Package org.gcube.common.keycloak.model

Class ModelUtils

java.lang.Object
org.gcube.common.keycloak.model.ModelUtils
public class ModelUtils extends Object
Author:
Mauro Mugnaini

  • Field Details

    • logger

      protected static final org.slf4j.Logger logger

  • Constructor Details

    • ModelUtils

      public ModelUtils()

  • Method Details

    • toJSONString

      public static String toJSONString(Object object)

    • toJSONString

      public static String toJSONString(Object object, boolean prettyPrint)

    • createRSAPublicKey

      public static RSAPublicKey createRSAPublicKey(String publicKeyPem) throws Exception
      Creates a RSAPublicKey instance from its string PEM representation
      Parameters:
      publicKeyPem - the public key PEM string
      Returns:
      the RSA public key
      Throws:
      Exception - if it's not possible to create the RSA public key from the PEM string

    • createPublicKey

      public static PublicKey createPublicKey(String publicKeyPem, String algorithm) throws Exception
      Creates a PublicKey instance from its string PEM representation
      Parameters:
      publicKeyPem - the public key PEM string
      algorithm - the key type (e.g. RSA)
      Returns:
      the public key
      Throws:
      Exception - if it's not possible to create the public key from the PEM string

    • isValid

      public static boolean isValid(String token, PublicKey publicKey) throws Exception
      Verifies the token validity
      Parameters:
      token - the base64 JWT token string
      publicKey - the realm's public key on server
      Returns:
      true if the token is valid, false otherwise
      Throws:
      Exception - if an error occurs constructing the verifier

    • isValid

      public static boolean isValid(String token, PublicKey publicKey, boolean checkExpiration) throws Exception
      Verifies the token validity and ignores the token's expiration if the checkExpiration parameter is set to false. NOTE: In the implementation library the expiration check is performed at the end, after the signature and JWT structure checks, for that reason ignoring the expiration doesn't affect other checks and it is safe.
      Parameters:
      token - the base64 JWT token string
      publicKey - the public key to use for verification
      checkExpiration - if false token expiration check is disabled
      Returns:
      true if the token is valid, false otherwise
      Throws:
      Exception - if an unexpected error occurs (e.g. constructing the verifier)

    • verify

      public static void verify(String token, PublicKey publicKey) throws org.gcube.io.jsonwebtoken.security.SignatureException, org.gcube.io.jsonwebtoken.ExpiredJwtException, org.gcube.io.jsonwebtoken.JwtException, Exception
      Verifies the token signature and expiration
      Parameters:
      token - the base64 JWT token string
      publicKey - the public key to use for verification
      Throws:
      org.gcube.io.jsonwebtoken.security.SignatureException - if the token signature is invalid
      org.gcube.io.jsonwebtoken.ExpiredJwtException - if the token is expired
      org.gcube.io.jsonwebtoken.JwtException - if a JWT related problem is found
      Exception - if an unexpected error occurs (e.g. constructing the verifier)

    • getAccessTokenPayloadJSONStringFrom

      public static String getAccessTokenPayloadJSONStringFrom(TokenResponse tokenResponse) throws Exception
      Throws:
      Exception

    • getAccessTokenPayloadJSONStringFrom

      public static String getAccessTokenPayloadJSONStringFrom(TokenResponse tokenResponse, boolean prettyPrint) throws Exception
      Throws:
      Exception

    • getAccessTokenFrom

      public static AccessToken getAccessTokenFrom(TokenResponse tokenResponse) throws Exception
      Throws:
      Exception

    • getAccessTokenFrom

      public static AccessToken getAccessTokenFrom(String authorizationHeaderOrBase64EncodedJWT) throws Exception
      Throws:
      Exception

    • getRefreshTokenPayloadStringFrom

      public static String getRefreshTokenPayloadStringFrom(TokenResponse tokenResponse) throws Exception
      Throws:
      Exception

    • getRefreshTokenPayloadStringFrom

      public static String getRefreshTokenPayloadStringFrom(TokenResponse tokenResponse, boolean prettyPrint) throws Exception
      Throws:
      Exception

    • getRefreshTokenFrom

      public static RefreshToken getRefreshTokenFrom(TokenResponse tokenResponse) throws Exception
      Throws:
      Exception

    • getRefreshTokenFrom

      public static RefreshToken getRefreshTokenFrom(String base64EncodedJWT) throws Exception
      Throws:
      Exception

    • getBase64Decoded

      protected static byte[] getBase64Decoded(String string)

    • splitAndGet

      protected static String splitAndGet(String encodedJWT, int index)

    • getDecodedHeader

      public static byte[] getDecodedHeader(String value)

    • getEncodedHeader

      public static String getEncodedHeader(String encodedJWT)

    • getDecodedPayload

      public static byte[] getDecodedPayload(String value)

    • getEncodedPayload

      public static String getEncodedPayload(String encodedJWT)

    • getDecodedSignature

      public static byte[] getDecodedSignature(String value)

    • getEncodedSignature

      public static String getEncodedSignature(String encodedJWT)

    • getClientIdFromToken

      public static String getClientIdFromToken(AccessToken accessToken)