in services/application-services/product-service/src/main/java/com/amazonaws/saas/eks/auth/TokenProcessor.java [63:100]
public Authentication authenticate(HttpServletRequest request) throws Exception {
String idToken = request.getHeader(this.jwtConfiguration.getHttpHeader());
if (idToken != null) {
SignedJWT signedJWT = null;
JWTClaimsSet claimsSet = null;
try {
signedJWT = SignedJWT.parse(this.getBearerToken(idToken));
claimsSet = signedJWT.getJWTClaimsSet();
} catch (java.text.ParseException e) {
logger.error(e);
}
String issuer = claimsSet.getIssuer();
logger.info("issuer: " + issuer);
String jwkUrl = issuer + "/.well-known/jwks.json";
jwtConfiguration.setJwkUrl(jwkUrl);
ResourceRetriever resourceRetriever = new DefaultResourceRetriever(jwtConfiguration.getConnectionTimeout(),
jwtConfiguration.getReadTimeout());
URL jwkSetURL = new URL(jwtConfiguration.getJwkUrl());
JWKSource keySource = new RemoteJWKSet(jwkSetURL, resourceRetriever);
ConfigurableJWTProcessor jwtProcessor = new DefaultJWTProcessor();
JWSKeySelector keySelector = new JWSVerificationKeySelector(RS256, keySource);
jwtProcessor.setJWSKeySelector(keySelector);
JWTClaimsSet claims = jwtProcessor.process(this.getBearerToken(idToken), null);
String username = getUserNameFrom(claims);
if (username != null) {
List<GrantedAuthority> grantedAuthorities = of(new SimpleGrantedAuthority("ROLE_ADMIN"));
User user = new User(username, "", of());
return new JwtAuth(user, claims, grantedAuthorities);
}
}
return null;
}