github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fix Charset to UTF-8 used by token value hash function (#11)

pull/1611/head
Federica Agostini 2024-01-24 12:05:23 +01:00 committed by GitHub
parent 29ec962d01
commit 19243821ed
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
6 changed files with 10 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
openid-connect-client/pom.xml
View File

@ -22,7 +22,7 @@
<parent>
<artifactId>openid-connect-parent</artifactId>
<groupId>org.mitre</groupId>
<version>1.3.6.cnaf-20231129</version>
<version>1.3.6.cnaf-20240119</version>
<relativePath>..</relativePath>
</parent>
<artifactId>openid-connect-client</artifactId>

2
openid-connect-common/pom.xml
View File

@ -22,7 +22,7 @@
<parent>
<artifactId>openid-connect-parent</artifactId>
<groupId>org.mitre</groupId>
<version>1.3.6.cnaf-20231129</version>
<version>1.3.6.cnaf-20240119</version>
<relativePath>..</relativePath>
</parent>
<artifactId>openid-connect-common</artifactId>

6
openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2AccessTokenEntity.java
View File

@ -20,6 +20,7 @@
*/
package org.mitre.oauth2.model;
import java.nio.charset.StandardCharsets;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
@ -349,9 +350,8 @@ public class OAuth2AccessTokenEntity implements OAuth2AccessToken {
public void hashMe() {
if (jwtValue != null) {
this.tokenValueHash = Hashing.sha256()
.hashUnencodedChars(jwtValue.serialize())
.toString();
this.tokenValueHash =
Hashing.sha256().hashString(jwtValue.serialize(), StandardCharsets.UTF_8).toString();
}
}
}

2
openid-connect-server/pom.xml
View File

@ -23,7 +23,7 @@
<parent>
<groupId>org.mitre</groupId>
<artifactId>openid-connect-parent</artifactId>
<version>1.3.6.cnaf-20231129</version>
<version>1.3.6.cnaf-20240119</version>
<relativePath>..</relativePath>
</parent>
<build>

8
openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaOAuth2TokenRepository.java
View File

@ -80,11 +80,9 @@ public class JpaOAuth2TokenRepository implements OAuth2TokenRepository {
}
@Override
public OAuth2AccessTokenEntity getAccessTokenByValue(
String accessTokenValue) {
String atHashed = Hashing.sha256()
.hashUnencodedChars(accessTokenValue)
.toString();
public OAuth2AccessTokenEntity getAccessTokenByValue(String accessTokenValue) {
String atHashed =
Hashing.sha256().hashString(accessTokenValue, StandardCharsets.UTF_8).toString();
TypedQuery<OAuth2AccessTokenEntity> query = manager.createNamedQuery(
OAuth2AccessTokenEntity.QUERY_BY_TOKEN_VALUE_HASH,
OAuth2AccessTokenEntity.class);

2
pom.xml
View File

@ -20,7 +20,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.mitre</groupId>
<artifactId>openid-connect-parent</artifactId>
<version>1.3.6.cnaf-20231129</version>
<version>1.3.6.cnaf-20240119</version>
<name>MITREid Connect</name>
<packaging>pom</packaging>
<parent>