github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

consistently named JOSE-based classes, closes #529

pull/779/head
Justin Richer 2015-02-17 12:11:58 -05:00
parent 335d05bb5c
commit 994ce6c743
24 changed files with 135 additions and 135 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationFilter.java
View File

@ -36,9 +36,9 @@ import javax.servlet.http.HttpSession;
import org.apache.http.client.HttpClient;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.impl.client.HttpClientBuilder;
import org.mitre.jwt.signer.service.JwtSigningAndValidationService;
import org.mitre.jwt.signer.service.JWTSigningAndValidationService;
import org.mitre.jwt.signer.service.impl.JWKSetCacheService;
import org.mitre.jwt.signer.service.impl.SymmetricCacheService;
import org.mitre.jwt.signer.service.impl.SymmetricKeyJWTValidatorCacheService;
import org.mitre.oauth2.model.RegisteredClient;
import org.mitre.openid.connect.client.model.IssuerServiceResponse;
import org.mitre.openid.connect.client.service.AuthRequestOptionsService;
@ -105,11 +105,11 @@ public class OIDCAuthenticationFilter extends AbstractAuthenticationProcessingFi
// creates JWT signer/validators for symmetric keys
@Autowired(required=false)
private SymmetricCacheService symmetricCacheService;
private SymmetricKeyJWTValidatorCacheService symmetricCacheService;
// signer based on keypair for this client (for outgoing auth requests)
@Autowired
private JwtSigningAndValidationService authenticationSignerService;
private JWTSigningAndValidationService authenticationSignerService;
/*
@ -152,7 +152,7 @@ public class OIDCAuthenticationFilter extends AbstractAuthenticationProcessingFi
}
if (symmetricCacheService == null) {
symmetricCacheService = new SymmetricCacheService();
symmetricCacheService = new SymmetricKeyJWTValidatorCacheService();
}
}
@ -348,7 +348,7 @@ public class OIDCAuthenticationFilter extends AbstractAuthenticationProcessingFi
// do a symmetric secret signed JWT for auth
JwtSigningAndValidationService signer = null;
JWTSigningAndValidationService signer = null;
JWSAlgorithm alg = clientConfig.getTokenEndpointAuthSigningAlg();
if (SECRET_JWT.equals(clientConfig.getTokenEndpointAuthMethod()) &&
@ -472,7 +472,7 @@ public class OIDCAuthenticationFilter extends AbstractAuthenticationProcessingFi
ReadOnlyJWTClaimsSet idClaims = idToken.getJWTClaimsSet();
// check the signature
JwtSigningAndValidationService jwtValidator = null;
JWTSigningAndValidationService jwtValidator = null;
Algorithm tokenAlg = idToken.getHeader().getAlgorithm();
@ -829,11 +829,11 @@ public class OIDCAuthenticationFilter extends AbstractAuthenticationProcessingFi
this.authOptions = authOptions;
}
public SymmetricCacheService getSymmetricCacheService() {
public SymmetricKeyJWTValidatorCacheService getSymmetricCacheService() {
return symmetricCacheService;
}
public void setSymmetricCacheService(SymmetricCacheService symmetricCacheService) {
public void setSymmetricCacheService(SymmetricKeyJWTValidatorCacheService symmetricCacheService) {
this.symmetricCacheService = symmetricCacheService;
}

18
openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/ClientKeyPublisher.java
View File

@ -19,8 +19,8 @@ package org.mitre.openid.connect.client.keypublisher;
import java.util.Map;
import java.util.UUID;
import org.mitre.jwt.signer.service.JwtSigningAndValidationService;
import org.mitre.openid.connect.view.JwkKeyListView;
import org.mitre.jwt.signer.service.JWTSigningAndValidationService;
import org.mitre.openid.connect.view.JWKSetView;
import org.springframework.beans.BeansException;
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
import org.springframework.beans.factory.support.BeanDefinitionBuilder;
@ -37,13 +37,13 @@ import com.nimbusds.jose.jwk.JWK;
*/
public class ClientKeyPublisher implements BeanDefinitionRegistryPostProcessor {
private JwtSigningAndValidationService signingAndValidationService;
private JWTSigningAndValidationService signingAndValidationService;
private String jwkPublishUrl;
private BeanDefinitionRegistry registry;
private String jwkViewName = JwkKeyListView.VIEWNAME;
private String jwkViewName = JWKSetView.VIEWNAME;
/**
* If the jwkPublishUrl field is set on this bean, set up a listener on that URL to publish keys.
@ -61,12 +61,12 @@ public class ClientKeyPublisher implements BeanDefinitionRegistryPostProcessor {
clientKeyMapping.addPropertyValue("jwkPublishUrl", getJwkPublishUrl());
// randomize view name to make sure it doesn't conflict with local views
jwkViewName = JwkKeyListView.VIEWNAME + "-" + UUID.randomUUID().toString();
jwkViewName = JWKSetView.VIEWNAME + "-" + UUID.randomUUID().toString();
viewResolver.addPropertyValue("jwkViewName", jwkViewName);
// view bean
BeanDefinitionBuilder jwkView = BeanDefinitionBuilder.rootBeanDefinition(JwkKeyListView.class);
registry.registerBeanDefinition(JwkKeyListView.VIEWNAME, jwkView.getBeanDefinition());
BeanDefinitionBuilder jwkView = BeanDefinitionBuilder.rootBeanDefinition(JWKSetView.class);
registry.registerBeanDefinition(JWKSetView.VIEWNAME, jwkView.getBeanDefinition());
viewResolver.addPropertyReference("jwk", "jwkKeyList");
}
@ -114,14 +114,14 @@ public class ClientKeyPublisher implements BeanDefinitionRegistryPostProcessor {
/**
* @return the signingAndValidationService
*/
public JwtSigningAndValidationService getSigningAndValidationService() {
public JWTSigningAndValidationService getSigningAndValidationService() {
return signingAndValidationService;
}
/**
* @param signingAndValidationService the signingAndValidationService to set
*/
public void setSigningAndValidationService(JwtSigningAndValidationService signingAndValidationService) {
public void setSigningAndValidationService(JWTSigningAndValidationService signingAndValidationService) {
this.signingAndValidationService = signingAndValidationService;
}

4
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/EncryptedAuthRequestUrlBuilder.java
View File

@ -24,7 +24,7 @@ import java.util.Map;
import java.util.Map.Entry;
import org.apache.http.client.utils.URIBuilder;
import org.mitre.jwt.encryption.service.JwtEncryptionAndDecryptionService;
import org.mitre.jwt.encryption.service.JWTEncryptionAndDecryptionService;
import org.mitre.jwt.signer.service.impl.JWKSetCacheService;
import org.mitre.oauth2.model.RegisteredClient;
import org.mitre.openid.connect.client.service.AuthRequestUrlBuilder;
@ -82,7 +82,7 @@ public class EncryptedAuthRequestUrlBuilder implements AuthRequestUrlBuilder {
EncryptedJWT jwt = new EncryptedJWT(new JWEHeader(alg, enc), claims);
JwtEncryptionAndDecryptionService encryptor = encrypterService.getEncrypter(serverConfig.getJwksUri());
JWTEncryptionAndDecryptionService encryptor = encrypterService.getEncrypter(serverConfig.getJwksUri());
encryptor.encryptJwt(jwt);

8
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/SignedAuthRequestUrlBuilder.java
View File

@ -24,7 +24,7 @@ import java.util.Map;
import java.util.Map.Entry;
import org.apache.http.client.utils.URIBuilder;
import org.mitre.jwt.signer.service.JwtSigningAndValidationService;
import org.mitre.jwt.signer.service.JWTSigningAndValidationService;
import org.mitre.oauth2.model.RegisteredClient;
import org.mitre.openid.connect.client.service.AuthRequestUrlBuilder;
import org.mitre.openid.connect.config.ServerConfiguration;
@ -41,7 +41,7 @@ import com.nimbusds.jwt.SignedJWT;
*/
public class SignedAuthRequestUrlBuilder implements AuthRequestUrlBuilder {
private JwtSigningAndValidationService signingAndValidationService;
private JWTSigningAndValidationService signingAndValidationService;
/* (non-Javadoc)
* @see org.mitre.openid.connect.client.service.AuthRequestUrlBuilder#buildAuthRequestUrl(org.mitre.openid.connect.config.ServerConfiguration, org.springframework.security.oauth2.provider.ClientDetails, java.lang.String, java.lang.String, java.lang.String)
@ -93,14 +93,14 @@ public class SignedAuthRequestUrlBuilder implements AuthRequestUrlBuilder {
/**
* @return the signingAndValidationService
*/
public JwtSigningAndValidationService getSigningAndValidationService() {
public JWTSigningAndValidationService getSigningAndValidationService() {
return signingAndValidationService;
}
/**
* @param signingAndValidationService the signingAndValidationService to set
*/
public void setSigningAndValidationService(JwtSigningAndValidationService signingAndValidationService) {
public void setSigningAndValidationService(JWTSigningAndValidationService signingAndValidationService) {
this.signingAndValidationService = signingAndValidationService;
}

6
openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestSignedAuthRequestUrlBuilder.java
View File

@ -31,7 +31,7 @@ import java.util.Map;
import org.junit.Before;
import org.junit.Test;
import org.mitre.jwt.signer.service.impl.DefaultJwtSigningAndValidationService;
import org.mitre.jwt.signer.service.impl.DefaultJWTSigningAndValidationService;
import org.mitre.oauth2.model.RegisteredClient;
import org.mitre.openid.connect.config.ServerConfiguration;
import org.mockito.Mockito;
@ -83,7 +83,7 @@ public class TestSignedAuthRequestUrlBuilder {
private String alg = "RS256";
private String kid = "2011-04-29";
private DefaultJwtSigningAndValidationService signingAndValidationService;
private DefaultJWTSigningAndValidationService signingAndValidationService;
private SignedAuthRequestUrlBuilder urlBuilder = new SignedAuthRequestUrlBuilder();
@ -94,7 +94,7 @@ public class TestSignedAuthRequestUrlBuilder {
Map<String, JWK> keys = Maps.newHashMap();
keys.put("client", key);
signingAndValidationService = new DefaultJwtSigningAndValidationService(keys);
signingAndValidationService = new DefaultJWTSigningAndValidationService(keys);
signingAndValidationService.setDefaultSignerKeyId("client");
signingAndValidationService.setDefaultSigningAlgorithmName(alg);

2
openid-connect-common/src/main/java/org/mitre/jwt/encryption/service/JwtEncryptionAndDecryptionService.java → openid-connect-common/src/main/java/org/mitre/jwt/encryption/service/JWTEncryptionAndDecryptionService.java
View File

@ -28,7 +28,7 @@ import com.nimbusds.jose.jwk.JWK;
* @author wkim
*
*/
public interface JwtEncryptionAndDecryptionService {
public interface JWTEncryptionAndDecryptionService {
/**
* Encrypts the JWT in place with the default encrypter.

10
openid-connect-common/src/main/java/org/mitre/jwt/encryption/service/impl/DefaultJwtEncryptionAndDecryptionService.java → openid-connect-common/src/main/java/org/mitre/jwt/encryption/service/impl/DefaultJWTEncryptionAndDecryptionService.java
View File

@ -27,7 +27,7 @@ import java.util.Set;
import javax.annotation.PostConstruct;
import org.mitre.jose.keystore.JWKSetKeyStore;
import org.mitre.jwt.encryption.service.JwtEncryptionAndDecryptionService;
import org.mitre.jwt.encryption.service.JWTEncryptionAndDecryptionService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@ -50,9 +50,9 @@ import com.nimbusds.jose.jwk.RSAKey;
* @author wkim
*
*/
public class DefaultJwtEncryptionAndDecryptionService implements JwtEncryptionAndDecryptionService {
public class DefaultJWTEncryptionAndDecryptionService implements JWTEncryptionAndDecryptionService {
private static Logger logger = LoggerFactory.getLogger(DefaultJwtEncryptionAndDecryptionService.class);
private static Logger logger = LoggerFactory.getLogger(DefaultJWTEncryptionAndDecryptionService.class);
// map of identifier to encrypter
private Map<String, JWEEncrypter> encrypters = new HashMap<String, JWEEncrypter>();
@ -78,7 +78,7 @@ public class DefaultJwtEncryptionAndDecryptionService implements JwtEncryptionAn
* @throws InvalidKeySpecException
* @throws JOSEException
*/
public DefaultJwtEncryptionAndDecryptionService(Map<String, JWK> keys) throws NoSuchAlgorithmException, InvalidKeySpecException, JOSEException {
public DefaultJWTEncryptionAndDecryptionService(Map<String, JWK> keys) throws NoSuchAlgorithmException, InvalidKeySpecException, JOSEException {
this.keys = keys;
buildEncryptersAndDecrypters();
}
@ -92,7 +92,7 @@ public class DefaultJwtEncryptionAndDecryptionService implements JwtEncryptionAn
* @throws InvalidKeySpecException
* @throws JOSEException
*/
public DefaultJwtEncryptionAndDecryptionService(JWKSetKeyStore keyStore) throws NoSuchAlgorithmException, InvalidKeySpecException, JOSEException {
public DefaultJWTEncryptionAndDecryptionService(JWKSetKeyStore keyStore) throws NoSuchAlgorithmException, InvalidKeySpecException, JOSEException {
// convert all keys in the keystore to a map based on key id
for (JWK key : keyStore.getKeys()) {

2
openid-connect-common/src/main/java/org/mitre/jwt/signer/service/JwtSigningAndValidationService.java → openid-connect-common/src/main/java/org/mitre/jwt/signer/service/JWTSigningAndValidationService.java
View File

@ -24,7 +24,7 @@ import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.jwk.JWK;
import com.nimbusds.jwt.SignedJWT;
public interface JwtSigningAndValidationService {
public interface JWTSigningAndValidationService {
/**
* Get all public keys for this service, mapped by their Key ID

10
openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/DefaultJwtSigningAndValidationService.java → openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/DefaultJWTSigningAndValidationService.java
View File

@ -26,7 +26,7 @@ import java.util.Set;
import java.util.UUID;
import org.mitre.jose.keystore.JWKSetKeyStore;
import org.mitre.jwt.signer.service.JwtSigningAndValidationService;
import org.mitre.jwt.signer.service.JWTSigningAndValidationService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@ -45,7 +45,7 @@ import com.nimbusds.jose.jwk.OctetSequenceKey;
import com.nimbusds.jose.jwk.RSAKey;
import com.nimbusds.jwt.SignedJWT;
public class DefaultJwtSigningAndValidationService implements JwtSigningAndValidationService {
public class DefaultJWTSigningAndValidationService implements JWTSigningAndValidationService {
// map of identifier to signer
private Map<String, JWSSigner> signers = new HashMap<String, JWSSigner>();
@ -53,7 +53,7 @@ public class DefaultJwtSigningAndValidationService implements JwtSigningAndValid
// map of identifier to verifier
private Map<String, JWSVerifier> verifiers = new HashMap<String, JWSVerifier>();
private static Logger logger = LoggerFactory.getLogger(DefaultJwtSigningAndValidationService.class);
private static Logger logger = LoggerFactory.getLogger(DefaultJWTSigningAndValidationService.class);
private String defaultSignerKeyId;
@ -74,7 +74,7 @@ public class DefaultJwtSigningAndValidationService implements JwtSigningAndValid
* @throws NoSuchAlgorithmException
* If there is no appropriate algorithm to tie the keys to.
*/
public DefaultJwtSigningAndValidationService(Map<String, JWK> keys) throws NoSuchAlgorithmException, InvalidKeySpecException {
public DefaultJWTSigningAndValidationService(Map<String, JWK> keys) throws NoSuchAlgorithmException, InvalidKeySpecException {
this.keys = keys;
buildSignersAndVerifiers();
}
@ -91,7 +91,7 @@ public class DefaultJwtSigningAndValidationService implements JwtSigningAndValid
* @throws NoSuchAlgorithmException
* If there is no appropriate algorithm to tie the keys to.
*/
public DefaultJwtSigningAndValidationService(JWKSetKeyStore keyStore) throws NoSuchAlgorithmException, InvalidKeySpecException {
public DefaultJWTSigningAndValidationService(JWKSetKeyStore keyStore) throws NoSuchAlgorithmException, InvalidKeySpecException {
// convert all keys in the keystore to a map based on key id
if (keyStore!= null && keyStore.getJwkSet() != null) {
for (JWK key : keyStore.getKeys()) {

26
openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/JWKSetCacheService.java
View File

@ -25,9 +25,9 @@ import java.util.concurrent.TimeUnit;
import org.apache.http.client.HttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.mitre.jose.keystore.JWKSetKeyStore;
import org.mitre.jwt.encryption.service.JwtEncryptionAndDecryptionService;
import org.mitre.jwt.encryption.service.impl.DefaultJwtEncryptionAndDecryptionService;
import org.mitre.jwt.signer.service.JwtSigningAndValidationService;
import org.mitre.jwt.encryption.service.JWTEncryptionAndDecryptionService;
import org.mitre.jwt.encryption.service.impl.DefaultJWTEncryptionAndDecryptionService;
import org.mitre.jwt.signer.service.JWTSigningAndValidationService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
@ -54,10 +54,10 @@ public class JWKSetCacheService {
private static Logger logger = LoggerFactory.getLogger(JWKSetCacheService.class);
// map of jwk set uri -> signing/validation service built on the keys found in that jwk set
private LoadingCache<String, JwtSigningAndValidationService> validators;
private LoadingCache<String, JWTSigningAndValidationService> validators;
// map of jwk set uri -> encryption/decryption service built on the keys found in that jwk set
private LoadingCache<String, JwtEncryptionAndDecryptionService> encrypters;
private LoadingCache<String, JWTEncryptionAndDecryptionService> encrypters;
public JWKSetCacheService() {
this.validators = CacheBuilder.newBuilder()
@ -76,7 +76,7 @@ public class JWKSetCacheService {
* @throws ExecutionException
* @see com.google.common.cache.Cache#get(java.lang.Object)
*/
public JwtSigningAndValidationService getValidator(String jwksUri) {
public JWTSigningAndValidationService getValidator(String jwksUri) {
try {
return validators.get(jwksUri);
} catch (UncheckedExecutionException ue) {
@ -88,7 +88,7 @@ public class JWKSetCacheService {
}
}
public JwtEncryptionAndDecryptionService getEncrypter(String jwksUri) {
public JWTEncryptionAndDecryptionService getEncrypter(String jwksUri) {
try {
return encrypters.get(jwksUri);
} catch (UncheckedExecutionException ue) {
@ -104,7 +104,7 @@ public class JWKSetCacheService {
* @author jricher
*
*/
private class JWKSetVerifierFetcher extends CacheLoader<String, JwtSigningAndValidationService> {
private class JWKSetVerifierFetcher extends CacheLoader<String, JWTSigningAndValidationService> {
private HttpClient httpClient = HttpClientBuilder.create().useSystemProperties().build();
private HttpComponentsClientHttpRequestFactory httpFactory = new HttpComponentsClientHttpRequestFactory(httpClient);
private RestTemplate restTemplate = new RestTemplate(httpFactory);
@ -113,14 +113,14 @@ public class JWKSetCacheService {
* Load the JWK Set and build the appropriate signing service.
*/
@Override
public JwtSigningAndValidationService load(String key) throws Exception {
public JWTSigningAndValidationService load(String key) throws Exception {
String jsonString = restTemplate.getForObject(key, String.class);
JWKSet jwkSet = JWKSet.parse(jsonString);
JWKSetKeyStore keyStore = new JWKSetKeyStore(jwkSet);
JwtSigningAndValidationService service = new DefaultJwtSigningAndValidationService(keyStore);
JWTSigningAndValidationService service = new DefaultJWTSigningAndValidationService(keyStore);
return service;
@ -132,7 +132,7 @@ public class JWKSetCacheService {
* @author jricher
*
*/
private class JWKSetEncryptorFetcher extends CacheLoader<String, JwtEncryptionAndDecryptionService> {
private class JWKSetEncryptorFetcher extends CacheLoader<String, JWTEncryptionAndDecryptionService> {
private HttpClient httpClient = HttpClientBuilder.create().useSystemProperties().build();
private HttpComponentsClientHttpRequestFactory httpFactory = new HttpComponentsClientHttpRequestFactory(httpClient);
private RestTemplate restTemplate = new RestTemplate(httpFactory);
@ -140,13 +140,13 @@ public class JWKSetCacheService {
* @see com.google.common.cache.CacheLoader#load(java.lang.Object)
*/
@Override
public JwtEncryptionAndDecryptionService load(String key) throws Exception {
public JWTEncryptionAndDecryptionService load(String key) throws Exception {
String jsonString = restTemplate.getForObject(key, String.class);
JWKSet jwkSet = JWKSet.parse(jsonString);
JWKSetKeyStore keyStore = new JWKSetKeyStore(jwkSet);
JwtEncryptionAndDecryptionService service = new DefaultJwtEncryptionAndDecryptionService(keyStore);
JWTEncryptionAndDecryptionService service = new DefaultJWTEncryptionAndDecryptionService(keyStore);
return service;
}

18
openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/SymmetricCacheService.java → openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/SymmetricKeyJWTValidatorCacheService.java
View File

@ -22,7 +22,7 @@ import java.util.Map;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;
import org.mitre.jwt.signer.service.JwtSigningAndValidationService;
import org.mitre.jwt.signer.service.JWTSigningAndValidationService;
import org.mitre.oauth2.model.ClientDetailsEntity;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@ -46,14 +46,14 @@ import com.nimbusds.jose.util.Base64URL;
*
*/
@Service
public class SymmetricCacheService {
public class SymmetricKeyJWTValidatorCacheService {
private static Logger logger = LoggerFactory.getLogger(SymmetricCacheService.class);
private static Logger logger = LoggerFactory.getLogger(SymmetricKeyJWTValidatorCacheService.class);
private LoadingCache<String, JwtSigningAndValidationService> validators;
private LoadingCache<String, JWTSigningAndValidationService> validators;
public SymmetricCacheService() {
public SymmetricKeyJWTValidatorCacheService() {
validators = CacheBuilder.newBuilder()
.expireAfterAccess(24, TimeUnit.HOURS)
.maximumSize(100)
@ -67,7 +67,7 @@ public class SymmetricCacheService {
* @param client
* @return
*/
public JwtSigningAndValidationService getSymmetricValidtor(ClientDetailsEntity client) {
public JWTSigningAndValidationService getSymmetricValidtor(ClientDetailsEntity client) {
if (client == null) {
logger.error("Couldn't create symmetric validator for null client");
@ -91,16 +91,16 @@ public class SymmetricCacheService {
}
public class SymmetricValidatorBuilder extends CacheLoader<String, JwtSigningAndValidationService> {
public class SymmetricValidatorBuilder extends CacheLoader<String, JWTSigningAndValidationService> {
@Override
public JwtSigningAndValidationService load(String key) throws Exception {
public JWTSigningAndValidationService load(String key) throws Exception {
try {
String id = "SYMMETRIC-KEY";
JWK jwk = new OctetSequenceKey(Base64URL.encode(key), KeyUse.SIGNATURE, null, null, id, null, null, null);
Map<String, JWK> keys = ImmutableMap.of(id, jwk);
JwtSigningAndValidationService service = new DefaultJwtSigningAndValidationService(keys);
JWTSigningAndValidationService service = new DefaultJWTSigningAndValidationService(keys);
return service;

10
openid-connect-common/src/main/java/org/mitre/openid/connect/view/JwkKeyListView.java → openid-connect-common/src/main/java/org/mitre/openid/connect/view/JWKSetView.java
View File

@ -39,11 +39,11 @@ import com.nimbusds.jose.jwk.JWKSet;
* @author jricher
*
*/
@Component(JwkKeyListView.VIEWNAME)
public class JwkKeyListView extends AbstractView {
@Component(JWKSetView.VIEWNAME)
public class JWKSetView extends AbstractView {
public static final String VIEWNAME = "jwkKeyList";
private static Logger logger = LoggerFactory.getLogger(JwkKeyListView.class);
public static final String VIEWNAME = "jwkSet";
private static Logger logger = LoggerFactory.getLogger(JWKSetView.class);
@Override
protected void renderMergedOutputModel(Map<String, Object> model, HttpServletRequest request, HttpServletResponse response) {
@ -63,7 +63,7 @@ public class JwkKeyListView extends AbstractView {
} catch (IOException e) {
logger.error("IOException in JwkKeyListView.java: ", e);
logger.error("IOException in JWKSetView.java: ", e);
}

22
openid-connect-common/src/test/java/org/mitre/jwt/encryption/service/impl/TestDefaultJwtEncryptionAndDecryptionService.java → openid-connect-common/src/test/java/org/mitre/jwt/encryption/service/impl/TestDefaultJWTEncryptionAndDecryptionService.java
View File

@ -56,7 +56,7 @@ import com.nimbusds.jwt.ReadOnlyJWTClaimsSet;
*
*/
public class TestDefaultJwtEncryptionAndDecryptionService {
public class TestDefaultJWTEncryptionAndDecryptionService {
private String plainText = "The true sign of intelligence is not knowledge but imagination.";
@ -136,20 +136,20 @@ public class TestDefaultJwtEncryptionAndDecryptionService {
private List<JWK> keys_list = new LinkedList<JWK>();
private DefaultJwtEncryptionAndDecryptionService service;
private DefaultJwtEncryptionAndDecryptionService service_2;
private DefaultJwtEncryptionAndDecryptionService service_3;
private DefaultJwtEncryptionAndDecryptionService service_4;
private DefaultJwtEncryptionAndDecryptionService service_ks;
private DefaultJWTEncryptionAndDecryptionService service;
private DefaultJWTEncryptionAndDecryptionService service_2;
private DefaultJWTEncryptionAndDecryptionService service_3;
private DefaultJWTEncryptionAndDecryptionService service_4;
private DefaultJWTEncryptionAndDecryptionService service_ks;
@Before
public void prepare() throws NoSuchAlgorithmException, InvalidKeySpecException, JOSEException {
service = new DefaultJwtEncryptionAndDecryptionService(keys);
service_2 = new DefaultJwtEncryptionAndDecryptionService(keys_2);
service_3 = new DefaultJwtEncryptionAndDecryptionService(keys_3);
service_4 = new DefaultJwtEncryptionAndDecryptionService(keys_4);
service = new DefaultJWTEncryptionAndDecryptionService(keys);
service_2 = new DefaultJWTEncryptionAndDecryptionService(keys_2);
service_3 = new DefaultJWTEncryptionAndDecryptionService(keys_3);
service_4 = new DefaultJWTEncryptionAndDecryptionService(keys_4);
claimsSet.setIssuer(issuer);
claimsSet.setSubject(subject);
@ -161,7 +161,7 @@ public class TestDefaultJwtEncryptionAndDecryptionService {
JWKSet jwkSet = new JWKSet(keys_list);
JWKSetKeyStore keyStore = new JWKSetKeyStore(jwkSet);
service_ks = new DefaultJwtEncryptionAndDecryptionService(keyStore);
service_ks = new DefaultJWTEncryptionAndDecryptionService(keyStore);
}

8
openid-connect-server/src/main/java/org/mitre/discovery/web/DiscoveryEndpoint.java
View File

@ -21,8 +21,8 @@ import java.util.HashMap;
import java.util.Map;
import org.mitre.discovery.util.WebfingerURLNormalizer;
import org.mitre.jwt.encryption.service.JwtEncryptionAndDecryptionService;
import org.mitre.jwt.signer.service.JwtSigningAndValidationService;
import org.mitre.jwt.encryption.service.JWTEncryptionAndDecryptionService;
import org.mitre.jwt.signer.service.JWTSigningAndValidationService;
import org.mitre.oauth2.service.SystemScopeService;
import org.mitre.openid.connect.config.ConfigurationPropertiesBean;
import org.mitre.openid.connect.model.UserInfo;
@ -66,10 +66,10 @@ public class DiscoveryEndpoint {
private SystemScopeService scopeService;
@Autowired
private JwtSigningAndValidationService signService;
private JWTSigningAndValidationService signService;
@Autowired
private JwtEncryptionAndDecryptionService encService;
private JWTEncryptionAndDecryptionService encService;
@Autowired
private UserInfoService userService;

4
openid-connect-server/src/main/java/org/mitre/oauth2/token/JwtAssertionTokenGranter.java
View File

@ -22,7 +22,7 @@ package org.mitre.oauth2.token;
import java.text.ParseException;
import java.util.Date;
import org.mitre.jwt.signer.service.JwtSigningAndValidationService;
import org.mitre.jwt.signer.service.JWTSigningAndValidationService;
import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
import org.mitre.oauth2.service.ClientDetailsEntityService;
@ -60,7 +60,7 @@ public class JwtAssertionTokenGranter extends AbstractTokenGranter {
private OAuth2TokenEntityService tokenServices;
@Autowired
private JwtSigningAndValidationService jwtService;
private JWTSigningAndValidationService jwtService;
@Autowired
private ConfigurationPropertiesBean config;

14
openid-connect-server/src/main/java/org/mitre/openid/connect/ConnectOAuth2RequestFactory.java
View File

@ -22,10 +22,10 @@ import java.util.Map;
import java.util.Set;
import java.util.UUID;
import org.mitre.jwt.encryption.service.JwtEncryptionAndDecryptionService;
import org.mitre.jwt.signer.service.JwtSigningAndValidationService;
import org.mitre.jwt.encryption.service.JWTEncryptionAndDecryptionService;
import org.mitre.jwt.signer.service.JWTSigningAndValidationService;
import org.mitre.jwt.signer.service.impl.JWKSetCacheService;
import org.mitre.jwt.signer.service.impl.SymmetricCacheService;
import org.mitre.jwt.signer.service.impl.SymmetricKeyJWTValidatorCacheService;
import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.oauth2.service.ClientDetailsEntityService;
import org.mitre.oauth2.service.SystemScopeService;
@ -64,13 +64,13 @@ public class ConnectOAuth2RequestFactory extends DefaultOAuth2RequestFactory {
private JWKSetCacheService validators;
@Autowired
private SymmetricCacheService symmetricCacheService;
private SymmetricKeyJWTValidatorCacheService symmetricCacheService;
@Autowired
private SystemScopeService systemScopes;
@Autowired
private JwtEncryptionAndDecryptionService encryptionService;
private JWTEncryptionAndDecryptionService encryptionService;
private JsonParser parser = new JsonParser();
@ -200,7 +200,7 @@ public class ConnectOAuth2RequestFactory extends DefaultOAuth2RequestFactory {
}
// check JWT signature
JwtSigningAndValidationService validator = validators.getValidator(client.getJwksUri());
JWTSigningAndValidationService validator = validators.getValidator(client.getJwksUri());
if (validator == null) {
throw new InvalidClientException("Unable to create signature validator for client's JWKS URI: " + client.getJwksUri());
@ -215,7 +215,7 @@ public class ConnectOAuth2RequestFactory extends DefaultOAuth2RequestFactory {
// it's HMAC, we need to make a validator based on the client secret
JwtSigningAndValidationService validator = symmetricCacheService.getSymmetricValidtor(client);
JWTSigningAndValidationService validator = symmetricCacheService.getSymmetricValidtor(client);
if (validator == null) {
throw new InvalidClientException("Unable to create signature validator for client's secret: " + client.getClientSecret());

10
openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JwtBearerAuthenticationProvider.java
View File

@ -24,9 +24,9 @@ import java.util.Date;
import java.util.HashSet;
import java.util.Set;
import org.mitre.jwt.signer.service.JwtSigningAndValidationService;
import org.mitre.jwt.signer.service.JWTSigningAndValidationService;
import org.mitre.jwt.signer.service.impl.JWKSetCacheService;
import org.mitre.jwt.signer.service.impl.SymmetricCacheService;
import org.mitre.jwt.signer.service.impl.SymmetricKeyJWTValidatorCacheService;
import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod;
import org.mitre.oauth2.service.ClientDetailsEntityService;
@ -64,7 +64,7 @@ public class JwtBearerAuthenticationProvider implements AuthenticationProvider {
// map of symmetric verifiers for client secrets
@Autowired
private SymmetricCacheService symmetricCacheService;
private SymmetricKeyJWTValidatorCacheService symmetricCacheService;
// Allow for time sync issues by having a window of X seconds.
private int timeSkewAllowance = 300;
@ -116,7 +116,7 @@ public class JwtBearerAuthenticationProvider implements AuthenticationProvider {
|| alg.equals(JWSAlgorithm.RS384)
|| alg.equals(JWSAlgorithm.RS512))) {
JwtSigningAndValidationService validator = validators.getValidator(client.getJwksUri());
JWTSigningAndValidationService validator = validators.getValidator(client.getJwksUri());
if (validator == null) {
throw new AuthenticationServiceException("Unable to create signature validator for client's JWKS URI: " + client.getJwksUri());
@ -132,7 +132,7 @@ public class JwtBearerAuthenticationProvider implements AuthenticationProvider {
// it's HMAC, we need to make a validator based on the client secret
JwtSigningAndValidationService validator = symmetricCacheService.getSymmetricValidtor(client);
JWTSigningAndValidationService validator = symmetricCacheService.getSymmetricValidtor(client);
if (validator == null) {
throw new AuthenticationServiceException("Unable to create signature validator for client's secret: " + client.getClientSecret());

18
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultOIDCTokenService.java
View File

@ -21,10 +21,10 @@ import java.util.Map;
import java.util.Set;
import java.util.UUID;
import org.mitre.jwt.encryption.service.JwtEncryptionAndDecryptionService;
import org.mitre.jwt.signer.service.JwtSigningAndValidationService;
import org.mitre.jwt.encryption.service.JWTEncryptionAndDecryptionService;
import org.mitre.jwt.signer.service.JWTSigningAndValidationService;
import org.mitre.jwt.signer.service.impl.JWKSetCacheService;
import org.mitre.jwt.signer.service.impl.SymmetricCacheService;
import org.mitre.jwt.signer.service.impl.SymmetricKeyJWTValidatorCacheService;
import org.mitre.oauth2.model.AuthenticationHolderEntity;
import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
@ -71,7 +71,7 @@ public class DefaultOIDCTokenService implements OIDCTokenService {
Logger logger = LoggerFactory.getLogger(DefaultOIDCTokenService.class);
@Autowired
private JwtSigningAndValidationService jwtService;
private JWTSigningAndValidationService jwtService;
@Autowired
private AuthenticationHolderRepository authenticationHolderRepository;
@ -83,7 +83,7 @@ public class DefaultOIDCTokenService implements OIDCTokenService {
private JWKSetCacheService encrypters;
@Autowired
private SymmetricCacheService symmetricCacheService;
private SymmetricKeyJWTValidatorCacheService symmetricCacheService;
@Autowired
private OAuth2TokenEntityService tokenService;
@ -141,7 +141,7 @@ public class DefaultOIDCTokenService implements OIDCTokenService {
&& client.getIdTokenEncryptedResponseEnc() != null && !client.getIdTokenEncryptedResponseEnc().equals(Algorithm.NONE)
&& !Strings.isNullOrEmpty(client.getJwksUri())) {
JwtEncryptionAndDecryptionService encrypter = encrypters.getEncrypter(client.getJwksUri());
JWTEncryptionAndDecryptionService encrypter = encrypters.getEncrypter(client.getJwksUri());
if (encrypter != null) {
@ -173,7 +173,7 @@ public class DefaultOIDCTokenService implements OIDCTokenService {
idToken = new SignedJWT(new JWSHeader(signingAlg), idClaims);
JwtSigningAndValidationService signer = symmetricCacheService.getSymmetricValidtor(client);
JWTSigningAndValidationService signer = symmetricCacheService.getSymmetricValidtor(client);
// sign it with the client's secret
signer.signJwt((SignedJWT) idToken);
@ -300,14 +300,14 @@ public class DefaultOIDCTokenService implements OIDCTokenService {
/**
* @return the jwtService
*/
public JwtSigningAndValidationService getJwtService() {
public JWTSigningAndValidationService getJwtService() {
return jwtService;
}
/**
* @param jwtService the jwtService to set
*/
public void setJwtService(JwtSigningAndValidationService jwtService) {
public void setJwtService(JWTSigningAndValidationService jwtService) {
this.jwtService = jwtService;
}

12
openid-connect-server/src/main/java/org/mitre/openid/connect/token/ConnectTokenEnhancer.java
View File

@ -19,9 +19,9 @@ package org.mitre.openid.connect.token;
import java.util.Date;
import java.util.UUID;
import org.mitre.jwt.signer.service.JwtSigningAndValidationService;
import org.mitre.jwt.signer.service.JWTSigningAndValidationService;
import org.mitre.jwt.signer.service.impl.JWKSetCacheService;
import org.mitre.jwt.signer.service.impl.SymmetricCacheService;
import org.mitre.jwt.signer.service.impl.SymmetricKeyJWTValidatorCacheService;
import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
import org.mitre.oauth2.service.ClientDetailsEntityService;
@ -54,7 +54,7 @@ public class ConnectTokenEnhancer implements TokenEnhancer {
private ConfigurationPropertiesBean configBean;
@Autowired
private JwtSigningAndValidationService jwtService;
private JWTSigningAndValidationService jwtService;
@Autowired
private ClientDetailsEntityService clientService;
@ -72,7 +72,7 @@ public class ConnectTokenEnhancer implements TokenEnhancer {
private JWKSetCacheService encryptors;
@Autowired
private SymmetricCacheService symmetricCacheService;
private SymmetricKeyJWTValidatorCacheService symmetricCacheService;
@Override
@ -144,11 +144,11 @@ public class ConnectTokenEnhancer implements TokenEnhancer {
this.configBean = configBean;
}
public JwtSigningAndValidationService getJwtService() {
public JWTSigningAndValidationService getJwtService() {
return jwtService;
}
public void setJwtService(JwtSigningAndValidationService jwtService) {
public void setJwtService(JWTSigningAndValidationService jwtService) {
this.jwtService = jwtService;
}

20
openid-connect-server/src/main/java/org/mitre/openid/connect/view/UserInfoJwtView.java → openid-connect-server/src/main/java/org/mitre/openid/connect/view/UserInfoJWTView.java
View File

@ -30,10 +30,10 @@ import java.util.UUID;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.mitre.jwt.encryption.service.JwtEncryptionAndDecryptionService;
import org.mitre.jwt.signer.service.JwtSigningAndValidationService;
import org.mitre.jwt.encryption.service.JWTEncryptionAndDecryptionService;
import org.mitre.jwt.signer.service.JWTSigningAndValidationService;
import org.mitre.jwt.signer.service.impl.JWKSetCacheService;
import org.mitre.jwt.signer.service.impl.SymmetricCacheService;
import org.mitre.jwt.signer.service.impl.SymmetricKeyJWTValidatorCacheService;
import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.openid.connect.config.ConfigurationPropertiesBean;
import org.slf4j.Logger;
@ -56,15 +56,15 @@ import com.nimbusds.jwt.SignedJWT;
* @author jricher
*
*/
@Component(UserInfoJwtView.VIEWNAME)
public class UserInfoJwtView extends UserInfoView {
@Component(UserInfoJWTView.VIEWNAME)
public class UserInfoJWTView extends UserInfoView {
private static Logger logger = LoggerFactory.getLogger(UserInfoJwtView.class);
private static Logger logger = LoggerFactory.getLogger(UserInfoJWTView.class);
public static final String VIEWNAME = "userInfoJwtView";
@Autowired
private JwtSigningAndValidationService jwtService;
private JWTSigningAndValidationService jwtService;
@Autowired
private ConfigurationPropertiesBean config;
@ -73,7 +73,7 @@ public class UserInfoJwtView extends UserInfoView {
private JWKSetCacheService encrypters;
@Autowired
private SymmetricCacheService symmetricCacheService;
private SymmetricKeyJWTValidatorCacheService symmetricCacheService;
@Override
protected void writeOut(JsonObject json, Map<String, Object> model,
@ -105,7 +105,7 @@ public class UserInfoJwtView extends UserInfoView {
// encrypt it to the client's key
JwtEncryptionAndDecryptionService encrypter = encrypters.getEncrypter(client.getJwksUri());
JWTEncryptionAndDecryptionService encrypter = encrypters.getEncrypter(client.getJwksUri());
if (encrypter != null) {
@ -134,7 +134,7 @@ public class UserInfoJwtView extends UserInfoView {
|| signingAlg.equals(JWSAlgorithm.HS512)) {
// sign it with the client's secret
JwtSigningAndValidationService signer = symmetricCacheService.getSymmetricValidtor(client);
JWTSigningAndValidationService signer = symmetricCacheService.getSymmetricValidtor(client);
signer.signJwt(signed);
} else {

4
openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java
View File

@ -23,7 +23,7 @@ import java.util.HashSet;
import java.util.Set;
import java.util.concurrent.TimeUnit;
import org.mitre.jwt.signer.service.JwtSigningAndValidationService;
import org.mitre.jwt.signer.service.JWTSigningAndValidationService;
import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod;
import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
@ -71,7 +71,7 @@ public class ClientDynamicRegistrationEndpoint {
private OAuth2TokenEntityService tokenService;
@Autowired
private JwtSigningAndValidationService jwtService;
private JWTSigningAndValidationService jwtService;
@Autowired
private SystemScopeService scopeService;

14
openid-connect-server/src/main/java/org/mitre/openid/connect/web/JsonWebKeyEndpoint.java → openid-connect-server/src/main/java/org/mitre/openid/connect/web/JWKSetPublishingEndpoint.java
View File

@ -18,8 +18,8 @@ package org.mitre.openid.connect.web;
import java.util.Map;
import org.mitre.jwt.signer.service.JwtSigningAndValidationService;
import org.mitre.openid.connect.view.JwkKeyListView;
import org.mitre.jwt.signer.service.JWTSigningAndValidationService;
import org.mitre.openid.connect.view.JWKSetView;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
@ -28,10 +28,10 @@ import org.springframework.web.bind.annotation.RequestMapping;
import com.nimbusds.jose.jwk.JWK;
@Controller
public class JsonWebKeyEndpoint {
public class JWKSetPublishingEndpoint {
@Autowired
private JwtSigningAndValidationService jwtService;
private JWTSigningAndValidationService jwtService;
@RequestMapping(value = "/jwk", produces = "application/json")
public String getJwk(Model m) {
@ -43,20 +43,20 @@ public class JsonWebKeyEndpoint {
m.addAttribute("keys", keys);
return JwkKeyListView.VIEWNAME;
return JWKSetView.VIEWNAME;
}
/**
* @return the jwtService
*/
public JwtSigningAndValidationService getJwtService() {
public JWTSigningAndValidationService getJwtService() {
return jwtService;
}
/**
* @param jwtService the jwtService to set
*/
public void setJwtService(JwtSigningAndValidationService jwtService) {
public void setJwtService(JWTSigningAndValidationService jwtService) {
this.jwtService = jwtService;
}

4
openid-connect-server/src/main/java/org/mitre/openid/connect/web/ProtectedResourceRegistrationEndpoint.java
View File

@ -22,7 +22,7 @@ import java.util.Date;
import java.util.HashSet;
import java.util.Set;
import org.mitre.jwt.signer.service.JwtSigningAndValidationService;
import org.mitre.jwt.signer.service.JWTSigningAndValidationService;
import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod;
import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
@ -68,7 +68,7 @@ public class ProtectedResourceRegistrationEndpoint {
private OAuth2TokenEntityService tokenService;
@Autowired
private JwtSigningAndValidationService jwtService;
private JWTSigningAndValidationService jwtService;
@Autowired
private SystemScopeService scopeService;

8
openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java
View File

@ -23,7 +23,7 @@ import org.mitre.oauth2.service.ClientDetailsEntityService;
import org.mitre.openid.connect.model.UserInfo;
import org.mitre.openid.connect.service.UserInfoService;
import org.mitre.openid.connect.view.HttpCodeView;
import org.mitre.openid.connect.view.UserInfoJwtView;
import org.mitre.openid.connect.view.UserInfoJWTView;
import org.mitre.openid.connect.view.UserInfoView;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@ -109,21 +109,21 @@ public class UserInfoEndpoint {
// client has a preference, see if they ask for plain JSON specifically on this request
for (MediaType m : mediaTypes) {
if (!m.isWildcardType() && m.isCompatibleWith(JOSE_MEDIA_TYPE)) {
return UserInfoJwtView.VIEWNAME;
return UserInfoJWTView.VIEWNAME;
} else if (!m.isWildcardType() && m.isCompatibleWith(MediaType.APPLICATION_JSON)) {
return UserInfoView.VIEWNAME;
}
}
// otherwise return JWT
return UserInfoJwtView.VIEWNAME;
return UserInfoJWTView.VIEWNAME;
} else {
// client has no preference, see if they asked for JWT specifically on this request
for (MediaType m : mediaTypes) {
if (!m.isWildcardType() && m.isCompatibleWith(MediaType.APPLICATION_JSON)) {
return UserInfoView.VIEWNAME;
} else if (!m.isWildcardType() && m.isCompatibleWith(JOSE_MEDIA_TYPE)) {
return UserInfoJwtView.VIEWNAME;
return UserInfoJWTView.VIEWNAME;
}
}