Use unencoded hash function and bump version to v1.3.6.cnaf.20230726

2023-07-26 10:55:10 +01:00 · 2023-07-26 10:55:10 +01:00 · 521019fed8
parent 07aeb26312
commit 521019fed8
6 changed files with 7 additions and 8 deletions
--- a/openid-connect-client/pom.xml
+++ b/openid-connect-client/pom.xml
@ -22,7 +22,7 @@
 	<parent>
 		<artifactId>openid-connect-parent</artifactId>
 		<groupId>org.mitre</groupId>
-		<version>1.3.6.cnaf-20230725</version>
+		<version>1.3.6.cnaf-20230726</version>
 		<relativePath>..</relativePath>
 	</parent>
 	<artifactId>openid-connect-client</artifactId>
--- a/openid-connect-common/pom.xml
+++ b/openid-connect-common/pom.xml
@ -22,7 +22,7 @@
 	<parent>
 		<artifactId>openid-connect-parent</artifactId>
 		<groupId>org.mitre</groupId>
-		<version>1.3.6.cnaf-20230725</version>
+		<version>1.3.6.cnaf-20230726</version>
 		<relativePath>..</relativePath>
 	</parent>
 	<artifactId>openid-connect-common</artifactId>
--- a/openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2AccessTokenEntity.java
+++ b/openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2AccessTokenEntity.java
@ -20,7 +20,6 @@
 */
 package org.mitre.oauth2.model;
 import java.nio.charset.StandardCharsets;
 import java.util.Date;
 import java.util.HashMap;
 import java.util.Map;
@ -282,7 +281,7 @@ public class OAuth2AccessTokenEntity implements OAuth2AccessToken {
 	 * @return the tokenValueHash
 	 */
 	@Basic
-	@Column(name = "token_value_hash")
+	@Column(name = "token_value_hash", length = 64)
 	public String getTokenValueHash() {
 		return tokenValueHash;
 	}
@ -351,7 +350,7 @@ public class OAuth2AccessTokenEntity implements OAuth2AccessToken {
  public void hashMe() {
    if (jwtValue != null) {
      this.tokenValueHash = Hashing.sha256()
-        .hashString(jwtValue.serialize(), StandardCharsets.UTF_8)
+        .hashUnencodedChars(jwtValue.serialize())
        .toString();
    }
  }
--- a/openid-connect-server/pom.xml
+++ b/openid-connect-server/pom.xml
@ -23,7 +23,7 @@
 	<parent>
 		<groupId>org.mitre</groupId>
 		<artifactId>openid-connect-parent</artifactId>
-		<version>1.3.6.cnaf-20230725</version>
+		<version>1.3.6.cnaf-20230726</version>
 		<relativePath>..</relativePath>
 	</parent>
 	<build>
--- a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaOAuth2TokenRepository.java
+++ b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaOAuth2TokenRepository.java
@ -83,7 +83,7 @@ public class JpaOAuth2TokenRepository implements OAuth2TokenRepository {
 	public OAuth2AccessTokenEntity getAccessTokenByValue(
 			String accessTokenValue) {
 		String atHashed = Hashing.sha256()
-			.hashString(accessTokenValue, StandardCharsets.UTF_8)
+			.hashUnencodedChars(accessTokenValue)
 			.toString();
 		TypedQuery<OAuth2AccessTokenEntity> query = manager.createNamedQuery(
 				OAuth2AccessTokenEntity.QUERY_BY_TOKEN_VALUE_HASH,
--- a/pom.xml
+++ b/pom.xml
@ -20,7 +20,7 @@
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>org.mitre</groupId>
 	<artifactId>openid-connect-parent</artifactId>
-	<version>1.3.6.cnaf-20230725</version>
+	<version>1.3.6.cnaf-20230726</version>
 	<name>MITREid Connect</name>
 	<packaging>pom</packaging>
 	<parent>