Added c_hash function, added stub of unit test for JWSUtils
Amanda Anganes
parent
37580cc21e
commit
861beeba64
|
|
@ -7,6 +7,7 @@ import java.util.Arrays;
|
|||
import javax.crypto.Mac;
|
||||
import javax.crypto.spec.SecretKeySpec;
|
||||
|
||||
import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
|
|
@ -23,11 +24,36 @@ public class JWSUtils {
|
|||
|
||||
private static Logger logger = LoggerFactory.getLogger(JWSUtils.class);
|
||||
|
||||
public static Base64URL getAccessTokenHash(JWSAlgorithm signingAlg, byte[] tokenBytes) {
|
||||
/**
|
||||
* Compute the HMAC hash of an authorization code
|
||||
*
|
||||
* @param signingAlg
|
||||
* @param code
|
||||
* @return
|
||||
*/
|
||||
public static Base64URL getCodeHash(JWSAlgorithm signingAlg, String code) {
|
||||
return getHash(signingAlg, code.getBytes());
|
||||
}
|
||||
|
||||
/**
|
||||
* Compute the HMAC hash of a token
|
||||
*
|
||||
* @param signingAlg
|
||||
* @param token
|
||||
* @return
|
||||
*/
|
||||
public static Base64URL getAccessTokenHash(JWSAlgorithm signingAlg, OAuth2AccessTokenEntity token) {
|
||||
|
||||
byte[] tokenBytes = token.getJwt().serialize().getBytes();
|
||||
|
||||
return getHash(signingAlg, tokenBytes);
|
||||
|
||||
}
|
||||
|
||||
public static Base64URL getHash(JWSAlgorithm signingAlg, byte[] bytes) {
|
||||
|
||||
//Switch based on the given signing algorithm - use HMAC with the same bitnumber
|
||||
//as the JWSAlgorithm to hash the token.
|
||||
|
||||
String hashAlg = null;
|
||||
|
||||
if (signingAlg.equals(JWSAlgorithm.HS256) || signingAlg.equals(JWSAlgorithm.ES256) || signingAlg.equals(JWSAlgorithm.RS256)) {
|
||||
|
|
@ -46,7 +72,7 @@ public class JWSUtils {
|
|||
|
||||
try {
|
||||
Mac mac = Mac.getInstance(hashAlg);
|
||||
mac.init(new SecretKeySpec(tokenBytes, hashAlg));
|
||||
mac.init(new SecretKeySpec(bytes, hashAlg));
|
||||
|
||||
byte[] at_hash_bytes = mac.doFinal();
|
||||
byte[] at_hash_bytes_left = Arrays.copyOf(at_hash_bytes, at_hash_bytes.length / 2);
|
||||
|
|
@ -66,7 +92,6 @@ public class JWSUtils {
|
|||
}
|
||||
|
||||
return null;
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -0,0 +1,39 @@
|
|||
package org.mitre.openid.connect.util;
|
||||
|
||||
|
||||
import net.minidev.json.JSONObject;
|
||||
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.mockito.runners.MockitoJUnitRunner;
|
||||
|
||||
import com.nimbusds.jose.JWSAlgorithm;
|
||||
import com.nimbusds.jose.util.Base64URL;
|
||||
import com.nimbusds.jwt.JWTClaimsSet;
|
||||
|
||||
@RunWith(MockitoJUnitRunner.class)
|
||||
public class TestJWSUtils {
|
||||
|
||||
@Before
|
||||
public void prepare() {
|
||||
|
||||
}
|
||||
|
||||
@Test
|
||||
public void compute_hs256_at_hash() {
|
||||
JWTClaimsSet jwt = new JWTClaimsSet();
|
||||
jwt.setType("JWT");
|
||||
jwt.setClaim("alg", "HS256");
|
||||
JSONObject jwtObj = jwt.toJSONObject();
|
||||
String jwtString = jwtObj.toJSONString();
|
||||
byte[] jwtBytes = jwtString.getBytes();
|
||||
|
||||
Base64URL signedJwt = JWSUtils.getHash(JWSAlgorithm.HS256, jwtBytes);
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
||||
}
|
||||
Loading…
Reference in New Issue