examples.AuthJWTExamples Maven / Gradle / Ivy
/*
* Copyright 2014 Red Hat, Inc.
*
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* and Apache License v2.0 which accompanies this distribution.
*
* The Eclipse Public License is available at
* http://www.eclipse.org/legal/epl-v10.html
*
* The Apache License v2.0 is available at
* http://www.opensource.org/licenses/apache2.0.php
*
* You may elect to redistribute this code under either of these licenses.
*/
package examples;
import io.vertx.core.Vertx;
import io.vertx.core.json.JsonArray;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.auth.KeyStoreOptions;
import io.vertx.ext.auth.PubSecKeyOptions;
import io.vertx.ext.auth.User;
import io.vertx.ext.auth.authentication.AuthenticationProvider;
import io.vertx.ext.auth.authorization.AuthorizationProvider;
import io.vertx.ext.auth.authorization.PermissionBasedAuthorization;
import io.vertx.ext.auth.jwt.JWTAuth;
import io.vertx.ext.auth.jwt.JWTAuthOptions;
import io.vertx.ext.auth.jwt.authorization.MicroProfileAuthorization;
import io.vertx.ext.auth.JWTOptions;
/**
* @author Tim Fox
*/
public class AuthJWTExamples {
public void example6(Vertx vertx) {
JWTAuthOptions config = new JWTAuthOptions()
.setKeyStore(new KeyStoreOptions()
.setPath("keystore.jceks")
.setPassword("secret"));
AuthenticationProvider provider = JWTAuth.create(vertx, config);
}
public void example7(Vertx vertx, String username, String password) {
JWTAuthOptions config = new JWTAuthOptions()
.setKeyStore(new KeyStoreOptions()
.setPath("keystore.jceks")
.setPassword("secret"));
JWTAuth provider = JWTAuth.create(vertx, config);
// on the verify endpoint once you verify the identity
// of the user by its username/password
if ("paulo".equals(username) && "super_secret".equals(password)) {
String token = provider.generateToken(
new JsonObject().put("sub", "paulo"), new JWTOptions());
// now for any request to protected resources you should
// pass this string in the HTTP header Authorization as:
// Authorization: Bearer
}
}
public void example8(Vertx vertx) {
JWTAuthOptions config = new JWTAuthOptions()
.addPubSecKey(new PubSecKeyOptions()
.setAlgorithm("RS256")
.setBuffer("BASE64-ENCODED-PUBLIC_KEY"));
AuthenticationProvider provider = JWTAuth.create(vertx, config);
}
public void example9(JWTAuth jwtAuth) {
// This string is what you see after the string "Bearer" in the
// HTTP Authorization header
jwtAuth.authenticate(new JsonObject().put("token", "BASE64-ENCODED-STRING"))
.onSuccess(user -> System.out.println("User: " + user.principal()))
.onFailure(err -> {
// Failed!
});
}
public void example10(JWTAuth jwtAuth) {
// This string is what you see after the string "Bearer" in the
// HTTP Authorization header
// In this case we are forcing the provider to ignore the `exp` field
jwtAuth.authenticate(
new JsonObject()
.put("token", "BASE64-ENCODED-STRING")
.put("options", new JsonObject()
.put("ignoreExpiration", true)))
.onSuccess(user -> System.out.println("User: " + user.principal()))
.onFailure(err -> {
// Failed!
});
}
public void example11(JWTAuth jwtAuth) {
// This string is what you see after the string "Bearer" in the
// HTTP Authorization header
// In this case we are forcing the provider to verify the aud field
jwtAuth.authenticate(
new JsonObject()
.put("token", "BASE64-ENCODED-STRING")
.put("options", new JsonObject()
.put("audience", new JsonArray().add("[email protected]"))))
.onSuccess(user -> System.out.println("User: " + user.principal()))
.onFailure(err -> {
// Failed!
});
}
public void example12(JWTAuth jwtAuth) {
// This string is what you see after the string "Bearer" in the
// HTTP Authorization header
// In this case we are forcing the provider to verify the issuer
jwtAuth.authenticate(
new JsonObject()
.put("token", "BASE64-ENCODED-STRING")
.put("options", new JsonObject()
.put("issuer", "mycorp.com")))
.onSuccess(user -> System.out.println("User: " + user.principal()))
.onFailure(err -> {
// Failed!
});
}
public void example13(User user) {
AuthorizationProvider authz = MicroProfileAuthorization.create();
authz.getAuthorizations(user)
.onSuccess(v -> {
// and now we can perform checks as needed
if (PermissionBasedAuthorization.create("create-report").match(user)) {
// Yes the user can create reports
}
});
}
public void example14(Vertx vertx) {
JsonObject config = new JsonObject()
.put("public-key", "BASE64-ENCODED-PUBLIC_KEY")
// since we're consuming keycloak JWTs we need
// to locate the permission claims in the token
.put("permissionsClaimKey", "realm_access/roles");
AuthenticationProvider provider =
JWTAuth.create(vertx, new JWTAuthOptions(config));
}
public void example15(Vertx vertx) {
JWTAuth provider = JWTAuth.create(vertx, new JWTAuthOptions()
.addPubSecKey(new PubSecKeyOptions()
.setAlgorithm("RS256")
.setBuffer(
"-----BEGIN PUBLIC KEY-----\n" +
"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPSbCQY5mBKFDIn1kggv\n" +
"Wb4ChjrctqD4nFnJOJk4mpuZ/u3h2ZgeKJJkJv8+5oFO6vsEwF7/TqKXp0XDp6IH\n" +
"byaOSWdkl535rCYR5AxDSjwnuSXsSp54pvB+fEEFDPFF81GHixepIbqXCB+BnCTg\n" +
"N65BqwNn/1Vgqv6+H3nweNlbTv8e/scEgbg6ZYcsnBBB9kYLp69FSwNWpvPmd60e\n" +
"3DWyIo3WCUmKlQgjHL4PHLKYwwKgOHG/aNl4hN4/wqTixCAHe6KdLnehLn71x+Z0\n" +
"SyXbWooftefpJP1wMbwlCpH3ikBzVIfHKLWT9QIOVoRgchPU3WAsZv/ePgl5i8Co\n" +
"qwIDAQAB\n" +
"-----END PUBLIC KEY-----"))
.addPubSecKey(new PubSecKeyOptions()
.setAlgorithm("RS256")
.setBuffer(
"-----BEGIN PRIVATE KEY-----\n" +
"MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDE9JsJBjmYEoUM\n" +
"ifWSCC9ZvgKGOty2oPicWck4mTiam5n+7eHZmB4okmQm/z7mgU7q+wTAXv9Oopen\n" +
"RcOnogdvJo5JZ2SXnfmsJhHkDENKPCe5JexKnnim8H58QQUM8UXzUYeLF6khupcI\n" +
"H4GcJOA3rkGrA2f/VWCq/r4fefB42VtO/x7+xwSBuDplhyycEEH2Rgunr0VLA1am\n" +
"8+Z3rR7cNbIijdYJSYqVCCMcvg8cspjDAqA4cb9o2XiE3j/CpOLEIAd7op0ud6Eu\n" +
"fvXH5nRLJdtaih+15+kk/XAxvCUKkfeKQHNUh8cotZP1Ag5WhGByE9TdYCxm/94+\n" +
"CXmLwKirAgMBAAECggEAeQ+M+BgOcK35gAKQoklLqZLEhHNL1SnOhnQd3h84DrhU\n" +
"CMF5UEFTUEbjLqE3rYGP25mdiw0ZSuFf7B5SrAhJH4YIcZAO4a7ll23zE0SCW+/r\n" +
"zr9DpX4Q1TP/2yowC4uGHpBfixxpBmVljkWnai20cCU5Ef/O/cAh4hkhDcHrEKwb\n" +
"m9nymKQt06YnvpCMKoHDdqzfB3eByoAKuGxo/sbi5LDpWalCabcg7w+WKIEU1PHb\n" +
"Qi+RiDf3TzbQ6TYhAEH2rKM9JHbp02TO/r3QOoqHMITW6FKYvfiVFN+voS5zzAO3\n" +
"c5X4I+ICNzm+mnt8wElV1B6nO2hFg2PE9uVnlgB2GQKBgQD8xkjNhERaT7f78gBl\n" +
"ch15DRDH0m1rz84PKRznoPrSEY/HlWddlGkn0sTnbVYKXVTvNytKSmznRZ7fSTJB\n" +
"2IhQV7+I0jeb7pyLllF5PdSQqKTk6oCeL8h8eDPN7awZ731zff1AGgJ3DJXlRTh/\n" +
"O6zj9nI8llvGzP30274I2/+cdwKBgQDHd/twbiHZZTDexYewP0ufQDtZP1Nk54fj\n" +
"EpkEuoTdEPymRoq7xo+Lqj5ewhAtVKQuz6aH4BeEtSCHhxy8OFLDBdoGCEd/WBpD\n" +
"f+82sfmGk+FxLyYkLxHCxsZdOb93zkUXPCoCrvNRaUFO1qq5Dk8eftGCdC3iETHE\n" +
"6h5avxHGbQKBgQCLHQVMNhL4MQ9slU8qhZc627n0fxbBUuhw54uE3s+rdQbQLKVq\n" +
"lxcYV6MOStojciIgVRh6FmPBFEvPTxVdr7G1pdU/k5IPO07kc6H7O9AUnPvDEFwg\n" +
"suN/vRelqbwhufAs85XBBY99vWtxdpsVSt5nx2YvegCgdIj/jUAU2B7hGQKBgEgV\n" +
"sCRdaJYr35FiSTsEZMvUZp5GKFka4xzIp8vxq/pIHUXp0FEz3MRYbdnIwBfhssPH\n" +
"/yKzdUxcOLlBtry+jgo0nyn26/+1Uyh5n3VgtBBSePJyW5JQAFcnhqBCMlOVk5pl\n" +
"/7igiQYux486PNBLv4QByK0gV0SPejDzeqzIyB+xAoGAe5if7DAAKhH0r2M8vTkm\n" +
"JvbCFjwuvhjuI+A8AuS8zw634BHne2a1Fkvc8c3d9VDbqsHCtv2tVkxkKXPjVvtB\n" +
"DtzuwUbp6ebF+jOfPK0LDuJoTdTdiNjIcXJ7iTTI3cXUnUNWWphYnFogzPFq9CyL\n" +
"0fPinYmDJpkwMYHqQaLGQyg=\n" +
"-----END PRIVATE KEY-----")
));
String token = provider.generateToken(
new JsonObject().put("some", "token-data"),
new JWTOptions().setAlgorithm("RS256"));
}
public void example16(Vertx vertx) {
JWTAuth provider = JWTAuth.create(vertx, new JWTAuthOptions()
.addPubSecKey(new PubSecKeyOptions()
.setAlgorithm("HS256")
.setBuffer("keyboard cat")));
String token = provider.generateToken(new JsonObject());
}
public void example17(Vertx vertx) {
JWTAuth provider = JWTAuth.create(vertx, new JWTAuthOptions()
.addPubSecKey(new PubSecKeyOptions()
.setAlgorithm("ES256")
.setBuffer(
"-----BEGIN PRIVATE KEY-----\n" +
"MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgeRyEfU1NSHPTCuC9\n" +
"rwLZMukaWCH2Fk6q5w+XBYrKtLihRANCAAStpUnwKmSvBM9EI+W5QN3ALpvz6bh0\n" +
"SPCXyz5KfQZQuSj4f3l+xNERDUDaygIUdLjBXf/bc15ur2iZjcq4r0Mr\n" +
"-----END PRIVATE KEY-----\n")
));
String token = provider.generateToken(
new JsonObject(),
new JWTOptions().setAlgorithm("ES256"));
}
public void example18(Vertx vertx) {
JWTAuth provider = JWTAuth.create(vertx, new JWTAuthOptions()
.addPubSecKey(new PubSecKeyOptions()
.setAlgorithm("ES256")
.setBuffer(
"-----BEGIN PUBLIC KEY-----\n" +
"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEraVJ8CpkrwTPRCPluUDdwC6b8+m4\n" +
"dEjwl8s+Sn0GULko+H95fsTREQ1A2soCFHS4wV3/23Nebq9omY3KuK9DKw==\n" +
"-----END PUBLIC KEY-----"))
.addPubSecKey(new PubSecKeyOptions()
.setAlgorithm("ES256")
.setBuffer(
"-----BEGIN PRIVATE KEY-----\n" +
"MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgeRyEfU1NSHPTCuC9\n" +
"rwLZMukaWCH2Fk6q5w+XBYrKtLihRANCAAStpUnwKmSvBM9EI+W5QN3ALpvz6bh0\n" +
"SPCXyz5KfQZQuSj4f3l+xNERDUDaygIUdLjBXf/bc15ur2iZjcq4r0Mr")
));
String token = provider.generateToken(
new JsonObject(),
new JWTOptions().setAlgorithm("ES256"));
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy