the signature base created in the verify method of the AbstractJwtSigner did not match how the Jwt.getSignatureBase creates the signature base. also, modified the testGenerateHmacSignature to exercise

openid-connect-server/src/main/java/org/mitre/jwt/signer/AbstractJwtSigner.java

@@ -70,7 +70,7 @@ public abstract class AbstractJwtSigner implements JwtSigner {
 		String c64 = parts.get(1);
 		String s64 = parts.get(2);
     	
-		String expectedSignature = generateSignature(h64 + "." + c64 + ".");
+		String expectedSignature = generateSignature(h64 + "." + c64);
 		
 		return Strings.nullToEmpty(s64).equals(Strings.nullToEmpty(expectedSignature));
     	

openid-connect-server/src/main/java/org/mitre/jwt/signer/impl/HmacSigner.java

@@ -26,7 +26,8 @@ public class HmacSigner extends AbstractJwtSigner implements InitializingBean {
 
 	public static final String DEFAULT_PASSPHRASE = "changeit";
 
-	public static final String DEFAULT_ALGORITHM = JwsAlgorithm.HS256.toString();
+	public static final String DEFAULT_ALGORITHM = JwsAlgorithm.HS256
+			.toString();
 
 	private static Log logger = LogFactory.getLog(HmacSigner.class);
 
@@ -49,7 +50,8 @@ public class HmacSigner extends AbstractJwtSigner implements InitializingBean {
 	 */
 	public HmacSigner(byte[] passphraseAsRawBytes)
 			throws NoSuchAlgorithmException {
-		this(DEFAULT_ALGORITHM, new String(passphraseAsRawBytes, Charset.forName("UTF-8")));
+		this(DEFAULT_ALGORITHM, new String(passphraseAsRawBytes,
+				Charset.forName("UTF-8")));
 	}
 
 	/**
@@ -72,7 +74,8 @@ public class HmacSigner extends AbstractJwtSigner implements InitializingBean {
 	 */
 	public HmacSigner(String algorithmName, byte[] passphraseAsRawBytes)
 			throws NoSuchAlgorithmException {
-		this(algorithmName, new String(passphraseAsRawBytes, Charset.forName("UTF-8")));
+		this(algorithmName, new String(passphraseAsRawBytes,
+				Charset.forName("UTF-8")));
 	}
 
 	/**
@@ -101,12 +104,13 @@ public class HmacSigner extends AbstractJwtSigner implements InitializingBean {
 	@Override
 	public void afterPropertiesSet() throws Exception {
 
-		mac = Mac.getInstance(JwsAlgorithm.getByName(super.getAlgorithm()).getStandardName());
+		mac = Mac.getInstance(JwsAlgorithm.getByName(super.getAlgorithm())
+				.getStandardName());
 
-		logger.debug(JwsAlgorithm.getByName(getAlgorithm()).getStandardName() + " ECDSA Signer ready for business");
+		logger.debug(JwsAlgorithm.getByName(getAlgorithm()).getStandardName()
+				+ " ECDSA Signer ready for business");
 	}
 
-	
 	/*
 	 * (non-Javadoc)
 	 * 
@@ -121,7 +125,8 @@ public class HmacSigner extends AbstractJwtSigner implements InitializingBean {
 		}
 
 		try {
-			mac.init(new SecretKeySpec(getPassphrase().getBytes(), mac.getAlgorithm()));
+			mac.init(new SecretKeySpec(getPassphrase().getBytes(), mac
+					.getAlgorithm()));
 
 			mac.update(signatureBase.getBytes("UTF-8"));
 		} catch (GeneralSecurityException e) {

openid-connect-server/src/test/java/org/mitre/jwt/JwtTest.java

@@ -76,6 +76,7 @@ public class JwtTest {
 	
 			assertThat(actual, equalTo(expected));
 			assertThat(jwt.getSignature(), equalTo(signature));
+			assertThat(signer.verify(actual), equalTo(true));
 
 		} catch (UnsupportedEncodingException e) {
 			e.printStackTrace();