader, String)} that obtains the necessary signing * key bytes. This implementation simply throws an exception: if the JWS parsed is a plaintext JWS, you must * override this method or the {@link #resolveSigningKey(JwsHeader, String)} method instead. * * @param header the parsed {@link JwsHeader} * @param payload the parsed String plaintext payload * @return the signing key bytes to use to verify the JWS signature. */ public byte[] resolveSigningKeyBytes(JwsHeader header, String payload) { throw new UnsupportedJwtException("The specified SigningKeyResolver implementation does not support " + "plaintext JWS signing key resolution. Consider overriding either the " + "resolveSigningKey(JwsHeader, String) method or, for HMAC algorithms, the " + "resolveSigningKeyBytes(JwsHeader, String) method."); } }
public Key getKey(SignatureAlgorithm algorithm) { if (algorithm.isHmac()) { if (hmacKey == null) { throw new UnsupportedJwtException(format("JWT is signed with %s, but no HMAC key is configured", algorithm)); } return new SecretKeySpec(hmacKey, algorithm.getJcaName()); } if (publicKey == null) { throw new UnsupportedJwtException(format("JWT is signed with %s, but no key is configured", algorithm)); } return publicKey; } }
@Override public Jwt<Header, Claims> parseClaimsJwt(String claimsJwt) { try { return parse(claimsJwt, new JwtHandlerAdapter<Jwt<Header, Claims>>() { @Override public Jwt<Header, Claims> onClaimsJwt(Jwt<Header, Claims> jwt) { return jwt; } }); } catch (IllegalArgumentException iae) { throw new UnsupportedJwtException("Signed JWSs are not supported.", iae); } }
@Override public Jws<String> parsePlaintextJws(String plaintextJws) { try { return parse(plaintextJws, new JwtHandlerAdapter<Jws<String>>() { @Override public Jws<String> onPlaintextJws(Jws<String> jws) { return jws; } }); } catch (IllegalArgumentException iae) { throw new UnsupportedJwtException("Signed JWSs are not supported.", iae); } }
@Override public byte[] resolveSigningKeyBytes(JwsHeader header, Claims claims) { final String identity = claims.getSubject(); // Get the key based on the key id in the claims final Integer keyId = claims.get(KEY_ID_CLAIM, Integer.class); final Key key = keyService.getKey(keyId); // Ensure we were able to find a key that was previously issued by this key service for this user if (key == null || key.getKey() == null) { throw new UnsupportedJwtException("Unable to determine signing key for " + identity + " [kid: " + keyId + "]"); } return key.getKey().getBytes(StandardCharsets.UTF_8); } }).parseClaimsJws(base64EncodedToken);
"trusted. Another possibility is that the parser was configured with the incorrect " + "signing key, but this cannot be assumed for security reasons."; throw new UnsupportedJwtException(msg, e);
@Override public T onClaimsJws(Jws<Claims> jws) { throw new UnsupportedJwtException("Signed Claims JWSs are not supported."); } }
@Override public T onClaimsJws(Jws<Claims> jws) { throw new UnsupportedJwtException("Signed Claims JWSs are not supported."); } }
@Override public T onPlaintextJwt(Jwt<Header, String> jwt) { throw new UnsupportedJwtException("Unsigned plaintext JWTs are not supported."); }
@Override public T onPlaintextJwt(Jwt<Header, String> jwt) { throw new UnsupportedJwtException("Unsigned plaintext JWTs are not supported."); }
@Override public T onPlaintextJws(Jws<String> jws) { throw new UnsupportedJwtException("Signed plaintext JWSs are not supported."); }
@Override public T onClaimsJwt(Jwt<Header, Claims> jwt) { throw new UnsupportedJwtException("Unsigned Claims JWTs are not supported."); }
@Override public T onPlaintextJws(Jws<String> jws) { throw new UnsupportedJwtException("Signed plaintext JWSs are not supported."); }
@Override public Jwt<Header, Claims> parseClaimsJwt(String claimsJwt) { try { return parse(claimsJwt, new JwtHandlerAdapter<Jwt<Header, Claims>>() { @Override public Jwt<Header, Claims> onClaimsJwt(Jwt<Header, Claims> jwt) { return jwt; } }); } catch (IllegalArgumentException iae) { throw new UnsupportedJwtException("Signed JWSs are not supported.", iae); } }
@Override public byte[] resolveSigningKeyBytes(JwsHeader header, Claims claims) { final String identity = claims.getSubject(); // Get the key based on the key id in the claims final Integer keyId = claims.get(KEY_ID_CLAIM, Integer.class); final Key key = keyService.getKey(keyId); // Ensure we were able to find a key that was previously issued by this key service for this user if (key == null || key.getKey() == null) { throw new UnsupportedJwtException("Unable to determine signing key for " + identity + " [kid: " + keyId + "]"); } return key.getKey().getBytes(StandardCharsets.UTF_8); } }).parseClaimsJws(base64EncodedToken);