updated signer service

pull/166/merge
Mike Derryberry 2012-08-08 12:54:31 -04:00 committed by Justin Richer
parent d6b0b87769
commit c4ebf5c145
1 changed files with 23 additions and 19 deletions

View File

@ -16,6 +16,7 @@ import org.mitre.jwt.model.JwtHeader;
import org.mitre.jwt.signer.JwsAlgorithm; import org.mitre.jwt.signer.JwsAlgorithm;
import org.mitre.jwt.signer.impl.HmacSigner; import org.mitre.jwt.signer.impl.HmacSigner;
import org.mitre.jwt.signer.impl.RsaSigner; import org.mitre.jwt.signer.impl.RsaSigner;
import org.mitre.jwt.signer.service.JwtSigningAndValidationService;
import org.mitre.openid.connect.config.OIDCServerConfiguration; import org.mitre.openid.connect.config.OIDCServerConfiguration;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.AuthenticationException;
@ -24,6 +25,8 @@ import org.springframework.util.Assert;
public class OIDCSignedRequestFilter extends AbstractOIDCAuthenticationFilter { public class OIDCSignedRequestFilter extends AbstractOIDCAuthenticationFilter {
protected OIDCServerConfiguration oidcServerConfig; protected OIDCServerConfiguration oidcServerConfig;
private JwtSigningAndValidationService signingAndValidationService;
protected OIDCSignedRequestFilter() { protected OIDCSignedRequestFilter() {
super(); super();
@ -104,7 +107,7 @@ public class OIDCSignedRequestFilter extends AbstractOIDCAuthenticationFilter {
JwtClaims claims = jwt.getClaims(); JwtClaims claims = jwt.getClaims();
//set parameters to JwtHeader //set parameters to JwtHeader
header.setAlgorithm(JwsAlgorithm.getByName(SIGNING_ALGORITHM).toString()); // header.setAlgorithm(JwsAlgorithm.getByName(SIGNING_ALGORITHM).toString());
//set parameters to JwtClaims //set parameters to JwtClaims
claims.setClaim("response_type", "token"); claims.setClaim("response_type", "token");
@ -114,27 +117,28 @@ public class OIDCSignedRequestFilter extends AbstractOIDCAuthenticationFilter {
claims.setClaim("nonce", NONCE_SIGNATURE_COOKIE_NAME); claims.setClaim("nonce", NONCE_SIGNATURE_COOKIE_NAME);
claims.setClaim("state", "af0ifjsldkj"); claims.setClaim("state", "af0ifjsldkj");
if(header.getAlgorithm().equals("RS256") || header.getAlgorithm().equals("RS384") || header.getAlgorithm().equals("RS512")) { try {
RsaSigner jwtSigner = new RsaSigner(); signingAndValidationService.signJwt(jwt);
try { } catch (NoSuchAlgorithmException e) {
jwt = jwtSigner.sign(jwt); // TODO Auto-generated catch block
} catch (NoSuchAlgorithmException e) { e.printStackTrace();
// TODO Auto-generated catch block
e.printStackTrace();
}
} else if(header.getAlgorithm().equals("HS256") || header.getAlgorithm().equals("HS384") || header.getAlgorithm().equals("HS512")) {
HmacSigner jwtSigner = new HmacSigner();
try {
jwt = jwtSigner.sign(jwt);
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
} else {
throw new IllegalArgumentException(header.getAlgorithm() + " is not a valid signing algorithm.");
} }
return jwt; return jwt;
} }
/**
* @return the signingAndValidationService
*/
public JwtSigningAndValidationService getSigningAndValidationService() {
return signingAndValidationService;
}
/**
* @param signingAndValidationService the signingAndValidationService to set
*/
public void setSigningAndValidationService(JwtSigningAndValidationService signingAndValidationService) {
this.signingAndValidationService = signingAndValidationService;
}
} }