unshadowed Jwe header, unshadowed IdTokenClaims, added smart copy constructor to ClaimSet

openid-connect-client/src/main/java/org/mitre/openid/connect/client/AbstractOIDCAuthenticationFilter.java

@@ -425,7 +425,7 @@ public class AbstractOIDCAuthenticationFilter extends
 
 			// pull the user_id out as a claim on the id_token
 			
-			String userId = idToken.getTokenClaims().getUserId();
+			String userId = idToken.getClaims().getUserId();
 			
 			// construct an OpenIdConnectAuthenticationToken and return a Authentication object w/the userId and the idToken
 			

openid-connect-common/src/main/java/org/mitre/jwe/model/Jwe.java

@@ -4,6 +4,7 @@ import java.util.List;
 
 import org.apache.commons.codec.binary.Base64;
 import org.mitre.jwt.model.Jwt;
+import org.mitre.jwt.model.JwtHeader;
 
 import com.google.common.base.Splitter;
 import com.google.common.collect.Lists;
@@ -20,22 +21,18 @@ import com.google.gson.JsonObject;
  */
 public class Jwe extends Jwt {
 
-	private JweHeader header;
-	
 	private byte[] encryptedKey;
 	
 	private byte[] ciphertext;
 	
 	public Jwe() {
 		super();
-		this.header = new JweHeader();
 		this.encryptedKey = null;
 		this.ciphertext = null;
 	}
 	
 	public Jwe(JweHeader header, byte[] encryptedKey, byte[] ciphertext, String integrityValue) {
-		super(null, null, integrityValue);
-		this.header = header;
+		super(header, null, integrityValue);
 		this.encryptedKey = encryptedKey;
 		this.ciphertext = ciphertext;
 	}
@@ -52,11 +49,18 @@ public class Jwe extends Jwt {
 	*/
 	
 	public JweHeader getHeader() {
-		return header;
+		return (JweHeader) super.getHeader();
 	}
 
-	public void setHeader(JweHeader header) {
-		this.header = header;
+	/**
+	 * Set the header, wrapping it in a JweHeader if necessary
+	 */
+	public void setHeader(JwtHeader header) {
+		if (header instanceof JweHeader) {		
+			super.setHeader(header);
+		} else {
+			super.setHeader(new JweHeader(header));
+		}
 	}
 
 	public byte[] getEncryptedKey() {
@@ -77,12 +81,9 @@ public class Jwe extends Jwt {
 
 	@Override
 	public String getSignatureBase() {
-		byte[] c = ciphertext;
-		byte[] e = encryptedKey;
-
-		String h64 = new String(Base64.encodeBase64URLSafe(header.toJsonString().getBytes()));
-		String e64 = new String(Base64.encodeBase64URLSafe(e));
-		String c64 = new String(Base64.encodeBase64URLSafe(c));
+		String h64 = new String(Base64.encodeBase64URLSafe(getHeader().toJsonString().getBytes()));
+		String e64 = new String(Base64.encodeBase64URLSafe(getEncryptedKey()));
+		String c64 = new String(Base64.encodeBase64URLSafe(getCiphertext()));
 		
 		return h64 + "." + e64 + "." + c64;	
 	}

openid-connect-common/src/main/java/org/mitre/jwe/model/JweHeader.java

@@ -33,6 +33,10 @@ public class JweHeader extends JwtHeader{
 		super(b64);
     }
 	
+	public JweHeader(JwtHeader jwtHeader) {
+		super(jwtHeader);
+	}
+	
 	/**
 	 * Load all claims from the given json object into this object
      */

openid-connect-common/src/main/java/org/mitre/jwt/model/ClaimSet.java

@@ -55,6 +55,10 @@ public class ClaimSet {
 		loadFromBase64JsonObjectString(b64);
 	}
 	
+	public ClaimSet(ClaimSet claimSet) {
+		loadFromClaimSet(claimSet);
+	}
+	
 	/**
      * Get an extension claim
      */
@@ -185,6 +189,9 @@ public class ClaimSet {
 
 	/**
 	 * Load new claims from the given json object. Will replace any existing claims, but does not clear claim set.  
+	 * 
+	 * This function is intended to be overridden by subclasses for more exact data type and claim handling.
+	 * 
 	 * @param json
 	 */
 	public void loadFromJsonObject(JsonObject json) {
@@ -217,6 +224,14 @@ public class ClaimSet {
 		jsonString = new String(b64decoded);
 	}
 
+	public void loadFromClaimSet(ClaimSet claimSet) {
+		
+		loadFromJsonObject(getAsJsonObject()); // we push to a JSON object and back to let subclasses override this
+
+		jsonString = claimSet.toJsonString(); // preserve the string on input
+		
+	}
+	
 	public String toJsonString() {
 		if(jsonString == null) {
 			jsonString = this.getAsJsonObject().toString();

openid-connect-common/src/main/java/org/mitre/jwt/model/Jwt.java

@@ -53,9 +53,9 @@ public class Jwt {
 	 */
 	public Jwt(JwtHeader header, JwtClaims claims, String signature) {
 	    super();
-	    this.header = header;
-	    this.claims = claims;
-	    this.signature = signature;
+	    setHeader(header);
+	    setClaims(claims);
+	    setSignature(signature);
     }
 
 

openid-connect-common/src/main/java/org/mitre/jwt/model/JwtClaims.java

@@ -51,6 +51,10 @@ public class JwtClaims extends ClaimSet {
 		super(b64);
 	}
 
+	public JwtClaims(JwtClaims jwtClaims) {
+		super(jwtClaims);
+	}
+	
 	@Override
 	public void loadFromJsonObject(JsonObject json) {
 		JsonObject pass = new JsonObject();

openid-connect-common/src/main/java/org/mitre/jwt/model/JwtHeader.java

@@ -47,6 +47,10 @@ public class JwtHeader extends ClaimSet {
 		super(b64);
     }
 
+	public JwtHeader(JwtHeader jwtHeader) {
+		super(jwtHeader);
+	}
+	
 	/**
 	 * Load all claims from the given json object into this object
      */

openid-connect-common/src/main/java/org/mitre/openid/connect/model/IdToken.java

@@ -80,15 +80,19 @@ public class IdToken extends Jwt {
 	 * @return the tokenClaims
 	 */
 	@Transient
-	public IdTokenClaims getTokenClaims() {
+	public IdTokenClaims getClaims() {
 		return (IdTokenClaims) super.getClaims();
 	}
 
 	/**
 	 * @param tokenClaims the tokenClaims to set
 	 */
-	public void setTokenClaims(IdTokenClaims tokenClaims) {
+	public void setClaims(JwtClaims tokenClaims) {
+		if (tokenClaims instanceof IdTokenClaims) {
 			super.setClaims(tokenClaims);
+		} else {
+			super.setClaims(new IdTokenClaims(tokenClaims));
+		}
 	}
 	
 	

openid-connect-common/src/main/java/org/mitre/openid/connect/model/IdTokenClaims.java

@@ -58,6 +58,10 @@ public class IdTokenClaims extends JwtClaims {
 	    super(b64);
     }
 	
+	public IdTokenClaims(JwtClaims jwtClaims) {
+		super(jwtClaims);
+	}
+
 	/**
      * @return the id
      */