You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by co...@apache.org on 2017/10/26 12:01:59 UTC
directory-kerby git commit: DIRKRB-664 -
Repository: directory-kerby
Updated Branches:
refs/heads/trunk e99c6010e -> 59c12f887
DIRKRB-664 -
Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/59c12f88
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/59c12f88
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/59c12f88
Branch: refs/heads/trunk
Commit: 59c12f887533129f8db4696ca79807ad20aedd49
Parents: e99c601
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Thu Oct 26 13:01:42 2017 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Thu Oct 26 13:01:42 2017 +0100
----------------------------------------------------------------------
.../kerby/kerberos/kdc/TokenKdcTestBase.java | 5 ++
.../kerberos/provider/token/JwtAuthToken.java | 63 ++++++++++++--------
.../provider/token/JwtTokenDecoder.java | 11 ++--
.../provider/token/JwtTokenEncoder.java | 27 ++++++---
.../kerby/kerberos/provider/token/JwtUtil.java | 42 -------------
.../kerberos/provider/token/TokenTest.java | 22 +++++++
pom.xml | 2 +-
7 files changed, 88 insertions(+), 84 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/59c12f88/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/TokenKdcTestBase.java
----------------------------------------------------------------------
diff --git a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/TokenKdcTestBase.java b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/TokenKdcTestBase.java
index d330abf..6719add 100644
--- a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/TokenKdcTestBase.java
+++ b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/TokenKdcTestBase.java
@@ -34,6 +34,8 @@ import org.apache.kerby.kerberos.kerb.type.ticket.KrbTicket;
import org.apache.kerby.kerberos.kerb.type.ticket.TgtTicket;
import org.apache.kerby.kerberos.provider.token.JwtTokenEncoder;
+import com.nimbusds.jose.EncryptionMethod;
+
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
@@ -106,6 +108,9 @@ public class TokenKdcTestBase extends KdcTestBase {
TokenEncoder tokenEncoder = KrbRuntime.getTokenProvider("JWT").createTokenEncoder();
+ if (tokenEncoder instanceof JwtTokenEncoder) {
+ ((JwtTokenEncoder) tokenEncoder).setEncryptionMethod(EncryptionMethod.A128CBC_HS256);
+ }
if (tokenEncoder instanceof JwtTokenEncoder && signingKey != null) {
tokenEncoder.setSignKey(signingKey);
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/59c12f88/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtAuthToken.java
----------------------------------------------------------------------
diff --git a/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtAuthToken.java b/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtAuthToken.java
index b6e60c4..b1d59e4 100644
--- a/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtAuthToken.java
+++ b/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtAuthToken.java
@@ -14,7 +14,7 @@
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
- * under the License.
+ * under the License.
*
*/
package org.apache.kerby.kerberos.provider.token;
@@ -23,10 +23,11 @@ import com.nimbusds.jose.PlainHeader;
import com.nimbusds.jwt.JWT;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.jwt.PlainJWT;
-import com.nimbusds.jwt.ReadOnlyJWTClaimsSet;
import org.apache.kerby.kerberos.kerb.type.base.AuthToken;
+import java.util.Collections;
import java.util.Date;
+import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.UUID;
@@ -36,31 +37,41 @@ import java.util.UUID;
*/
public class JwtAuthToken implements AuthToken {
- private JWTClaimsSet jwtClaims;
+ private static final String SUBJECT_CLAIM = "sub";
+ private static final String ISSUER_CLAIM = "iss";
+ private static final String AUDIENCE_CLAIM = "aud";
+ private static final String EXPIRY_CLAIM = "exp";
+ private static final String NOT_BEFORE_CLAIM = "nbf";
+ private static final String ISSUED_AT_CLAIM = "iat";
+ private static final String ID_CLAIM = "jti";
+
private Boolean isIdToken = true;
private Boolean isAcToken = false;
+ private final Map<String, Object> claims = new HashMap<>();
public JwtAuthToken() {
- this(new JWTClaimsSet());
+ // complete
}
public JwtAuthToken(JWTClaimsSet jwtClaims) {
- this.jwtClaims = jwtClaims;
- }
-
- public JwtAuthToken(ReadOnlyJWTClaimsSet jwtClaims) {
- this.jwtClaims = JwtUtil.from(jwtClaims);
+ if (jwtClaims != null) {
+ claims.putAll(jwtClaims.getClaims());
+ }
}
protected JWT getJwt() {
- String jti = jwtClaims.getJWTID();
+ String jti = (String) claims.get(ID_CLAIM);
if (jti == null || jti.isEmpty()) {
jti = UUID.randomUUID().toString();
- jwtClaims.setJWTID(jti);
+ claims.put(ID_CLAIM, jti);
}
+ JWTClaimsSet.Builder builder = new JWTClaimsSet.Builder();
+ for (Map.Entry<String, Object> entry : claims.entrySet()) {
+ builder = builder.claim(entry.getKey(), entry.getValue());
+ }
PlainHeader header = new PlainHeader();
- PlainJWT jwt = new PlainJWT(header, jwtClaims);
+ PlainJWT jwt = new PlainJWT(header, builder.build());
return jwt;
}
@@ -69,7 +80,7 @@ public class JwtAuthToken implements AuthToken {
*/
@Override
public String getSubject() {
- return jwtClaims.getSubject();
+ return (String) claims.get(SUBJECT_CLAIM);
}
/**
@@ -77,7 +88,7 @@ public class JwtAuthToken implements AuthToken {
*/
@Override
public void setSubject(String sub) {
- jwtClaims.setSubject(sub);
+ claims.put(SUBJECT_CLAIM, sub);
}
/**
@@ -85,7 +96,7 @@ public class JwtAuthToken implements AuthToken {
*/
@Override
public String getIssuer() {
- return jwtClaims.getIssuer();
+ return (String) claims.get(ISSUER_CLAIM);
}
/**
@@ -93,7 +104,7 @@ public class JwtAuthToken implements AuthToken {
*/
@Override
public void setIssuer(String issuer) {
- jwtClaims.setIssuer(issuer);
+ claims.put(ISSUER_CLAIM, issuer);
}
/**
@@ -101,7 +112,7 @@ public class JwtAuthToken implements AuthToken {
*/
@Override
public List<String> getAudiences() {
- return jwtClaims.getAudience();
+ return (List<String>) claims.get(AUDIENCE_CLAIM);
}
/**
@@ -109,7 +120,7 @@ public class JwtAuthToken implements AuthToken {
*/
@Override
public void setAudiences(List<String> audiences) {
- jwtClaims.setAudience(audiences);
+ claims.put(AUDIENCE_CLAIM, audiences);
}
/**
@@ -165,7 +176,7 @@ public class JwtAuthToken implements AuthToken {
*/
@Override
public Date getExpiredTime() {
- return jwtClaims.getExpirationTime();
+ return (Date) claims.get(EXPIRY_CLAIM);
}
/**
@@ -173,7 +184,7 @@ public class JwtAuthToken implements AuthToken {
*/
@Override
public void setExpirationTime(Date exp) {
- jwtClaims.setExpirationTime(exp);
+ claims.put(EXPIRY_CLAIM, exp);
}
/**
@@ -181,7 +192,7 @@ public class JwtAuthToken implements AuthToken {
*/
@Override
public Date getNotBeforeTime() {
- return jwtClaims.getNotBeforeTime();
+ return (Date) claims.get(NOT_BEFORE_CLAIM);
}
/**
@@ -189,7 +200,7 @@ public class JwtAuthToken implements AuthToken {
*/
@Override
public void setNotBeforeTime(Date nbt) {
- jwtClaims.setNotBeforeTime(nbt);
+ claims.put(NOT_BEFORE_CLAIM, nbt);
}
/**
@@ -197,7 +208,7 @@ public class JwtAuthToken implements AuthToken {
*/
@Override
public Date getIssueTime() {
- return jwtClaims.getIssueTime();
+ return (Date) claims.get(ISSUED_AT_CLAIM);
}
/**
@@ -205,7 +216,7 @@ public class JwtAuthToken implements AuthToken {
*/
@Override
public void setIssueTime(Date iat) {
- jwtClaims.setIssueTime(iat);
+ claims.put(ISSUED_AT_CLAIM, iat);
}
/**
@@ -213,7 +224,7 @@ public class JwtAuthToken implements AuthToken {
*/
@Override
public Map<String, Object> getAttributes() {
- return jwtClaims.getAllClaims();
+ return Collections.unmodifiableMap(claims);
}
/**
@@ -221,6 +232,6 @@ public class JwtAuthToken implements AuthToken {
*/
@Override
public void addAttribute(String name, Object value) {
- jwtClaims.setCustomClaim(name, value);
+ claims.put(name, value);
}
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/59c12f88/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtTokenDecoder.java
----------------------------------------------------------------------
diff --git a/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtTokenDecoder.java b/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtTokenDecoder.java
index 6d6e49e..56779fd 100644
--- a/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtTokenDecoder.java
+++ b/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtTokenDecoder.java
@@ -152,14 +152,14 @@ public class JwtTokenDecoder implements TokenDecoder {
throw new IOException("Failed to decrypt the encrypted JWT", e);
}
}
-
+
private JWEDecrypter getDecrypter() throws JOSEException, KrbException {
if (decryptionKey instanceof RSAPrivateKey) {
return new RSADecrypter((RSAPrivateKey) decryptionKey);
} else if (decryptionKey instanceof byte[]) {
return new DirectDecrypter((byte[]) decryptionKey);
}
-
+
throw new KrbException("An unknown decryption key was specified");
}
@@ -198,18 +198,17 @@ public class JwtTokenDecoder implements TokenDecoder {
throw new IOException("Failed to verify the signed JWT", e);
}
}
-
+
private JWSVerifier getVerifier() throws JOSEException, KrbException {
if (verifyKey instanceof RSAPublicKey) {
return new RSASSAVerifier((RSAPublicKey) verifyKey);
} else if (verifyKey instanceof ECPublicKey) {
ECPublicKey ecPublicKey = (ECPublicKey) verifyKey;
- return new ECDSAVerifier(ecPublicKey.getW().getAffineX(),
- ecPublicKey.getW().getAffineY());
+ return new ECDSAVerifier(ecPublicKey);
} else if (verifyKey instanceof byte[]) {
return new MACVerifier((byte[]) verifyKey);
}
-
+
throw new KrbException("An unknown verify key was specified");
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/59c12f88/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtTokenEncoder.java
----------------------------------------------------------------------
diff --git a/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtTokenEncoder.java b/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtTokenEncoder.java
index 678442d..80e3b03 100644
--- a/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtTokenEncoder.java
+++ b/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtTokenEncoder.java
@@ -14,7 +14,7 @@
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
- * under the License.
+ * under the License.
*
*/
package org.apache.kerby.kerberos.provider.token;
@@ -28,6 +28,7 @@ import com.nimbusds.jose.JWEObject;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.JWSHeader;
import com.nimbusds.jose.JWSSigner;
+import com.nimbusds.jose.KeyLengthException;
import com.nimbusds.jose.Payload;
import com.nimbusds.jose.crypto.DirectEncrypter;
import com.nimbusds.jose.crypto.ECDSASigner;
@@ -53,7 +54,7 @@ import java.text.ParseException;
* JWT token encoder, implemented using Nimbus JWT library.
*/
public class JwtTokenEncoder implements TokenEncoder {
- private JWEAlgorithm jweAlgorithm = JWEAlgorithm.RSA_OAEP;
+ private JWEAlgorithm jweAlgorithm = JWEAlgorithm.RSA_OAEP_256;
private EncryptionMethod encryptionMethod = EncryptionMethod.A128GCM;
private JWSAlgorithm jwsAlgorithm = JWSAlgorithm.RS256;
@@ -131,7 +132,7 @@ public class JwtTokenEncoder implements TokenEncoder {
}
return tokenStr;
}
-
+
private JWSSigner createSigner() throws KrbException {
// Create signer with the private key
if (RSASSASigner.SUPPORTED_ALGORITHMS.contains(jwsAlgorithm)) {
@@ -143,17 +144,25 @@ public class JwtTokenEncoder implements TokenEncoder {
if (!(signKey instanceof ECPrivateKey)) {
throw new KrbException("A ECPrivateKey key must be specified for signature");
}
- return new ECDSASigner(((ECPrivateKey) signKey).getS());
+ try {
+ return new ECDSASigner((ECPrivateKey) signKey);
+ } catch (JOSEException e) {
+ throw new KrbException(e.getMessage(), e);
+ }
} else if (MACSigner.SUPPORTED_ALGORITHMS.contains(jwsAlgorithm)) {
if (!(signKey instanceof byte[])) {
throw new KrbException("A byte[] key must be specified for signature");
}
- return new MACSigner((byte[]) signKey);
+ try {
+ return new MACSigner((byte[]) signKey);
+ } catch (KeyLengthException e) {
+ throw new KrbException(e.getMessage(), e);
+ }
}
throw new KrbException("An unknown signature algorithm was specified");
}
-
+
private JWEEncrypter createEncryptor() throws KrbException, JOSEException {
if (RSAEncrypter.SUPPORTED_ALGORITHMS.contains(jweAlgorithm)) {
if (!(encryptionKey instanceof RSAPublicKey)) {
@@ -166,7 +175,7 @@ public class JwtTokenEncoder implements TokenEncoder {
}
return new DirectEncrypter((byte[]) encryptionKey);
}
-
+
throw new KrbException("An unknown encryption algorithm was specified");
}
@@ -209,7 +218,7 @@ public class JwtTokenEncoder implements TokenEncoder {
signKey = key.clone();
}
}
-
+
public JWEAlgorithm getJweAlgorithm() {
return jweAlgorithm;
}
@@ -225,7 +234,7 @@ public class JwtTokenEncoder implements TokenEncoder {
public void setJwsAlgorithm(JWSAlgorithm jwsAlgorithm) {
this.jwsAlgorithm = jwsAlgorithm;
}
-
+
public EncryptionMethod getEncryptionMethod() {
return encryptionMethod;
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/59c12f88/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtUtil.java
----------------------------------------------------------------------
diff --git a/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtUtil.java b/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtUtil.java
deleted file mode 100644
index aaa52e4..0000000
--- a/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtUtil.java
+++ /dev/null
@@ -1,42 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-
-package org.apache.kerby.kerberos.provider.token;
-
-import com.nimbusds.jwt.JWTClaimsSet;
-import com.nimbusds.jwt.ReadOnlyJWTClaimsSet;
-
-/**
- * JWT token utilities.
- */
-public class JwtUtil {
-
- /**
- * Get jwt claims set from read only jwt claims set
- *
- * @param readOnlyClaims Read only claims
- * @return Result
- */
- public static JWTClaimsSet from(ReadOnlyJWTClaimsSet readOnlyClaims) {
- JWTClaimsSet result = new JWTClaimsSet(readOnlyClaims);
-
- return result;
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/59c12f88/kerby-provider/token-provider/src/test/java/org/apache/kerby/kerberos/provider/token/TokenTest.java
----------------------------------------------------------------------
diff --git a/kerby-provider/token-provider/src/test/java/org/apache/kerby/kerberos/provider/token/TokenTest.java b/kerby-provider/token-provider/src/test/java/org/apache/kerby/kerberos/provider/token/TokenTest.java
index e0335fb..602a941 100644
--- a/kerby-provider/token-provider/src/test/java/org/apache/kerby/kerberos/provider/token/TokenTest.java
+++ b/kerby-provider/token-provider/src/test/java/org/apache/kerby/kerberos/provider/token/TokenTest.java
@@ -19,6 +19,7 @@
*/
package org.apache.kerby.kerberos.provider.token;
+import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm;
import com.nimbusds.jose.JWSAlgorithm;
import org.apache.kerby.kerberos.kerb.KrbRuntime;
@@ -50,6 +51,7 @@ public class TokenTest {
private AuthToken authToken;
private List<String> auds = new ArrayList<String>();
+ private EncryptionMethod encryptionMethod = EncryptionMethod.A128GCM;
@Before
public void setUp() {
@@ -74,11 +76,18 @@ public class TokenTest {
Date iat = now;
authToken.setIssueTime(iat);
+
+ String jsv = System.getProperty("java.specification.version");
+ if (jsv != null && Double.parseDouble(jsv) == 1.7) {
+ encryptionMethod = EncryptionMethod.A128CBC_HS256;
+ }
+
}
@Test
public void testToken() throws Exception {
TokenEncoder tokenEncoder = KrbRuntime.getTokenProvider("JWT").createTokenEncoder();
+ ((JwtTokenEncoder) tokenEncoder).setEncryptionMethod(encryptionMethod);
String tokenStr = tokenEncoder.encodeAsString(authToken);
Assertions.assertThat(tokenStr).isNotNull();
@@ -94,6 +103,7 @@ public class TokenTest {
@Test
public void testDecodeFromBytes() throws Exception {
TokenEncoder tokenEncoder = KrbRuntime.getTokenProvider("JWT").createTokenEncoder();
+ ((JwtTokenEncoder) tokenEncoder).setEncryptionMethod(encryptionMethod);
byte[] tokenStr = tokenEncoder.encodeAsBytes(authToken);
Assertions.assertThat(tokenStr).isNotNull();
@@ -109,6 +119,7 @@ public class TokenTest {
@Test
public void testTokenWithEncryptedJWT() throws Exception {
TokenEncoder tokenEncoder = KrbRuntime.getTokenProvider("JWT").createTokenEncoder();
+ ((JwtTokenEncoder) tokenEncoder).setEncryptionMethod(encryptionMethod);
TokenDecoder tokenDecoder = KrbRuntime.getTokenProvider("JWT").createTokenDecoder();
setEncryptKey((JwtTokenEncoder) tokenEncoder, (JwtTokenDecoder) tokenDecoder);
@@ -124,6 +135,10 @@ public class TokenTest {
@Test
public void testTokenWithDirectEncryptedJWT() throws Exception {
+ if (EncryptionMethod.A128CBC_HS256.equals(encryptionMethod)) {
+ // Only run this test with JDK8
+ return;
+ }
TokenEncoder tokenEncoder = KrbRuntime.getTokenProvider("JWT").createTokenEncoder();
TokenDecoder tokenDecoder = KrbRuntime.getTokenProvider("JWT").createTokenDecoder();
@@ -160,6 +175,7 @@ public class TokenTest {
@Test
public void testTokenWithSignedJWT() throws Exception {
TokenEncoder tokenEncoder = KrbRuntime.getTokenProvider("JWT").createTokenEncoder();
+ ((JwtTokenEncoder) tokenEncoder).setEncryptionMethod(encryptionMethod);
TokenDecoder tokenDecoder = KrbRuntime.getTokenProvider("JWT").createTokenDecoder();
setSignKey((JwtTokenEncoder) tokenEncoder, (JwtTokenDecoder) tokenDecoder);
@@ -176,6 +192,7 @@ public class TokenTest {
@Test
public void testTokenWithHMACSignedJWT() throws Exception {
TokenEncoder tokenEncoder = KrbRuntime.getTokenProvider("JWT").createTokenEncoder();
+ ((JwtTokenEncoder) tokenEncoder).setEncryptionMethod(encryptionMethod);
TokenDecoder tokenDecoder = KrbRuntime.getTokenProvider("JWT").createTokenDecoder();
KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
@@ -207,6 +224,7 @@ public class TokenTest {
// TODO: building error with openjdk8: NoSuchAlgorithm EC KeyPairGenerato..
public void testTokenWithECDSASignedJWT() throws Exception {
TokenEncoder tokenEncoder = KrbRuntime.getTokenProvider("JWT").createTokenEncoder();
+ ((JwtTokenEncoder) tokenEncoder).setEncryptionMethod(encryptionMethod);
TokenDecoder tokenDecoder = KrbRuntime.getTokenProvider("JWT").createTokenDecoder();
KeyPairGenerator kpg = KeyPairGenerator.getInstance("EC");
@@ -228,6 +246,7 @@ public class TokenTest {
@Test
public void testTokenWithSignedAndEncryptedJWT() throws Exception {
TokenEncoder tokenEncoder = KrbRuntime.getTokenProvider("JWT").createTokenEncoder();
+ ((JwtTokenEncoder) tokenEncoder).setEncryptionMethod(encryptionMethod);
TokenDecoder tokenDecoder = KrbRuntime.getTokenProvider("JWT").createTokenDecoder();
setSignKey((JwtTokenEncoder) tokenEncoder, (JwtTokenDecoder) tokenDecoder);
@@ -248,6 +267,7 @@ public class TokenTest {
audiences.add("invalid@EXAMPLE.COM");
TokenEncoder tokenEncoder = KrbRuntime.getTokenProvider("JWT").createTokenEncoder();
+ ((JwtTokenEncoder) tokenEncoder).setEncryptionMethod(encryptionMethod);
TokenDecoder tokenDecoder = KrbRuntime.getTokenProvider("JWT").createTokenDecoder();
setSignKey((JwtTokenEncoder) tokenEncoder, (JwtTokenDecoder) tokenDecoder);
@@ -266,6 +286,7 @@ public class TokenTest {
authToken.setExpirationTime(new Date(new Date().getTime() - 100));
TokenEncoder tokenEncoder = KrbRuntime.getTokenProvider("JWT").createTokenEncoder();
+ ((JwtTokenEncoder) tokenEncoder).setEncryptionMethod(encryptionMethod);
TokenDecoder tokenDecoder = KrbRuntime.getTokenProvider("JWT").createTokenDecoder();
setSignKey((JwtTokenEncoder) tokenEncoder, (JwtTokenDecoder) tokenDecoder);
@@ -284,6 +305,7 @@ public class TokenTest {
authToken.setNotBeforeTime(new Date(new Date().getTime() + 1000 * 60));
TokenEncoder tokenEncoder = KrbRuntime.getTokenProvider("JWT").createTokenEncoder();
+ ((JwtTokenEncoder) tokenEncoder).setEncryptionMethod(encryptionMethod);
TokenDecoder tokenDecoder = KrbRuntime.getTokenProvider("JWT").createTokenDecoder();
setSignKey((JwtTokenEncoder) tokenEncoder, (JwtTokenDecoder) tokenDecoder);
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/59c12f88/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index f515c48..07b84d9 100644
--- a/pom.xml
+++ b/pom.xml
@@ -53,7 +53,7 @@
<ldap.api.version>1.0.0</ldap.api.version>
<log4j.version>1.2.17</log4j.version>
<junit.version>4.12</junit.version>
- <nimbus.jose.version>3.10</nimbus.jose.version>
+ <nimbus.jose.version>4.41.2</nimbus.jose.version>
<slf4j.version>1.7.25</slf4j.version>
<assertj.version>2.6.0</assertj.version>
<findbugs.version>3.0.4</findbugs.version>