github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

updated signer service

pull/166/merge
Mike Derryberry 2012-08-08 12:54:31 -04:00 committed by Justin Richer
parent d6b0b87769
commit c4ebf5c145
1 changed files with 23 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCSignedRequestFilter.java
View File

@ -16,6 +16,7 @@ import org.mitre.jwt.model.JwtHeader;
import org.mitre.jwt.signer.JwsAlgorithm; import org.mitre.jwt.signer.JwsAlgorithm;
import org.mitre.jwt.signer.impl.HmacSigner; import org.mitre.jwt.signer.impl.HmacSigner;
import org.mitre.jwt.signer.impl.RsaSigner; import org.mitre.jwt.signer.impl.RsaSigner;
import org.mitre.jwt.signer.service.JwtSigningAndValidationService;
import org.mitre.openid.connect.config.OIDCServerConfiguration; import org.mitre.openid.connect.config.OIDCServerConfiguration;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.AuthenticationException;
@ -25,6 +26,8 @@ public class OIDCSignedRequestFilter extends AbstractOIDCAuthenticationFilter {
protected OIDCServerConfiguration oidcServerConfig; protected OIDCServerConfiguration oidcServerConfig;
private JwtSigningAndValidationService signingAndValidationService;
protected OIDCSignedRequestFilter() { protected OIDCSignedRequestFilter() {
super(); super();
@ -104,7 +107,7 @@ public class OIDCSignedRequestFilter extends AbstractOIDCAuthenticationFilter {
JwtClaims claims = jwt.getClaims(); JwtClaims claims = jwt.getClaims();
//set parameters to JwtHeader //set parameters to JwtHeader
header.setAlgorithm(JwsAlgorithm.getByName(SIGNING_ALGORITHM).toString()); // header.setAlgorithm(JwsAlgorithm.getByName(SIGNING_ALGORITHM).toString());
//set parameters to JwtClaims //set parameters to JwtClaims
claims.setClaim("response_type", "token"); claims.setClaim("response_type", "token");
@ -114,27 +117,28 @@ public class OIDCSignedRequestFilter extends AbstractOIDCAuthenticationFilter {
claims.setClaim("nonce", NONCE_SIGNATURE_COOKIE_NAME); claims.setClaim("nonce", NONCE_SIGNATURE_COOKIE_NAME);
claims.setClaim("state", "af0ifjsldkj"); claims.setClaim("state", "af0ifjsldkj");
if(header.getAlgorithm().equals("RS256") || header.getAlgorithm().equals("RS384") || header.getAlgorithm().equals("RS512")) {
RsaSigner jwtSigner = new RsaSigner();
try { try {
jwt = jwtSigner.sign(jwt); signingAndValidationService.signJwt(jwt);
} catch (NoSuchAlgorithmException e) { } catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block // TODO Auto-generated catch block
e.printStackTrace(); e.printStackTrace();
} }
} else if(header.getAlgorithm().equals("HS256") || header.getAlgorithm().equals("HS384") || header.getAlgorithm().equals("HS512")) {
HmacSigner jwtSigner = new HmacSigner();
try {
jwt = jwtSigner.sign(jwt);
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
} else {
throw new IllegalArgumentException(header.getAlgorithm() + " is not a valid signing algorithm.");
}
return jwt; return jwt;
} }
/**
* @return the signingAndValidationService
*/
public JwtSigningAndValidationService getSigningAndValidationService() {
return signingAndValidationService;
}
/**
* @param signingAndValidationService the signingAndValidationService to set
*/
public void setSigningAndValidationService(JwtSigningAndValidationService signingAndValidationService) {
this.signingAndValidationService = signingAndValidationService;
}
} }