本文整理汇总了Java中com.auth0.jwt.exceptions.SignatureVerificationException类的典型用法代码示例。如果您正苦于以下问题:Java SignatureVerificationException类的具体用法?Java SignatureVerificationException怎么用?Java SignatureVerificationException使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
SignatureVerificationException类属于com.auth0.jwt.exceptions包,在下文中一共展示了SignatureVerificationException类的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Java代码示例。
示例1: recoverFrom
import com.auth0.jwt.exceptions.SignatureVerificationException; //导入依赖的package包/类
@Override
public Optional<Person> recoverFrom(String token) {
try {
JWTVerifier verifier = JWT.require(getAlgorithm())
.withIssuer(config.getString(ServerVariable.JWT_ISSUER))
.build();
verifier.verify(token);
JWT decode = JWT.decode(token);
String email = decode.getClaim(EMAIL_CLAIM).asString();
return repository.findByEmail(email);
} catch (UnsupportedEncodingException | SignatureVerificationException | JWTDecodeException e) {
return Optional.empty();
}
}
开发者ID:VendingOnTime,项目名称:server-vot,代码行数:17,代码来源:JWTTokenGenerator.java
示例2: verify
import com.auth0.jwt.exceptions.SignatureVerificationException; //导入依赖的package包/类
@Override
public void verify(DecodedJWT jwt, EncodeType encodeType) throws Exception {
byte[] signatureBytes = null;
String signature = jwt.getSignature();
String urlDecoded = null;
switch (encodeType) {
case Base16:
urlDecoded = URLDecoder.decode(signature, "UTF-8");
signatureBytes = Hex.decodeHex(urlDecoded);
break;
case Base32:
Base32 base32 = new Base32();
urlDecoded = URLDecoder.decode(signature, "UTF-8");
signatureBytes = base32.decode(urlDecoded);
break;
case Base64:
signatureBytes = Base64.decodeBase64(signature);
break;
}
if (signatureBytes.length > 0) {
throw new SignatureVerificationException(this);
}
}
开发者ID:GJWT,项目名称:javaOIDCMsg,代码行数:24,代码来源:NoneAlgorithm.java
示例3: shouldFailECDSA256VerificationOnInvalidJOSESignatureLength
import com.auth0.jwt.exceptions.SignatureVerificationException; //导入依赖的package包/类
@Test
public void shouldFailECDSA256VerificationOnInvalidJOSESignatureLength() throws Exception {
exception.expect(SignatureVerificationException.class);
exception.expectMessage("The Token's Signature resulted invalid when verified using the Algorithm: SHA256withECDSA");
exception.expectCause(isA(SignatureException.class));
exception.expectCause(hasMessage(is("Invalid JOSE signature format.")));
byte[] bytes = new byte[63];
new SecureRandom().nextBytes(bytes);
String signature = Base64.encodeBase64URLSafeString(bytes);
String token = "eyJhbGciOiJFUzI1NiJ9.eyJpc3MiOiJhdXRoMCJ9." + signature;
Algorithm algorithm = Algorithm.ECDSA256((ECKey) readPublicKeyFromFile(INVALID_PUBLIC_KEY_FILE_256, "EC"));
JWT jwt = JWT.require(algorithm).withIssuer("auth0").build();
DecodedJWT decoded = jwt.decode(token);
algorithm.verify(decoded, EncodeType.Base64);
}
开发者ID:GJWT,项目名称:javaOIDCMsg,代码行数:17,代码来源:ECDSABouncyCastleProviderTests.java
示例4: shouldFailJOSEToDERConversionOnInvalidJOSESignatureLength
import com.auth0.jwt.exceptions.SignatureVerificationException; //导入依赖的package包/类
@Test
public void shouldFailJOSEToDERConversionOnInvalidJOSESignatureLength() throws Exception {
exception.expect(SignatureVerificationException.class);
exception.expectMessage("The Token's Signature resulted invalid when verified using the Algorithm: SHA256withECDSA");
exception.expectCause(isA(SignatureException.class));
exception.expectCause(hasMessage(is("Invalid JOSE signature format.")));
byte[] bytes = new byte[256];
new SecureRandom().nextBytes(bytes);
String signature = Base64.encodeBase64URLSafeString(bytes);
String token = "eyJhbGciOiJFUzI1NiJ9.eyJpc3MiOiJhdXRoMCJ9." + signature;
ECPublicKey publicKey = (ECPublicKey) readPublicKeyFromFile(PUBLIC_KEY_FILE_256, "EC");
ECPrivateKey privateKey = mock(ECPrivateKey.class);
ECDSAKeyProvider provider = ECDSAAlgorithm.providerForKeys(publicKey, privateKey);
Algorithm algorithm = new ECDSAAlgorithm("ES256", "SHA256withECDSA", 128, provider);
JWT jwt = JWT.require(algorithm).withIssuer("auth0").build();
DecodedJWT decoded = jwt.decode(token);
algorithm.verify(decoded, EncodeType.Base64);
}
开发者ID:GJWT,项目名称:javaOIDCMsg,代码行数:21,代码来源:ECDSABouncyCastleProviderTests.java
示例5: shouldFailECDSA256VerificationOnInvalidJOSESignatureLength
import com.auth0.jwt.exceptions.SignatureVerificationException; //导入依赖的package包/类
@Test
public void shouldFailECDSA256VerificationOnInvalidJOSESignatureLength() throws Exception {
exception.expect(SignatureVerificationException.class);
exception.expectMessage("The Token's Signature resulted invalid when verified using the Algorithm: SHA256withECDSA");
exception.expectCause(isA(SignatureException.class));
exception.expectCause(hasMessage(is("Invalid JOSE signature format.")));
byte[] bytes = new byte[63];
new SecureRandom().nextBytes(bytes);
String signature = Base64.encodeBase64URLSafeString(bytes);
String token = "eyJhbGciOiJFUzI1NiJ9.eyJpc3MiOiJhdXRoMCJ9." + signature;
Algorithm algorithm = Algorithm.ECDSA256((ECKey) readPublicKeyFromFile(INVALID_PUBLIC_KEY_FILE_256, "EC"));
JWT jwt = JWT.require(algorithm).withIssuer("auth0").build();
DecodedJWT decoded = jwt.decode(token);
algorithm.verify(decoded, EncodeType.Base64);
}
开发者ID:GJWT,项目名称:javaOIDCMsg,代码行数:17,代码来源:ECDSAAlgorithmTest.java
示例6: shouldFailJOSEToDERConversionOnInvalidJOSESignatureLength
import com.auth0.jwt.exceptions.SignatureVerificationException; //导入依赖的package包/类
@Test
public void shouldFailJOSEToDERConversionOnInvalidJOSESignatureLength() throws Exception {
exception.expect(SignatureVerificationException.class);
exception.expectMessage("The Token's Signature resulted invalid when verified using the Algorithm: SHA256withECDSA");
exception.expectCause(isA(SignatureException.class));
exception.expectCause(hasMessage(is("Invalid JOSE signature format.")));
byte[] bytes = new byte[256];
new SecureRandom().nextBytes(bytes);
String signature = Base64.encodeBase64URLSafeString(bytes);
String token = "eyJhbGciOiJFUzI1NiJ9.eyJpc3MiOiJhdXRoMCJ9." + signature;
ECPublicKey publicKey = (ECPublicKey) readPublicKeyFromFile(PUBLIC_KEY_FILE_256, "EC");
ECPrivateKey privateKey = mock(ECPrivateKey.class);
ECDSAKeyProvider provider = ECDSAAlgorithm.providerForKeys(publicKey, privateKey);
Algorithm algorithm = new ECDSAAlgorithm("ES256", "SHA256withECDSA", 128, provider);
JWT jwt = JWT.require(algorithm).withIssuer("auth0").build();
DecodedJWT decoded = jwt.decode(token);
algorithm.verify(decoded, EncodeType.Base64);
}
开发者ID:GJWT,项目名称:javaOIDCMsg,代码行数:21,代码来源:ECDSAAlgorithmTest.java
示例7: shouldFailToAuthenticateUsingInvalidJWK
import com.auth0.jwt.exceptions.SignatureVerificationException; //导入依赖的package包/类
@Test
public void shouldFailToAuthenticateUsingInvalidJWK() throws Exception {
Jwk jwk = mock(Jwk.class);
JwkProvider jwkProvider = mock(JwkProvider.class);
KeyPair keyPair1 = RSAKeyPair();
KeyPair keyPair2 = RSAKeyPair();
when(jwkProvider.get(eq("key-id"))).thenReturn(jwk);
when(jwk.getPublicKey()).thenReturn(keyPair1.getPublic());
JwtAuthenticationProvider provider = new JwtAuthenticationProvider(jwkProvider, "issuer", "audience");
Map<String, Object> keyIdHeader = Collections.singletonMap("kid", (Object) "key-id");
String token = JWT.create()
.withAudience("audience")
.withIssuer("issuer")
.withHeader(keyIdHeader)
.sign(Algorithm.RSA256((RSAKey) keyPair2.getPrivate()));
Authentication authentication = PreAuthenticatedAuthenticationJsonWebToken.usingToken(token);
exception.expect(BadCredentialsException.class);
exception.expectMessage("Not a valid token");
exception.expectCause(Matchers.<Throwable>instanceOf(SignatureVerificationException.class));
provider.authenticate(authentication);
}
开发者ID:auth0,项目名称:auth0-spring-security-api,代码行数:25,代码来源:JwtAuthenticationProviderTest.java
示例8: verify
import com.auth0.jwt.exceptions.SignatureVerificationException; //导入依赖的package包/类
@Override
public void verify(DecodedJWT jwt) throws SignatureVerificationException {
byte[] contentBytes = String.format("%s.%s", jwt.getHeader(), jwt.getPayload()).getBytes(StandardCharsets.UTF_8);
byte[] signatureBytes = Base64.decodeBase64(jwt.getSignature());
try {
ECPublicKey publicKey = keyProvider.getPublicKeyById(jwt.getKeyId());
if (publicKey == null) {
throw new IllegalStateException("The given Public Key is null.");
}
boolean valid = crypto.verifySignatureFor(getDescription(), publicKey, contentBytes, JOSEToDER(signatureBytes));
if (!valid) {
throw new SignatureVerificationException(this);
}
} catch (NoSuchAlgorithmException | SignatureException | InvalidKeyException | IllegalStateException e) {
throw new SignatureVerificationException(this, e);
}
}
开发者ID:auth0,项目名称:java-jwt,代码行数:20,代码来源:ECDSAAlgorithm.java
示例9: verify
import com.auth0.jwt.exceptions.SignatureVerificationException; //导入依赖的package包/类
@Override
public void verify(DecodedJWT jwt) throws SignatureVerificationException {
byte[] contentBytes = String.format("%s.%s", jwt.getHeader(), jwt.getPayload()).getBytes(StandardCharsets.UTF_8);
byte[] signatureBytes = Base64.decodeBase64(jwt.getSignature());
try {
RSAPublicKey publicKey = keyProvider.getPublicKeyById(jwt.getKeyId());
if (publicKey == null) {
throw new IllegalStateException("The given Public Key is null.");
}
boolean valid = crypto.verifySignatureFor(getDescription(), publicKey, contentBytes, signatureBytes);
if (!valid) {
throw new SignatureVerificationException(this);
}
} catch (NoSuchAlgorithmException | SignatureException | InvalidKeyException | IllegalStateException e) {
throw new SignatureVerificationException(this, e);
}
}
开发者ID:auth0,项目名称:java-jwt,代码行数:19,代码来源:RSAAlgorithm.java
示例10: shouldFailJOSEToDERConversionOnInvalidJOSESignatureLength
import com.auth0.jwt.exceptions.SignatureVerificationException; //导入依赖的package包/类
@Test
public void shouldFailJOSEToDERConversionOnInvalidJOSESignatureLength() throws Exception {
exception.expect(SignatureVerificationException.class);
exception.expectMessage("The Token's Signature resulted invalid when verified using the Algorithm: SHA256withECDSA");
exception.expectCause(isA(SignatureException.class));
exception.expectCause(hasMessage(is("Invalid JOSE signature format.")));
byte[] bytes = new byte[256];
new SecureRandom().nextBytes(bytes);
String signature = Base64.encodeBase64URLSafeString(bytes);
String jwt = "eyJhbGciOiJFUzI1NiJ9.eyJpc3MiOiJhdXRoMCJ9." + signature;
ECPublicKey publicKey = (ECPublicKey) readPublicKeyFromFile(PUBLIC_KEY_FILE_256, "EC");
ECPrivateKey privateKey = mock(ECPrivateKey.class);
ECDSAKeyProvider provider = ECDSAAlgorithm.providerForKeys(publicKey, privateKey);
Algorithm algorithm = new ECDSAAlgorithm("ES256", "SHA256withECDSA", 128, provider);
algorithm.verify(JWT.decode(jwt));
}
开发者ID:auth0,项目名称:java-jwt,代码行数:19,代码来源:ECDSABouncyCastleProviderTests.java
示例11: shouldThrowOnVerifyWhenSignatureAlgorithmDoesNotExists
import com.auth0.jwt.exceptions.SignatureVerificationException; //导入依赖的package包/类
@Test
public void shouldThrowOnVerifyWhenSignatureAlgorithmDoesNotExists() throws Exception {
exception.expect(SignatureVerificationException.class);
exception.expectMessage("The Token's Signature resulted invalid when verified using the Algorithm: some-alg");
exception.expectCause(isA(NoSuchAlgorithmException.class));
CryptoHelper crypto = mock(CryptoHelper.class);
when(crypto.verifySignatureFor(anyString(), any(PublicKey.class), any(byte[].class), any(byte[].class)))
.thenThrow(NoSuchAlgorithmException.class);
ECPublicKey publicKey = mock(ECPublicKey.class);
ECPrivateKey privateKey = mock(ECPrivateKey.class);
ECDSAKeyProvider provider = ECDSAAlgorithm.providerForKeys(publicKey, privateKey);
Algorithm algorithm = new ECDSAAlgorithm(crypto, "some-alg", "some-algorithm", 32, provider);
String jwt = "eyJhbGciOiJFUzI1NiJ9.eyJpc3MiOiJhdXRoMCJ9.4iVk3-Y0v4RT4_9IaQlp-8dZ_4fsTzIylgrPTDLrEvTHBTyVS3tgPbr2_IZfLETtiKRqCg0aQ5sh9eIsTTwB1g";
algorithm.verify(JWT.decode(jwt));
}
开发者ID:auth0,项目名称:java-jwt,代码行数:18,代码来源:ECDSABouncyCastleProviderTests.java
示例12: shouldThrowOnVerifyWhenThePublicKeyIsInvalid
import com.auth0.jwt.exceptions.SignatureVerificationException; //导入依赖的package包/类
@Test
public void shouldThrowOnVerifyWhenThePublicKeyIsInvalid() throws Exception {
exception.expect(SignatureVerificationException.class);
exception.expectMessage("The Token's Signature resulted invalid when verified using the Algorithm: some-alg");
exception.expectCause(isA(InvalidKeyException.class));
CryptoHelper crypto = mock(CryptoHelper.class);
when(crypto.verifySignatureFor(anyString(), any(PublicKey.class), any(byte[].class), any(byte[].class)))
.thenThrow(InvalidKeyException.class);
ECPublicKey publicKey = mock(ECPublicKey.class);
ECPrivateKey privateKey = mock(ECPrivateKey.class);
ECDSAKeyProvider provider = ECDSAAlgorithm.providerForKeys(publicKey, privateKey);
Algorithm algorithm = new ECDSAAlgorithm(crypto, "some-alg", "some-algorithm", 32, provider);
String jwt = "eyJhbGciOiJFUzI1NiJ9.eyJpc3MiOiJhdXRoMCJ9.4iVk3-Y0v4RT4_9IaQlp-8dZ_4fsTzIylgrPTDLrEvTHBTyVS3tgPbr2_IZfLETtiKRqCg0aQ5sh9eIsTTwB1g";
algorithm.verify(JWT.decode(jwt));
}
开发者ID:auth0,项目名称:java-jwt,代码行数:18,代码来源:ECDSABouncyCastleProviderTests.java
示例13: shouldThrowOnVerifyWhenTheSignatureIsNotPrepared
import com.auth0.jwt.exceptions.SignatureVerificationException; //导入依赖的package包/类
@Test
public void shouldThrowOnVerifyWhenTheSignatureIsNotPrepared() throws Exception {
exception.expect(SignatureVerificationException.class);
exception.expectMessage("The Token's Signature resulted invalid when verified using the Algorithm: some-alg");
exception.expectCause(isA(SignatureException.class));
CryptoHelper crypto = mock(CryptoHelper.class);
when(crypto.verifySignatureFor(anyString(), any(PublicKey.class), any(byte[].class), any(byte[].class)))
.thenThrow(SignatureException.class);
ECPublicKey publicKey = mock(ECPublicKey.class);
ECPrivateKey privateKey = mock(ECPrivateKey.class);
ECDSAKeyProvider provider = ECDSAAlgorithm.providerForKeys(publicKey, privateKey);
Algorithm algorithm = new ECDSAAlgorithm(crypto, "some-alg", "some-algorithm", 32, provider);
String jwt = "eyJhbGciOiJFUzI1NiJ9.eyJpc3MiOiJhdXRoMCJ9.4iVk3-Y0v4RT4_9IaQlp-8dZ_4fsTzIylgrPTDLrEvTHBTyVS3tgPbr2_IZfLETtiKRqCg0aQ5sh9eIsTTwB1g";
algorithm.verify(JWT.decode(jwt));
}
开发者ID:auth0,项目名称:java-jwt,代码行数:18,代码来源:ECDSABouncyCastleProviderTests.java
示例14: shouldThrowWhenMacAlgorithmDoesNotExists
import com.auth0.jwt.exceptions.SignatureVerificationException; //导入依赖的package包/类
@Test
public void shouldThrowWhenMacAlgorithmDoesNotExists() throws Exception {
exception.expect(SignatureVerificationException.class);
exception.expectMessage("The Token's Signature resulted invalid when verified using the Algorithm: some-alg");
exception.expectCause(isA(NoSuchAlgorithmException.class));
CryptoHelper crypto = mock(CryptoHelper.class);
when(crypto.verifySignatureFor(anyString(), any(PublicKey.class), any(byte[].class), any(byte[].class)))
.thenThrow(NoSuchAlgorithmException.class);
RSAPublicKey publicKey = mock(RSAPublicKey.class);
RSAPrivateKey privateKey = mock(RSAPrivateKey.class);
RSAKeyProvider provider = RSAAlgorithm.providerForKeys(publicKey, privateKey);
Algorithm algorithm = new RSAAlgorithm(crypto, "some-alg", "some-algorithm", provider);
String jwt = "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJhdXRoMCJ9.dxXF3MdsyW-AuvwJpaQtrZ33fAde9xWxpLIg9cO2tMLH2GSRNuLAe61KsJusZhqZB9Iy7DvflcmRz-9OZndm6cj_ThGeJH2LLc90K83UEvvRPo8l85RrQb8PcanxCgIs2RcZOLygERizB3pr5icGkzR7R2y6zgNCjKJ5_NJ6EiZsGN6_nc2PRK_DbyY-Wn0QDxIxKoA5YgQJ9qafe7IN980pXvQv2Z62c3XR8dYuaXBqhthBj-AbaFHEpZapN-V-TmuLNzR2MCB6Xr7BYMuCaqWf_XU8og4XNe8f_8w9Wv5vvgqMM1KhqVpG5VdMJv4o_L4NoCROHhtUQSLRh2M9cA";
algorithm.verify(JWT.decode(jwt));
}
开发者ID:auth0,项目名称:java-jwt,代码行数:18,代码来源:RSAAlgorithmTest.java
示例15: shouldThrowWhenThePublicKeyIsInvalid
import com.auth0.jwt.exceptions.SignatureVerificationException; //导入依赖的package包/类
@Test
public void shouldThrowWhenThePublicKeyIsInvalid() throws Exception {
exception.expect(SignatureVerificationException.class);
exception.expectMessage("The Token's Signature resulted invalid when verified using the Algorithm: some-alg");
exception.expectCause(isA(InvalidKeyException.class));
CryptoHelper crypto = mock(CryptoHelper.class);
when(crypto.verifySignatureFor(anyString(), any(PublicKey.class), any(byte[].class), any(byte[].class)))
.thenThrow(InvalidKeyException.class);
RSAPublicKey publicKey = mock(RSAPublicKey.class);
RSAPrivateKey privateKey = mock(RSAPrivateKey.class);
RSAKeyProvider provider = RSAAlgorithm.providerForKeys(publicKey, privateKey);
Algorithm algorithm = new RSAAlgorithm(crypto, "some-alg", "some-algorithm", provider);
String jwt = "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJhdXRoMCJ9.dxXF3MdsyW-AuvwJpaQtrZ33fAde9xWxpLIg9cO2tMLH2GSRNuLAe61KsJusZhqZB9Iy7DvflcmRz-9OZndm6cj_ThGeJH2LLc90K83UEvvRPo8l85RrQb8PcanxCgIs2RcZOLygERizB3pr5icGkzR7R2y6zgNCjKJ5_NJ6EiZsGN6_nc2PRK_DbyY-Wn0QDxIxKoA5YgQJ9qafe7IN980pXvQv2Z62c3XR8dYuaXBqhthBj-AbaFHEpZapN-V-TmuLNzR2MCB6Xr7BYMuCaqWf_XU8og4XNe8f_8w9Wv5vvgqMM1KhqVpG5VdMJv4o_L4NoCROHhtUQSLRh2M9cA";
algorithm.verify(JWT.decode(jwt));
}
开发者ID:auth0,项目名称:java-jwt,代码行数:18,代码来源:RSAAlgorithmTest.java
示例16: shouldThrowWhenTheSignatureIsNotPrepared
import com.auth0.jwt.exceptions.SignatureVerificationException; //导入依赖的package包/类
@Test
public void shouldThrowWhenTheSignatureIsNotPrepared() throws Exception {
exception.expect(SignatureVerificationException.class);
exception.expectMessage("The Token's Signature resulted invalid when verified using the Algorithm: some-alg");
exception.expectCause(isA(SignatureException.class));
CryptoHelper crypto = mock(CryptoHelper.class);
when(crypto.verifySignatureFor(anyString(), any(PublicKey.class), any(byte[].class), any(byte[].class)))
.thenThrow(SignatureException.class);
RSAPublicKey publicKey = mock(RSAPublicKey.class);
RSAPrivateKey privateKey = mock(RSAPrivateKey.class);
RSAKeyProvider provider = RSAAlgorithm.providerForKeys(publicKey, privateKey);
Algorithm algorithm = new RSAAlgorithm(crypto, "some-alg", "some-algorithm", provider);
String jwt = "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJhdXRoMCJ9.dxXF3MdsyW-AuvwJpaQtrZ33fAde9xWxpLIg9cO2tMLH2GSRNuLAe61KsJusZhqZB9Iy7DvflcmRz-9OZndm6cj_ThGeJH2LLc90K83UEvvRPo8l85RrQb8PcanxCgIs2RcZOLygERizB3pr5icGkzR7R2y6zgNCjKJ5_NJ6EiZsGN6_nc2PRK_DbyY-Wn0QDxIxKoA5YgQJ9qafe7IN980pXvQv2Z62c3XR8dYuaXBqhthBj-AbaFHEpZapN-V-TmuLNzR2MCB6Xr7BYMuCaqWf_XU8og4XNe8f_8w9Wv5vvgqMM1KhqVpG5VdMJv4o_L4NoCROHhtUQSLRh2M9cA";
algorithm.verify(JWT.decode(jwt));
}
开发者ID:auth0,项目名称:java-jwt,代码行数:18,代码来源:RSAAlgorithmTest.java
示例17: verify
import com.auth0.jwt.exceptions.SignatureVerificationException; //导入依赖的package包/类
@Override
public void verify(DecodedJWT jwt, EncodeType encodeType) throws Exception {
byte[] contentBytes = String.format("%s.%s", jwt.getHeader(), jwt.getPayload()).getBytes(StandardCharsets.UTF_8);
byte[] signatureBytes = null;
String signature = jwt.getSignature();
String urlDecoded = null;
switch (encodeType) {
case Base16:
urlDecoded = URLDecoder.decode(signature, "UTF-8");
signatureBytes = Hex.decodeHex(urlDecoded);
break;
case Base32:
Base32 base32 = new Base32();
urlDecoded = URLDecoder.decode(signature, "UTF-8");
signatureBytes = base32.decode(urlDecoded);
break;
case Base64:
signatureBytes = Base64.decodeBase64(signature);
break;
}
try {
ECPublicKey publicKey = keyProvider.getPublicKeyById(jwt.getKeyId());
if (publicKey == null) {
throw new IllegalStateException("The given Public Key is null.");
}
boolean valid = crypto.verifySignatureFor(getDescription(), publicKey, contentBytes, JOSEToDER(signatureBytes));
if (!valid) {
throw new SignatureVerificationException(this);
}
} catch (NoSuchAlgorithmException | SignatureException | InvalidKeyException | IllegalStateException e) {
throw new SignatureVerificationException(this, e);
}
}
开发者ID:GJWT,项目名称:javaOIDCMsg,代码行数:36,代码来源:ECDSAAlgorithm.java
示例18: verify
import com.auth0.jwt.exceptions.SignatureVerificationException; //导入依赖的package包/类
@Override
public void verify(DecodedJWT jwt, EncodeType encodeType) throws Exception {
byte[] contentBytes = String.format("%s.%s", jwt.getHeader(), jwt.getPayload()).getBytes(StandardCharsets.UTF_8);
byte[] signatureBytes = null;
String signature = jwt.getSignature();
String urlDecoded = null;
switch (encodeType) {
case Base16:
urlDecoded = URLDecoder.decode(signature, "UTF-8");
signatureBytes = Hex.decodeHex(urlDecoded);
break;
case Base32:
Base32 base32 = new Base32();
urlDecoded = URLDecoder.decode(signature, "UTF-8");
signatureBytes = base32.decode(urlDecoded);
break;
case Base64:
signatureBytes = Base64.decodeBase64(signature);
break;
}
try {
boolean valid = crypto.verifySignatureFor(getDescription(), secret, contentBytes, signatureBytes);
if (!valid) {
throw new SignatureVerificationException(this);
}
} catch (IllegalStateException | InvalidKeyException | NoSuchAlgorithmException e) {
throw new SignatureVerificationException(this, e);
}
}
开发者ID:GJWT,项目名称:javaOIDCMsg,代码行数:31,代码来源:HMACAlgorithm.java
示例19: verify
import com.auth0.jwt.exceptions.SignatureVerificationException; //导入依赖的package包/类
@Override
public void verify(DecodedJWT jwt, EncodeType encodeType) throws Exception {
byte[] contentBytes = String.format("%s.%s", jwt.getHeader(), jwt.getPayload()).getBytes(StandardCharsets.UTF_8);
byte[] signatureBytes = null;
String signature = jwt.getSignature();
String urlDecoded = null;
switch (encodeType) {
case Base16:
urlDecoded = URLDecoder.decode(signature, "UTF-8");
signatureBytes = Hex.decodeHex(urlDecoded);
break;
case Base32:
Base32 base32 = new Base32();
urlDecoded = URLDecoder.decode(signature, "UTF-8");
signatureBytes = base32.decode(urlDecoded);
break;
case Base64:
signatureBytes = Base64.decodeBase64(signature);
break;
}
try {
RSAPublicKey publicKey = keyProvider.getPublicKeyById(jwt.getKeyId());
if (publicKey == null) {
throw new IllegalStateException("The given Public Key is null.");
}
boolean valid = crypto.verifySignatureFor(getDescription(), publicKey, contentBytes, signatureBytes);
if (!valid) {
throw new SignatureVerificationException(this);
}
} catch (NoSuchAlgorithmException | SignatureException | InvalidKeyException | IllegalStateException e) {
throw new SignatureVerificationException(this, e);
}
}
开发者ID:GJWT,项目名称:javaOIDCMsg,代码行数:35,代码来源:RSAAlgorithm.java
示例20: shouldFailHMAC256VerificationWithInvalidSecretString
import com.auth0.jwt.exceptions.SignatureVerificationException; //导入依赖的package包/类
@Test
public void shouldFailHMAC256VerificationWithInvalidSecretString() throws Exception {
exception.expect(SignatureVerificationException.class);
exception.expectMessage("The Token's Signature resulted invalid when verified using the Algorithm: HmacSHA256");
String token = "eyJhbGciOiJIUzI1NiIsImN0eSI6IkpXVCJ9.eyJpc3MiOiJhdXRoMCJ9.mZ0m_N1J4PgeqWmi903JuUoDRZDBPB7HwkS4nVyWH1M";
Algorithm algorithm = Algorithm.HMAC256("not_real_secret");
JWT jwt = JWT.require(algorithm).withIssuer("auth0").build();
DecodedJWT decoded = jwt.decode(token);
algorithm.verify(decoded, EncodeType.Base64);
}
开发者ID:GJWT,项目名称:javaOIDCMsg,代码行数:11,代码来源:HMACAlgorithmTest.java
注:本文中的com.auth0.jwt.exceptions.SignatureVerificationException类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
请发表评论