diff --git a/openid-connect-server/src/main/java/org/mitre/jwt/signer/AbstractJwtSigner.java b/openid-connect-server/src/main/java/org/mitre/jwt/signer/AbstractJwtSigner.java index 7c69ced7f..6c8fa969f 100644 --- a/openid-connect-server/src/main/java/org/mitre/jwt/signer/AbstractJwtSigner.java +++ b/openid-connect-server/src/main/java/org/mitre/jwt/signer/AbstractJwtSigner.java @@ -70,7 +70,7 @@ public abstract class AbstractJwtSigner implements JwtSigner { String c64 = parts.get(1); String s64 = parts.get(2); - String expectedSignature = generateSignature(h64 + "." + c64 + "."); + String expectedSignature = generateSignature(h64 + "." + c64); return Strings.nullToEmpty(s64).equals(Strings.nullToEmpty(expectedSignature)); diff --git a/openid-connect-server/src/main/java/org/mitre/jwt/signer/impl/HmacSigner.java b/openid-connect-server/src/main/java/org/mitre/jwt/signer/impl/HmacSigner.java index 91fadf99c..942fcacf9 100644 --- a/openid-connect-server/src/main/java/org/mitre/jwt/signer/impl/HmacSigner.java +++ b/openid-connect-server/src/main/java/org/mitre/jwt/signer/impl/HmacSigner.java @@ -26,7 +26,8 @@ public class HmacSigner extends AbstractJwtSigner implements InitializingBean { public static final String DEFAULT_PASSPHRASE = "changeit"; - public static final String DEFAULT_ALGORITHM = JwsAlgorithm.HS256.toString(); + public static final String DEFAULT_ALGORITHM = JwsAlgorithm.HS256 + .toString(); private static Log logger = LogFactory.getLog(HmacSigner.class); @@ -49,7 +50,8 @@ public class HmacSigner extends AbstractJwtSigner implements InitializingBean { */ public HmacSigner(byte[] passphraseAsRawBytes) throws NoSuchAlgorithmException { - this(DEFAULT_ALGORITHM, new String(passphraseAsRawBytes, Charset.forName("UTF-8"))); + this(DEFAULT_ALGORITHM, new String(passphraseAsRawBytes, + Charset.forName("UTF-8"))); } /** @@ -72,7 +74,8 @@ public class HmacSigner extends AbstractJwtSigner implements InitializingBean { */ public HmacSigner(String algorithmName, byte[] passphraseAsRawBytes) throws NoSuchAlgorithmException { - this(algorithmName, new String(passphraseAsRawBytes, Charset.forName("UTF-8"))); + this(algorithmName, new String(passphraseAsRawBytes, + Charset.forName("UTF-8"))); } /** @@ -87,7 +90,7 @@ public class HmacSigner extends AbstractJwtSigner implements InitializingBean { super(algorithmName); Assert.notNull(passphrase, "A passphrase must be supplied"); - + setPassphrase(passphrase); } @@ -101,12 +104,13 @@ public class HmacSigner extends AbstractJwtSigner implements InitializingBean { @Override public void afterPropertiesSet() throws Exception { - mac = Mac.getInstance(JwsAlgorithm.getByName(super.getAlgorithm()).getStandardName()); - - logger.debug(JwsAlgorithm.getByName(getAlgorithm()).getStandardName() + " ECDSA Signer ready for business"); - } - - + mac = Mac.getInstance(JwsAlgorithm.getByName(super.getAlgorithm()) + .getStandardName()); + + logger.debug(JwsAlgorithm.getByName(getAlgorithm()).getStandardName() + + " ECDSA Signer ready for business"); + } + /* * (non-Javadoc) * @@ -121,7 +125,8 @@ public class HmacSigner extends AbstractJwtSigner implements InitializingBean { } try { - mac.init(new SecretKeySpec(getPassphrase().getBytes(), mac.getAlgorithm())); + mac.init(new SecretKeySpec(getPassphrase().getBytes(), mac + .getAlgorithm())); mac.update(signatureBase.getBytes("UTF-8")); } catch (GeneralSecurityException e) { diff --git a/openid-connect-server/src/test/java/org/mitre/jwt/JwtTest.java b/openid-connect-server/src/test/java/org/mitre/jwt/JwtTest.java index bc968a5d4..8c678ec44 100644 --- a/openid-connect-server/src/test/java/org/mitre/jwt/JwtTest.java +++ b/openid-connect-server/src/test/java/org/mitre/jwt/JwtTest.java @@ -76,6 +76,7 @@ public class JwtTest { assertThat(actual, equalTo(expected)); assertThat(jwt.getSignature(), equalTo(signature)); + assertThat(signer.verify(actual), equalTo(true)); } catch (UnsupportedEncodingException e) { e.printStackTrace();