claims.setSubject("foki"); claims.setIssuer("the issuer"); claims.setAudience("the audience");
List<String> resourceAudiences = at.getAudiences(); if (resourceAudiences.size() == 1) { claims.setAudience(resourceAudiences.get(0)); } else { claims.setAudiences(resourceAudiences);
List<String> resourceAudiences = at.getAudiences(); if (resourceAudiences.size() == 1) { claims.setAudience(resourceAudiences.get(0)); } else { claims.setAudiences(resourceAudiences);
claims.setAudience("Audience"); // to whom the token is intended to be sent claims.setExpirationTimeMinutesInTheFuture(10); // time when the token will expire (10 minutes from now)
private ClientAccessToken getAccessToken() { JwsHeaders headers = new JwsHeaders(JoseType.JWT, SignatureAlgorithm.RS256); JwtClaims claims = new JwtClaims(); claims.setIssuer(config.getServiceAccountClientId()); claims.setAudience("https://accounts.google.com/o/oauth2/token"); claims.setSubject(config.getServiceAccountSubject()); long issuedAt = OAuthUtils.getIssuedAt(); long tokenTimeout = config.getServiceAccountTokenLifetime(); claims.setIssuedAt(issuedAt); claims.setExpiryTime(issuedAt + tokenTimeout); claims.setProperty("scope", "https://www.googleapis.com/auth/admin.directory.group.readonly https://www.googleapis.com/auth/admin.directory.user"); JwtToken token = new JwtToken(headers, claims); JwsJwtCompactProducer p = new JwsJwtCompactProducer(token); String base64UrlAssertion = p.signWith(privateKey); JwtBearerGrant grant = new JwtBearerGrant(base64UrlAssertion); WebClient accessTokenService = WebClient.create("https://accounts.google.com/o/oauth2/token", Arrays.asList(new OAuthJSONProvider(), new AccessTokenGrantWriter())); accessTokenService.type(MediaType.APPLICATION_FORM_URLENCODED).accept(MediaType.APPLICATION_JSON); return accessTokenService.post(grant, ClientAccessToken.class); }