Refactored jwt authenticator

4.x.x
mharindu 9 years ago
parent ace6c2dbfc
commit 16a8f61f79

@ -84,8 +84,7 @@ public class JWTAuthenticator implements WebappAuthenticator {
try { try {
keyStoreManager.getDefaultPrimaryCertificate(); keyStoreManager.getDefaultPrimaryCertificate();
String authorizationHeader = request.getHeader(JWT_ASSERTION_HEADER); String authorizationHeader = request.getHeader(JWT_ASSERTION_HEADER);
JWSVerifier verifier = JWSVerifier verifier = new RSASSAVerifier((RSAPublicKey) keyStoreManager.getDefaultPublicKey());
new RSASSAVerifier((RSAPublicKey) keyStoreManager.getDefaultPublicKey());
SignedJWT jwsObject = SignedJWT.parse(authorizationHeader); SignedJWT jwsObject = SignedJWT.parse(authorizationHeader);
if (jwsObject.verify(verifier)) { if (jwsObject.verify(verifier)) {
String username = jwsObject.getJWTClaimsSet().getStringClaim(SIGNED_JWT_AUTH_USERNAME); String username = jwsObject.getJWTClaimsSet().getStringClaim(SIGNED_JWT_AUTH_USERNAME);

@ -24,7 +24,7 @@
<WebappPublisherConfigs> <WebappPublisherConfigs>
<!-- This host is used to define the host address which is used to publish APIs --> <!-- This host is used to define the host address which is used to publish APIs -->
<Host>https://${carbon.local.ip}:$(carbon.http.port)</Host> <Host>https://localhost:${carbon.http.port}</Host>
<!-- If it is true, the APIs of this instance will be published to the defined host --> <!-- If it is true, the APIs of this instance will be published to the defined host -->
<PublishAPI>true</PublishAPI> <PublishAPI>true</PublishAPI>

Loading…
Cancel
Save