下面列出了io.jsonwebtoken.SignatureAlgorithm#forName ( ) 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
private Key resolveSigningKey(final JwsHeader header) {
final LineApiResponse<JWKSet> response = apiClient.getJWKSet();
if (!response.isSuccess()) {
Log.e(TAG, "failed to get LINE JSON Web Key Set [JWK] document.");
return null;
}
final JWKSet jwkSet = response.getResponseData();
final String keyId = header.getKeyId();
final JWK jwk = jwkSet.getJWK(keyId);
if (jwk == null) {
Log.e(TAG, "failed to find Key by Id: " + keyId);
return null;
}
final String algorithm = header.getAlgorithm();
final SignatureAlgorithm alg = SignatureAlgorithm.forName(algorithm);
if (alg.isEllipticCurve()) {
return generateECPublicKey(jwk);
}
throw new SecurityException("Unsupported signature algorithm '" + algorithm + '\'');
}
/**
* <p>
* 签名并生成 Token
* </p>
*/
public static String signCompact(JwtBuilder jwtBuilder) {
SSOConfig config = SSOConfig.getInstance();
SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.forName(config.getSignAlgorithm());
if (SSOConstants.RSA.equals(signatureAlgorithm.getFamilyName())) {
try {
if(null == RSA_KEY) {
ClassPathResource resource = new ClassPathResource(config.getRsaJksStore());
KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
keystore.load(resource.getInputStream(), config.getRsaStorepass().toCharArray());
RSA_KEY = keystore.getKey(config.getRsaAlias(), config.getRsaKeypass().toCharArray());
}
// RSA 签名
return jwtBuilder.signWith(RSA_KEY, signatureAlgorithm).compact();
} catch (Exception e) {
throw new KissoException("signCompact error.", e);
}
}
// 普通签名
SecretKey secretKey = getSecretKey(config.getSignKey(), signatureAlgorithm);
return jwtBuilder.signWith(secretKey, signatureAlgorithm).compact();
}
/**
* <p>
* 验证签名并解析
* </p>
*/
public static JwtParser verifyParser() {
try {
SSOConfig config = SSOConfig.getInstance();
SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.forName(config.getSignAlgorithm());
if (SSOConstants.RSA.equals(signatureAlgorithm.getFamilyName())) {
if(null == RSA_PUBLICKEY) {
ClassPathResource resource = new ClassPathResource(config.getRsaCertStore());
RSA_PUBLICKEY = RsaKeyHelper.getRsaPublicKey(resource.getInputStream());
}
// RSA 签名验证
return Jwts.parserBuilder().setSigningKey(RSA_PUBLICKEY).build();
}
// 普通签名验证
SecretKey secretKey = getSecretKey(config.getSignKey(), signatureAlgorithm);
return Jwts.parserBuilder().setSigningKey(secretKey).build();
} catch (Exception e) {
throw new KissoException("verifyParser error.", e);
}
}
@Override
public Key apply(JwsHeader<?> header)
{
String keyId = getKeyId(header);
SignatureAlgorithm algorithm = SignatureAlgorithm.forName(header.getAlgorithm());
return keys.computeIfAbsent(keyId, this::loadKey).getKey(algorithm);
}
private SignatureAlgorithm getPublicKeyAlgType(ServiceConfiguration conf) throws IllegalArgumentException {
if (conf.getProperty(CONF_TOKEN_PUBLIC_ALG) != null
&& StringUtils.isNotBlank((String) conf.getProperty(CONF_TOKEN_PUBLIC_ALG))) {
String alg = (String) conf.getProperty(CONF_TOKEN_PUBLIC_ALG);
try {
return SignatureAlgorithm.forName(alg);
} catch (SignatureException ex) {
throw new IllegalArgumentException("invalid algorithm provided " + alg, ex);
}
} else {
return SignatureAlgorithm.RS256;
}
}
@Override
public Key apply(JwsHeader<?> header)
{
SignatureAlgorithm algorithm = SignatureAlgorithm.forName(header.getAlgorithm());
return key.getKey(algorithm);
}