You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2015/11/12 19:22:38 UTC
cxf-fediz git commit: [FEDIZ-134] Signing id tokem with RS256
Repository: cxf-fediz
Updated Branches:
refs/heads/master 3aab9a328 -> 799d27485
[FEDIZ-134] Signing id tokem with RS256
Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/799d2748
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/799d2748
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/799d2748
Branch: refs/heads/master
Commit: 799d274855394557d7b314ac5254c767f8e148d9
Parents: 3aab9a3
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Thu Nov 12 18:22:16 2015 +0000
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Thu Nov 12 18:22:16 2015 +0000
----------------------------------------------------------------------
.../oidc/PrivateKeyPasswordProviderImpl.java | 38 +++++++++++++++++++
services/oidc/src/main/resources/oidc.jks | Bin 0 -> 3984 bytes
.../src/main/resources/rs.security.properties | 11 +++---
.../main/webapp/WEB-INF/applicationContext.xml | 4 +-
4 files changed, 45 insertions(+), 8 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/799d2748/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/PrivateKeyPasswordProviderImpl.java
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/PrivateKeyPasswordProviderImpl.java b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/PrivateKeyPasswordProviderImpl.java
new file mode 100644
index 0000000..0e0b9d3
--- /dev/null
+++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/PrivateKeyPasswordProviderImpl.java
@@ -0,0 +1,38 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.fediz.service.oidc;
+
+import java.util.Properties;
+
+import org.apache.cxf.rs.security.jose.common.PrivateKeyPasswordProvider;
+
+public class PrivateKeyPasswordProviderImpl implements PrivateKeyPasswordProvider {
+
+ private String password = "password";
+
+ @Override
+ public char[] getPassword(Properties props) {
+ return password.toCharArray();
+ }
+
+ public void setPassword(String password) {
+ this.password = password;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/799d2748/services/oidc/src/main/resources/oidc.jks
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/resources/oidc.jks b/services/oidc/src/main/resources/oidc.jks
new file mode 100644
index 0000000..9b8c450
Binary files /dev/null and b/services/oidc/src/main/resources/oidc.jks differ
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/799d2748/services/oidc/src/main/resources/rs.security.properties
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/resources/rs.security.properties b/services/oidc/src/main/resources/rs.security.properties
index 4a2b608..0b6766b 100644
--- a/services/oidc/src/main/resources/rs.security.properties
+++ b/services/oidc/src/main/resources/rs.security.properties
@@ -15,11 +15,10 @@
# specific language governing permissions and limitations
# under the License.
-#rs.security.keystore.type=jks
-#rs.security.keystore.password=password
-#rs.security.keystore.alias=alice
-#rs.security.keystore.file=org/apache/cxf/systest/jaxrs/security/certs/alice.jks
+rs.security.keystore.type=jks
+rs.security.keystore.password=password
+rs.security.keystore.alias=alice
+rs.security.keystore.file=oidc.jks
#rs.security.encryption.content.algorithm=A128GCM
#rs.security.encryption.key.algorithm=RSA-OAEP
-#rs.security.signature.algorithm=RS256
-rs.security.signature.algorithm=none
+rs.security.signature.algorithm=RS256
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/799d2748/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml b/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml
index 5586c93..4520c21 100644
--- a/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml
+++ b/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml
@@ -38,12 +38,12 @@
</jaxrs:providers>
<jaxrs:properties>
<entry key="rs.security.signature.properties" value="rs.security.properties"/>
- <!--
<entry key="rs.security.signature.key.password.provider" value-ref="keyPasswordProvider"/>
- -->
</jaxrs:properties>
</jaxrs:server>
+ <bean id="keyPasswordProvider" class="org.apache.cxf.fediz.service.oidc.PrivateKeyPasswordProviderImpl"/>
+
<jaxrs:server address="/client">
<jaxrs:serviceBeans>
<bean id="clientRegService" class="org.apache.cxf.fediz.service.oidc.ClientRegistrationService">