Package org.apache.syncope.fit.core.reference

Class CustomJWTSSOProvider

java.lang.Object

org.apache.syncope.fit.core.reference.CustomJWTSSOProvider

All Implemented Interfaces:

com.nimbusds.jose.jca.JCAAware<com.nimbusds.jose.jca.JCAContext>, com.nimbusds.jose.JOSEProvider, com.nimbusds.jose.JWSProvider, com.nimbusds.jose.JWSVerifier, JWTSSOProvider

public class CustomJWTSSOProvider
extends Object
implements JWTSSOProvider

Custom implementation for internal JWT validation.

Field Summary

Fields

Modifier and Type	Field	Description
static final String	CUSTOM_KEY
static final String	ISSUER

Constructor Summary

Constructors

Constructor	Description
CustomJWTSSOProvider(AnySearchDAO anySearchDAO, AuthDataAccessor authDataAccessor)

Method Summary

Modifier and Type	Method	Description
String	getIssuer()	Gives the identifier for the JWT issuer verified by this instance.
com.nimbusds.jose.jca.JCAContext	getJCAContext()
Pair<User,Set<SyncopeGrantedAuthority>>	resolve(com.nimbusds.jwt.JWTClaimsSet jwtClaims)	Attempts to resolve the given JWT claims into internal User and authorities.
Set<com.nimbusds.jose.JWSAlgorithm>	supportedJWSAlgorithms()
boolean	verify(com.nimbusds.jose.JWSHeader header, byte[] signingInput, com.nimbusds.jose.util.Base64URL signature)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

ISSUER

public static final String ISSUER

See Also:

• Constant Field Values

CUSTOM_KEY

public static final String CUSTOM_KEY

See Also:

• Constant Field Values

Constructor Details

CustomJWTSSOProvider

public CustomJWTSSOProvider(AnySearchDAO anySearchDAO,
 AuthDataAccessor authDataAccessor)
                     throws com.nimbusds.jose.JOSEException

Throws:

com.nimbusds.jose.JOSEException

Method Details

getIssuer

public String getIssuer()

Description copied from interface: JWTSSOProvider

Gives the identifier for the JWT issuer verified by this instance.

Specified by:

getIssuer in interface JWTSSOProvider

Returns:

identifier for the JWT issuer verified by this instance

supportedJWSAlgorithms

public Set<com.nimbusds.jose.JWSAlgorithm> supportedJWSAlgorithms()

Specified by:

supportedJWSAlgorithms in interface com.nimbusds.jose.JWSProvider

getJCAContext

public com.nimbusds.jose.jca.JCAContext getJCAContext()

Specified by:

getJCAContext in interface com.nimbusds.jose.jca.JCAAware<com.nimbusds.jose.jca.JCAContext>

verify

public boolean verify(com.nimbusds.jose.JWSHeader header,
 byte[] signingInput,
 com.nimbusds.jose.util.Base64URL signature)
               throws com.nimbusds.jose.JOSEException

Specified by:

verify in interface com.nimbusds.jose.JWSVerifier

Throws:

com.nimbusds.jose.JOSEException

resolve

@Transactional(readOnly=true)
public Pair<User,Set<SyncopeGrantedAuthority>> resolve(com.nimbusds.jwt.JWTClaimsSet jwtClaims)

Description copied from interface: JWTSSOProvider

Attempts to resolve the given JWT claims into internal User and authorities. IMPORTANT: this is not invoked for the admin super-user.

Specified by:

resolve in interface JWTSSOProvider

Parameters:

jwtClaims - JWT claims

Returns:

internal User, with authorities, matching the provided JWT claims, if found; otherwise null