private boolean validateSignature(JWSToken token) { JWS jws = token.getJws(); JWSBuilder builder = new JWSBuilder(); List<String> roles = token.getRoles(); // List<String> groups = token.getGroups(); // List<String> permissions = token.getPermissions(); builder .id(jws.getId()) .rsa256(privateKey) .issuer(jws.getIssuer()) .issuedAt(jws.getIssuedAt()) .subject(jws.getSubject()) .expiration(jws.getExpiration()) .notBefore(jws.getNotBefore()) // .claim("group", groups.toArray(new String[groups.size()])) .claim("role", roles.toArray(new String[roles.size()])); // .claim("permission", permissions.toArray(new String[permissions.size()])); JWSToken compareToken = new JWSToken(builder.build().encode()); return token.getToken().equals(compareToken.getToken()); }
@Override public boolean hasPermission(JWSToken token, Permission permission) { String name; if (permission.getResourceClass() != null) { name = String.class.getName() + "[" + permission.getResourceIdentifier() + "]." + permission.getOperation(); } else { name = permission.getResource() + "." + permission.getOperation(); } return token.getPermissions().contains(name); }
@Override public <I extends IdentityType> I extractIdentity( JWSToken token, Class<I> identityType, StereotypeProperty.Property stereotypeProperty, Object identifier) { if (token == null || token.getToken() == null) { throw MESSAGES.nullArgument("Token"); } if (identityType == null) { throw MESSAGES.nullArgument("IdentityType"); } if (stereotypeProperty == null) { throw MESSAGES.nullArgument("Identifier value"); } if (identifier == null) { throw MESSAGES.nullArgument("Identifier value"); } return extractIdentityTypeFromToken(token, identityType, stereotypeProperty, identifier); }
private boolean validateNotBefore(JWSToken token) { return getCurrentTime() >= token.getJws().getNotBefore(); }
private boolean validateExpire(JWSToken token) { return getCurrentTime() < token.getJws().getExpiration(); }
protected String extractPartition(JWSToken token) { return token.getPartition(); }
protected Set<String> extractGroups(JWSToken token) { return new LinkedHashSet<>(token.getGroups()); }
protected String extractSubject(JWSToken token) { return token.getSubject(); }