public class org.apache.nifi.web.security.jwt.provider.StandardBearerTokenProvider extends java.lang.Object implements org.apache.nifi.web.security.jwt.provider.BearerTokenProvider
{
private static final org.slf4j.Logger LOGGER;
private static final java.time.Duration MAXIMUM_EXPIRATION;
private static final java.time.Duration MINIMUM_EXPIRATION;
private final org.apache.nifi.web.security.jwt.jws.JwsSignerProvider jwsSignerProvider;
private final org.apache.nifi.web.security.jwt.provider.IssuerProvider issuerProvider;
public void <init>(org.apache.nifi.web.security.jwt.jws.JwsSignerProvider, org.apache.nifi.web.security.jwt.provider.IssuerProvider)
{
org.apache.nifi.web.security.jwt.jws.JwsSignerProvider v;
org.apache.nifi.web.security.jwt.provider.IssuerProvider v;
org.apache.nifi.web.security.jwt.provider.StandardBearerTokenProvider v;
v := @this: org.apache.nifi.web.security.jwt.provider.StandardBearerTokenProvider;
v := @parameter: org.apache.nifi.web.security.jwt.jws.JwsSignerProvider;
v := @parameter: org.apache.nifi.web.security.jwt.provider.IssuerProvider;
specialinvoke v.<java.lang.Object: void <init>()>();
v.<org.apache.nifi.web.security.jwt.provider.StandardBearerTokenProvider: org.apache.nifi.web.security.jwt.jws.JwsSignerProvider jwsSignerProvider> = v;
v.<org.apache.nifi.web.security.jwt.provider.StandardBearerTokenProvider: org.apache.nifi.web.security.jwt.provider.IssuerProvider issuerProvider> = v;
return;
}
public java.lang.String getBearerToken(org.apache.nifi.web.security.token.LoginAuthenticationToken)
{
java.util.Date v, v;
com.nimbusds.jwt.JWTClaimsSet v;
java.lang.String v, v, v, v, v, v, v;
java.net.URI v;
org.apache.nifi.web.security.jwt.provider.SupportedClaim v, v;
org.apache.nifi.web.security.jwt.provider.IssuerProvider v;
org.apache.nifi.web.security.token.LoginAuthenticationToken v;
java.util.Collection v;
java.util.UUID v;
com.nimbusds.jwt.JWTClaimsSet$Builder v, v, v, v, v, v, v, v, v, v;
java.util.List v;
java.lang.Object v, v;
org.apache.nifi.web.security.jwt.provider.StandardBearerTokenProvider v;
v := @this: org.apache.nifi.web.security.jwt.provider.StandardBearerTokenProvider;
v := @parameter: org.apache.nifi.web.security.token.LoginAuthenticationToken;
staticinvoke <java.util.Objects: java.lang.Object requireNonNull(java.lang.Object,java.lang.String)>(v, "LoginAuthenticationToken required");
v = virtualinvoke v.<org.apache.nifi.web.security.token.LoginAuthenticationToken: java.lang.Object getPrincipal()>();
v = staticinvoke <java.util.Objects: java.lang.Object requireNonNull(java.lang.Object,java.lang.String)>(v, "Principal required");
v = virtualinvoke v.<java.lang.Object: java.lang.String toString()>();
v = virtualinvoke v.<org.apache.nifi.web.security.token.LoginAuthenticationToken: java.lang.String getName()>();
v = virtualinvoke v.<org.apache.nifi.web.security.token.LoginAuthenticationToken: java.util.Collection getAuthorities()>();
v = specialinvoke v.<org.apache.nifi.web.security.jwt.provider.StandardBearerTokenProvider: java.util.List getGroups(java.util.Collection)>(v);
v = v.<org.apache.nifi.web.security.jwt.provider.StandardBearerTokenProvider: org.apache.nifi.web.security.jwt.provider.IssuerProvider issuerProvider>;
v = interfaceinvoke v.<org.apache.nifi.web.security.jwt.provider.IssuerProvider: java.net.URI getIssuer()>();
v = virtualinvoke v.<java.net.URI: java.lang.String toString()>();
v = new java.util.Date;
specialinvoke v.<java.util.Date: void <init>()>();
v = specialinvoke v.<org.apache.nifi.web.security.jwt.provider.StandardBearerTokenProvider: java.util.Date getExpirationTime(org.apache.nifi.web.security.token.LoginAuthenticationToken)>(v);
v = new com.nimbusds.jwt.JWTClaimsSet$Builder;
specialinvoke v.<com.nimbusds.jwt.JWTClaimsSet$Builder: void <init>()>();
v = staticinvoke <java.util.UUID: java.util.UUID randomUUID()>();
v = virtualinvoke v.<java.util.UUID: java.lang.String toString()>();
v = virtualinvoke v.<com.nimbusds.jwt.JWTClaimsSet$Builder: com.nimbusds.jwt.JWTClaimsSet$Builder jwtID(java.lang.String)>(v);
v = virtualinvoke v.<com.nimbusds.jwt.JWTClaimsSet$Builder: com.nimbusds.jwt.JWTClaimsSet$Builder subject(java.lang.String)>(v);
v = virtualinvoke v.<com.nimbusds.jwt.JWTClaimsSet$Builder: com.nimbusds.jwt.JWTClaimsSet$Builder issuer(java.lang.String)>(v);
v = virtualinvoke v.<com.nimbusds.jwt.JWTClaimsSet$Builder: com.nimbusds.jwt.JWTClaimsSet$Builder audience(java.lang.String)>(v);
v = virtualinvoke v.<com.nimbusds.jwt.JWTClaimsSet$Builder: com.nimbusds.jwt.JWTClaimsSet$Builder notBeforeTime(java.util.Date)>(v);
v = virtualinvoke v.<com.nimbusds.jwt.JWTClaimsSet$Builder: com.nimbusds.jwt.JWTClaimsSet$Builder issueTime(java.util.Date)>(v);
v = virtualinvoke v.<com.nimbusds.jwt.JWTClaimsSet$Builder: com.nimbusds.jwt.JWTClaimsSet$Builder expirationTime(java.util.Date)>(v);
v = <org.apache.nifi.web.security.jwt.provider.SupportedClaim: org.apache.nifi.web.security.jwt.provider.SupportedClaim PREFERRED_USERNAME>;
v = virtualinvoke v.<org.apache.nifi.web.security.jwt.provider.SupportedClaim: java.lang.String getClaim()>();
v = virtualinvoke v.<com.nimbusds.jwt.JWTClaimsSet$Builder: com.nimbusds.jwt.JWTClaimsSet$Builder claim(java.lang.String,java.lang.Object)>(v, v);
v = <org.apache.nifi.web.security.jwt.provider.SupportedClaim: org.apache.nifi.web.security.jwt.provider.SupportedClaim GROUPS>;
v = virtualinvoke v.<org.apache.nifi.web.security.jwt.provider.SupportedClaim: java.lang.String getClaim()>();
v = virtualinvoke v.<com.nimbusds.jwt.JWTClaimsSet$Builder: com.nimbusds.jwt.JWTClaimsSet$Builder claim(java.lang.String,java.lang.Object)>(v, v);
v = virtualinvoke v.<com.nimbusds.jwt.JWTClaimsSet$Builder: com.nimbusds.jwt.JWTClaimsSet build()>();
v = specialinvoke v.<org.apache.nifi.web.security.jwt.provider.StandardBearerTokenProvider: java.lang.String getSignedBearerToken(com.nimbusds.jwt.JWTClaimsSet)>(v);
return v;
}
private java.util.Date getExpirationTime(org.apache.nifi.web.security.token.LoginAuthenticationToken)
{
java.lang.Object[] v, v;
java.util.Date v;
java.time.Duration v, v, v, v;
java.lang.String v;
boolean v, v;
org.slf4j.Logger v, v;
org.apache.nifi.web.security.token.LoginAuthenticationToken v;
java.time.Instant v, v, v, v, v;
org.apache.nifi.web.security.jwt.provider.StandardBearerTokenProvider v;
v := @this: org.apache.nifi.web.security.jwt.provider.StandardBearerTokenProvider;
v := @parameter: org.apache.nifi.web.security.token.LoginAuthenticationToken;
v = virtualinvoke v.<org.apache.nifi.web.security.token.LoginAuthenticationToken: java.time.Instant getExpiration()>();
v = staticinvoke <java.time.Instant: java.time.Instant now()>();
v = <org.apache.nifi.web.security.jwt.provider.StandardBearerTokenProvider: java.time.Duration MAXIMUM_EXPIRATION>;
v = virtualinvoke v.<java.time.Instant: java.time.Instant plus(java.time.temporal.TemporalAmount)>(v);
v = staticinvoke <java.time.Instant: java.time.Instant now()>();
v = <org.apache.nifi.web.security.jwt.provider.StandardBearerTokenProvider: java.time.Duration MINIMUM_EXPIRATION>;
v = virtualinvoke v.<java.time.Instant: java.time.Instant plus(java.time.temporal.TemporalAmount)>(v);
v = virtualinvoke v.<org.apache.nifi.web.security.token.LoginAuthenticationToken: java.lang.String getName()>();
v = virtualinvoke v.<java.time.Instant: boolean isAfter(java.time.Instant)>(v);
if v == 0 goto label;
v = <org.apache.nifi.web.security.jwt.provider.StandardBearerTokenProvider: org.slf4j.Logger LOGGER>;
v = newarray (java.lang.Object)[3];
v[0] = v;
v[1] = v;
v = <org.apache.nifi.web.security.jwt.provider.StandardBearerTokenProvider: java.time.Duration MAXIMUM_EXPIRATION>;
v[2] = v;
interfaceinvoke v.<org.slf4j.Logger: void warn(java.lang.String,java.lang.Object[])>("Identity [{}] Token Expiration [{}] greater than maximum [{}]", v);
v = v;
goto label;
label:
v = virtualinvoke v.<java.time.Instant: boolean isBefore(java.time.Instant)>(v);
if v == 0 goto label;
v = <org.apache.nifi.web.security.jwt.provider.StandardBearerTokenProvider: org.slf4j.Logger LOGGER>;
v = newarray (java.lang.Object)[3];
v[0] = v;
v[1] = v;
v = <org.apache.nifi.web.security.jwt.provider.StandardBearerTokenProvider: java.time.Duration MINIMUM_EXPIRATION>;
v[2] = v;
interfaceinvoke v.<org.slf4j.Logger: void warn(java.lang.String,java.lang.Object[])>("Identity [{}] Token Expiration [{}] less than minimum [{}]", v);
v = v;
label:
v = staticinvoke <java.util.Date: java.util.Date 'from'(java.time.Instant)>(v);
return v;
}
private java.lang.String getSignedBearerToken(com.nimbusds.jwt.JWTClaimsSet)
{
java.lang.Throwable v;
java.lang.Object[] v;
java.util.Date v;
com.nimbusds.jwt.JWTClaimsSet v;
com.nimbusds.jose.JWSObject v;
java.util.Map v;
java.lang.String v, v, v, v;
org.slf4j.Logger v;
org.apache.nifi.web.security.jwt.jws.JwsSignerProvider v;
com.nimbusds.jose.JWSAlgorithm v;
com.nimbusds.jose.JWSHeader$Builder v, v;
java.lang.IllegalArgumentException v;
java.time.Instant v;
com.nimbusds.jose.JWSHeader v;
com.nimbusds.jose.Payload v;
com.nimbusds.jose.JWSSigner v;
org.apache.nifi.web.security.jwt.provider.StandardBearerTokenProvider v;
org.apache.nifi.web.security.jwt.jws.JwsSignerContainer v;
v := @this: org.apache.nifi.web.security.jwt.provider.StandardBearerTokenProvider;
v := @parameter: com.nimbusds.jwt.JWTClaimsSet;
v = virtualinvoke v.<com.nimbusds.jwt.JWTClaimsSet: java.util.Date getExpirationTime()>();
v = v.<org.apache.nifi.web.security.jwt.provider.StandardBearerTokenProvider: org.apache.nifi.web.security.jwt.jws.JwsSignerProvider jwsSignerProvider>;
v = virtualinvoke v.<java.util.Date: java.time.Instant toInstant()>();
v = interfaceinvoke v.<org.apache.nifi.web.security.jwt.jws.JwsSignerProvider: org.apache.nifi.web.security.jwt.jws.JwsSignerContainer getJwsSignerContainer(java.time.Instant)>(v);
v = virtualinvoke v.<org.apache.nifi.web.security.jwt.jws.JwsSignerContainer: java.lang.String getKeyIdentifier()>();
v = virtualinvoke v.<org.apache.nifi.web.security.jwt.jws.JwsSignerContainer: com.nimbusds.jose.JWSAlgorithm getJwsAlgorithm()>();
v = new com.nimbusds.jose.JWSHeader$Builder;
specialinvoke v.<com.nimbusds.jose.JWSHeader$Builder: void <init>(com.nimbusds.jose.JWSAlgorithm)>(v);
v = virtualinvoke v.<com.nimbusds.jose.JWSHeader$Builder: com.nimbusds.jose.JWSHeader$Builder keyID(java.lang.String)>(v);
v = virtualinvoke v.<com.nimbusds.jose.JWSHeader$Builder: com.nimbusds.jose.JWSHeader build()>();
v = new com.nimbusds.jose.Payload;
v = virtualinvoke v.<com.nimbusds.jwt.JWTClaimsSet: java.util.Map toJSONObject()>();
specialinvoke v.<com.nimbusds.jose.Payload: void <init>(java.util.Map)>(v);
v = new com.nimbusds.jose.JWSObject;
specialinvoke v.<com.nimbusds.jose.JWSObject: void <init>(com.nimbusds.jose.JWSHeader,com.nimbusds.jose.Payload)>(v, v);
v = virtualinvoke v.<org.apache.nifi.web.security.jwt.jws.JwsSignerContainer: com.nimbusds.jose.JWSSigner getJwsSigner()>();
label:
virtualinvoke v.<com.nimbusds.jose.JWSObject: void sign(com.nimbusds.jose.JWSSigner)>(v);
label:
goto label;
label:
v := @caughtexception;
v = newarray (java.lang.Object)[2];
v[0] = v;
v[1] = v;
v = staticinvoke <java.lang.String: java.lang.String format(java.lang.String,java.lang.Object[])>("Signing Failed for Algorithm [%s] Key Identifier [%s]", v);
v = new java.lang.IllegalArgumentException;
specialinvoke v.<java.lang.IllegalArgumentException: void <init>(java.lang.String,java.lang.Throwable)>(v, v);
throw v;
label:
v = <org.apache.nifi.web.security.jwt.provider.StandardBearerTokenProvider: org.slf4j.Logger LOGGER>;
v = virtualinvoke v.<com.nimbusds.jwt.JWTClaimsSet: java.lang.String getSubject()>();
interfaceinvoke v.<org.slf4j.Logger: void debug(java.lang.String,java.lang.Object,java.lang.Object)>("Signed Bearer Token using Key [{}] for Subject [{}]", v, v);
v = virtualinvoke v.<com.nimbusds.jose.JWSObject: java.lang.String serialize()>();
return v;
catch com.nimbusds.jose.JOSEException from label to label with label;
}
private java.util.List getGroups(java.util.Collection)
{
java.util.stream.Stream v, v;
java.util.Collection v;
java.lang.Object v;
java.util.stream.Collector v;
java.util.function.Function v;
org.apache.nifi.web.security.jwt.provider.StandardBearerTokenProvider v;
v := @this: org.apache.nifi.web.security.jwt.provider.StandardBearerTokenProvider;
v := @parameter: java.util.Collection;
v = interfaceinvoke v.<java.util.Collection: java.util.stream.Stream stream()>();
v = staticinvoke <org.apache.nifi.web.security.jwt.provider.StandardBearerTokenProvider$getAuthority__18: java.util.function.Function bootstrap$()>();
v = interfaceinvoke v.<java.util.stream.Stream: java.util.stream.Stream map(java.util.function.Function)>(v);
v = staticinvoke <java.util.stream.Collectors: java.util.stream.Collector toList()>();
v = interfaceinvoke v.<java.util.stream.Stream: java.lang.Object collect(java.util.stream.Collector)>(v);
return v;
}
static void <clinit>()
{
org.slf4j.Logger v;
java.time.Duration v, v;
v = staticinvoke <org.slf4j.LoggerFactory: org.slf4j.Logger getLogger(java.lang.Class)>(class "Lorg/apache/nifi/web/security/jwt/provider/StandardBearerTokenProvider;");
<org.apache.nifi.web.security.jwt.provider.StandardBearerTokenProvider: org.slf4j.Logger LOGGER> = v;
v = staticinvoke <java.time.Duration: java.time.Duration ofHours(long)>(12L);
<org.apache.nifi.web.security.jwt.provider.StandardBearerTokenProvider: java.time.Duration MAXIMUM_EXPIRATION> = v;
v = staticinvoke <java.time.Duration: java.time.Duration ofMinutes(long)>(1L);
<org.apache.nifi.web.security.jwt.provider.StandardBearerTokenProvider: java.time.Duration MINIMUM_EXPIRATION> = v;
return;
}
}