Skip to content

Instantly share code, notes, and snippets.

View token.jwt
eyJraWQiOiJvYXV0aDJrZXlwYWlyIiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiJ3ZWJsb2dpYyIsImlzcyI6Ind3dy5vcmFjbGUuY29tIiwiZXhwIjoxNTQwNDY2NDI4LCJpYXQiOjE1NDA0NjU4Mjh9.ZE8wMnFyjHcmFpdswgx3H8azVCPtHkrRjqhiKt-qZaV1Y5YlN9jAOshUnPIQ76L8K4SAduhJg7MyLQsAipzCFeT_Omxnxu0lgbD2UYtz-TUIt23bjcsJLub5pNrLXJWL3k7tSdkcVxlyHuRPYCvoLhLZzCksqnRdD6Zf9VjxGLFPktknXwpn7_aOAdzXEatj-Gd9lm321R2BdFL7ii9sXh9A1KL8cblLbhLlrXGwTF_ifTxuHSBz1B_p6xng6kmOfIwDIAJQ9t6KESQm8dQQeilcny1uRmhg4o85uc4gGzhH435q1DRuHQm22wN39FHbNT4WP3EuoZ49PpsTeQzSKA
@MaartenSmeets
MaartenSmeets / jwtbody
Created Oct 27, 2018
JWT body example
View jwtbody
{"sub":"weblogic","iss":"www.oracle.com","exp":1540466428,"iat":1540465828}
@MaartenSmeets
MaartenSmeets / curl.sh
Created Oct 27, 2018
Curl command for basic auth request to tokenservice
View curl.sh
curl -u tokenuser:Welcome01 -X POST -d "grant_type=client_credentials" http://localhost:7101/oauth2/resources/tokenservice
View grant snippet.xml
<grant>
<grantee>
<codesource>
<url>file:${domain.home}/servers/${weblogic.Name}/tmp/_WL_user/oauth2/-</url>
</codesource>
</grantee>
<permissions>
<permission>
<class>oracle.security.jps.service.keystore.KeyStoreAccessPermission</class>
<name>stripeName=owsm,keystoreName=keystore,alias=*</name>
View gist:e756b6cb439a5c8c4f0fb766655c1446
AccessController.doPrivileged(new PrivilegedAction<String>() {
public String run() {
try {
JpsContext ctx = JpsContextFactory.getContextFactory().getContext();
KeyStoreService kss = ctx.getServiceInstance(KeyStoreService.class);
ks = kss.getKeyStore(prop.getProperty("keystorestripe"), prop.getProperty("keystorename"), null);
} catch (Exception e) {
return "error";
}
return "done";
View gist:231238e5cca75d7b790ab47171ac1140
PasswordProtection pp = new PasswordProtection(prop.getProperty("keypassword").toCharArray());
KeyStore.PrivateKeyEntry pkEntry = (KeyStore.PrivateKeyEntry) ks.getEntry(prop.getProperty("keyalias"), pp);
View gist:97857d59c5d59cbd3fd7489bb404279b
RSAPrivateKey myPrivateKey = (RSAPrivateKey) pkEntry.getPrivateKey();
RSAPublicKey myPublicKey = (RSAPublicKey) pkEntry.getCertificate().getPublicKey();
@MaartenSmeets
MaartenSmeets / gist:5f97bda15aa116b467ed35d927c8461b
Created Oct 27, 2018
Build RSAKey from public and private keys
View gist:5f97bda15aa116b467ed35d927c8461b
RSAKey rsaJWK = new RSAKey.Builder(myPublicKey).privateKey(myPrivateKey).keyID(prop.getProperty("keyalias")).build();
View signer.java
JWSSigner signer = new RSASSASigner(rsaJWK);
View gist:5ac350e8455df31d2281356f158b1ef6
JWTClaimsSet claimsSet = new JWTClaimsSet.Builder()
.subject(user)
.issuer(prop.getProperty("tokenissuer"))
.expirationTime(expires)
.issueTime(new Date(new Date().getTime()))
.build();