forked from zendesk/zendesk_jwt_sso_examples
-
Notifications
You must be signed in to change notification settings - Fork 0
/
java_servlet_jwt.java
87 lines (70 loc) · 2.83 KB
/
java_servlet_jwt.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
/*
This example depends on the following jar files
commons-codec.jar from http://commons.apache.org/proper/commons-codec/
json-smart.jar from https://code.google.com/p/json-smart/
nimbus-jose-jwt.jar from https://bitbucket.org/nimbusds/nimbus-jose-jwt/overview
Because of this [1] issue in nimbus-jose-jwt, please make sure to use a
version >= 2.13.1 as Zendesk expects seconds in the iat parameter
[1]: https://bitbucket.org/nimbusds/nimbus-jose-jwt/issue/35/jwtclaimsset-milliseconds-vs-seconds-issue
*/
package com.zendesk.login;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.JWSHeader;
import com.nimbusds.jose.JWSObject;
import com.nimbusds.jose.JWSSigner;
import com.nimbusds.jose.Payload;
import com.nimbusds.jose.crypto.MACSigner;
import com.nimbusds.jwt.JWTClaimsSet;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.Date;
import java.util.UUID;
public class JWT extends HttpServlet {
private static final String SHARED_KEY = "{my zendesk token}";
private static final String SUBDOMAIN = "{my zendesk subdomain}";
@Override
protected void service(HttpServletRequest request, HttpServletResponse response)
throws IOException, ServletException {
// Given a user instance
// Compose the JWT claims set
JWTClaimsSet jwtClaims = new JWTClaimsSet();
jwtClaims.setIssueTime(new Date());
jwtClaims.setJWTID(UUID.randomUUID().toString());
// jwtClaims.setCustomClaim("name", user.name);
// jwtClaims.setCustomClaim("email", user.email);
// Create JWS header with HS256 algorithm
JWSHeader header = new JWSHeader(JWSAlgorithm.HS256);
header.setContentType("text/plain");
// Create JWS object
JWSObject jwsObject = new JWSObject(header, new Payload(jwtClaims.toJSONObject()));
// Create HMAC signer
JWSSigner signer = new MACSigner(SHARED_KEY.getBytes());
try {
jwsObject.sign(signer);
} catch(com.nimbusds.jose.JOSEException e) {
System.err.println("Error signing JWT: " + e.getMessage());
return;
}
// Serialise to JWT compact form
String jwtString = jwsObject.serialize();
String redirectUrl = "https://" + SUBDOMAIN + ".zendesk.com/access/jwt?jwt=" + jwtString;
String returnTo = request.getParameter("return_to");
if (returnTo != null) {
redirectUrl += "&return_to=" + encode(returnTo);
}
response.sendRedirect(redirectUrl);
}
private static String encode(String url) {
try {
return URLEncoder.encode(url, "UTF-8");
} catch (UnsupportedEncodingException ignore) {
System.err.println("UTF-8 is not supported!");
return url;
}
}
}