github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Added c_hash function, added stub of unit test for JWSUtils

pull/477/head
Amanda Anganes 2013-07-24 17:48:26 -04:00
parent 37580cc21e
commit 861beeba64
2 changed files with 68 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
openid-connect-server/src/main/java/org/mitre/openid/connect/util/JWSUtils.java
View File

@ -7,6 +7,7 @@ import java.util.Arrays;
import javax.crypto.Mac; import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec; import javax.crypto.spec.SecretKeySpec;
import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
@ -23,11 +24,36 @@ public class JWSUtils {
private static Logger logger = LoggerFactory.getLogger(JWSUtils.class); private static Logger logger = LoggerFactory.getLogger(JWSUtils.class);
public static Base64URL getAccessTokenHash(JWSAlgorithm signingAlg, byte[] tokenBytes) { /**
* Compute the HMAC hash of an authorization code
*
* @param signingAlg
* @param code
* @return
*/
public static Base64URL getCodeHash(JWSAlgorithm signingAlg, String code) {
return getHash(signingAlg, code.getBytes());
}
/**
* Compute the HMAC hash of a token
*
* @param signingAlg
* @param token
* @return
*/
public static Base64URL getAccessTokenHash(JWSAlgorithm signingAlg, OAuth2AccessTokenEntity token) {
byte[] tokenBytes = token.getJwt().serialize().getBytes();
return getHash(signingAlg, tokenBytes);
}
public static Base64URL getHash(JWSAlgorithm signingAlg, byte[] bytes) {
//Switch based on the given signing algorithm - use HMAC with the same bitnumber //Switch based on the given signing algorithm - use HMAC with the same bitnumber
//as the JWSAlgorithm to hash the token. //as the JWSAlgorithm to hash the token.
String hashAlg = null; String hashAlg = null;
if (signingAlg.equals(JWSAlgorithm.HS256) || signingAlg.equals(JWSAlgorithm.ES256) || signingAlg.equals(JWSAlgorithm.RS256)) { if (signingAlg.equals(JWSAlgorithm.HS256) || signingAlg.equals(JWSAlgorithm.ES256) || signingAlg.equals(JWSAlgorithm.RS256)) {
@ -46,7 +72,7 @@ public class JWSUtils {
try { try {
Mac mac = Mac.getInstance(hashAlg); Mac mac = Mac.getInstance(hashAlg);
mac.init(new SecretKeySpec(tokenBytes, hashAlg)); mac.init(new SecretKeySpec(bytes, hashAlg));
byte[] at_hash_bytes = mac.doFinal(); byte[] at_hash_bytes = mac.doFinal();
byte[] at_hash_bytes_left = Arrays.copyOf(at_hash_bytes, at_hash_bytes.length / 2); byte[] at_hash_bytes_left = Arrays.copyOf(at_hash_bytes, at_hash_bytes.length / 2);
@ -66,7 +92,6 @@ public class JWSUtils {
} }
return null; return null;
} }
} }

39
openid-connect-server/src/test/java/org/mitre/openid/connect/util/TestJWSUtils.java Normal file
View File

@ -0,0 +1,39 @@
package org.mitre.openid.connect.util;
import net.minidev.json.JSONObject;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.runners.MockitoJUnitRunner;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.util.Base64URL;
import com.nimbusds.jwt.JWTClaimsSet;
@RunWith(MockitoJUnitRunner.class)
public class TestJWSUtils {
@Before
public void prepare() {
}
@Test
public void compute_hs256_at_hash() {
JWTClaimsSet jwt = new JWTClaimsSet();
jwt.setType("JWT");
jwt.setClaim("alg", "HS256");
JSONObject jwtObj = jwt.toJSONObject();
String jwtString = jwtObj.toJSONString();
byte[] jwtBytes = jwtString.getBytes();
Base64URL signedJwt = JWSUtils.getHash(JWSAlgorithm.HS256, jwtBytes);
}
}