From ee0ef8d563cbfcf5ff20fdd9f9782af348a9b428 Mon Sep 17 00:00:00 2001 From: Justin Richer Date: Fri, 23 Dec 2011 10:56:43 -0500 Subject: [PATCH] fixed Jwt signature base --- src/main/java/org/mitre/jwt/Hmac256Signer.java | 4 ++++ src/main/java/org/mitre/jwt/Jwt.java | 11 ++++++++--- src/test/java/org/mitre/jwt/JwtTest.java | 4 ++-- 3 files changed, 14 insertions(+), 5 deletions(-) diff --git a/src/main/java/org/mitre/jwt/Hmac256Signer.java b/src/main/java/org/mitre/jwt/Hmac256Signer.java index 81f98d8a7..a5968f97a 100644 --- a/src/main/java/org/mitre/jwt/Hmac256Signer.java +++ b/src/main/java/org/mitre/jwt/Hmac256Signer.java @@ -20,8 +20,12 @@ public class Hmac256Signer extends AbstractJwtSigner { this(null); } + public Hmac256Signer(byte[] passphrase) { super(HS256); + + //TODO: set up a factory for other signature methods + setPassphrase(passphrase); try { diff --git a/src/main/java/org/mitre/jwt/Jwt.java b/src/main/java/org/mitre/jwt/Jwt.java index 84a1bf44f..52e148a5b 100644 --- a/src/main/java/org/mitre/jwt/Jwt.java +++ b/src/main/java/org/mitre/jwt/Jwt.java @@ -103,12 +103,15 @@ public class Jwt { } /** - * Return the canonical encoded string of this JWT + * Return the canonical encoded string of this JWT, the header in Base64, a period ".", the claims in Base64, a period ".", and the signature in Base64. */ public String toString() { - return getSignatureBase() + Strings.nullToEmpty(this.signature); + return getSignatureBase() + "." + Strings.nullToEmpty(this.signature); } + /** + * The signature base of a JWT is the header in Base64, a period ".", and the claims in Base64. + */ public String getSignatureBase() { JsonObject h = header.getAsJsonObject(); JsonObject c = claims.getAsJsonObject(); @@ -116,7 +119,7 @@ public class Jwt { String h64 = new String(Base64.encodeBase64URLSafe(h.toString().getBytes())); String c64 = new String(Base64.encodeBase64URLSafe(c.toString().getBytes())); - return h64 + "." + c64 + "."; + return h64 + "." + c64; } @@ -143,6 +146,8 @@ public class Jwt { // shuttle for return value Jwt jwt = new Jwt(new JwtHeader(hjo), new JwtClaims(cjo), s64); + // TODO: save the wire-encoded string in the Jwt object itself? + return jwt; } diff --git a/src/test/java/org/mitre/jwt/JwtTest.java b/src/test/java/org/mitre/jwt/JwtTest.java index 7dcba425b..d52f9bf77 100644 --- a/src/test/java/org/mitre/jwt/JwtTest.java +++ b/src/test/java/org/mitre/jwt/JwtTest.java @@ -69,8 +69,8 @@ public class JwtTest { * Expected signature: iGBPJj47S5q_HAhSoQqAdcS6A_1CFj3zrLaImqNbt9E * */ - String signature = "iGBPJj47S5q_HAhSoQqAdcS6A_1CFj3zrLaImqNbt9E"; - String expected = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjEzMDA4MTkzODAsImlzcyI6ImpvZSIsImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ.iGBPJj47S5q_HAhSoQqAdcS6A_1CFj3zrLaImqNbt9E"; + String signature = "p-63Jzz7mgi3H4hvW6MFB7lmPRZjhsL666MYkmpX33Y"; + String expected = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjEzMDA4MTkzODAsImlzcyI6ImpvZSIsImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ." + signature; String actual = jwt.toString();