Skip to content

Commit f7cf827

Browse files
author
Justin Dahmubed
committed
Initial checkin
1 parent 2ec1fad commit f7cf827

21 files changed

+2047
-86
lines changed

lib/src/main/java/com/auth0/jwt/ExtendedJwtCreator.java

Lines changed: 61 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,61 @@
1+
package com.auth0.jwt;
2+
3+
import com.auth0.jwt.algorithms.Algorithm;
4+
import com.auth0.jwt.exceptions.JWTCreationException;
5+
6+
import java.util.Date;
7+
8+
/**
9+
* The ExtendedJwtCreator class holds the sign method to generate a complete Extended JWT (with Signature) from a given Header and Payload content.
10+
*/
11+
public class ExtendedJwtCreator extends GoogleJwtCreator{
12+
13+
public ExtendedJwtCreator() {
14+
super();
15+
addedClaims.put("Nbf", false);
16+
}
17+
18+
/**
19+
* Add a specific Note Before ("nbf") claim to the Payload.
20+
*
21+
* @param nbf the nbf value.
22+
* @return this same Builder instance.
23+
*/
24+
public GoogleJwtCreator withNbf(Date nbf) {
25+
jwt.withNotBefore(nbf);
26+
addedClaims.put("Nbf", true);
27+
return this;
28+
}
29+
30+
/**
31+
* Creates a new JWT and signs it with the given algorithm.
32+
*
33+
* @param algorithm used to sign the JWT
34+
* @return a new JWT token
35+
* @throws IllegalAccessException if the developer didn't want NONE algorithm to be allowed and it was passed in
36+
* @throws IllegalArgumentException if the provided algorithm is null.
37+
* @throws JWTCreationException if the claims could not be converted to a valid JSON or there was a problem with the signing key.
38+
*/
39+
public String sign(Algorithm algorithm) throws Exception {
40+
if(!jwt.getIsNoneAlgorithmAllowed() && algorithm.equals(Algorithm.none())) {
41+
throw new IllegalAccessException("None algorithm isn't allowed");
42+
}
43+
String JWS = jwt.sign(algorithm);
44+
verifyClaims();
45+
return JWS;
46+
}
47+
48+
/**
49+
* Verifies that all the standard claims were provided
50+
* @throws Exception if all the standard claims weren't provided
51+
*/
52+
private void verifyClaims() throws Exception {
53+
for(String claim : addedClaims.keySet())
54+
if(!addedClaims.get(claim))
55+
throw new Exception("Standard claim: " + claim + " has not been set");
56+
}
57+
58+
public static ExtendedJwtCreator build() {
59+
return new ExtendedJwtCreator();
60+
}
61+
}

lib/src/main/java/com/auth0/jwt/FbJWT.java

Lines changed: 88 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,88 @@
1+
package com.auth0.jwt;
2+
3+
import com.auth0.jwt.algorithms.Algorithm;
4+
import com.auth0.jwt.interfaces.Clock;
5+
import com.auth0.jwt.interfaces.Verification;
6+
7+
public class FbJWT extends JWT.BaseVerification implements Verification{
8+
9+
FbJWT(Algorithm algorithm) throws IllegalArgumentException {
10+
super(algorithm);
11+
}
12+
13+
/**
14+
* Create Verification object for verification purposes
15+
* @param userId
16+
* @param appId
17+
* @return
18+
*/
19+
public Verification createVerifierForFb(String userId, String appId) {
20+
return withUserId(userId).withAppId(appId);
21+
}
22+
23+
/**
24+
* Require a specific userId ("userId") claim.
25+
*
26+
* @param userId the required userId value
27+
* @return this same Verification instance.
28+
*/
29+
public Verification withUserId(String userId) {
30+
requireClaim("userId", userId);
31+
return this;
32+
}
33+
34+
/**
35+
* Require a specific appId ("appId") claim.
36+
*
37+
* @param appId the required appId value
38+
* @return this same Verification instance.
39+
*/
40+
public Verification withAppId(String appId) {
41+
requireClaim("appId", appId);
42+
return this;
43+
}
44+
45+
/**
46+
* Returns a {Verification} to be used to validate token signature.
47+
*
48+
* @param algorithm that will be used to verify the token's signature.
49+
* @return Verification
50+
* @throws IllegalArgumentException if the provided algorithm is null.
51+
*/
52+
public static Verification require(Algorithm algorithm) {
53+
return FbJWT.init(algorithm);
54+
}
55+
56+
/**
57+
* Initialize a Verification instance using the given Algorithm.
58+
*
59+
* @param algorithm the Algorithm to use on the JWT verification.
60+
* @return a FbJWT instance to configure.
61+
* @throws IllegalArgumentException if the provided algorithm is null.
62+
*/
63+
static Verification init(Algorithm algorithm) throws IllegalArgumentException {
64+
return new FbJWT(algorithm);
65+
}
66+
67+
/**
68+
* Creates a new and reusable instance of the JWT with the configuration already provided.
69+
*
70+
* @return a new JWT instance.
71+
*/
72+
@Override
73+
public JWT build() {
74+
return this.build(new ClockImpl());
75+
}
76+
77+
/**
78+
* Creates a new and reusable instance of the JWT the configuration already provided.
79+
* ONLY FOR TEST PURPOSES.
80+
*
81+
* @param clock the instance that will handle the current time.
82+
* @return a new JWT instance with a custom Clock.
83+
*/
84+
public JWT build(Clock clock) {
85+
addLeewayToDateClaims();
86+
return new JWT(algorithm, claims, clock);
87+
}
88+
}

lib/src/main/java/com/auth0/jwt/FbJwtCreator.java

Lines changed: 219 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,219 @@
1+
package com.auth0.jwt;
2+
3+
import com.auth0.jwt.algorithms.Algorithm;
4+
import com.auth0.jwt.exceptions.JWTCreationException;
5+
import com.auth0.jwt.impl.PublicClaims;
6+
7+
import java.util.Date;
8+
import java.util.HashMap;
9+
import java.util.HashSet;
10+
import java.util.Set;
11+
12+
/**
13+
* The FbJwtCreator class holds the sign method to generate a complete FB JWT (with Signature) from a given Header and Payload content.
14+
*/
15+
public class FbJwtCreator {
16+
17+
protected JWTCreator.Builder jwt;
18+
protected HashMap<String, Boolean> addedClaims;
19+
protected Set<String> publicClaims;
20+
21+
public FbJwtCreator() {
22+
jwt = JWT.create();
23+
addedClaims = new HashMap<String, Boolean>() {{
24+
put("UserId", false);
25+
put("AppId", false);
26+
put("Exp", false);
27+
put("Iat", false);
28+
}};
29+
publicClaims = new HashSet<String>() {{
30+
add(PublicClaims.ISSUED_AT);
31+
add(PublicClaims.EXPIRES_AT);
32+
}};
33+
}
34+
35+
/**
36+
* Add a specific Issued At ("iat") claim to the Payload.
37+
*
38+
* @param iat the Issued At value.
39+
* @return this same Builder instance.
40+
*/
41+
public FbJwtCreator withIat(Date iat) {
42+
jwt.withIssuedAt(iat);
43+
addedClaims.put("Iat", true);
44+
return this;
45+
}
46+
47+
/**
48+
* Add a specific Expires At ("exp") claim to the Payload.
49+
*
50+
* @param exp the Expires At value.
51+
* @return this same Builder instance.
52+
*/
53+
public FbJwtCreator withExp(Date exp) {
54+
jwt.withExpiresAt(exp);
55+
addedClaims.put("Exp", true);
56+
return this;
57+
}
58+
59+
/**
60+
* Require a specific userId ("userId") claim.
61+
*
62+
* @param userId the required userId value
63+
* @return this same Verification instance.
64+
*/
65+
public FbJwtCreator withUserId(String userId) {
66+
jwt.withNonStandardClaim("userId", userId);
67+
addedClaims.put("UserId", true);
68+
return this;
69+
}
70+
71+
/**
72+
* Require a specific appId ("appId") claim.
73+
*
74+
* @param appId the required appId value
75+
* @return this same Verification instance.
76+
*/
77+
public FbJwtCreator withAppId(String appId) {
78+
jwt.withNonStandardClaim("appId", appId);
79+
addedClaims.put("AppId", true);
80+
return this;
81+
}
82+
83+
/**
84+
* Require a specific Claim value.
85+
*
86+
* @param name the Claim's name.
87+
* @param value the Claim's value.
88+
* @return this same Verification instance.
89+
* @throws IllegalArgumentException if the name is null.
90+
*/
91+
public FbJwtCreator withNonStandardClaim(String name, String value) {
92+
jwt.withNonStandardClaim(name, value);
93+
return this;
94+
}
95+
96+
/**
97+
* Add a custom Claim value.
98+
*
99+
* @param name the Claim's name.
100+
* @param value the Claim's value.
101+
* @return this same Builder instance.
102+
* @throws IllegalArgumentException if the name is null.
103+
*/
104+
public FbJwtCreator withNonStandardClaim(String name, Boolean value) throws IllegalArgumentException {
105+
jwt.withNonStandardClaim(name, value);
106+
return this;
107+
}
108+
109+
/**
110+
* Add a custom Claim value.
111+
*
112+
* @param name the Claim's name.
113+
* @param value the Claim's value.
114+
* @return this same Builder instance.
115+
* @throws IllegalArgumentException if the name is null.
116+
*/
117+
public FbJwtCreator withNonStandardClaim(String name, Integer value) throws IllegalArgumentException {
118+
jwt.withNonStandardClaim(name, value);
119+
return this;
120+
}
121+
122+
/**
123+
* Add a custom Claim value.
124+
*
125+
* @param name the Claim's name.
126+
* @param value the Claim's value.
127+
* @return this same Builder instance.
128+
* @throws IllegalArgumentException if the name is null.
129+
*/
130+
public FbJwtCreator withNonStandardClaim(String name, Long value) throws IllegalArgumentException {
131+
jwt.withNonStandardClaim(name, value);
132+
return this;
133+
}
134+
135+
/**
136+
* Add a custom Claim value.
137+
*
138+
* @param name the Claim's name.
139+
* @param value the Claim's value.
140+
* @return this same Builder instance.
141+
* @throws IllegalArgumentException if the name is null.
142+
*/
143+
public FbJwtCreator withNonStandardClaim(String name, Double value) throws IllegalArgumentException {
144+
jwt.withNonStandardClaim(name, value);
145+
return this;
146+
}
147+
148+
/**
149+
* Add a custom Claim value.
150+
*
151+
* @param name the Claim's name.
152+
* @param value the Claim's value.
153+
* @return this same Builder instance.
154+
* @throws IllegalArgumentException if the name is null.
155+
*/
156+
public FbJwtCreator withNonStandardClaim(String name, Date value) throws IllegalArgumentException {
157+
jwt.withNonStandardClaim(name, value);
158+
return this;
159+
}
160+
161+
/**
162+
* Require a specific Array Claim to contain at least the given items.
163+
*
164+
* @param name the Claim's name.
165+
* @param items the items the Claim must contain.
166+
* @return this same Verification instance.
167+
* @throws IllegalArgumentException if the name is null.
168+
*/
169+
public FbJwtCreator withArrayClaim(String name, String... items) throws IllegalArgumentException {
170+
jwt.withArrayClaim(name, items);
171+
if(publicClaims.contains(name))
172+
addedClaims.put(name, true);
173+
return this;
174+
}
175+
176+
/**
177+
* Developer explicitly specifies whether they want to accept
178+
* NONE algorithms or not.
179+
*
180+
* @param isNoneAlgorithmAllowed
181+
* @return
182+
*/
183+
public FbJwtCreator setIsNoneAlgorithmAllowed(boolean isNoneAlgorithmAllowed) {
184+
jwt.setIsNoneAlgorithmAllowed(isNoneAlgorithmAllowed);
185+
return this;
186+
}
187+
188+
/**
189+
* Creates a new JWT and signs it with the given algorithm.
190+
*
191+
* @param algorithm used to sign the JWT
192+
* @return a new JWT token
193+
* @throws IllegalAccessException if the developer didn't want NONE algorithm to be allowed and it was passed in
194+
* @throws IllegalArgumentException if the provided algorithm is null.
195+
* @throws JWTCreationException if the claims could not be converted to a valid JSON or there was a problem with the signing key.
196+
*/
197+
public String sign(Algorithm algorithm) throws Exception {
198+
if(!jwt.getIsNoneAlgorithmAllowed() && algorithm.equals(Algorithm.none())) {
199+
throw new IllegalAccessException("None algorithm isn't allowed");
200+
}
201+
String JWS = jwt.sign(algorithm);
202+
verifyClaims();
203+
return JWS;
204+
}
205+
206+
/**
207+
* Verifies that all the standard claims were provided
208+
* @throws Exception if all the standard claims weren't provided
209+
*/
210+
private void verifyClaims() throws Exception {
211+
for(String claim : addedClaims.keySet())
212+
if(!addedClaims.get(claim))
213+
throw new Exception("Standard claim: " + claim + " has not been set");
214+
}
215+
216+
public static FbJwtCreator build() {
217+
return new FbJwtCreator();
218+
}
219+
}

0 commit comments

Comments
 (0)