You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2014/10/07 18:41:25 UTC
[1/2] git commit: Adding a utility for converting JwtToken to
ServerAccessToken
Repository: cxf
Updated Branches:
refs/heads/master a5aff3e7a -> 9a952cfaf
Adding a utility for converting JwtToken to ServerAccessToken
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/b8938b57
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/b8938b57
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/b8938b57
Branch: refs/heads/master
Commit: b8938b57448dd490b55730d4b8d4d719b087dca8
Parents: aa237f2
Author: Sergey Beryozkin <sb...@talend.com>
Authored: Tue Oct 7 17:40:21 2014 +0100
Committer: Sergey Beryozkin <sb...@talend.com>
Committed: Tue Oct 7 17:40:21 2014 +0100
----------------------------------------------------------------------
.../jose/jwt/token/JwtAccessTokenUtils.java | 112 +++++++++++++++++++
1 file changed, 112 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/b8938b57/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwt/token/JwtAccessTokenUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwt/token/JwtAccessTokenUtils.java b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwt/token/JwtAccessTokenUtils.java
new file mode 100644
index 0000000..1474675
--- /dev/null
+++ b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwt/token/JwtAccessTokenUtils.java
@@ -0,0 +1,112 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.jose.jwt.token;
+
+import javax.crypto.SecretKey;
+
+import org.apache.cxf.rs.security.jose.jwa.Algorithm;
+import org.apache.cxf.rs.security.jose.jwe.AesGcmContentDecryptionAlgorithm;
+import org.apache.cxf.rs.security.jose.jwe.AesGcmContentEncryptionAlgorithm;
+import org.apache.cxf.rs.security.jose.jwe.ContentEncryptionAlgorithm;
+import org.apache.cxf.rs.security.jose.jwe.DirectKeyJweDecryption;
+import org.apache.cxf.rs.security.jose.jwe.DirectKeyJweEncryption;
+import org.apache.cxf.rs.security.jose.jwe.JweEncryptionProvider;
+import org.apache.cxf.rs.security.jose.jws.JwsHeaders;
+import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer;
+import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactProducer;
+import org.apache.cxf.rs.security.jose.jws.JwsSignature;
+import org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider;
+import org.apache.cxf.rs.security.jose.jwt.JwtToken;
+import org.apache.cxf.rs.security.oauth2.common.Client;
+import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
+import org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken;
+
+public final class JwtAccessTokenUtils {
+ private JwtAccessTokenUtils() {
+
+ }
+
+ public static ServerAccessToken toAccessToken(JwtToken jwt,
+ Client client,
+ SecretKey key) {
+ String jwtString = new JwsJwtCompactProducer(jwt)
+ .signWith(new NoneSignatureProvider());
+ ContentEncryptionAlgorithm contentEncryption =
+ new AesGcmContentEncryptionAlgorithm(key, null, Algorithm.A128GCM.getJwtName());
+ JweEncryptionProvider jweEncryption = new DirectKeyJweEncryption(contentEncryption);
+ String tokenId = jweEncryption.encrypt(getBytes(jwtString), null);
+ Long issuedAt = jwt.getClaims().getIssuedAt();
+ Long notBefore = jwt.getClaims().getNotBefore();
+ if (issuedAt == null) {
+ issuedAt = System.currentTimeMillis();
+ notBefore = null;
+ }
+ Long expiresIn = null;
+ if (notBefore == null) {
+ expiresIn = 3600L;
+ } else {
+ expiresIn = notBefore - issuedAt;
+ }
+
+ return new BearerAccessToken(client, tokenId, issuedAt, expiresIn);
+
+ }
+ public static JwtToken fromAccessTokenId(String tokenId, SecretKey key) {
+ DirectKeyJweDecryption jweDecryption =
+ new DirectKeyJweDecryption(key,
+ new AesGcmContentDecryptionAlgorithm(Algorithm.A128GCM.getJwtName()));
+ String decrypted = jweDecryption.decrypt(tokenId).getContentText();
+ JwsJwtCompactConsumer consumer = new JwsJwtCompactConsumer(decrypted);
+ return consumer.getJwtToken();
+ }
+ private static class NoneSignatureProvider implements JwsSignatureProvider {
+
+ @Override
+ public String getAlgorithm() {
+ return "none";
+ }
+
+ @Override
+ public JwsSignature createJwsSignature(JwsHeaders headers) {
+ return new NoneJwsSignature();
+ }
+
+ }
+ private static class NoneJwsSignature implements JwsSignature {
+
+ @Override
+ public void update(byte[] src, int off, int len) {
+ // complete
+ }
+
+ @Override
+ public byte[] sign() {
+ return new byte[]{};
+ }
+
+ }
+ private static byte[] getBytes(String str) {
+ try {
+ return str.getBytes("UTF-8");
+ } catch (Exception ex) {
+ // ignore
+ }
+ return null;
+ }
+}
[2/2] git commit: Merge branch 'master' of
https://git-wip-us.apache.org/repos/asf/cxf
Posted by se...@apache.org.
Merge branch 'master' of https://git-wip-us.apache.org/repos/asf/cxf
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/9a952cfa
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/9a952cfa
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/9a952cfa
Branch: refs/heads/master
Commit: 9a952cfafebdeb14a456d2b657f8fe3211184492
Parents: b8938b5 a5aff3e
Author: Sergey Beryozkin <sb...@talend.com>
Authored: Tue Oct 7 17:40:59 2014 +0100
Committer: Sergey Beryozkin <sb...@talend.com>
Committed: Tue Oct 7 17:40:59 2014 +0100
----------------------------------------------------------------------
.../interceptors/MessageModeOutInterceptor.java | 18 ++++++++++--------
.../jexlClaimMappingsWithFunctions.script | 11 ++++++++++-
2 files changed, 20 insertions(+), 9 deletions(-)
----------------------------------------------------------------------