github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fix Charset to UTF-8 used by token value hash function (#11)

pull/1611/head
Federica Agostini 2024-01-24 12:05:23 +01:00 committed by GitHub
parent 29ec962d01
commit 19243821ed
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
6 changed files with 10 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
openid-connect-client/pom.xml
View File

@ -22,7 +22,7 @@
<parent> <parent>
<artifactId>openid-connect-parent</artifactId> <artifactId>openid-connect-parent</artifactId>
<groupId>org.mitre</groupId> <groupId>org.mitre</groupId>
<version>1.3.6.cnaf-20231129</version> <version>1.3.6.cnaf-20240119</version>
<relativePath>..</relativePath> <relativePath>..</relativePath>
</parent> </parent>
<artifactId>openid-connect-client</artifactId> <artifactId>openid-connect-client</artifactId>

2
openid-connect-common/pom.xml
View File

@ -22,7 +22,7 @@
<parent> <parent>
<artifactId>openid-connect-parent</artifactId> <artifactId>openid-connect-parent</artifactId>
<groupId>org.mitre</groupId> <groupId>org.mitre</groupId>
<version>1.3.6.cnaf-20231129</version> <version>1.3.6.cnaf-20240119</version>
<relativePath>..</relativePath> <relativePath>..</relativePath>
</parent> </parent>
<artifactId>openid-connect-common</artifactId> <artifactId>openid-connect-common</artifactId>

6
openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2AccessTokenEntity.java
View File

@ -20,6 +20,7 @@
*/ */
package org.mitre.oauth2.model; package org.mitre.oauth2.model;
import java.nio.charset.StandardCharsets;
import java.util.Date; import java.util.Date;
import java.util.HashMap; import java.util.HashMap;
import java.util.Map; import java.util.Map;
@ -349,9 +350,8 @@ public class OAuth2AccessTokenEntity implements OAuth2AccessToken {
public void hashMe() { public void hashMe() {
if (jwtValue != null) { if (jwtValue != null) {
this.tokenValueHash = Hashing.sha256() this.tokenValueHash =
.hashUnencodedChars(jwtValue.serialize()) Hashing.sha256().hashString(jwtValue.serialize(), StandardCharsets.UTF_8).toString();
.toString();
} }
} }
} }

2
openid-connect-server/pom.xml
View File

@ -23,7 +23,7 @@
<parent> <parent>
<groupId>org.mitre</groupId> <groupId>org.mitre</groupId>
<artifactId>openid-connect-parent</artifactId> <artifactId>openid-connect-parent</artifactId>
<version>1.3.6.cnaf-20231129</version> <version>1.3.6.cnaf-20240119</version>
<relativePath>..</relativePath> <relativePath>..</relativePath>
</parent> </parent>
<build> <build>

8
openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaOAuth2TokenRepository.java
View File

@ -80,11 +80,9 @@ public class JpaOAuth2TokenRepository implements OAuth2TokenRepository {
} }
@Override @Override
public OAuth2AccessTokenEntity getAccessTokenByValue( public OAuth2AccessTokenEntity getAccessTokenByValue(String accessTokenValue) {
String accessTokenValue) { String atHashed =
String atHashed = Hashing.sha256() Hashing.sha256().hashString(accessTokenValue, StandardCharsets.UTF_8).toString();
.hashUnencodedChars(accessTokenValue)
.toString();
TypedQuery<OAuth2AccessTokenEntity> query = manager.createNamedQuery( TypedQuery<OAuth2AccessTokenEntity> query = manager.createNamedQuery(
OAuth2AccessTokenEntity.QUERY_BY_TOKEN_VALUE_HASH, OAuth2AccessTokenEntity.QUERY_BY_TOKEN_VALUE_HASH,
OAuth2AccessTokenEntity.class); OAuth2AccessTokenEntity.class);

2
pom.xml
View File

@ -20,7 +20,7 @@
<modelVersion>4.0.0</modelVersion> <modelVersion>4.0.0</modelVersion>
<groupId>org.mitre</groupId> <groupId>org.mitre</groupId>
<artifactId>openid-connect-parent</artifactId> <artifactId>openid-connect-parent</artifactId>
<version>1.3.6.cnaf-20231129</version> <version>1.3.6.cnaf-20240119</version>
<name>MITREid Connect</name> <name>MITREid Connect</name>
<packaging>pom</packaging> <packaging>pom</packaging>
<parent> <parent>