waruni
/
device-mgt-core
forked from community/device-mgt-core
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed issues in JWT Authenticator

Browse Source
revert-70aa11f8
mharindu 8 years ago
parent b77f5358e8
commit ace6c2dbfc
1 changed files with 75 additions and 74 deletions
Show Stats Download Patch File Download Diff File

9
components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/JWTAuthenticator.java
Unescape View File

@ -48,7 +48,7 @@ import java.util.StringTokenizer;
public class JWTAuthenticator implements WebappAuthenticator { public class JWTAuthenticator implements WebappAuthenticator {
private static final Log log = LogFactory.getLog(JWTAuthenticator.class); private static final Log log = LogFactory.getLog(JWTAuthenticator.class);
public static final String SIGNED_JWT_AUTH_USERNAME = "Username"; public static final String SIGNED_JWT_AUTH_USERNAME = "http://wso2.org/claims/enduser";
private static final String JWT_AUTHENTICATOR = "JWT"; private static final String JWT_AUTHENTICATOR = "JWT";
private static final String JWT_ASSERTION_HEADER = "X-JWT-Assertion"; private static final String JWT_ASSERTION_HEADER = "X-JWT-Assertion";
@ -83,11 +83,10 @@ public class JWTAuthenticator implements WebappAuthenticator {
KeyStoreManager keyStoreManager = KeyStoreManager.getInstance(MultitenantConstants.SUPER_TENANT_ID); KeyStoreManager keyStoreManager = KeyStoreManager.getInstance(MultitenantConstants.SUPER_TENANT_ID);
try { try {
keyStoreManager.getDefaultPrimaryCertificate(); keyStoreManager.getDefaultPrimaryCertificate();
String authorizationHeader = request.getHeader(HTTPConstants.HEADER_AUTHORIZATION); String authorizationHeader = request.getHeader(JWT_ASSERTION_HEADER);
String headerData = decodeAuthorizationHeader(authorizationHeader);
JWSVerifier verifier = JWSVerifier verifier =
new RSASSAVerifier((RSAPublicKey) keyStoreManager.getDefaultPublicKey()); new RSASSAVerifier((RSAPublicKey) keyStoreManager.getDefaultPublicKey());
SignedJWT jwsObject = SignedJWT.parse(headerData); SignedJWT jwsObject = SignedJWT.parse(authorizationHeader);
if (jwsObject.verify(verifier)) { if (jwsObject.verify(verifier)) {
String username = jwsObject.getJWTClaimsSet().getStringClaim(SIGNED_JWT_AUTH_USERNAME); String username = jwsObject.getJWTClaimsSet().getStringClaim(SIGNED_JWT_AUTH_USERNAME);
String tenantDomain = MultitenantUtils.getTenantDomain(username); String tenantDomain = MultitenantUtils.getTenantDomain(username);
@ -108,6 +107,8 @@ public class JWTAuthenticator implements WebappAuthenticator {
authenticationInfo.setStatus(Status.CONTINUE); authenticationInfo.setStatus(Status.CONTINUE);
} }
} }
} else {
authenticationInfo.setStatus(Status.FAILURE);
} }
} catch (UserStoreException e) { } catch (UserStoreException e) {
log.error("Error occurred while obtaining the user.", e); log.error("Error occurred while obtaining the user.", e);

Write Preview
Loading…
Cancel
Save