org.wildfly.test.microprofile.jwt.TokenUtil Maven / Gradle / Ivy
/*
* JBoss, Home of Professional Open Source
* Copyright 2020 Red Hat, Inc., and individual contributors
* as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.wildfly.test.microprofile.jwt;
import java.io.FileInputStream;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Base64;
import java.util.UUID;
import javax.json.Json;
import javax.json.JsonArrayBuilder;
import javax.json.JsonObjectBuilder;
import com.nimbusds.jose.JOSEObjectType;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.JWSHeader;
import com.nimbusds.jose.JWSObject;
import com.nimbusds.jose.JWSSigner;
import com.nimbusds.jose.Payload;
import com.nimbusds.jose.crypto.RSASSASigner;
public class TokenUtil {
private static PrivateKey loadPrivateKey(final String fileName) throws Exception {
try (InputStream is = new FileInputStream(fileName)) {
byte[] contents = new byte[4096];
int length = is.read(contents);
String rawKey = new String(contents, 0, length, StandardCharsets.UTF_8)
.replaceAll("-----BEGIN (.*)-----", "")
.replaceAll("-----END (.*)----", "")
.replaceAll("\r\n", "").replaceAll("\n", "")
.trim();
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(Base64.getDecoder().decode(rawKey));
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
return keyFactory.generatePrivate(keySpec);
}
}
public static String generateJWT(final String keyLocation, final String principal, final String birthdate,
final String... groups) throws Exception {
PrivateKey privateKey = loadPrivateKey(keyLocation);
JWSSigner signer = new RSASSASigner(privateKey);
JsonArrayBuilder groupsBuilder = Json.createArrayBuilder();
for (String group : groups) {
groupsBuilder.add(group);
}
long currentTime = System.currentTimeMillis() / 1000;
JsonObjectBuilder claimsBuilder = Json.createObjectBuilder()
.add("sub", principal)
.add("upn", principal)
.add("iss", "quickstart-jwt-issuer")
.add("aud", "jwt-audience")
.add("groups", groupsBuilder.build())
.add("birthdate", birthdate)
.add("jti", UUID.randomUUID().toString())
.add("iat", currentTime)
.add("exp", currentTime + 14400);
JWSObject jwsObject = new JWSObject(
new JWSHeader.Builder(JWSAlgorithm.RS256).type(new JOSEObjectType("jwt")).keyID("Test Key").build(),
new Payload(claimsBuilder.build().toString()));
jwsObject.sign(signer);
return jwsObject.serialize();
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy