You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by mm...@apache.org on 2020/07/07 18:24:12 UTC

[syncope] branch master updated: NOJIRA: Fix OIDC JWKS generation and properties (#201)

This is an automated email from the ASF dual-hosted git repository.

mmoayyed pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/syncope.git


The following commit(s) were added to refs/heads/master by this push:
     new abfbd41  NOJIRA: Fix OIDC JWKS generation and properties (#201)
abfbd41 is described below

commit abfbd41114a38a1d5b078c09d386d46645ec94da
Author: Misagh Moayyed <mm...@gmail.com>
AuthorDate: Tue Jul 7 22:53:47 2020 +0430

    NOJIRA: Fix OIDC JWKS generation and properties (#201)
---
 .../core/provisioning/java/data/OIDCJWKSDataBinderImpl.java        | 4 +++-
 fit/wa-reference/src/main/resources/wa.properties                  | 7 ++++++-
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/OIDCJWKSDataBinderImpl.java b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/OIDCJWKSDataBinderImpl.java
index 7ff3397..ed3010c 100644
--- a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/OIDCJWKSDataBinderImpl.java
+++ b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/OIDCJWKSDataBinderImpl.java
@@ -19,6 +19,7 @@
 
 package org.apache.syncope.core.provisioning.java.data;
 
+import com.nimbusds.jose.JWSAlgorithm;
 import com.nimbusds.jose.jwk.JWKSet;
 import com.nimbusds.jose.jwk.KeyUse;
 import com.nimbusds.jose.jwk.RSAKey;
@@ -51,8 +52,9 @@ public class OIDCJWKSDataBinderImpl implements OIDCJWKSDataBinder {
             RSAKey jwk = new RSAKeyGenerator(2048)
                 .keyUse(KeyUse.SIGNATURE)
                 .keyID(SecureRandomUtils.generateRandomUUID().toString())
+                .algorithm(JWSAlgorithm.RS256)
                 .generate();
-            jwks.setJson(new JWKSet(jwk).toString());
+            jwks.setJson(new JWKSet(jwk).toJSONObject(false).toString());
             return jwks;
         } catch (final Exception e) {
             throw new RuntimeException("Unable to create OIDC JWKS", e);
diff --git a/fit/wa-reference/src/main/resources/wa.properties b/fit/wa-reference/src/main/resources/wa.properties
index 051d549..6db93ed 100644
--- a/fit/wa-reference/src/main/resources/wa.properties
+++ b/fit/wa-reference/src/main/resources/wa.properties
@@ -24,12 +24,17 @@ conf.directory=${conf.directory}
 cas.standalone.configurationDirectory=${conf.directory}
 cas.authn.oidc.jwks.jwks-file=file:${conf.directory}/oidc.keystore
 
-cas.server.name=http://localhost:8080
+cas.server.name=http://localhost:9080
 cas.server.prefix=${cas.server.name}/syncope-wa
 cas.server.scope=syncope.org
 
 cas.authn.saml-idp.entity-id=https://syncope.apache.org/saml
 
+cas.authn.oidc.issuer=http://localhost:9080/syncope-wa/oidc/
+
+cas.authn.syncope.url=http://localhost:9080/syncope
+cas.tgc.secure=false
+
 # Disable access to the login endpoint
 # if no target application is specified.
 cas.sso.allow-missing-service-parameter=true