You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@oltu.apache.org by as...@apache.org on 2016/03/03 10:24:20 UTC
svn commit: r1733428 - in /oltu/trunk/jose/jwe/src:
main/java/org/apache/oltu/jose/jwe/io/JWEReader.java
main/java/org/apache/oltu/jose/jwe/io/JWEWriter.java
test/java/org/apache/oltu/jose/jwe/io/JWEReaderTestCase.java
Author: asanso
Date: Thu Mar 3 09:24:20 2016
New Revision: 1733428
URL: http://svn.apache.org/viewvc?rev=1733428&view=rev
Log:
OLTU-80 - Implement JWE support for JWT
Added:
oltu/trunk/jose/jwe/src/main/java/org/apache/oltu/jose/jwe/io/JWEReader.java
oltu/trunk/jose/jwe/src/test/java/org/apache/oltu/jose/jwe/io/JWEReaderTestCase.java
Modified:
oltu/trunk/jose/jwe/src/main/java/org/apache/oltu/jose/jwe/io/JWEWriter.java
Added: oltu/trunk/jose/jwe/src/main/java/org/apache/oltu/jose/jwe/io/JWEReader.java
URL: http://svn.apache.org/viewvc/oltu/trunk/jose/jwe/src/main/java/org/apache/oltu/jose/jwe/io/JWEReader.java?rev=1733428&view=auto
==============================================================================
--- oltu/trunk/jose/jwe/src/main/java/org/apache/oltu/jose/jwe/io/JWEReader.java (added)
+++ oltu/trunk/jose/jwe/src/main/java/org/apache/oltu/jose/jwe/io/JWEReader.java Thu Mar 3 09:24:20 2016
@@ -0,0 +1,101 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.oltu.jose.jwe.io;
+
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.StringReader;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+import org.apache.oltu.commons.encodedtoken.TokenDecoder;
+import org.apache.oltu.jose.jwe.JWE;
+
+public class JWEReader extends TokenDecoder {
+ /**
+ * The Base64 JSON string default separator.
+ */
+ private final Pattern base64urlTokenPattern = Pattern.compile("([a-zA-Z0-9-_=]+)\\.([a-zA-Z0-9-_=]+)\\.([a-zA-Z0-9-_=]+)\\.([a-zA-Z0-9-_=]+)\\.([a-zA-Z0-9-_=]+)");
+
+ /**
+ * Read the base64url token string
+ * @param base64String
+ * @return
+ */
+ public JWE read(String base64String) {
+ if (base64String == null || base64String.isEmpty()) {
+ throw new IllegalArgumentException("Impossible to obtain a Token from a null or empty string");
+ }
+
+ // TODO improve multi-line tokens
+ StringBuilder buffer = new StringBuilder();
+ BufferedReader reader = new BufferedReader(new StringReader(base64String));
+ String line = null;
+ try {
+ while ((line = reader.readLine()) != null) {
+ buffer.append(line.trim());
+ }
+ } catch (IOException e) {
+ // it cannot happen
+ } finally {
+ try {
+ reader.close();
+ } catch (IOException e) {
+ // swallow it
+ }
+ }
+
+ Matcher matcher = base64urlTokenPattern.matcher(buffer.toString());
+ if (!matcher.matches()) {
+ throw new IllegalArgumentException(base64String
+ + "is not a valid Token, it does not match with the pattern: "
+ + base64urlTokenPattern.pattern());
+ }
+
+ // HEADER
+ String header = matcher.group(1);
+ String decodedHeader = base64Decode(header);
+
+ // ENCRYPTED KEY
+ String encryptedKey = matcher.group(2);
+
+ StringBuilder contentEncryption = new StringBuilder();
+ // IV
+ contentEncryption.append(matcher.group(3)).append(".");
+
+ // CIPHER TEXT
+ contentEncryption.append(matcher.group(4)).append(".");
+
+ // AUTHENTICATION TAG
+ contentEncryption.append(matcher.group(5));
+
+ return build(decodedHeader, encryptedKey, contentEncryption.toString());
+ }
+
+ protected JWE build(String decodedHeader, String encryptedKey, String contentEncryption) {
+ final JWE.Builder jweBuilder = new JWE.Builder();
+
+ new JWEHeaderParser(jweBuilder).read(decodedHeader);
+
+ return jweBuilder
+ .setEncryptedKey(encryptedKey)
+ .setContentEncryption(contentEncryption)
+ .build();
+ }
+
+
+}
Modified: oltu/trunk/jose/jwe/src/main/java/org/apache/oltu/jose/jwe/io/JWEWriter.java
URL: http://svn.apache.org/viewvc/oltu/trunk/jose/jwe/src/main/java/org/apache/oltu/jose/jwe/io/JWEWriter.java?rev=1733428&r1=1733427&r2=1733428&view=diff
==============================================================================
--- oltu/trunk/jose/jwe/src/main/java/org/apache/oltu/jose/jwe/io/JWEWriter.java (original)
+++ oltu/trunk/jose/jwe/src/main/java/org/apache/oltu/jose/jwe/io/JWEWriter.java Thu Mar 3 09:24:20 2016
@@ -28,15 +28,15 @@ public final class JWEWriter extends Tok
String header = writeHeader(token);
String encodedHeader = base64Encode(header);
- String encodedBody = writeEncryptedKey(token);
- String signature = writeContentEncryption(token);
+ String encryptedKey = writeEncryptedKey(token);
+ String contentEncryption = writeContentEncryption(token);
return new StringBuilder()
.append(encodedHeader)
.append('.')
- .append(encodedBody)
+ .append(encryptedKey)
.append('.')
- .append(signature)
+ .append(contentEncryption)
.toString();
}
Added: oltu/trunk/jose/jwe/src/test/java/org/apache/oltu/jose/jwe/io/JWEReaderTestCase.java
URL: http://svn.apache.org/viewvc/oltu/trunk/jose/jwe/src/test/java/org/apache/oltu/jose/jwe/io/JWEReaderTestCase.java?rev=1733428&view=auto
==============================================================================
--- oltu/trunk/jose/jwe/src/test/java/org/apache/oltu/jose/jwe/io/JWEReaderTestCase.java (added)
+++ oltu/trunk/jose/jwe/src/test/java/org/apache/oltu/jose/jwe/io/JWEReaderTestCase.java Thu Mar 3 09:24:20 2016
@@ -0,0 +1,43 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.oltu.jose.jwe.io;
+
+import static org.junit.Assert.assertEquals;
+import org.apache.oltu.jose.jwe.JWE;
+import org.apache.oltu.jose.jwe.JWEConstants;
+import org.junit.Test;
+
+public class JWEReaderTestCase {
+
+ private JWEReader reader = new JWEReader();
+
+ @Test
+ public void parse() {
+ String specJWE = "eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0."+
+ "6KB707dM9YTIgHtLvtgWQ8mKwboJW3of9locizkDTHzBC2IlrT1oOQ."+
+ "AxY8DCtDaGlsbGljb3RoZQ."+
+ "KDlTtXchhZTGufMYmOYGS4HffxPSUrfmqCHXaI9wOGY."+
+ "U0m_YmjN04DJvceFICbCVQ";
+ JWE jwe = reader.read(specJWE);
+
+ assertEquals(JWEConstants.A128KW, jwe.getHeader().getAlgorithm());
+ assertEquals(JWEConstants.A128CBC_HS256, jwe.getHeader().getEncryptionAlgorithm());
+ assertEquals("6KB707dM9YTIgHtLvtgWQ8mKwboJW3of9locizkDTHzBC2IlrT1oOQ", jwe.getEncryptedKey());
+ assertEquals("AxY8DCtDaGlsbGljb3RoZQ.KDlTtXchhZTGufMYmOYGS4HffxPSUrfmqCHXaI9wOGY.U0m_YmjN04DJvceFICbCVQ", jwe.getContentEncryption());
+ }
+
+}