You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2015/04/21 13:55:42 UTC
cxf git commit: [CXF-6363] Introducing JwsHeaders
Repository: cxf
Updated Branches:
refs/heads/master 1aefa51be -> f74e2e060
[CXF-6363] Introducing JwsHeaders
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/f74e2e06
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/f74e2e06
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/f74e2e06
Branch: refs/heads/master
Commit: f74e2e060b93fbbfc05ace263fe7f4f588b63e4d
Parents: 1aefa51
Author: Sergey Beryozkin <sb...@talend.com>
Authored: Tue Apr 21 12:55:27 2015 +0100
Committer: Sergey Beryozkin <sb...@talend.com>
Committed: Tue Apr 21 12:55:27 2015 +0100
----------------------------------------------------------------------
.../jose/jaxrs/JwsJsonWriterInterceptor.java | 7 ++--
.../jose/jaxrs/JwsWriterInterceptor.java | 3 +-
.../jose/jws/AbstractJwsSignatureProvider.java | 8 ++--
.../jose/jws/EcDsaJwsSignatureVerifier.java | 3 +-
.../jose/jws/HmacJwsSignatureVerifier.java | 5 +--
.../security/jose/jws/JwsCompactConsumer.java | 4 +-
.../security/jose/jws/JwsCompactProducer.java | 11 +++--
.../cxf/rs/security/jose/jws/JwsHeaders.java | 43 ++++++++++++++++++++
.../rs/security/jose/jws/JwsJsonProducer.java | 2 +-
.../jose/jws/JwsJsonSignatureEntry.java | 6 +--
.../jose/jws/JwsJwtCompactProducer.java | 2 +-
.../security/jose/jws/JwsSignatureProvider.java | 5 +--
.../security/jose/jws/JwsSignatureVerifier.java | 3 +-
.../cxf/rs/security/jose/jws/JwsUtils.java | 2 +-
.../jose/jws/NoneJwsSignatureProvider.java | 5 +--
.../jose/jws/NoneJwsSignatureVerifier.java | 3 +-
.../jose/jws/PublicKeyJwsSignatureVerifier.java | 3 +-
.../security/jose/jws/JwsCompactHeaderTest.java | 5 ++-
.../oauth2/grants/jwt/AbstractJwtHandler.java | 4 +-
.../grants/jwt/JwtBearerGrantHandler.java | 7 ++--
.../grants/jwt/AbstractJwtHandlerTest.java | 4 +-
21 files changed, 87 insertions(+), 48 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/f74e2e06/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonWriterInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonWriterInterceptor.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonWriterInterceptor.java
index 069279b..7f7435d 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonWriterInterceptor.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonWriterInterceptor.java
@@ -37,6 +37,7 @@ import org.apache.cxf.jaxrs.utils.JAXRSUtils;
import org.apache.cxf.rs.security.jose.JoseConstants;
import org.apache.cxf.rs.security.jose.JoseHeaders;
import org.apache.cxf.rs.security.jose.JoseHeadersReaderWriter;
+import org.apache.cxf.rs.security.jose.jws.JwsHeaders;
import org.apache.cxf.rs.security.jose.jws.JwsJsonOutputStream;
import org.apache.cxf.rs.security.jose.jws.JwsJsonProducer;
import org.apache.cxf.rs.security.jose.jws.JwsSignature;
@@ -59,7 +60,7 @@ public class JwsJsonWriterInterceptor extends AbstractJwsJsonWriterProvider impl
List<String> protectedHeaders = new ArrayList<String>(sigProviders.size());
List<JwsSignature> signatures = new ArrayList<JwsSignature>(sigProviders.size());
for (JwsSignatureProvider signer : sigProviders) {
- JoseHeaders protectedHeader = prepareProtectedHeader(ctx, signer);
+ JwsHeaders protectedHeader = prepareProtectedHeader(ctx, signer);
String encoded = Base64UrlUtility.encode(writer.toJson(protectedHeader));
protectedHeaders.add(encoded);
JwsSignature signature = signer.createJwsSignature(protectedHeader);
@@ -90,9 +91,9 @@ public class JwsJsonWriterInterceptor extends AbstractJwsJsonWriterProvider impl
}
- private JoseHeaders prepareProtectedHeader(WriterInterceptorContext ctx,
+ private JwsHeaders prepareProtectedHeader(WriterInterceptorContext ctx,
JwsSignatureProvider signer) {
- JoseHeaders headers = new JoseHeaders();
+ JwsHeaders headers = new JwsHeaders();
headers.setAlgorithm(signer.getAlgorithm().getJwaName());
setContentTypeIfNeeded(headers, ctx);
return headers;
http://git-wip-us.apache.org/repos/asf/cxf/blob/f74e2e06/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsWriterInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsWriterInterceptor.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsWriterInterceptor.java
index 10b43f1..52a09d1 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsWriterInterceptor.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsWriterInterceptor.java
@@ -36,6 +36,7 @@ import org.apache.cxf.rs.security.jose.JoseConstants;
import org.apache.cxf.rs.security.jose.JoseHeaders;
import org.apache.cxf.rs.security.jose.JoseHeadersReaderWriter;
import org.apache.cxf.rs.security.jose.jws.JwsCompactProducer;
+import org.apache.cxf.rs.security.jose.jws.JwsHeaders;
import org.apache.cxf.rs.security.jose.jws.JwsOutputStream;
import org.apache.cxf.rs.security.jose.jws.JwsSignature;
import org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider;
@@ -51,7 +52,7 @@ public class JwsWriterInterceptor extends AbstractJwsWriterProvider implements W
ctx.proceed();
return;
}
- JoseHeaders headers = new JoseHeaders();
+ JwsHeaders headers = new JwsHeaders();
JwsSignatureProvider sigProvider = getInitializedSigProvider(headers);
setContentTypeIfNeeded(headers, ctx);
OutputStream actualOs = ctx.getOutputStream();
http://git-wip-us.apache.org/repos/asf/cxf/blob/f74e2e06/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/AbstractJwsSignatureProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/AbstractJwsSignatureProvider.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/AbstractJwsSignatureProvider.java
index 57ceb17..812c037 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/AbstractJwsSignatureProvider.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/AbstractJwsSignatureProvider.java
@@ -33,9 +33,9 @@ public abstract class AbstractJwsSignatureProvider implements JwsSignatureProvid
this.algorithm = algo;
}
- protected JoseHeaders prepareHeaders(JoseHeaders headers) {
+ protected JwsHeaders prepareHeaders(JwsHeaders headers) {
if (headers == null) {
- headers = new JoseHeaders();
+ headers = new JwsHeaders();
}
String algo = headers.getAlgorithm();
if (algo != null) {
@@ -51,13 +51,13 @@ public abstract class AbstractJwsSignatureProvider implements JwsSignatureProvid
return algorithm;
}
@Override
- public byte[] sign(JoseHeaders headers, byte[] content) {
+ public byte[] sign(JwsHeaders headers, byte[] content) {
JwsSignature sig = createJwsSignature(headers);
sig.update(content, 0, content.length);
return sig.sign();
}
@Override
- public JwsSignature createJwsSignature(JoseHeaders headers) {
+ public JwsSignature createJwsSignature(JwsHeaders headers) {
return doCreateJwsSignature(prepareHeaders(headers));
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/f74e2e06/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/EcDsaJwsSignatureVerifier.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/EcDsaJwsSignatureVerifier.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/EcDsaJwsSignatureVerifier.java
index 1a287c4..025cd21 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/EcDsaJwsSignatureVerifier.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/EcDsaJwsSignatureVerifier.java
@@ -23,7 +23,6 @@ import java.security.spec.AlgorithmParameterSpec;
import java.util.HashMap;
import java.util.Map;
-import org.apache.cxf.rs.security.jose.JoseHeaders;
import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils;
import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
@@ -42,7 +41,7 @@ public class EcDsaJwsSignatureVerifier extends PublicKeyJwsSignatureVerifier {
super(key, spec, supportedAlgo);
}
@Override
- public boolean verify(JoseHeaders headers, String unsignedText, byte[] signature) {
+ public boolean verify(JwsHeaders headers, String unsignedText, byte[] signature) {
final String algoName = super.getAlgorithm().getJwaName();
if (SIGNATURE_LENGTH_MAP.get(algoName) != signature.length) {
LOG.warning("Algorithm " + algoName + " signature length is " + SIGNATURE_LENGTH_MAP.get(algoName)
http://git-wip-us.apache.org/repos/asf/cxf/blob/f74e2e06/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureVerifier.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureVerifier.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureVerifier.java
index 528ccc7..984eb32 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureVerifier.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureVerifier.java
@@ -24,7 +24,6 @@ import java.util.logging.Logger;
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.common.util.crypto.HmacUtils;
-import org.apache.cxf.rs.security.jose.JoseHeaders;
import org.apache.cxf.rs.security.jose.JoseUtils;
import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils;
import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
@@ -52,12 +51,12 @@ public class HmacJwsSignatureVerifier implements JwsSignatureVerifier {
@Override
- public boolean verify(JoseHeaders headers, String unsignedText, byte[] signature) {
+ public boolean verify(JwsHeaders headers, String unsignedText, byte[] signature) {
byte[] expected = computeMac(headers, unsignedText);
return Arrays.equals(expected, signature);
}
- private byte[] computeMac(JoseHeaders headers, String text) {
+ private byte[] computeMac(JwsHeaders headers, String text) {
return HmacUtils.computeHmac(key,
AlgorithmUtils.toJavaName(checkAlgorithm(headers.getAlgorithm())),
hmacSpec,
http://git-wip-us.apache.org/repos/asf/cxf/blob/f74e2e06/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactConsumer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactConsumer.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactConsumer.java
index 27f9551..b86742c 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactConsumer.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactConsumer.java
@@ -90,13 +90,13 @@ public class JwsCompactConsumer {
public byte[] getDecodedSignature() {
return encodedSignature.isEmpty() ? new byte[]{} : JoseUtils.decode(encodedSignature);
}
- public JoseHeaders getJoseHeaders() {
+ public JwsHeaders getJoseHeaders() {
JoseHeaders joseHeaders = reader.fromJsonHeaders(headersJson);
if (joseHeaders.getUpdateCount() != null) {
LOG.warning("Duplicate headers have been detected");
throw new JwsException(JwsException.Error.INVALID_COMPACT_JWS);
}
- return joseHeaders;
+ return new JwsHeaders(joseHeaders);
}
public boolean verifySignatureWith(JwsSignatureVerifier validator) {
try {
http://git-wip-us.apache.org/repos/asf/cxf/blob/f74e2e06/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactProducer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactProducer.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactProducer.java
index 14b654c..70ebe6d 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactProducer.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactProducer.java
@@ -22,32 +22,31 @@ import java.security.interfaces.RSAPrivateKey;
import org.apache.cxf.common.util.Base64UrlUtility;
import org.apache.cxf.common.util.StringUtils;
-import org.apache.cxf.rs.security.jose.JoseHeaders;
import org.apache.cxf.rs.security.jose.JoseHeadersReaderWriter;
import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils;
import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
public class JwsCompactProducer {
private JoseHeadersReaderWriter writer = new JoseHeadersReaderWriter();
- private JoseHeaders headers;
+ private JwsHeaders headers;
private String plainJwsPayload;
private String signature;
public JwsCompactProducer(String plainJwsPayload) {
this(null, null, plainJwsPayload);
}
- public JwsCompactProducer(JoseHeaders headers, String plainJwsPayload) {
+ public JwsCompactProducer(JwsHeaders headers, String plainJwsPayload) {
this(headers, null, plainJwsPayload);
}
- protected JwsCompactProducer(JoseHeaders headers, JoseHeadersReaderWriter w, String plainJwsPayload) {
+ protected JwsCompactProducer(JwsHeaders headers, JoseHeadersReaderWriter w, String plainJwsPayload) {
this.headers = headers;
if (w != null) {
this.writer = w;
}
this.plainJwsPayload = plainJwsPayload;
}
- public JoseHeaders getJoseHeaders() {
+ public JwsHeaders getJoseHeaders() {
if (headers == null) {
- headers = new JoseHeaders();
+ headers = new JwsHeaders();
}
return headers;
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/f74e2e06/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsHeaders.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsHeaders.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsHeaders.java
new file mode 100644
index 0000000..8d56763
--- /dev/null
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsHeaders.java
@@ -0,0 +1,43 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.jose.jws;
+
+import java.util.Map;
+
+import org.apache.cxf.rs.security.jose.JoseHeaders;
+
+public class JwsHeaders extends JoseHeaders {
+ public JwsHeaders() {
+ }
+
+ public JwsHeaders(JoseHeaders headers) {
+ super(headers.asMap());
+ }
+
+ public JwsHeaders(Map<String, Object> values) {
+ super(values);
+ }
+ public JwsHeaders(String sigAlgo) {
+ init(sigAlgo);
+ }
+ private void init(String sigAlgo) {
+ setAlgorithm(sigAlgo);
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/cxf/blob/f74e2e06/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducer.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducer.java
index 46ce4ea..4c4a2a6 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducer.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducer.java
@@ -119,7 +119,7 @@ public class JwsJsonProducer {
public String signWith(JwsSignatureProvider signer,
JoseHeaders protectedHeader,
JoseHeaders unprotectedHeader) {
- JoseHeaders unionHeaders = new JoseHeaders();
+ JwsHeaders unionHeaders = new JwsHeaders();
if (protectedHeader != null) {
unionHeaders.asMap().putAll(protectedHeader.asMap());
http://git-wip-us.apache.org/repos/asf/cxf/blob/f74e2e06/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonSignatureEntry.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonSignatureEntry.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonSignatureEntry.java
index 9ef258e..2238a3b 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonSignatureEntry.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonSignatureEntry.java
@@ -38,7 +38,7 @@ public class JwsJsonSignatureEntry {
private String encodedSignature;
private JoseHeaders protectedHeader;
private JoseHeaders unprotectedHeader;
- private JoseHeaders unionHeaders;
+ private JwsHeaders unionHeaders;
private JoseHeadersReaderWriter writer = new JoseHeadersReaderWriter();
public JwsJsonSignatureEntry(String encodedJwsPayload,
@@ -60,7 +60,7 @@ public class JwsJsonSignatureEntry {
prepare();
}
private void prepare() {
- unionHeaders = new JoseHeaders();
+ unionHeaders = new JwsHeaders();
if (protectedHeader != null) {
unionHeaders.asMap().putAll(protectedHeader.asMap());
@@ -92,7 +92,7 @@ public class JwsJsonSignatureEntry {
public JoseHeaders getUnprotectedHeader() {
return unprotectedHeader;
}
- public JoseHeaders getUnionHeader() {
+ public JwsHeaders getUnionHeader() {
return unionHeaders;
}
public String getEncodedSignature() {
http://git-wip-us.apache.org/repos/asf/cxf/blob/f74e2e06/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJwtCompactProducer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJwtCompactProducer.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJwtCompactProducer.java
index 12df35c..8995cda 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJwtCompactProducer.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJwtCompactProducer.java
@@ -36,7 +36,7 @@ public class JwsJwtCompactProducer extends JwsCompactProducer {
this(new JwtToken(headers, claims), null);
}
protected JwsJwtCompactProducer(JwtToken token, JwtTokenReaderWriter w) {
- super(token.getHeaders(), w, JwtUtils.claimsToJson(token.getClaims(), w));
+ super(new JwsHeaders(token.getHeaders()), w, JwtUtils.claimsToJson(token.getClaims(), w));
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/f74e2e06/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsSignatureProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsSignatureProvider.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsSignatureProvider.java
index 9ca48cb..00f0c2a 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsSignatureProvider.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsSignatureProvider.java
@@ -18,15 +18,14 @@
*/
package org.apache.cxf.rs.security.jose.jws;
-import org.apache.cxf.rs.security.jose.JoseHeaders;
import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
public interface JwsSignatureProvider {
SignatureAlgorithm getAlgorithm();
- byte[] sign(JoseHeaders headers, byte[] content);
+ byte[] sign(JwsHeaders headers, byte[] content);
/**
* Create a signature handler capable of updating the signature input (optional operation)
*/
- JwsSignature createJwsSignature(JoseHeaders headers);
+ JwsSignature createJwsSignature(JwsHeaders headers);
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/f74e2e06/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsSignatureVerifier.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsSignatureVerifier.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsSignatureVerifier.java
index 26f9597..c44a678 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsSignatureVerifier.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsSignatureVerifier.java
@@ -18,10 +18,9 @@
*/
package org.apache.cxf.rs.security.jose.jws;
-import org.apache.cxf.rs.security.jose.JoseHeaders;
import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
public interface JwsSignatureVerifier {
SignatureAlgorithm getAlgorithm();
- boolean verify(JoseHeaders headers, String unsignedText, byte[] signature);
+ boolean verify(JwsHeaders headers, String unsignedText, byte[] signature);
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/f74e2e06/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
index d4b759a..eabbea0 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
@@ -324,7 +324,7 @@ public final class JwsUtils {
return jws;
}
public static String sign(JwsSignatureProvider jwsSig, String content, String ct) {
- JoseHeaders headers = new JoseHeaders();
+ JwsHeaders headers = new JwsHeaders();
if (ct != null) {
headers.setContentType(ct);
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/f74e2e06/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureProvider.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureProvider.java
index d442677..3f6a5ca 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureProvider.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureProvider.java
@@ -18,7 +18,6 @@
*/
package org.apache.cxf.rs.security.jose.jws;
-import org.apache.cxf.rs.security.jose.JoseHeaders;
import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
public class NoneJwsSignatureProvider implements JwsSignatureProvider {
@@ -29,12 +28,12 @@ public class NoneJwsSignatureProvider implements JwsSignatureProvider {
}
@Override
- public JwsSignature createJwsSignature(JoseHeaders headers) {
+ public JwsSignature createJwsSignature(JwsHeaders headers) {
return new NoneJwsSignature();
}
@Override
- public byte[] sign(JoseHeaders headers, byte[] content) {
+ public byte[] sign(JwsHeaders headers, byte[] content) {
JwsSignature sig = createJwsSignature(headers);
sig.update(content, 0, content.length);
return sig.sign();
http://git-wip-us.apache.org/repos/asf/cxf/blob/f74e2e06/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureVerifier.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureVerifier.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureVerifier.java
index 270234e..ba1fad6 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureVerifier.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureVerifier.java
@@ -18,13 +18,12 @@
*/
package org.apache.cxf.rs.security.jose.jws;
-import org.apache.cxf.rs.security.jose.JoseHeaders;
import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
public class NoneJwsSignatureVerifier implements JwsSignatureVerifier {
@Override
- public boolean verify(JoseHeaders headers, String unsignedText, byte[] signature) {
+ public boolean verify(JwsHeaders headers, String unsignedText, byte[] signature) {
return headers.getAlgorithm().equals(getAlgorithm()) && signature.length == 0;
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/f74e2e06/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PublicKeyJwsSignatureVerifier.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PublicKeyJwsSignatureVerifier.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PublicKeyJwsSignatureVerifier.java
index fb163ad..38180f6 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PublicKeyJwsSignatureVerifier.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PublicKeyJwsSignatureVerifier.java
@@ -25,7 +25,6 @@ import java.util.logging.Logger;
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.common.util.StringUtils;
import org.apache.cxf.common.util.crypto.CryptoUtils;
-import org.apache.cxf.rs.security.jose.JoseHeaders;
import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils;
import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
@@ -44,7 +43,7 @@ public class PublicKeyJwsSignatureVerifier implements JwsSignatureVerifier {
this.supportedAlgo = supportedAlgo;
}
@Override
- public boolean verify(JoseHeaders headers, String unsignedText, byte[] signature) {
+ public boolean verify(JwsHeaders headers, String unsignedText, byte[] signature) {
try {
return CryptoUtils.verifySignature(StringUtils.toBytesUTF8(unsignedText),
signature,
http://git-wip-us.apache.org/repos/asf/cxf/blob/f74e2e06/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsCompactHeaderTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsCompactHeaderTest.java b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsCompactHeaderTest.java
index 55b448a..4894811 100644
--- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsCompactHeaderTest.java
+++ b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsCompactHeaderTest.java
@@ -128,8 +128,9 @@ public class JwsCompactHeaderTest extends Assert {
public void verifyJwsWithTwoAlgHeaderFieldsBogusFieldFirst() throws Exception {
JwsCompactConsumer jwsConsumer = new JwsCompactConsumer(TWO_ALG_HEADER_FIELDS_IN_JWS_BOGUS_FIRST);
- assertFalse(jwsConsumer.verifySignatureWith(new HmacJwsSignatureVerifier(ENCODED_MAC_KEY,
- SignatureAlgorithm.HS256)));
+ boolean result = jwsConsumer.verifySignatureWith(new HmacJwsSignatureVerifier(ENCODED_MAC_KEY,
+ SignatureAlgorithm.HS256));
+ assertFalse(result);
}
@Test
http://git-wip-us.apache.org/repos/asf/cxf/blob/f74e2e06/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/jwt/AbstractJwtHandler.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/jwt/AbstractJwtHandler.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/jwt/AbstractJwtHandler.java
index 66af402..ddc4af0 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/jwt/AbstractJwtHandler.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/jwt/AbstractJwtHandler.java
@@ -21,7 +21,7 @@ package org.apache.cxf.rs.security.oauth2.grants.jwt;
import java.util.List;
import java.util.Set;
-import org.apache.cxf.rs.security.jose.JoseHeaders;
+import org.apache.cxf.rs.security.jose.jws.JwsHeaders;
import org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier;
import org.apache.cxf.rs.security.jose.jws.JwsUtils;
import org.apache.cxf.rs.security.jose.jwt.JwtClaims;
@@ -43,7 +43,7 @@ public abstract class AbstractJwtHandler extends AbstractGrantHandler {
super(grants);
}
- protected void validateSignature(JoseHeaders headers, String unsignedText, byte[] signature) {
+ protected void validateSignature(JwsHeaders headers, String unsignedText, byte[] signature) {
JwsSignatureVerifier theSigVerifier = getInitializedSigVerifier();
if (!theSigVerifier.verify(headers, unsignedText, signature)) {
throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
http://git-wip-us.apache.org/repos/asf/cxf/blob/f74e2e06/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/jwt/JwtBearerGrantHandler.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/jwt/JwtBearerGrantHandler.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/jwt/JwtBearerGrantHandler.java
index a421551..a5935b0 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/jwt/JwtBearerGrantHandler.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/jwt/JwtBearerGrantHandler.java
@@ -23,6 +23,7 @@ import java.util.Arrays;
import javax.ws.rs.core.MultivaluedMap;
import org.apache.cxf.jaxrs.utils.HttpUtils;
+import org.apache.cxf.rs.security.jose.jws.JwsHeaders;
import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer;
import org.apache.cxf.rs.security.jose.jwt.JwtToken;
import org.apache.cxf.rs.security.oauth2.common.Client;
@@ -57,9 +58,9 @@ public class JwtBearerGrantHandler extends AbstractJwtHandler {
try {
JwsJwtCompactConsumer jwsReader = getJwsReader(assertion);
JwtToken jwtToken = jwsReader.getJwtToken();
- validateSignature(jwtToken.getHeaders(),
- jwsReader.getUnsignedEncodedSequence(),
- jwsReader.getDecodedSignature());
+ validateSignature(new JwsHeaders(jwtToken.getHeaders()),
+ jwsReader.getUnsignedEncodedSequence(),
+ jwsReader.getDecodedSignature());
validateClaims(client, jwtToken.getClaims());
http://git-wip-us.apache.org/repos/asf/cxf/blob/f74e2e06/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/jwt/AbstractJwtHandlerTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/jwt/AbstractJwtHandlerTest.java b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/jwt/AbstractJwtHandlerTest.java
index 5ee0145..47eb9fe 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/jwt/AbstractJwtHandlerTest.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/jwt/AbstractJwtHandlerTest.java
@@ -22,7 +22,7 @@ import java.util.Arrays;
import javax.ws.rs.core.MultivaluedMap;
-import org.apache.cxf.rs.security.jose.JoseHeaders;
+import org.apache.cxf.rs.security.jose.jws.JwsHeaders;
import org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier;
import org.apache.cxf.rs.security.oauth2.common.Client;
import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
@@ -52,7 +52,7 @@ public class AbstractJwtHandlerTest {
@Mock
private JwsSignatureVerifier signatureVerifier;
@Mock
- private JoseHeaders headers;
+ private JwsHeaders headers;
@Before
public void setUp() {