@Override public String createToken(final String to) { try { val token = UUID.randomUUID().toString(); val claims = new JwtClaims(); claims.setJwtId(token); claims.setIssuer(issuer); claims.setAudience(issuer); claims.setExpirationTimeMinutesInTheFuture(properties.getReset().getExpirationMinutes()); claims.setIssuedAtToNow(); val holder = ClientInfoHolder.getClientInfo(); if (holder != null) { claims.setStringClaim("origin", holder.getServerIpAddress()); claims.setStringClaim("client", holder.getClientIpAddress()); } claims.setSubject(to); LOGGER.debug("Creating password management token for [{}]", to); val json = claims.toJson(); LOGGER.debug("Encoding the generated JSON token..."); return this.cipherExecutor.encode(json); } catch (final Exception e) { LOGGER.error(e.getMessage(), e); } return null; }
@Override public String createToken(HobsonUser user) { try { JwtClaims claims = new JwtClaims(); claims.setIssuer(oidcConfig.getIssuer()); claims.setAudience(System.getenv("OIDC_AUDIENCE") != null ? System.getenv("OIDC_AUDIENCE") : System.getProperty("OIDC_AUDIENCE", "hobson-webconsole")); claims.setSubject(user.getId()); claims.setStringClaim(PROP_FIRST_NAME, user.getGivenName()); claims.setStringClaim(PROP_LAST_NAME, user.getFamilyName()); claims.setExpirationTimeMinutesInTheFuture(DEFAULT_EXPIRATION_MINUTES); claims.setClaim("realm_access", Collections.singletonMap("roles", user.getRoles())); Collection<String> hubs = getHubsForUser(user.getId()); if (hubs != null) { claims.setStringClaim("hubs", StringUtils.join(hubs, ",")); } JsonWebSignature jws = new JsonWebSignature(); jws.setPayload(claims.toJson()); jws.setKey(((RsaJsonWebKey)oidcConfig.getSigningKey()).getPrivateKey()); jws.setKeyIdHeaderValue(((RsaJsonWebKey)oidcConfig.getSigningKey()).getKeyType()); jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.RSA_USING_SHA256); return jws.getCompactSerialization(); } catch (JoseException e) { logger.error("Error generating token", e); throw new HobsonAuthenticationException("Error generating token"); } }