github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge branch 'jwtupdate'

pull/105/merge
Justin Richer 2012-06-05 16:36:32 -04:00
parent 3b4e95ac10 e44697cef9
commit 250e0c730e
3 changed files with 52 additions and 62 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/JwtSigningAndValidationServiceDefault.java
View File

@ -89,20 +89,18 @@ public class JwtSigningAndValidationServiceDefault implements
Map<String, PublicKey> map = new HashMap<String, PublicKey>(); Map<String, PublicKey> map = new HashMap<String, PublicKey>();
PublicKey publicKey; for (String signerId : signers.keySet()) {
for (JwtSigner signer : signers.values()) {
JwtSigner signer = signers.get(signerId);
if (signer instanceof RsaSigner) { if (signer instanceof RsaSigner) {
publicKey = ((RsaSigner) signer).getPublicKey(); RsaSigner rsa = (RsaSigner)signer;
PublicKey publicKey = rsa.getPublicKey();
if (publicKey != null) { if (publicKey != null) {
// what's the index of this map for? map.put(signerId, publicKey);
map.put(((RSAPublicKey) publicKey).getModulus()
.toString(16).toUpperCase()
+ ((RSAPublicKey) publicKey).getPublicExponent()
.toString(16).toUpperCase(), publicKey);
} }
} }

82
openid-connect-server/src/main/java/org/mitre/openid/connect/view/JwkKeyListView.java
View File

@ -33,10 +33,12 @@ import org.apache.commons.codec.binary.Base64;
import org.springframework.validation.BeanPropertyBindingResult; import org.springframework.validation.BeanPropertyBindingResult;
import org.springframework.web.servlet.view.AbstractView; import org.springframework.web.servlet.view.AbstractView;
import com.google.common.collect.BiMap;
import com.google.gson.ExclusionStrategy; import com.google.gson.ExclusionStrategy;
import com.google.gson.FieldAttributes; import com.google.gson.FieldAttributes;
import com.google.gson.Gson; import com.google.gson.Gson;
import com.google.gson.GsonBuilder; import com.google.gson.GsonBuilder;
import com.google.gson.JsonArray;
import com.google.gson.JsonElement; import com.google.gson.JsonElement;
import com.google.gson.JsonObject; import com.google.gson.JsonObject;
import com.google.gson.JsonSerializationContext; import com.google.gson.JsonSerializationContext;
@ -67,50 +69,6 @@ public class JwkKeyListView extends AbstractView {
return false; return false;
} }
})
.registerTypeHierarchyAdapter(PublicKey.class, new JsonSerializer<PublicKey>() {
@Override
public JsonElement serialize(PublicKey src, Type typeOfSrc, JsonSerializationContext context) {
if (src instanceof RSAPublicKey) {
RSAPublicKey rsa = (RSAPublicKey)src;
BigInteger mod = rsa.getModulus();
BigInteger exp = rsa.getPublicExponent();
String m64 = Base64.encodeBase64URLSafeString(mod.toByteArray());
String e64 = Base64.encodeBase64URLSafeString(exp.toByteArray());
JsonObject o = new JsonObject();
o.addProperty("use", "sig");
o.addProperty("alg", "RSA");
o.addProperty("mod", m64);
o.addProperty("exp", e64);
// TODO: get the key ID from the map
return o;
} else if (src instanceof ECPublicKey) {
@SuppressWarnings("unused")
ECPublicKey ec = (ECPublicKey)src;
// TODO: serialize the EC
return null;
} else {
// skip this class ... we shouldn't have any keys in here that aren't encodable by this serializer
return null;
}
}
}) })
.create(); .create();
@ -119,10 +77,38 @@ public class JwkKeyListView extends AbstractView {
Writer out = response.getWriter(); Writer out = response.getWriter();
Object obj = model.get("entity"); BiMap<String, PublicKey> keyMap = (BiMap<String, PublicKey>) model.get("keys");
if (obj == null) {
obj = model; JsonObject obj = new JsonObject();
} JsonArray keys = new JsonArray();
obj.add("keys", keys);
for (String keyId : keyMap.keySet()) {
PublicKey src = keyMap.get(keyId);
if (src instanceof RSAPublicKey) {
RSAPublicKey rsa = (RSAPublicKey)src;
BigInteger mod = rsa.getModulus();
BigInteger exp = rsa.getPublicExponent();
String m64 = Base64.encodeBase64URLSafeString(mod.toByteArray());
String e64 = Base64.encodeBase64URLSafeString(exp.toByteArray());
JsonObject o = new JsonObject();
o.addProperty("use", "sig"); // since we don't do encryption yet
o.addProperty("alg", "RSA"); // we know this is RSA
o.addProperty("mod", m64);
o.addProperty("exp", e64);
o.addProperty("kid", keyId);
keys.add(o);
}
}
gson.toJson(obj, out); gson.toJson(obj, out);

16
openid-connect-server/src/main/java/org/mitre/openid/connect/web/JsonWebKeyEndpoint.java
View File

@ -27,6 +27,10 @@ import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.servlet.ModelAndView; import org.springframework.web.servlet.ModelAndView;
import com.google.common.collect.BiMap;
import com.google.common.collect.HashBiMap;
import com.google.common.collect.Maps;
@Controller @Controller
public class JsonWebKeyEndpoint { public class JsonWebKeyEndpoint {
@ -36,14 +40,16 @@ public class JsonWebKeyEndpoint {
@RequestMapping("/jwk") @RequestMapping("/jwk")
public ModelAndView getJwk() { public ModelAndView getJwk() {
Collection<PublicKey> keys = jwtService.getAllPublicKeys().values(); // get all public keys for display
// map from key id to public key for that signer
Map<String, PublicKey> keys = jwtService.getAllPublicKeys();
// put them into a bidirectional map to get at key IDs
BiMap<String, PublicKey> biKeys = HashBiMap.create(keys);
// TODO: check if keys are empty, return a 404 here or just an empty list? // TODO: check if keys are empty, return a 404 here or just an empty list?
Map<String, Object> jwk = new HashMap<String, Object>(); return new ModelAndView("jwkKeyList", "keys", biKeys);
jwk.put("jwk", keys);
return new ModelAndView("jwkKeyList", "entity", jwk);
} }
} }