From 22961b3fbaef7c94b79a32af8e8c76540fd752bc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Richard=20K=C3=B6rber?= Date: Fri, 18 Nov 2016 01:30:21 +0100 Subject: [PATCH] Add url to protected header, fix content type --- .../org/shredzone/acme4j/connector/DefaultConnection.java | 3 ++- .../shredzone/acme4j/connector/DefaultConnectionTest.java | 5 +++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/acme4j-client/src/main/java/org/shredzone/acme4j/connector/DefaultConnection.java b/acme4j-client/src/main/java/org/shredzone/acme4j/connector/DefaultConnection.java index f4165804..7a8016eb 100644 --- a/acme4j-client/src/main/java/org/shredzone/acme4j/connector/DefaultConnection.java +++ b/acme4j-client/src/main/java/org/shredzone/acme4j/connector/DefaultConnection.java @@ -138,7 +138,7 @@ public class DefaultConnection implements Connection { conn.setRequestProperty("Accept", "application/json"); conn.setRequestProperty("Accept-Charset", "utf-8"); conn.setRequestProperty("Accept-Language", session.getLocale().toLanguageTag()); - conn.setRequestProperty("Content-Type", "application/json"); + conn.setRequestProperty("Content-Type", "application/jose+json"); conn.setDoOutput(true); final PublicJsonWebKey jwk = PublicJsonWebKey.Factory.newPublicJwk(keypair.getPublic()); @@ -146,6 +146,7 @@ public class DefaultConnection implements Connection { JsonWebSignature jws = new JsonWebSignature(); jws.setPayload(claims.toString()); jws.getHeaders().setObjectHeaderValue("nonce", Base64Url.encode(session.getNonce())); + jws.getHeaders().setObjectHeaderValue("url", uri); jws.getHeaders().setJwkHeaderValue("jwk", jwk); jws.setAlgorithmHeaderValue(SignatureUtils.keyAlgorithm(jwk)); jws.setKey(keypair.getPrivate()); diff --git a/acme4j-client/src/test/java/org/shredzone/acme4j/connector/DefaultConnectionTest.java b/acme4j-client/src/test/java/org/shredzone/acme4j/connector/DefaultConnectionTest.java index 7ebf79a2..f7eaad93 100644 --- a/acme4j-client/src/test/java/org/shredzone/acme4j/connector/DefaultConnectionTest.java +++ b/acme4j-client/src/test/java/org/shredzone/acme4j/connector/DefaultConnectionTest.java @@ -451,7 +451,7 @@ public class DefaultConnectionTest { verify(mockUrlConnection).setRequestMethod("POST"); verify(mockUrlConnection).setRequestProperty("Accept", "application/json"); verify(mockUrlConnection).setRequestProperty("Accept-Charset", "utf-8"); - verify(mockUrlConnection).setRequestProperty("Content-Type", "application/json"); + verify(mockUrlConnection).setRequestProperty("Content-Type", "application/jose+json"); verify(mockUrlConnection).setDoOutput(true); verify(mockUrlConnection).setFixedLengthStreamingMode(outputStream.toByteArray().length); verify(mockUrlConnection).getOutputStream(); @@ -467,6 +467,7 @@ public class DefaultConnectionTest { StringBuilder expectedHeader = new StringBuilder(); expectedHeader.append('{'); expectedHeader.append("\"nonce\":\"").append(Base64Url.encode(nonce1)).append("\","); + expectedHeader.append("\"url\":\"").append(requestUri).append("\","); expectedHeader.append("\"alg\":\"RS256\","); expectedHeader.append("\"jwk\":{"); expectedHeader.append("\"kty\":\"").append(TestUtils.KTY).append("\","); @@ -474,7 +475,7 @@ public class DefaultConnectionTest { expectedHeader.append("\"n\":\"").append(TestUtils.N).append("\""); expectedHeader.append("}}"); - assertThat(header, sameJSONAs(expectedHeader.toString()).allowingExtraUnexpectedFields()); + assertThat(header, sameJSONAs(expectedHeader.toString())); assertThat(claims, sameJSONAs("{\"foo\":123,\"bar\":\"a-string\"}")); assertThat(signature, not(isEmptyOrNullString()));