/** * The {@link Jwt}'s subject, if any */ @Override public String getName() { return this.getToken().getSubject(); } }
private static Map<String, Object> validateRequiredClaims(Jwt idToken) { Map<String, Object> requiredClaims = new HashMap<>(); URL issuer = idToken.getIssuer(); if (issuer == null) { requiredClaims.put(IdTokenClaimNames.ISS, issuer); } String subject = idToken.getSubject(); if (subject == null) { requiredClaims.put(IdTokenClaimNames.SUB, subject); } List<String> audience = idToken.getAudience(); if (CollectionUtils.isEmpty(audience)) { requiredClaims.put(IdTokenClaimNames.AUD, audience); } Instant expiresAt = idToken.getExpiresAt(); if (expiresAt == null) { requiredClaims.put(IdTokenClaimNames.EXP, expiresAt); } Instant issuedAt = idToken.getIssuedAt(); if (issuedAt == null) { requiredClaims.put(IdTokenClaimNames.IAT, issuedAt); } return requiredClaims; } }
@Test public void constructorWhenParametersProvidedAndValidThenCreated() { Jwt jwt = new Jwt(JWT_TOKEN_VALUE, Instant.ofEpochMilli(IAT_VALUE), Instant.ofEpochMilli(EXP_VALUE), HEADERS, CLAIMS); assertThat(jwt.getTokenValue()).isEqualTo(JWT_TOKEN_VALUE); assertThat(jwt.getHeaders()).isEqualTo(HEADERS); assertThat(jwt.getClaims()).isEqualTo(CLAIMS); assertThat(jwt.getIssuer().toString()).isEqualTo(ISS_VALUE); assertThat(jwt.getSubject()).isEqualTo(SUB_VALUE); assertThat(jwt.getAudience()).isEqualTo(AUD_VALUE); assertThat(jwt.getExpiresAt().toEpochMilli()).isEqualTo(EXP_VALUE); assertThat(jwt.getNotBefore().getEpochSecond()).isEqualTo(NBF_VALUE); assertThat(jwt.getIssuedAt().toEpochMilli()).isEqualTo(IAT_VALUE); assertThat(jwt.getId()).isEqualTo(JTI_VALUE); } }
/** * The {@link Jwt}'s subject, if any */ @Override public String getName() { return this.getToken().getSubject(); } }
@RequestMapping("/topsecret") public String secured() { Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication != null && authentication.getPrincipal() instanceof Jwt) { Jwt jwt = (Jwt) authentication.getPrincipal(); return String.format("You are [%s] with e-mail address [%s].%n", jwt.getSubject(), jwt.getClaimAsString("email")); } else { return "Something went wrong; authentication is not provided by IAP/JWT.\n"; } }