You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2015/02/16 18:38:42 UTC
cxf git commit: Another attempt to minimize a number of JOSE classes,
removing JwsJson header wrappers
Repository: cxf
Updated Branches:
refs/heads/master e8514ea3f -> 6991bdb7f
Another attempt to minimize a number of JOSE classes, removing JwsJson header wrappers
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/6991bdb7
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/6991bdb7
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/6991bdb7
Branch: refs/heads/master
Commit: 6991bdb7fbff79cfece59efc798b436c52b33239
Parents: e8514ea
Author: Sergey Beryozkin <sb...@talend.com>
Authored: Mon Feb 16 17:38:26 2015 +0000
Committer: Sergey Beryozkin <sb...@talend.com>
Committed: Mon Feb 16 17:38:26 2015 +0000
----------------------------------------------------------------------
.../jose/jaxrs/JwsJsonWriterInterceptor.java | 16 ++--
.../rs/security/jose/jws/JwsJsonConsumer.java | 3 +-
.../rs/security/jose/jws/JwsJsonProducer.java | 27 ++++---
.../jose/jws/JwsJsonProtectedHeader.java | 59 --------------
.../jose/jws/JwsJsonSignatureEntry.java | 25 +++---
.../jose/jws/JwsJsonUnprotectedHeader.java | 58 --------------
.../jose/cookbook/JwsJoseCookBookTest.java | 82 ++++++++------------
.../security/jose/jws/JwsJsonProducerTest.java | 8 +-
8 files changed, 80 insertions(+), 198 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/6991bdb7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonWriterInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonWriterInterceptor.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonWriterInterceptor.java
index 443a738..c5159a1 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonWriterInterceptor.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonWriterInterceptor.java
@@ -30,19 +30,21 @@ import javax.ws.rs.ext.WriterInterceptor;
import javax.ws.rs.ext.WriterInterceptorContext;
import org.apache.cxf.common.util.Base64UrlOutputStream;
+import org.apache.cxf.common.util.Base64UrlUtility;
import org.apache.cxf.common.util.StringUtils;
import org.apache.cxf.io.CachedOutputStream;
import org.apache.cxf.jaxrs.utils.JAXRSUtils;
import org.apache.cxf.rs.security.jose.JoseConstants;
import org.apache.cxf.rs.security.jose.JoseHeaders;
+import org.apache.cxf.rs.security.jose.JoseHeadersReaderWriter;
import org.apache.cxf.rs.security.jose.jws.JwsJsonOutputStream;
import org.apache.cxf.rs.security.jose.jws.JwsJsonProducer;
-import org.apache.cxf.rs.security.jose.jws.JwsJsonProtectedHeader;
import org.apache.cxf.rs.security.jose.jws.JwsSignature;
import org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider;
@Priority(Priorities.JWS_WRITE_PRIORITY)
public class JwsJsonWriterInterceptor extends AbstractJwsJsonWriterProvider implements WriterInterceptor {
+ private JoseHeadersReaderWriter writer = new JoseHeadersReaderWriter();
private boolean contentTypeRequired = true;
private boolean useJwsOutputStream;
@Override
@@ -57,10 +59,10 @@ public class JwsJsonWriterInterceptor extends AbstractJwsJsonWriterProvider impl
List<String> protectedHeaders = new ArrayList<String>(sigProviders.size());
List<JwsSignature> signatures = new ArrayList<JwsSignature>(sigProviders.size());
for (JwsSignatureProvider signer : sigProviders) {
- JwsJsonProtectedHeader protectedHeader = prepareProtectedHeader(ctx, signer);
- String encoded = protectedHeader.getEncodedHeaderEntries();
+ JoseHeaders protectedHeader = prepareProtectedHeader(ctx, signer);
+ String encoded = Base64UrlUtility.encode(writer.toJson(protectedHeader));
protectedHeaders.add(encoded);
- JwsSignature signature = signer.createJwsSignature(protectedHeader.getHeaderEntries());
+ JwsSignature signature = signer.createJwsSignature(protectedHeader);
byte[] start = StringUtils.toBytesUTF8(encoded + ".");
signature.update(start, 0, start.length);
signatures.add(signature);
@@ -79,7 +81,7 @@ public class JwsJsonWriterInterceptor extends AbstractJwsJsonWriterProvider impl
ctx.proceed();
JwsJsonProducer p = new JwsJsonProducer(new String(cos.getBytes(), "UTF-8"));
for (JwsSignatureProvider signer : sigProviders) {
- JwsJsonProtectedHeader protectedHeader = prepareProtectedHeader(ctx, signer);
+ JoseHeaders protectedHeader = prepareProtectedHeader(ctx, signer);
p.signWith(signer, protectedHeader, null);
}
ctx.setMediaType(JAXRSUtils.toMediaType(JoseConstants.MEDIA_TYPE_JOSE_JSON));
@@ -88,12 +90,12 @@ public class JwsJsonWriterInterceptor extends AbstractJwsJsonWriterProvider impl
}
- private JwsJsonProtectedHeader prepareProtectedHeader(WriterInterceptorContext ctx,
+ private JoseHeaders prepareProtectedHeader(WriterInterceptorContext ctx,
JwsSignatureProvider signer) {
JoseHeaders headers = new JoseHeaders();
headers.setAlgorithm(signer.getAlgorithm());
setContentTypeIfNeeded(headers, ctx);
- return new JwsJsonProtectedHeader(headers);
+ return headers;
}
public void setContentTypeRequired(boolean contentTypeRequired) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/6991bdb7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumer.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumer.java
index 2445062..2b32d9a 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumer.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumer.java
@@ -30,6 +30,7 @@ import org.apache.cxf.common.util.StringUtils;
import org.apache.cxf.helpers.CastUtils;
import org.apache.cxf.jaxrs.provider.json.JsonMapObject;
import org.apache.cxf.jaxrs.provider.json.JsonMapObjectReaderWriter;
+import org.apache.cxf.rs.security.jose.JoseHeaders;
import org.apache.cxf.rs.security.jose.JoseUtils;
import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
@@ -87,7 +88,7 @@ public class JwsJsonConsumer {
new JwsJsonSignatureEntry(encodedJwsPayload,
protectedHeader,
signature,
- header != null ? new JwsJsonUnprotectedHeader(header) : null);
+ header != null ? new JoseHeaders(header) : null);
}
public String getSignedDocument() {
return this.jwsSignedDocument;
http://git-wip-us.apache.org/repos/asf/cxf/blob/6991bdb7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducer.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducer.java
index b77ae78..bd72a53 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducer.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducer.java
@@ -27,13 +27,16 @@ import javax.ws.rs.core.MultivaluedMap;
import org.apache.cxf.common.util.Base64UrlUtility;
import org.apache.cxf.common.util.StringUtils;
+import org.apache.cxf.rs.security.jose.JoseConstants;
import org.apache.cxf.rs.security.jose.JoseHeaders;
+import org.apache.cxf.rs.security.jose.JoseHeadersReaderWriter;
import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
public class JwsJsonProducer {
private boolean supportFlattened;
private String plainPayload;
private String encodedPayload;
private List<JwsJsonSignatureEntry> signatures = new LinkedList<JwsJsonSignatureEntry>();
+ private JoseHeadersReaderWriter writer = new JoseHeadersReaderWriter();
public JwsJsonProducer(String tbsDocument) {
this(tbsDocument, false);
}
@@ -94,10 +97,10 @@ public class JwsJsonProducer {
public String signWith(JwsSignatureProvider signer) {
JoseHeaders headers = new JoseHeaders();
headers.setAlgorithm(signer.getAlgorithm());
- return signWith(signer, new JwsJsonProtectedHeader(headers));
+ return signWith(signer, headers);
}
public String signWith(JwsSignatureProvider signer,
- JwsJsonProtectedHeader protectedHeader) {
+ JoseHeaders protectedHeader) {
return signWith(signer, protectedHeader, null);
}
public String signWith(JsonWebKey jwk) {
@@ -110,26 +113,27 @@ public class JwsJsonProducer {
return signWith(JwsUtils.getHmacSignatureProvider(key, algo));
}
public String signWith(JwsSignatureProvider signer,
- JwsJsonProtectedHeader protectedHeader,
- JwsJsonUnprotectedHeader unprotectedHeader) {
+ JoseHeaders protectedHeader,
+ JoseHeaders unprotectedHeader) {
JoseHeaders unionHeaders = new JoseHeaders();
if (protectedHeader != null) {
- unionHeaders.asMap().putAll(protectedHeader.getHeaderEntries().asMap());
+ unionHeaders.asMap().putAll(protectedHeader.asMap());
}
if (unprotectedHeader != null) {
+ checkCriticalHeaders(unprotectedHeader);
if (!Collections.disjoint(unionHeaders.asMap().keySet(),
- unprotectedHeader.getHeaderEntries().asMap().keySet())) {
+ unprotectedHeader.asMap().keySet())) {
throw new SecurityException("Protected and unprotected headers have duplicate values");
}
- unionHeaders.asMap().putAll(unprotectedHeader.getHeaderEntries().asMap());
+ unionHeaders.asMap().putAll(unprotectedHeader.asMap());
}
if (unionHeaders.getAlgorithm() == null) {
throw new SecurityException("Algorithm header is not set");
}
String sequenceToBeSigned;
if (protectedHeader != null) {
- sequenceToBeSigned = protectedHeader.getEncodedHeaderEntries()
+ sequenceToBeSigned = Base64UrlUtility.encode(writer.toJson(protectedHeader))
+ "." + getUnsignedEncodedPayload();
} else {
sequenceToBeSigned = "." + getUnsignedEncodedPayload();
@@ -142,7 +146,7 @@ public class JwsJsonProducer {
JwsJsonSignatureEntry signature;
if (protectedHeader != null) {
signature = new JwsJsonSignatureEntry(encodedPayload,
- protectedHeader.getEncodedHeaderEntries(),
+ Base64UrlUtility.encode(writer.toJson(protectedHeader)),
encodedSignatureBytes,
unprotectedHeader);
} else {
@@ -157,4 +161,9 @@ public class JwsJsonProducer {
signatures.add(signature);
return getJwsJsonSignedDocument();
}
+ private static void checkCriticalHeaders(JoseHeaders unprotected) {
+ if (unprotected.asMap().containsKey(JoseConstants.HEADER_CRITICAL)) {
+ throw new SecurityException();
+ }
+ }
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/6991bdb7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProtectedHeader.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProtectedHeader.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProtectedHeader.java
deleted file mode 100644
index dd94b25..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProtectedHeader.java
+++ /dev/null
@@ -1,59 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jws;
-
-import java.util.Map;
-
-import org.apache.cxf.common.util.Base64UrlUtility;
-import org.apache.cxf.rs.security.jose.JoseHeaders;
-import org.apache.cxf.rs.security.jose.JoseHeadersReaderWriter;
-
-public class JwsJsonProtectedHeader {
-
- private JoseHeadersReaderWriter writer = new JoseHeadersReaderWriter();
- private JoseHeaders headerEntries;
-
- public JwsJsonProtectedHeader() {
- }
- public JwsJsonProtectedHeader(JoseHeaders headerEntries) {
- this.headerEntries = headerEntries;
- }
- public JwsJsonProtectedHeader(Map<String, Object> values) {
- this.headerEntries = new JoseHeaders(values);
- }
- public void setHeaderEntries(JoseHeaders headerEntries) {
- this.headerEntries = headerEntries;
- }
- public JoseHeaders getHeaderEntries() {
- return headerEntries;
- }
- public void addHeader(String name, Object value) {
- headerEntries.setHeader(name, value);
- }
- public Object getHeader(String name) {
- return headerEntries.getHeader(name);
- }
- public String toJson() {
- return writer.headersToJson(headerEntries);
- }
- public String getEncodedHeaderEntries() {
- return Base64UrlUtility.encode(toJson());
- }
-
-}
http://git-wip-us.apache.org/repos/asf/cxf/blob/6991bdb7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonSignatureEntry.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonSignatureEntry.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonSignatureEntry.java
index ceca651..5b249ad 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonSignatureEntry.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonSignatureEntry.java
@@ -20,6 +20,7 @@ package org.apache.cxf.rs.security.jose.jws;
import java.util.Collections;
+import org.apache.cxf.common.util.Base64UrlUtility;
import org.apache.cxf.common.util.StringUtils;
import org.apache.cxf.rs.security.jose.JoseConstants;
import org.apache.cxf.rs.security.jose.JoseHeaders;
@@ -32,14 +33,15 @@ public class JwsJsonSignatureEntry {
private String encodedJwsPayload;
private String encodedProtectedHeader;
private String encodedSignature;
- private JwsJsonProtectedHeader protectedHeader;
- private JwsJsonUnprotectedHeader unprotectedHeader;
+ private JoseHeaders protectedHeader;
+ private JoseHeaders unprotectedHeader;
private JoseHeaders unionHeaders;
+ private JoseHeadersReaderWriter writer = new JoseHeadersReaderWriter();
public JwsJsonSignatureEntry(String encodedJwsPayload,
String encodedProtectedHeader,
String encodedSignature,
- JwsJsonUnprotectedHeader unprotectedHeader) {
+ JoseHeaders unprotectedHeader) {
if (encodedProtectedHeader == null && unprotectedHeader == null || encodedSignature == null) {
throw new SecurityException("Invalid security entry");
}
@@ -49,8 +51,7 @@ public class JwsJsonSignatureEntry {
this.encodedSignature = encodedSignature;
this.unprotectedHeader = unprotectedHeader;
if (encodedProtectedHeader != null) {
- this.protectedHeader = new JwsJsonProtectedHeader(
- new JoseHeadersReaderWriter().fromJsonHeaders(JoseUtils.decodeToString(encodedProtectedHeader)));
+ this.protectedHeader = writer.fromJsonHeaders(JoseUtils.decodeToString(encodedProtectedHeader));
}
prepare();
}
@@ -58,14 +59,14 @@ public class JwsJsonSignatureEntry {
unionHeaders = new JoseHeaders();
if (protectedHeader != null) {
- unionHeaders.asMap().putAll(protectedHeader.getHeaderEntries().asMap());
+ unionHeaders.asMap().putAll(protectedHeader.asMap());
}
if (unprotectedHeader != null) {
if (!Collections.disjoint(unionHeaders.asMap().keySet(),
- unprotectedHeader.getHeaderEntries().asMap().keySet())) {
+ unprotectedHeader.asMap().keySet())) {
throw new SecurityException("Protected and unprotected headers have duplicate values");
}
- unionHeaders.asMap().putAll(unprotectedHeader.getHeaderEntries().asMap());
+ unionHeaders.asMap().putAll(unprotectedHeader.asMap());
}
}
public String getEncodedJwsPayload() {
@@ -80,10 +81,10 @@ public class JwsJsonSignatureEntry {
public String getEncodedProtectedHeader() {
return encodedProtectedHeader;
}
- public JwsJsonProtectedHeader getProtectedHeader() {
+ public JoseHeaders getProtectedHeader() {
return protectedHeader;
}
- public JwsJsonUnprotectedHeader getUnprotectedHeader() {
+ public JoseHeaders getUnprotectedHeader() {
return unprotectedHeader;
}
public JoseHeaders getUnionHeader() {
@@ -133,13 +134,13 @@ public class JwsJsonSignatureEntry {
sb.append("{");
}
if (protectedHeader != null) {
- sb.append("\"protected\":\"" + protectedHeader.getEncodedHeaderEntries() + "\"");
+ sb.append("\"protected\":\"" + Base64UrlUtility.encode(writer.toJson(protectedHeader)) + "\"");
}
if (unprotectedHeader != null) {
if (protectedHeader != null) {
sb.append(",");
}
- sb.append("\"header\":" + unprotectedHeader.toJson());
+ sb.append("\"header\":" + writer.toJson(unprotectedHeader));
}
sb.append(",");
sb.append("\"signature\":\"" + encodedSignature + "\"");
http://git-wip-us.apache.org/repos/asf/cxf/blob/6991bdb7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonUnprotectedHeader.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonUnprotectedHeader.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonUnprotectedHeader.java
deleted file mode 100644
index 90a7d1f..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonUnprotectedHeader.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jws;
-
-import java.util.Map;
-
-import org.apache.cxf.rs.security.jose.JoseConstants;
-import org.apache.cxf.rs.security.jose.JoseHeaders;
-import org.apache.cxf.rs.security.jose.JoseHeadersReaderWriter;
-
-public class JwsJsonUnprotectedHeader {
-
- private JoseHeadersReaderWriter writer = new JoseHeadersReaderWriter();
- private JoseHeaders headerEntries;
-
- public JwsJsonUnprotectedHeader() {
- }
- public JwsJsonUnprotectedHeader(JoseHeaders headers) {
- headerEntries = headers;
- }
-
- public JwsJsonUnprotectedHeader(Map<String, Object> values) {
- this(new JoseHeaders(values));
- }
-
-
- public void addHeader(String name, Object value) {
- if (JoseConstants.HEADER_CRITICAL.equals(name)) {
- throw new SecurityException();
- }
- headerEntries.setHeader(name, value);
- }
- public Object getHeader(String name) {
- return headerEntries.getHeader(name);
- }
- public JoseHeaders getHeaderEntries() {
- return headerEntries;
- }
- public String toJson() {
- return writer.headersToJson(headerEntries);
- }
-}
http://git-wip-us.apache.org/repos/asf/cxf/blob/6991bdb7/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/JwsJoseCookBookTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/JwsJoseCookBookTest.java b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/JwsJoseCookBookTest.java
index da0ac98..52088d8 100644
--- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/JwsJoseCookBookTest.java
+++ b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/JwsJoseCookBookTest.java
@@ -29,6 +29,7 @@ import org.apache.cxf.helpers.IOUtils;
import org.apache.cxf.jaxrs.provider.json.JsonMapObjectReaderWriter;
import org.apache.cxf.rs.security.jose.JoseConstants;
import org.apache.cxf.rs.security.jose.JoseHeaders;
+import org.apache.cxf.rs.security.jose.JoseHeadersReaderWriter;
import org.apache.cxf.rs.security.jose.jwa.Algorithm;
import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
import org.apache.cxf.rs.security.jose.jwk.JsonWebKeys;
@@ -38,10 +39,9 @@ import org.apache.cxf.rs.security.jose.jws.JwsCompactConsumer;
import org.apache.cxf.rs.security.jose.jws.JwsCompactProducer;
import org.apache.cxf.rs.security.jose.jws.JwsJsonConsumer;
import org.apache.cxf.rs.security.jose.jws.JwsJsonProducer;
-import org.apache.cxf.rs.security.jose.jws.JwsJsonProtectedHeader;
-import org.apache.cxf.rs.security.jose.jws.JwsJsonUnprotectedHeader;
import org.apache.cxf.rs.security.jose.jws.JwsUtils;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
+
import org.junit.Test;
import static org.junit.Assert.assertEquals;
@@ -375,10 +375,9 @@ public class JwsJoseCookBookTest {
JwsJsonProducer jsonProducer = new JwsJsonProducer(PAYLOAD);
assertEquals(jsonProducer.getPlainPayload(), PAYLOAD);
assertEquals(jsonProducer.getUnsignedEncodedPayload(), ENCODED_PAYLOAD);
- JoseHeaders joseHeaders = new JoseHeaders();
- joseHeaders.setAlgorithm(JoseConstants.RS_SHA_256_ALGO);
- joseHeaders.setKeyId(RSA_KID_VALUE);
- JwsJsonProtectedHeader protectedHeader = new JwsJsonProtectedHeader(joseHeaders);
+ JoseHeaders protectedHeader = new JoseHeaders();
+ protectedHeader.setAlgorithm(JoseConstants.RS_SHA_256_ALGO);
+ protectedHeader.setKeyId(RSA_KID_VALUE);
jsonProducer.signWith(JwsUtils.getSignatureProvider(rsaKey, JoseConstants.RS_SHA_256_ALGO), protectedHeader);
assertEquals(jsonProducer.getJwsJsonSignedDocument(), RSA_V1_5_JSON_GENERAL_SERIALIZATION);
JwsJsonConsumer jsonConsumer = new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument());
@@ -420,10 +419,9 @@ public class JwsJoseCookBookTest {
JwsJsonProducer jsonProducer = new JwsJsonProducer(PAYLOAD);
assertEquals(jsonProducer.getPlainPayload(), PAYLOAD);
assertEquals(jsonProducer.getUnsignedEncodedPayload(), ENCODED_PAYLOAD);
- JoseHeaders joseHeaders = new JoseHeaders();
- joseHeaders.setAlgorithm(JoseConstants.PS_SHA_384_ALGO);
- joseHeaders.setKeyId(RSA_KID_VALUE);
- JwsJsonProtectedHeader protectedHeader = new JwsJsonProtectedHeader(joseHeaders);
+ JoseHeaders protectedHeader = new JoseHeaders();
+ protectedHeader.setAlgorithm(JoseConstants.PS_SHA_384_ALGO);
+ protectedHeader.setKeyId(RSA_KID_VALUE);
jsonProducer.signWith(JwsUtils.getSignatureProvider(rsaKey, JoseConstants.PS_SHA_384_ALGO), protectedHeader);
assertEquals(jsonProducer.getJwsJsonSignedDocument().length(), RSA_PSS_JSON_GENERAL_SERIALIZATION.length());
JwsJsonConsumer jsonConsumer = new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument());
@@ -493,10 +491,9 @@ public class JwsJoseCookBookTest {
JwsJsonProducer jsonProducer = new JwsJsonProducer(PAYLOAD);
assertEquals(jsonProducer.getPlainPayload(), PAYLOAD);
assertEquals(jsonProducer.getUnsignedEncodedPayload(), ENCODED_PAYLOAD);
- JoseHeaders joseHeaders = new JoseHeaders();
- joseHeaders.setAlgorithm(JoseConstants.HMAC_SHA_256_ALGO);
- joseHeaders.setKeyId(HMAC_KID_VALUE);
- JwsJsonProtectedHeader protectedHeader = new JwsJsonProtectedHeader(joseHeaders);
+ JoseHeaders protectedHeader = new JoseHeaders();
+ protectedHeader.setAlgorithm(JoseConstants.HMAC_SHA_256_ALGO);
+ protectedHeader.setKeyId(HMAC_KID_VALUE);
jsonProducer.signWith(JwsUtils.getSignatureProvider(key, JoseConstants.HMAC_SHA_256_ALGO), protectedHeader);
assertEquals(jsonProducer.getJwsJsonSignedDocument(), HMAC_JSON_GENERAL_SERIALIZATION);
JwsJsonConsumer jsonConsumer = new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument());
@@ -529,10 +526,9 @@ public class JwsJoseCookBookTest {
JwsJsonProducer jsonProducer = new JwsJsonProducer(PAYLOAD);
assertEquals(jsonProducer.getPlainPayload(), PAYLOAD);
assertEquals(jsonProducer.getUnsignedEncodedPayload(), ENCODED_PAYLOAD);
- JoseHeaders joseHeaders = new JoseHeaders();
- joseHeaders.setAlgorithm(JoseConstants.HMAC_SHA_256_ALGO);
- joseHeaders.setKeyId(HMAC_KID_VALUE);
- JwsJsonProtectedHeader protectedHeader = new JwsJsonProtectedHeader(joseHeaders);
+ JoseHeaders protectedHeader = new JoseHeaders();
+ protectedHeader.setAlgorithm(JoseConstants.HMAC_SHA_256_ALGO);
+ protectedHeader.setKeyId(HMAC_KID_VALUE);
jsonProducer.signWith(JwsUtils.getSignatureProvider(key, JoseConstants.HMAC_SHA_256_ALGO), protectedHeader);
assertEquals(jsonProducer.getJwsJsonSignedDocument(true), HMAC_DETACHED_JSON_GENERAL_SERIALIZATION);
JwsJsonConsumer jsonConsumer =
@@ -550,12 +546,10 @@ public class JwsJoseCookBookTest {
JwsJsonProducer jsonProducer = new JwsJsonProducer(PAYLOAD);
assertEquals(jsonProducer.getPlainPayload(), PAYLOAD);
assertEquals(jsonProducer.getUnsignedEncodedPayload(), ENCODED_PAYLOAD);
- JoseHeaders joseProtectedHeaders = new JoseHeaders();
- joseProtectedHeaders.setAlgorithm(JoseConstants.HMAC_SHA_256_ALGO);
- JwsJsonProtectedHeader protectedHeader = new JwsJsonProtectedHeader(joseProtectedHeaders);
- JoseHeaders joseUnprotectedHeaders = new JoseHeaders();
- joseUnprotectedHeaders.setKeyId(HMAC_KID_VALUE);
- JwsJsonUnprotectedHeader unprotectedHeader = new JwsJsonUnprotectedHeader(joseUnprotectedHeaders);
+ JoseHeaders protectedHeader = new JoseHeaders();
+ protectedHeader.setAlgorithm(JoseConstants.HMAC_SHA_256_ALGO);
+ JoseHeaders unprotectedHeader = new JoseHeaders();
+ unprotectedHeader.setKeyId(HMAC_KID_VALUE);
JsonWebKeys jwks = readKeySet("cookbookSecretSet.txt");
List<JsonWebKey> keys = jwks.getKeys();
JsonWebKey key = keys.get(0);
@@ -580,10 +574,9 @@ public class JwsJoseCookBookTest {
JwsJsonProducer jsonProducer = new JwsJsonProducer(PAYLOAD);
assertEquals(jsonProducer.getPlainPayload(), PAYLOAD);
assertEquals(jsonProducer.getUnsignedEncodedPayload(), ENCODED_PAYLOAD);
- JoseHeaders joseUnprotectedHeaders = new JoseHeaders();
- joseUnprotectedHeaders.setAlgorithm(JoseConstants.HMAC_SHA_256_ALGO);
- joseUnprotectedHeaders.setKeyId(HMAC_KID_VALUE);
- JwsJsonUnprotectedHeader unprotectedHeader = new JwsJsonUnprotectedHeader(joseUnprotectedHeaders);
+ JoseHeaders unprotectedHeader = new JoseHeaders();
+ unprotectedHeader.setAlgorithm(JoseConstants.HMAC_SHA_256_ALGO);
+ unprotectedHeader.setKeyId(HMAC_KID_VALUE);
JsonWebKeys jwks = readKeySet("cookbookSecretSet.txt");
List<JsonWebKey> keys = jwks.getKeys();
JsonWebKey key = keys.get(0);
@@ -614,40 +607,33 @@ public class JwsJoseCookBookTest {
JwsJsonProducer jsonProducer = new JwsJsonProducer(PAYLOAD);
assertEquals(jsonProducer.getPlainPayload(), PAYLOAD);
assertEquals(jsonProducer.getUnsignedEncodedPayload(), ENCODED_PAYLOAD);
- JoseHeaders firstSignerProtectedJoseHeaders = new JoseHeaders();
- firstSignerProtectedJoseHeaders.setAlgorithm(JoseConstants.RS_SHA_256_ALGO);
- JwsJsonProtectedHeader fristSignerProtectedHeader =
- new JwsJsonProtectedHeader(firstSignerProtectedJoseHeaders);
- JoseHeaders firstSignerUnprotectedJoseHeaders = new JoseHeaders();
- firstSignerUnprotectedJoseHeaders.setKeyId(RSA_KID_VALUE);
- JwsJsonUnprotectedHeader firstSignerUnprotectedHeader =
- new JwsJsonUnprotectedHeader(firstSignerUnprotectedJoseHeaders);
+ JoseHeaders firstSignerProtectedHeader = new JoseHeaders();
+ firstSignerProtectedHeader.setAlgorithm(JoseConstants.RS_SHA_256_ALGO);
+ JoseHeaders firstSignerUnprotectedHeader = new JoseHeaders();
+ firstSignerUnprotectedHeader.setKeyId(RSA_KID_VALUE);
JsonWebKeys jwks = readKeySet("cookbookPrivateSet.txt");
List<JsonWebKey> keys = jwks.getKeys();
JsonWebKey rsaKey = keys.get(1);
jsonProducer.signWith(JwsUtils.getSignatureProvider(rsaKey, JoseConstants.RS_SHA_256_ALGO),
- fristSignerProtectedHeader, firstSignerUnprotectedHeader);
+ firstSignerProtectedHeader, firstSignerUnprotectedHeader);
assertEquals(jsonProducer.getSignatureEntries().get(0).toJson(),
FIRST_SIGNATURE_ENTRY_MULTIPLE_SIGNATURES);
- JoseHeaders secondSignerUnprotectedJoseHeaders = new JoseHeaders();
- secondSignerUnprotectedJoseHeaders.setAlgorithm(JoseConstants.ES_SHA_512_ALGO);
- secondSignerUnprotectedJoseHeaders.setKeyId(ECDSA_KID_VALUE);
- JwsJsonUnprotectedHeader secondSignerUnprotectedHeader =
- new JwsJsonUnprotectedHeader(secondSignerUnprotectedJoseHeaders);
+ JoseHeaders secondSignerUnprotectedHeader = new JoseHeaders();
+ secondSignerUnprotectedHeader.setAlgorithm(JoseConstants.ES_SHA_512_ALGO);
+ secondSignerUnprotectedHeader.setKeyId(ECDSA_KID_VALUE);
JsonWebKey ecKey = keys.get(0);
jsonProducer.signWith(JwsUtils.getSignatureProvider(ecKey, JoseConstants.ES_SHA_512_ALGO),
null, secondSignerUnprotectedHeader);
- assertEquals(jsonProducer.getSignatureEntries().get(1).getUnprotectedHeader().toJson(),
+ assertEquals(new JoseHeadersReaderWriter().toJson(
+ jsonProducer.getSignatureEntries().get(1).getUnprotectedHeader()),
SECOND_SIGNATURE_UNPROTECTED_HEADER_MULTIPLE_SIGNATURES);
assertEquals(jsonProducer.getSignatureEntries().get(1).toJson().length(),
SECOND_SIGNATURE_ENTRY_MULTIPLE_SIGNATURES.length());
- JoseHeaders thirdSignerProtectedJoseHeaders = new JoseHeaders();
- thirdSignerProtectedJoseHeaders.setAlgorithm(JoseConstants.HMAC_SHA_256_ALGO);
- thirdSignerProtectedJoseHeaders.setKeyId(HMAC_KID_VALUE);
- JwsJsonProtectedHeader thirdSignerProtectedHeader =
- new JwsJsonProtectedHeader(thirdSignerProtectedJoseHeaders);
+ JoseHeaders thirdSignerProtectedHeader = new JoseHeaders();
+ thirdSignerProtectedHeader.setAlgorithm(JoseConstants.HMAC_SHA_256_ALGO);
+ thirdSignerProtectedHeader.setKeyId(HMAC_KID_VALUE);
JsonWebKeys secretJwks = readKeySet("cookbookSecretSet.txt");
List<JsonWebKey> secretKeys = secretJwks.getKeys();
JsonWebKey hmacKey = secretKeys.get(0);
http://git-wip-us.apache.org/repos/asf/cxf/blob/6991bdb7/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducerTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducerTest.java b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducerTest.java
index 3b5b492..fa94e46 100644
--- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducerTest.java
+++ b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducerTest.java
@@ -76,7 +76,7 @@ public class JwsJsonProducerTest extends Assert {
producer.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY_1,
JoseConstants.HMAC_SHA_256_ALGO),
- new JwsJsonProtectedHeader(headerEntries));
+ headerEntries);
assertEquals(SIGNED_JWS_JSON_DOCUMENT,
producer.getJwsJsonSignedDocument());
}
@@ -88,7 +88,7 @@ public class JwsJsonProducerTest extends Assert {
producer.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY_1,
JoseConstants.HMAC_SHA_256_ALGO),
- new JwsJsonProtectedHeader(headerEntries));
+ headerEntries);
assertEquals(SIGNED_JWS_JSON_FLAT_DOCUMENT,
producer.getJwsJsonSignedDocument());
}
@@ -100,10 +100,10 @@ public class JwsJsonProducerTest extends Assert {
producer.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY_1,
JoseConstants.HMAC_SHA_256_ALGO),
- new JwsJsonProtectedHeader(headerEntries));
+ headerEntries);
producer.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY_2,
JoseConstants.HMAC_SHA_256_ALGO),
- new JwsJsonProtectedHeader(headerEntries));
+ headerEntries);
assertEquals(DUAL_SIGNED_JWS_JSON_DOCUMENT,
producer.getJwsJsonSignedDocument());
}