gateway-spi/src/main/java/org/apache/hadoop/gateway/services/security/token/impl/JWTToken.java - knox - Git at Google

   /**
    * Licensed to the Apache Software Foundation (ASF) under one
    * or more contributor license agreements.  See the NOTICE file
    * distributed with this work for additional information
    * regarding copyright ownership.  The ASF licenses this file
    * to you under the Apache License, Version 2.0 (the
    * "License"); you may not use this file except in compliance
    * with the License.  You may obtain a copy of the License at
    *
    *     http://www.apache.org/licenses/LICENSE-2.0
    *
    * Unless required by applicable law or agreed to in writing, software
    * distributed under the License is distributed on an "AS IS" BASIS,
    * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    * See the License for the specific language governing permissions and
    * limitations under the License.
    */
 package org.apache.hadoop.gateway.services.security.token.impl;

 import java.io.UnsupportedEncodingException;
 import java.text.ParseException;
 import java.util.Date;
 import org.apache.commons.codec.binary.Base64;
 import org.apache.hadoop.gateway.i18n.messages.MessagesFactory;

 import com.nimbusds.jose.JOSEException;
 import com.nimbusds.jose.JWSAlgorithm;
 import com.nimbusds.jose.JWSHeader;
 import com.nimbusds.jose.JWSSigner;
 import com.nimbusds.jose.JWSVerifier;
 import com.nimbusds.jose.Payload;
 import com.nimbusds.jose.util.Base64URL;
 import com.nimbusds.jwt.JWTClaimsSet;
 import com.nimbusds.jwt.SignedJWT;

 public class JWTToken implements JWT {
   private static JWTProviderMessages log = MessagesFactory.get( JWTProviderMessages.class );

   SignedJWT jwt = null;

   private JWTToken(byte[] header, byte[] claims, byte[] signature) {
     try {
       jwt = new SignedJWT(new Base64URL(new String(header, "UTF8")), new Base64URL(new String(claims, "UTF8")),
           new Base64URL(new String(signature, "UTF8")));
     } catch (UnsupportedEncodingException e) {
       log.unsupportedEncoding(e);
     } catch (ParseException e) {
       e.printStackTrace();
     }
   }

   public JWTToken(String alg, String[] claimsArray) {
     JWSHeader header = new JWSHeader(new JWSAlgorithm(alg));
     JWTClaimsSet claims = new JWTClaimsSet();
     claims.setIssuer(claimsArray[0]);
     claims.setSubject(claimsArray[1]);
     claims.setAudience(claimsArray[2]);
     claims.setExpirationTime(new Date(Long.parseLong(claimsArray[3])));
     jwt = new SignedJWT(header, claims);
   }

   /* (non-Javadoc)
    * @see org.apache.hadoop.gateway.services.security.token.impl.JWT#getPayloadToSign()
    */
   @Override
   public String getHeader() {
     JWSHeader header = jwt.getHeader();
     return header.toString();
   }

   /* (non-Javadoc)
    * @see org.apache.hadoop.gateway.services.security.token.impl.JWT#getPayloadToSign()
    */
   @Override
   public String getClaims() {
     String c = null;
     JWTClaimsSet claims = null;
     try {
       claims = (JWTClaimsSet) jwt.getJWTClaimsSet();
       c = claims.toJSONObject().toJSONString();
     } catch (ParseException e) {
       e.printStackTrace();
     }
     return c;
   }

   /* (non-Javadoc)
    * @see org.apache.hadoop.gateway.services.security.token.impl.JWT#getPayloadToSign()
    */
   @Override
   public String getPayload() {
     Payload payload = jwt.getPayload();
     return payload.toString();
   }

   public String toString() {
     return jwt.serialize();
   }

   /* (non-Javadoc)
    * @see org.apache.hadoop.gateway.services.security.token.impl.JWT#setSignaturePayload(byte[])
    */
   @Override
   public void setSignaturePayload(byte[] payload) {
 //    this.payload = payload;
   }

   /* (non-Javadoc)
    * @see org.apache.hadoop.gateway.services.security.token.impl.JWT#getSignaturePayload()
    */
   @Override
   public byte[] getSignaturePayload() {
     byte[] b = null;
     Base64URL b64 = jwt.getSignature();
     if (b64 != null) {
       b = b64.decode();
     }
     return b;
   }

   public static JWTToken parseToken(String wireToken) {
     log.parsingToken(wireToken);
     String[] parts = wireToken.split("\\.");
     JWTToken jwt = new JWTToken(Base64.decodeBase64(parts[0]), Base64.decodeBase64(parts[1]), Base64.decodeBase64(parts[2]));
 //    System.out.println("header: " + token.header);
 //    System.out.println("claims: " + token.claims);
 //    System.out.println("payload: " + new String(token.payload));

     return jwt;
   }

   /* (non-Javadoc)
    * @see org.apache.hadoop.gateway.services.security.token.impl.JWT#getClaim(java.lang.String)
    */
   @Override
   public String getClaim(String claimName) {
     String claim = null;

     try {
       claim = jwt.getJWTClaimsSet().getStringClaim(claimName);
     } catch (ParseException e) {
       // TODO Auto-generated catch block
       e.printStackTrace();
     }

     return claim;
   }

   /* (non-Javadoc)
    * @see org.apache.hadoop.gateway.services.security.token.impl.JWT#getSubject()
    */
   @Override
   public String getSubject() {
     return getClaim(JWT.SUBJECT);
   }

   /* (non-Javadoc)
    * @see org.apache.hadoop.gateway.services.security.token.impl.JWT#getIssuer()
    */
   @Override
   public String getIssuer() {
     return getClaim(JWT.ISSUER);
   }

   /* (non-Javadoc)
    * @see org.apache.hadoop.gateway.services.security.token.impl.JWT#getAudience()
    */
   @Override
   public String getAudience() {
     String[] claim = null;
     String c = null;

     try {
       claim = jwt.getJWTClaimsSet().getStringArrayClaim(JWT.AUDIENCE);
       if (claim != null) {
         c = claim[0];
       }
     } catch (ParseException e) {
       // TODO Auto-generated catch block
       e.printStackTrace();
     }

     return c;
   }

   /* (non-Javadoc)
    * @see org.apache.hadoop.gateway.services.security.token.impl.JWT#getExpires()
    */
   @Override
   public String getExpires() {
     return getClaim(JWT.EXPIRES);
   }

   /* (non-Javadoc)
    * @see org.apache.hadoop.gateway.services.security.token.impl.JWT#getPrincipal()
    */
   @Override
   public String getPrincipal() {
     return getClaim(JWT.PRINCIPAL);
   }

   /* (non-Javadoc)
    * @see org.apache.hadoop.gateway.services.security.token.impl.JWT#getPrincipal()
    */
   @Override
   public void sign(JWSSigner signer) {
     try {
       jwt.sign(signer);
     } catch (JOSEException e) {
       // TODO Auto-generated catch block
       e.printStackTrace();
     }
   }

   /**
    * @param verifier
    * @return
    */
   public boolean verify(JWSVerifier verifier) {
     boolean rc = false;

     try {
       rc = jwt.verify(verifier);
     } catch (JOSEException e) {
       // TODO Auto-generated catch block
       e.printStackTrace();
     }

     return rc;
   }
 }
	/**
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	package org.apache.hadoop.gateway.services.security.token.impl;

	import java.io.UnsupportedEncodingException;
	import java.text.ParseException;
	import java.util.Date;
	import org.apache.commons.codec.binary.Base64;
	import org.apache.hadoop.gateway.i18n.messages.MessagesFactory;

	import com.nimbusds.jose.JOSEException;
	import com.nimbusds.jose.JWSAlgorithm;
	import com.nimbusds.jose.JWSHeader;
	import com.nimbusds.jose.JWSSigner;
	import com.nimbusds.jose.JWSVerifier;
	import com.nimbusds.jose.Payload;
	import com.nimbusds.jose.util.Base64URL;
	import com.nimbusds.jwt.JWTClaimsSet;
	import com.nimbusds.jwt.SignedJWT;

	public class JWTToken implements JWT {
	private static JWTProviderMessages log = MessagesFactory.get( JWTProviderMessages.class );

	SignedJWT jwt = null;

	private JWTToken(byte[] header, byte[] claims, byte[] signature) {
	try {
	jwt = new SignedJWT(new Base64URL(new String(header, "UTF8")), new Base64URL(new String(claims, "UTF8")),
	new Base64URL(new String(signature, "UTF8")));
	} catch (UnsupportedEncodingException e) {
	log.unsupportedEncoding(e);
	} catch (ParseException e) {
	e.printStackTrace();
	}
	}

	public JWTToken(String alg, String[] claimsArray) {
	JWSHeader header = new JWSHeader(new JWSAlgorithm(alg));
	JWTClaimsSet claims = new JWTClaimsSet();
	claims.setIssuer(claimsArray[0]);
	claims.setSubject(claimsArray[1]);
	claims.setAudience(claimsArray[2]);
	claims.setExpirationTime(new Date(Long.parseLong(claimsArray[3])));
	jwt = new SignedJWT(header, claims);
	}

	/* (non-Javadoc)
	* @see org.apache.hadoop.gateway.services.security.token.impl.JWT#getPayloadToSign()
	*/
	@Override
	public String getHeader() {
	JWSHeader header = jwt.getHeader();
	return header.toString();
	}

	/* (non-Javadoc)
	* @see org.apache.hadoop.gateway.services.security.token.impl.JWT#getPayloadToSign()
	*/
	@Override
	public String getClaims() {
	String c = null;
	JWTClaimsSet claims = null;
	try {
	claims = (JWTClaimsSet) jwt.getJWTClaimsSet();
	c = claims.toJSONObject().toJSONString();
	} catch (ParseException e) {
	e.printStackTrace();
	}
	return c;
	}

	/* (non-Javadoc)
	* @see org.apache.hadoop.gateway.services.security.token.impl.JWT#getPayloadToSign()
	*/
	@Override
	public String getPayload() {
	Payload payload = jwt.getPayload();
	return payload.toString();
	}

	public String toString() {
	return jwt.serialize();
	}

	/* (non-Javadoc)
	* @see org.apache.hadoop.gateway.services.security.token.impl.JWT#setSignaturePayload(byte[])
	*/
	@Override
	public void setSignaturePayload(byte[] payload) {
	// this.payload = payload;
	}

	/* (non-Javadoc)
	* @see org.apache.hadoop.gateway.services.security.token.impl.JWT#getSignaturePayload()
	*/
	@Override
	public byte[] getSignaturePayload() {
	byte[] b = null;
	Base64URL b64 = jwt.getSignature();
	if (b64 != null) {
	b = b64.decode();
	}
	return b;
	}

	public static JWTToken parseToken(String wireToken) {
	log.parsingToken(wireToken);
	String[] parts = wireToken.split("\\.");
	JWTToken jwt = new JWTToken(Base64.decodeBase64(parts[0]), Base64.decodeBase64(parts[1]), Base64.decodeBase64(parts[2]));
	// System.out.println("header: " + token.header);
	// System.out.println("claims: " + token.claims);
	// System.out.println("payload: " + new String(token.payload));

	return jwt;
	}

	/* (non-Javadoc)
	* @see org.apache.hadoop.gateway.services.security.token.impl.JWT#getClaim(java.lang.String)
	*/
	@Override
	public String getClaim(String claimName) {
	String claim = null;

	try {
	claim = jwt.getJWTClaimsSet().getStringClaim(claimName);
	} catch (ParseException e) {
	// TODO Auto-generated catch block
	e.printStackTrace();
	}

	return claim;
	}

	/* (non-Javadoc)
	* @see org.apache.hadoop.gateway.services.security.token.impl.JWT#getSubject()
	*/
	@Override
	public String getSubject() {
	return getClaim(JWT.SUBJECT);
	}

	/* (non-Javadoc)
	* @see org.apache.hadoop.gateway.services.security.token.impl.JWT#getIssuer()
	*/
	@Override
	public String getIssuer() {
	return getClaim(JWT.ISSUER);
	}

	/* (non-Javadoc)
	* @see org.apache.hadoop.gateway.services.security.token.impl.JWT#getAudience()
	*/
	@Override
	public String getAudience() {
	String[] claim = null;
	String c = null;

	try {
	claim = jwt.getJWTClaimsSet().getStringArrayClaim(JWT.AUDIENCE);
	if (claim != null) {
	c = claim[0];
	}
	} catch (ParseException e) {
	// TODO Auto-generated catch block
	e.printStackTrace();
	}

	return c;
	}

	/* (non-Javadoc)
	* @see org.apache.hadoop.gateway.services.security.token.impl.JWT#getExpires()
	*/
	@Override
	public String getExpires() {
	return getClaim(JWT.EXPIRES);
	}

	/* (non-Javadoc)
	* @see org.apache.hadoop.gateway.services.security.token.impl.JWT#getPrincipal()
	*/
	@Override
	public String getPrincipal() {
	return getClaim(JWT.PRINCIPAL);
	}

	/* (non-Javadoc)
	* @see org.apache.hadoop.gateway.services.security.token.impl.JWT#getPrincipal()
	*/
	@Override
	public void sign(JWSSigner signer) {
	try {
	jwt.sign(signer);
	} catch (JOSEException e) {
	// TODO Auto-generated catch block
	e.printStackTrace();
	}
	}

	/**
	* @param verifier
	* @return
	*/
	public boolean verify(JWSVerifier verifier) {
	boolean rc = false;

	try {
	rc = jwt.verify(verifier);
	} catch (JOSEException e) {
	// TODO Auto-generated catch block
	e.printStackTrace();
	}

	return rc;
	}
	}