github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

updated signing request object in OIDC client by pulling out construction of JWT to its own method.

pull/166/merge
Mike Derryberry 2012-07-23 14:13:45 -04:00 committed by Justin Richer
parent 76c91ea79f
commit 685734ce35
1 changed files with 39 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCSignedRequestFilter.java
View File

@ -87,39 +87,7 @@ public class OIDCSignedRequestFilter extends AbstractOIDCAuthenticationFilter {
if(StringUtils.isNotBlank(request.getParameter("token"))) { if(StringUtils.isNotBlank(request.getParameter("token"))) {
Jwt jwt = new Jwt(); Jwt jwt = createAndSignRequestJwt(request, serverConfiguration);
JwtHeader header = jwt.getHeader();
JwtClaims claims = jwt.getClaims();
//set parameters to JwtHeader
header.setAlgorithm(JwsAlgorithm.getByName(SIGNING_ALGORITHM).toString());
//set parameters to JwtClaims
claims.setClaim("response_type", "token");
claims.setClaim("client_id", serverConfiguration.getClientId());
claims.setClaim("scope", scope);
claims.setClaim("redirect_uri", AbstractOIDCAuthenticationFilter.buildRedirectURI(request, null));
claims.setClaim("nonce", NONCE_SIGNATURE_COOKIE_NAME);
if(header.getAlgorithm().equals("RS256") || header.getAlgorithm().equals("RS384") || header.getAlgorithm().equals("RS512")) {
RsaSigner jwtSigner = new RsaSigner();
try {
jwt = jwtSigner.sign(jwt);
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
} else if(header.getAlgorithm().equals("HS256") || header.getAlgorithm().equals("HS384") || header.getAlgorithm().equals("HS512")) {
HmacSigner jwtSigner = new HmacSigner();
try {
jwt = jwtSigner.sign(jwt);
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
} else {
throw new IllegalArgumentException(header.getAlgorithm() + " is not a valid signing algorithm.");
}
Map<String, String> urlVariables = new HashMap<String, String>(); Map<String, String> urlVariables = new HashMap<String, String>();
@ -133,5 +101,43 @@ public class OIDCSignedRequestFilter extends AbstractOIDCAuthenticationFilter {
} }
} }
public Jwt createAndSignRequestJwt(HttpServletRequest request, OIDCServerConfiguration serverConfiguration) {
Jwt jwt = new Jwt();
JwtHeader header = jwt.getHeader();
JwtClaims claims = jwt.getClaims();
//set parameters to JwtHeader
header.setAlgorithm(JwsAlgorithm.getByName(SIGNING_ALGORITHM).toString());
//set parameters to JwtClaims
claims.setClaim("response_type", "token");
claims.setClaim("client_id", serverConfiguration.getClientId());
claims.setClaim("scope", scope);
claims.setClaim("redirect_uri", AbstractOIDCAuthenticationFilter.buildRedirectURI(request, null));
claims.setClaim("nonce", NONCE_SIGNATURE_COOKIE_NAME);
if(header.getAlgorithm().equals("RS256") || header.getAlgorithm().equals("RS384") || header.getAlgorithm().equals("RS512")) {
RsaSigner jwtSigner = new RsaSigner();
try {
jwt = jwtSigner.sign(jwt);
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
} else if(header.getAlgorithm().equals("HS256") || header.getAlgorithm().equals("HS384") || header.getAlgorithm().equals("HS512")) {
HmacSigner jwtSigner = new HmacSigner();
try {
jwt = jwtSigner.sign(jwt);
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
} else {
throw new IllegalArgumentException(header.getAlgorithm() + " is not a valid signing algorithm.");
}
return jwt;
}
} }