diff --git a/openid-connect-common/.settings/org.eclipse.wst.common.component b/openid-connect-common/.settings/org.eclipse.wst.common.component
index 4a3e4abda..1e24c2b7c 100644
--- a/openid-connect-common/.settings/org.eclipse.wst.common.component
+++ b/openid-connect-common/.settings/org.eclipse.wst.common.component
@@ -2,6 +2,5 @@
-
diff --git a/openid-connect-server/src/main/java/org/mitre/jwt/signer/service/JwtSigningAndValidationService.java b/openid-connect-server/src/main/java/org/mitre/jwt/signer/service/JwtSigningAndValidationService.java
index 624327f41..d4e747cec 100644
--- a/openid-connect-server/src/main/java/org/mitre/jwt/signer/service/JwtSigningAndValidationService.java
+++ b/openid-connect-server/src/main/java/org/mitre/jwt/signer/service/JwtSigningAndValidationService.java
@@ -2,17 +2,18 @@ package org.mitre.jwt.signer.service;
import java.security.PublicKey;
import java.util.List;
+import java.util.Map;
import org.mitre.jwt.model.Jwt;
public interface JwtSigningAndValidationService {
/**
- * Returns all public keys this service is configured with.
+ * Returns all public keys this service is configured with, indexed by key id
*
* @return
*/
- public List getAllPublicKeys();
+ public Map getAllPublicKeys();
/**
* Check to see if this JWT has expired or not
diff --git a/openid-connect-server/src/main/java/org/mitre/jwt/signer/service/impl/JwtSigningAndValidationServiceDefault.java b/openid-connect-server/src/main/java/org/mitre/jwt/signer/service/impl/JwtSigningAndValidationServiceDefault.java
index 782b247d5..6e6bf3bc9 100644
--- a/openid-connect-server/src/main/java/org/mitre/jwt/signer/service/impl/JwtSigningAndValidationServiceDefault.java
+++ b/openid-connect-server/src/main/java/org/mitre/jwt/signer/service/impl/JwtSigningAndValidationServiceDefault.java
@@ -25,7 +25,8 @@ public class JwtSigningAndValidationServiceDefault implements
@Autowired
private ConfigurationPropertiesBean configBean;
- private List signers = new ArrayList();
+ // map of identifier to signer
+ private Map signers = new HashMap();
private static Log logger = LogFactory
.getLog(JwtSigningAndValidationServiceDefault.class);
@@ -43,7 +44,7 @@ public class JwtSigningAndValidationServiceDefault implements
* List of JwtSigners to associate with this service
*/
public JwtSigningAndValidationServiceDefault(
- List signer) {
+ Map signer) {
setSigners(signer);
}
@@ -72,23 +73,25 @@ public class JwtSigningAndValidationServiceDefault implements
* ()
*/
@Override
- public List getAllPublicKeys() {
+ public Map getAllPublicKeys() {
Map map = new HashMap();
PublicKey publicKey;
- for (JwtSigner signer : signers) {
+ for (JwtSigner signer : signers.values()) {
if (signer instanceof RsaSigner) {
publicKey = ((RsaSigner) signer).getPublicKey();
- if (publicKey != null)
+ if (publicKey != null) {
+ // what's the index of this map for?
map.put(((RSAPublicKey) publicKey).getModulus()
.toString(16).toUpperCase()
+ ((RSAPublicKey) publicKey).getPublicExponent()
.toString(16).toUpperCase(), publicKey);
+ }
} else if (signer instanceof EcdsaSigner) {
@@ -96,8 +99,7 @@ public class JwtSigningAndValidationServiceDefault implements
}
}
- return new ArrayList(map.values());
-
+ return map;
}
/**
@@ -105,7 +107,7 @@ public class JwtSigningAndValidationServiceDefault implements
*
* @return
*/
- public List getSigners() {
+ public Map getSigners() {
return signers;
}
@@ -134,7 +136,7 @@ public class JwtSigningAndValidationServiceDefault implements
* @param signers
* List of JwtSigners to associate with this service
*/
- public void setSigners(List signers) {
+ public void setSigners(Map signers) {
this.signers = signers;
}
@@ -175,7 +177,7 @@ public class JwtSigningAndValidationServiceDefault implements
@Override
public boolean validateSignature(String jwtString) {
- for (JwtSigner signer : signers) {
+ for (JwtSigner signer : signers.values()) {
if (signer.verify(jwtString))
return true;
}
diff --git a/openid-connect-server/src/main/java/org/mitre/jwt/signer/service/impl/KeyStore.java b/openid-connect-server/src/main/java/org/mitre/jwt/signer/service/impl/KeyStore.java
index 9592316e7..78ba7d5cc 100644
--- a/openid-connect-server/src/main/java/org/mitre/jwt/signer/service/impl/KeyStore.java
+++ b/openid-connect-server/src/main/java/org/mitre/jwt/signer/service/impl/KeyStore.java
@@ -32,13 +32,6 @@ public class KeyStore implements InitializingBean {
private java.security.KeyStore keystore;
- /**
- * default constructor
- */
- public KeyStore() {
- this(PASSWORD, null);
- }
-
/**
* KeyStore constructor
*
diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/view/JwkKeyListView.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/view/JwkKeyListView.java
index 399f2919f..08aa2567c 100644
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/view/JwkKeyListView.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/view/JwkKeyListView.java
@@ -76,7 +76,7 @@ public class JwkKeyListView extends AbstractView {
o.addProperty("alg", "RSA");
o.addProperty("mod", m64);
o.addProperty("exp", e64);
-
+ // TODO: get the key ID from the map
return o;
} else if (src instanceof ECPublicKey) {
diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/JsonWebKeyEndpoint.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/JsonWebKeyEndpoint.java
index 1973e1ded..aabc48265 100644
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/JsonWebKeyEndpoint.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/JsonWebKeyEndpoint.java
@@ -1,6 +1,7 @@
package org.mitre.openid.connect.web;
import java.security.PublicKey;
+import java.util.Collection;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -20,7 +21,7 @@ public class JsonWebKeyEndpoint {
@RequestMapping("/jwk")
public ModelAndView getJwk() {
- List keys = jwtService.getAllPublicKeys();
+ Collection keys = jwtService.getAllPublicKeys().values();
// TODO: check if keys are empty, return a 404 here or just an empty list?
diff --git a/openid-connect-server/src/main/webapp/WEB-INF/spring/application-context.xml b/openid-connect-server/src/main/webapp/WEB-INF/spring/application-context.xml
index 3cdc1a74e..080631f80 100644
--- a/openid-connect-server/src/main/webapp/WEB-INF/spring/application-context.xml
+++ b/openid-connect-server/src/main/webapp/WEB-INF/spring/application-context.xml
@@ -119,12 +119,40 @@
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/openid-connect-server/src/test/resources/test-context.xml b/openid-connect-server/src/test/resources/test-context.xml
index 2f32e8191..84142e3c9 100644
--- a/openid-connect-server/src/test/resources/test-context.xml
+++ b/openid-connect-server/src/test/resources/test-context.xml
@@ -37,6 +37,10 @@
-
+
+
+
+
+
\ No newline at end of file