Jwks update

1 year ago · 871ebcb3aa
2 changed files with 137 additions and 15 deletions
--- a/src/main/resources/jwks.json
+++ b/src/main/resources/jwks.json
@ -2,26 +2,39 @@
  "keys": [
    {
      "kty": "EC",
-      "d": "WZhyu7QYyCQGrJ0t1ifAHrtwG2tDFqupxd8bCBC7gEg",
+      "d": "X_gLHsJlSyK4gT_qeinb2gV7enJ1_2wq_Kxk-h3f-Mo",
      "use": "sig",
      "crv": "P-256",
-      "kid": "ecc-kid-1",
+      "kid": "sos-ecc-kid1",
-      "x": "NiwT4g_3mnJaqrd4JZHqMQvzHY13lVKt8U3NglvKoC8",
+      "key_ops": [
-      "y": "heIh7ENlsK02fO2I_xXf7GmPPnaugCtYsGvqCTJeIRM"
+        "sign",
        "deriveKey",
        "decrypt",
        "encrypt",
        "verify"
      ],
      "x": "UyCuPXhC0_KLRqfWPNDU4ZljSx7lQ_vP7VbYDiOZmsk",
      "y": "2HuQhn3bfkmYiB6BLQKlN8tkI8awkeOiKaNk1cu06ow",
      "alg": "ES256"
    },
    {
      "p": "1IKQCCAPhMgxUbgGa9Yjsowt3Q7rUjF68GBW0BF3QaY6zdrt1tGRLd_wVGq4uLBlb0jUUV591YOdYQHYpqgjozMfmpSG6UxikUGzzNihB0-9pczWxGe03hbLr5M3ueDIEBh81_aigSwnUGTTYCZhUPRewlJSkPg2SlXWfrB8tYU",
      "kty": "RSA",
-      "kid": "myoidc-keyid",
+      "q": "13hSjzOO8BjVbcjfa2QsyDMVLcclagFLeaTejBZG_ZDRpvvq6zL9MyghGc5q-qlMxZCZwci8WOCyPwKfvB7Ca_3fdKVL0U7VSyTuXTRX1OCpxoOj6IbxzuzWeFEAwEkL6PeRPYFz-bgWd955NdCCS5rL11SBQneIIavtYTKiKkk",
-      "use": "sig",
+      "d": "F6t-8VhYR5Sy_7rNo5S75wxLgxlKc_WMqGsd39xcebdCY7MQnFxHq0_GUOq-RQKmhqydJXKdC3rElopxeojUmbX1mlnznjlv8Yu5JTVq5kMELuzl0-MyqeyHCM027p_-gjShNSLhhR3I8_GUZGvt-6q6H4yaGGGx9t1bbAjnLYQK-4zzl2VcNqHETIDYwhi626FGy1uZCHIDsojeVgW7HQAx26HAGBIkPMbiFCINLQRf-cOsEX4ksKfrgbH5QOG16yZObYHy1Ulx0HKgP_GaaqliZ6C-6-w05Umv6V_KY9qQiehFAFVRJ82lZtQ3HV1Ivoxi4U-ptYSaMGkDOqij2Q",
      "alg": "RS256",
      "n": "n6X4_VZSQjxmSqBqmIq5ZbaLynXPP3yCOF2xE250NaYLferU8LX3xAvuNLnZkaUH-4cnr_JuSlN_7JIAwAd5oLHSuSByPcxSJ95uGniDji22s-yQ19rqZCQHLmJwg3WZpWPN-HmwxPOFNlkW_2ETjqMzS-3kGduz-IPfebwNbVFu6RglHT_V6IyaDUbSvV80AAQ7R8Y6xBvu25ZSniu3JHj2u8AtScJgiOqfsImsaCABdmUO4LtMzB1V7pafH-_puRWYCl5_uaYYPMxv-EOonPCyTlzJtC6ZeiiI4LNtxWwEamRyTS0xX8Czt3s5mRW2q6pgMZQsqlL64Df8MDuFpQ",
      "e": "AQAB",
-      "d": "E92YRRXnuHxBkkmx2fdxKHn1nSTZvCGnJpJqBWv6I-7cgTemdal_AjMl2gPCUgBCJQdlZdx54t_PDEYCt-J2PQvDl-u0q4HwOyvPcZXLcPa5RFxMjb-c6QceqaPwMjuA-faYW7Hw0CEpU2D0nqSaxWYDbRBWEO2o0GTAeypuVUrZXGilOLjal68Tho8ZYbmyXsEvEdqCob_iUe6q4c2x0amMmn2ot3bKKqdjbVXMjVfEqHHMPMdnVmrr_yfTUlXN3ZT4Ypp7wDrAVs7pfbvrCKWzLQYlbYNjZeBoKNcGabAA7WuNGxWvi3971gLSdYwRw4TngOweIhVW8kxiiA77QQ",
+      "kid": "sos-rsa-kid2",
-      "p": "2R_SdLqd7d7hVJTAVY4Twx8j7VQq6-TTMVcyD_YLeBGvlkngpSz7NSQu1LTYGEHa_CzeCOFmKgtuLZ84zyS_wUxgF3AH0VD-xNZSAaHfzWXAwLmezYzGBXXF0ho8qpbf2aTNZZx2n5z0cb0loitAfmfrsd9XU226nXpPAgV-gTE",
+      "key_ops": [
-      "q": "vDup5zcW9NwxVs9-C-W1uwL7TpQIKNk9oBvbfgD6XkwIn3JmCfny2Nm-paK45YM169JhnUml7z6On2Bq81rNtPwkqWTp9d2SfsQkuNddtfeYi_FulLqMLeQvCr2TAdFE-4uYKcU_-5u21oomnVm5vgGs8aFzd_J-57i-GfPxjrU",
+        "deriveKey",
-      "dp": "UwpZqm1JQ5WvpnKx0MbjBghd7EH5nHjK0R8hNXuLzWMuPZOJyIKYnS12f8GeuEBPqYzbapgSQ9hVTjuMNaU_dYVpZu1hAAwzNEMn4BnyB5N4Ef2sH79MaQAvJXkFZNUJTis6pzcdI1SbJPkLcKeMJgxG16OsuWrJKbuChiplxLE",
+        "verify",
-      "dq": "aQYJGD6-ikRJKxx-QXkbWoqhWQhzPQdowOqKHtXA29gkf4I-uJZDDwb-vj_6VeRNs5Qgbrfm44PN49LSGZGycKa2deUePNYxpJUfwBo56QuKi5pbjpQ_HmPQc3eujDcM_CS486Vgu6v36eAPB4BGiGM68V6ZpHUipXuIZcacInk",
+        "encrypt",
-      "qi": "bvay2Ej4FIYrFpD0zW-xEpHoPxXmNJRyR4rL4SGVq-ILghfVqfTQszI2MUnpubcUAUsqYYZUvvemfust35eYiSaYWzUDGsjmUWhZDD8VTKEyxbWwya7GztarLMud2LGn76a41zyStU46g84G1ZPNcZTK_1DIR0_BpayN44jj3kk"
+        "decrypt",
        "sign"
      ],
      "qi": "jetZOG6EMEDAoeAy8RiJxHFnFJMOqGULd5wkPwAi6LV9wt8dgdxj_rocK0a4ksSfEu5EFeuJ8lPVpBwMJhZh5j2YJvmVzC7FxhH2sQ3FD-tu6hwU9IhnRLm2CeEaSG92upWUoZCRnLwVpKamOVJjJAk19TmL7FUGt93a3Gemb88",
      "dp": "ry5mH1yWjmYdSflCydiAGuq10BpBYMNLTiaMyf7r6WFn7lTAZariXAfT7TMAzbcUFzXZWK5lWwKhVNuZxmCq6Bj3v40a3e1K_-VCm-YkcIuKkcgXb1byYXY3OKhKct9a7PHS0JEPCx7j1cEYApYA-SRJjTUhvUHwNz0lkdBZLaU",
      "alg": "RS256",
      "dq": "Wa4lxp5x9rKPWnNJsjvue6DvRq9lfhpt3IJncizvfSgianrdiukdA4bHSCNm2U9Pucb2h_ZRljhnV9xyuWygBSyULcuCo-pI0k7buwVHLT4Yy5wMw4Iu8K4Ykdk9E8sTXvJzjALuT1h0WY3KK0DOikMyZjww1IZFraYOVe8qGak",
      "n": "st2IswiZyQXHy86KBYQdEYv3sAfWpyx-e4o0Dcqvpck0E1FpZfVcFzbLy9B7YHvXv1SseVcg93iiNYgGlPDeZxPllz4-oIisDvSmEJdAidhqQxxpMeSjeQzvVu4CKjGFG9jA68pTm-KDia3Y516b4tPyKhHGIUZq2yJrNIs2QjTikYbn5AxAQ244cDPTsuEV5yqdOdyWvdlrn4WSFLiPt31MboT6et7Hmm90fwbMDSaWWb2XNo2gOnzWFwlNO2s8zK_Z1IWhmreb_XH5mW9xirrT03nbnLTLcmLtZYHFKjP55zRFDgKsXeo9BQNG3dkCsWz0N8pURaN6cuXYoYGU7Q"
    }
  ]
 }
--- a/src/test/java/com/monkeyk/sos/service/JwksTest.java
+++ b/src/test/java/com/monkeyk/sos/service/JwksTest.java
@ -0,0 +1,109 @@
 package com.monkeyk.sos.service;
 import com.nimbusds.jose.JWSAlgorithm;
 import com.nimbusds.jose.jwk.Curve;
 import com.nimbusds.jose.jwk.ECKey;
 import com.nimbusds.jose.jwk.RSAKey;
 import org.junit.jupiter.api.Test;
 import java.security.KeyPair;
 import java.security.KeyPairGenerator;
 import java.security.PrivateKey;
 import java.security.PublicKey;
 import java.security.interfaces.ECPublicKey;
 import java.security.interfaces.RSAPublicKey;
 import java.util.Set;
 import static com.nimbusds.jose.jwk.KeyOperation.*;
 import static org.junit.jupiter.api.Assertions.assertNotNull;
 /**
 * 2023/10/18 15:12
 * <p>
 * JWK
 * generate
 *
 * @author Shengzhao Li
 * @since 3.0.0
 */
 public class JwksTest {
    /**
     * ES256  jwk  generate
     *
     * @throws Exception e
     */
    @Test
    void jwkEC() throws Exception {
        Curve point = Curve.P_256;
 //        Curve point = Curve.P_384;
 //        Curve point = Curve.P_521;
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC");
        keyPairGenerator.initialize(point.toECParameterSpec());
        KeyPair keyPair = keyPairGenerator.generateKeyPair();
        PublicKey aPublic = keyPair.getPublic();
        PrivateKey aPrivate = keyPair.getPrivate();
        ECKey key = new ECKey.Builder(point, (ECPublicKey) aPublic)
                .privateKey(aPrivate)
                .keyOperations(Set.of(
                        SIGN,
                        VERIFY,
                        ENCRYPT,
                        DECRYPT,
                        DERIVE_KEY))
                // keyId 必须唯一
                .keyID("sos-ecc-kid1")
                .algorithm(JWSAlgorithm.ES256)
                .build();
        assertNotNull(key);
        String json = key.toJSONString();
        assertNotNull(json);
 //        System.out.println(json);
    }
    /**
     * RS256  jwk  generate
     *
     * @throws Exception e
     */
    @Test
    void jwkRS() throws Exception {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(2048);
        KeyPair keyPair = keyPairGenerator.generateKeyPair();
        PrivateKey aPrivate = keyPair.getPrivate();
        PublicKey aPublic = keyPair.getPublic();
        RSAKey key = new RSAKey.Builder((RSAPublicKey) aPublic)
                .privateKey(aPrivate)
 //                .keyUse(KeyUse.SIGNATURE)
                .keyOperations(Set.of(
                        SIGN,
                        VERIFY,
                        ENCRYPT,
                        DECRYPT,
                        DERIVE_KEY))
                .algorithm(JWSAlgorithm.RS256)
                .keyID("sos-rsa-kid2")
                .build();
        assertNotNull(key);
        String json = key.toJSONString();
        assertNotNull(json);
 //        System.out.println(json);
    }
 }