You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2014/10/07 18:51:36 UTC
git commit: Minor update to the utility converting JwtToken to
ServerAccessToken
Repository: cxf
Updated Branches:
refs/heads/master 9a952cfaf -> 5a4fdd1f9
Minor update to the utility converting JwtToken to ServerAccessToken
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/5a4fdd1f
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/5a4fdd1f
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/5a4fdd1f
Branch: refs/heads/master
Commit: 5a4fdd1f9dc66cb4591664eb3b7ff98921648de5
Parents: 9a952cf
Author: Sergey Beryozkin <sb...@talend.com>
Authored: Tue Oct 7 17:51:17 2014 +0100
Committer: Sergey Beryozkin <sb...@talend.com>
Committed: Tue Oct 7 17:51:17 2014 +0100
----------------------------------------------------------------------
.../security/jose/jwt/token/JwtAccessTokenUtils.java | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/5a4fdd1f/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwt/token/JwtAccessTokenUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwt/token/JwtAccessTokenUtils.java b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwt/token/JwtAccessTokenUtils.java
index 1474675..1372adf 100644
--- a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwt/token/JwtAccessTokenUtils.java
+++ b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwt/token/JwtAccessTokenUtils.java
@@ -26,6 +26,7 @@ import org.apache.cxf.rs.security.jose.jwe.AesGcmContentEncryptionAlgorithm;
import org.apache.cxf.rs.security.jose.jwe.ContentEncryptionAlgorithm;
import org.apache.cxf.rs.security.jose.jwe.DirectKeyJweDecryption;
import org.apache.cxf.rs.security.jose.jwe.DirectKeyJweEncryption;
+import org.apache.cxf.rs.security.jose.jwe.JweDecryptionProvider;
import org.apache.cxf.rs.security.jose.jwe.JweEncryptionProvider;
import org.apache.cxf.rs.security.jose.jws.JwsHeaders;
import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer;
@@ -45,11 +46,18 @@ public final class JwtAccessTokenUtils {
public static ServerAccessToken toAccessToken(JwtToken jwt,
Client client,
SecretKey key) {
- String jwtString = new JwsJwtCompactProducer(jwt)
- .signWith(new NoneSignatureProvider());
ContentEncryptionAlgorithm contentEncryption =
new AesGcmContentEncryptionAlgorithm(key, null, Algorithm.A128GCM.getJwtName());
JweEncryptionProvider jweEncryption = new DirectKeyJweEncryption(contentEncryption);
+ return toAccessToken(jwt, client, jweEncryption);
+
+ }
+
+ public static ServerAccessToken toAccessToken(JwtToken jwt,
+ Client client,
+ JweEncryptionProvider jweEncryption) {
+ String jwtString = new JwsJwtCompactProducer(jwt)
+ .signWith(new NoneSignatureProvider());
String tokenId = jweEncryption.encrypt(getBytes(jwtString), null);
Long issuedAt = jwt.getClaims().getIssuedAt();
Long notBefore = jwt.getClaims().getNotBefore();
@@ -71,6 +79,9 @@ public final class JwtAccessTokenUtils {
DirectKeyJweDecryption jweDecryption =
new DirectKeyJweDecryption(key,
new AesGcmContentDecryptionAlgorithm(Algorithm.A128GCM.getJwtName()));
+ return fromAccessTokenId(tokenId, jweDecryption);
+ }
+ public static JwtToken fromAccessTokenId(String tokenId, JweDecryptionProvider jweDecryption) {
String decrypted = jweDecryption.decrypt(tokenId).getContentText();
JwsJwtCompactConsumer consumer = new JwsJwtCompactConsumer(decrypted);
return consumer.getJwtToken();