cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject [01/10] Changing the oauth2-jwt source folder to oauth2-jose
Date Fri, 19 Sep 2014 14:49:10 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes e5f57abcc -> 2e5f5a13b


http://git-wip-us.apache.org/repos/asf/cxf/blob/2e5f5a13/rt/rs/security/oauth-parent/oauth2-jwt/src/test/java/org/apache/cxf/rs/security/jose/jwk/JsonWebKeyTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/test/java/org/apache/cxf/rs/security/jose/jwk/JsonWebKeyTest.java
b/rt/rs/security/oauth-parent/oauth2-jwt/src/test/java/org/apache/cxf/rs/security/jose/jwk/JsonWebKeyTest.java
deleted file mode 100644
index d0fadf3..0000000
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/test/java/org/apache/cxf/rs/security/jose/jwk/JsonWebKeyTest.java
+++ /dev/null
@@ -1,222 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jwk;
-
-import java.io.InputStream;
-import java.security.Security;
-import java.util.List;
-import java.util.Map;
-
-import org.apache.cxf.helpers.IOUtils;
-import org.apache.cxf.rs.security.jose.jwa.Algorithm;
-import org.apache.cxf.rs.security.jose.jwe.JweCompactConsumer;
-import org.apache.cxf.rs.security.jose.jwt.JwtConstants;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-
-import org.junit.Assert;
-import org.junit.Test;
-
-public class JsonWebKeyTest extends Assert {
-    private static final String RSA_MODULUS_VALUE = "0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx4cbbfAAt"
-        + "VT86zwu1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMstn64tZ_2W-5JsGY4Hc5n9yBXArwl93lqt7_RN5w6Cf"
-        + "0h4QyQ5v-65YGjQR0_FDW2QvzqY368QQMicAtaSqzs8KJZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbISD08qNLyrdkt"
-        + "-bFTWhAI4vMQFh6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqbw0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw";
-    private static final String RSA_PUBLIC_EXP_VALUE = "AQAB";
-    private static final String RSA_PRIVATE_EXP_VALUE = "X4cTteJY_gn4FYPsXB8rdXix5vwsg1FLN5E3EaG6RJoVH-HLLKD9M7d"
-        + "x5oo7GURknchnrRweUkC7hT5fJLM0WbFAKNLWY2vv7B6NqXSzUvxT0_YSfqijwp3RTzlBaCxWp4doFk5N2o8Gy_nHNKroADIkJ4"
-        + "6pRUohsXywbReAdYaMwFs9tv8d_cPVY3i07a3t8MN6TNwm0dSawm9v47UiCl3Sk5ZiG7xojPLu4sbg1U2jx4IBTNBznbJSzFHK66"
-        + "jT8bgkuqsk0GjskDJk19Z4qwjwbsnn4j2WBii3RL-Us2lGVkY8fkFzme1z0HbIkfz0Y6mqnOYtqc0X4jfcKoAC8Q";
-    private static final String RSA_FIRST_PRIME_FACTOR_VALUE = "83i-7IvMGXoMXCskv73TKr8637FiO7Z27zv8oj6pbWUQyLPQ"
-        + "BQxtPVnwD20R-60eTDmD2ujnMt5PoqMrm8RfmNhVWDtjjMmCMjOpSXicFHj7XOuVIYQyqVWlWEh6dN36GVZYk93N8Bc9vY41xy8B9"
-        + "RzzOGVQzXvNEvn7O0nVbfs";
-    private static final String RSA_SECOND_PRIME_FACTOR_VALUE = "3dfOR9cuYq-0S-mkFLzgItgMEfFzB2q3hWehMuG0oCuqnb3"
-        + "vobLyumqjVZQO1dIrdwgTnCdpYzBcOfW5r370AFXjiWft_NGEiovonizhKpo9VVS78TzFgxkIdrecRezsZ-1kYd_s1qDbxtkDEgfA"
-        + "ITAG9LUnADun4vIcb6yelxk";
-    private static final String RSA_FIRST_PRIME_CRT_VALUE = "G4sPXkc6Ya9y8oJW9_ILj4xuppu0lzi_H7VTkS8xj5SdX3coE0o"
-        + "imYwxIi2emTAue0UOa5dpgFGyBJ4c8tQ2VF402XRugKDTP8akYhFo5tAA77Qe_NmtuYZc3C3m3I24G2GvR5sSDxUyAN2zq8Lfn9EUm"
-        + "s6rY3Ob8YeiKkTiBj0";
-    private static final String RSA_SECOND_PRIME_CRT_VALUE = "s9lAH9fggBsoFR8Oac2R_E2gw282rT2kGOAhvIllETE1efrA6hu"
-        + "UUvMfBcMpn8lqeW6vzznYY5SSQF7pMdC_agI3nG8Ibp1BUb0JUiraRNqUfLhcQb_d9GF4Dh7e74WbRsobRonujTYN1xCaP6TO61jvW"
-        + "rX-L18txXw494Q_cgk";
-    private static final String RSA_FIRST_CRT_COEFFICIENT_VALUE = "GyM_p6JrXySiz1toFgKbWV-JdI3jQ4ypu9rbMWx3rQJBfm"
-        + "t0FoYzgUIZEVFEcOqwemRN81zoDAaa-Bk0KWNGDjJHZDdDmFhW3AN7lI-puxk_mHZGJ11rxyR8O55XLSe3SPmRfKwZI6yU24ZxvQKF"
-        + "YItdldUKGzO6Ia6zTKhAVRU";
-    private static final String RSA_KID_VALUE = "2011-04-29";
-    private static final String EC_CURVE_VALUE = JsonWebKey.EC_CURVE_P256;
-    private static final String EC_X_COORDINATE_VALUE = "MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4";
-    private static final String EC_Y_COORDINATE_VALUE = "4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM";
-    private static final String EC_PRIVATE_KEY_VALUE = "870MB6gfuTJ4HtUnUvYMyJpr5eUZNP4Bk43bVdj3eAE";
-    private static final String EC_KID_VALUE = "1";
-    private static final String AES_SECRET_VALUE = "GawgguFyGrWKav7AX4VKUg";
-    private static final String AES_KID_VALUE = "AesWrapKey";
-    private static final String HMAC_SECRET_VALUE = "AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3"
-        + "Yj0iPS4hcgUuTwjAzZr1Z9CAow";
-    private static final String HMAC_KID_VALUE = "HMACKey";
-    
-    @Test
-    public void testPublicSetAsList() throws Exception {
-        JsonWebKeys jwks = readKeySet("jwkPublicSet.txt");
-        List<JsonWebKey> keys = jwks.getKeys();
-        assertEquals(2, keys.size());
-        
-        JsonWebKey ecKey = keys.get(0);
-        assertEquals(6, ecKey.asMap().size());
-        validatePublicEcKey(ecKey);
-        JsonWebKey rsaKey = keys.get(1);
-        assertEquals(5, rsaKey.asMap().size());
-        validatePublicRsaKey(rsaKey);
-    }
-    
-    @Test
-    public void testPublicSetAsMap() throws Exception {
-        JsonWebKeys jwks = readKeySet("jwkPublicSet.txt");
-        Map<String, JsonWebKey> keysMap = jwks.getKeyIdMap();
-        assertEquals(2, keysMap.size());
-        
-        JsonWebKey rsaKey = keysMap.get(RSA_KID_VALUE);
-        assertEquals(5, rsaKey.asMap().size());
-        validatePublicRsaKey(rsaKey);
-        JsonWebKey ecKey = keysMap.get(EC_KID_VALUE);
-        assertEquals(6, ecKey.asMap().size());
-        validatePublicEcKey(ecKey);
-    }
-    
-    @Test
-    public void testPrivateSetAsList() throws Exception {
-        JsonWebKeys jwks = readKeySet("jwkPrivateSet.txt");
-        validatePrivateSet(jwks);
-    }
-    private void validatePrivateSet(JsonWebKeys jwks) throws Exception {
-        List<JsonWebKey> keys = jwks.getKeys();
-        assertEquals(2, keys.size());
-        
-        JsonWebKey ecKey = keys.get(0);
-        assertEquals(7, ecKey.asMap().size());
-        validatePrivateEcKey(ecKey);
-        JsonWebKey rsaKey = keys.get(1);
-        assertEquals(11, rsaKey.asMap().size());
-        validatePrivateRsaKey(rsaKey);
-    }
-    @Test
-    public void testEncryptDecryptPrivateSet() throws Exception {
-        Security.addProvider(new BouncyCastleProvider());    
-        try {
-            JsonWebKeys jwks = readKeySet("jwkPrivateSet.txt");
-            validatePrivateSet(jwks);
-            String encryptedKeySet = JwkUtils.encryptJwkSet(jwks, "password".toCharArray());
-            JweCompactConsumer c = new JweCompactConsumer(encryptedKeySet);
-            assertEquals("jwk-set+json", c.getJweHeaders().getContentType());
-            assertEquals(Algorithm.PBES2_HS256_A128KW.getJwtName(), c.getJweHeaders().getKeyEncryptionAlgorithm());
-            assertEquals(Algorithm.A128CBC_HS256.getJwtName(), c.getJweHeaders().getContentEncryptionAlgorithm());
-            assertNotNull(c.getJweHeaders().getHeader("p2s"));
-            assertNotNull(c.getJweHeaders().getHeader("p2c"));
-            jwks = JwkUtils.decryptJwkSet(encryptedKeySet, "password".toCharArray());
-            validatePrivateSet(jwks);
-        } finally {
-            Security.removeProvider(BouncyCastleProvider.class.getName());
-        }
-    }
-    @Test
-    public void testEncryptDecryptPrivateKey() throws Exception {
-        final String key = "{\"kty\":\"oct\","
-            + "\"alg\":\"A128KW\","
-            + "\"k\":\"GawgguFyGrWKav7AX4VKUg\","
-            + "\"kid\":\"AesWrapKey\"}";
-        Security.addProvider(new BouncyCastleProvider());    
-        try {
-            JsonWebKey jwk = readKey(key);
-            validateSecretAesKey(jwk);
-            String encryptedKey = JwkUtils.encryptJwkKey(jwk, "password".toCharArray());
-            JweCompactConsumer c = new JweCompactConsumer(encryptedKey);
-            assertEquals("jwk+json", c.getJweHeaders().getContentType());
-            assertEquals(Algorithm.PBES2_HS256_A128KW.getJwtName(), c.getJweHeaders().getKeyEncryptionAlgorithm());
-            assertEquals(Algorithm.A128CBC_HS256.getJwtName(), c.getJweHeaders().getContentEncryptionAlgorithm());
-            assertNotNull(c.getJweHeaders().getHeader("p2s"));
-            assertNotNull(c.getJweHeaders().getHeader("p2c"));
-            jwk = JwkUtils.decryptJwkKey(encryptedKey, "password".toCharArray());
-            validateSecretAesKey(jwk);
-        } finally {
-            Security.removeProvider(BouncyCastleProvider.class.getName());
-        }
-    }
-    
-    @Test
-    public void testSecretSetAsList() throws Exception {
-        JsonWebKeys jwks = readKeySet("jwkSecretSet.txt");
-        List<JsonWebKey> keys = jwks.getKeys();
-        assertEquals(2, keys.size());
-        JsonWebKey aesKey = keys.get(0);
-        assertEquals(4, aesKey.asMap().size());
-        validateSecretAesKey(aesKey);
-        JsonWebKey hmacKey = keys.get(1);
-        assertEquals(4, hmacKey.asMap().size());
-        validateSecretHmacKey(hmacKey);
-    }
-    
-    private void validateSecretAesKey(JsonWebKey key) {
-        assertEquals(AES_SECRET_VALUE, key.getProperty(JsonWebKey.OCTET_KEY_VALUE));
-        assertEquals(AES_KID_VALUE, key.getKid());
-        assertEquals(JsonWebKey.KEY_TYPE_OCTET, key.getKeyType());
-        assertEquals(JwtConstants.A128KW_ALGO, key.getAlgorithm());
-    }
-    private void validateSecretHmacKey(JsonWebKey key) {
-        assertEquals(HMAC_SECRET_VALUE, key.getProperty(JsonWebKey.OCTET_KEY_VALUE));
-        assertEquals(HMAC_KID_VALUE, key.getKid());
-        assertEquals(JsonWebKey.KEY_TYPE_OCTET, key.getKeyType());
-        assertEquals(JwtConstants.HMAC_SHA_256_ALGO, key.getAlgorithm());
-    }
-    
-    private void validatePublicRsaKey(JsonWebKey key) {
-        assertEquals(RSA_MODULUS_VALUE, key.getProperty(JsonWebKey.RSA_MODULUS));
-        assertEquals(RSA_PUBLIC_EXP_VALUE, key.getProperty(JsonWebKey.RSA_PUBLIC_EXP));
-        assertEquals(RSA_KID_VALUE, key.getKid());
-        assertEquals(JsonWebKey.KEY_TYPE_RSA, key.getKeyType());
-        assertEquals(JwtConstants.RS_SHA_256_ALGO, key.getAlgorithm());
-    }
-    private void validatePrivateRsaKey(JsonWebKey key) {
-        validatePublicRsaKey(key);
-        assertEquals(RSA_PRIVATE_EXP_VALUE, key.getProperty(JsonWebKey.RSA_PRIVATE_EXP));
-        assertEquals(RSA_FIRST_PRIME_FACTOR_VALUE, key.getProperty(JsonWebKey.RSA_FIRST_PRIME_FACTOR));
-        assertEquals(RSA_SECOND_PRIME_FACTOR_VALUE, key.getProperty(JsonWebKey.RSA_SECOND_PRIME_FACTOR));
-        assertEquals(RSA_FIRST_PRIME_CRT_VALUE, key.getProperty(JsonWebKey.RSA_FIRST_PRIME_CRT));
-        assertEquals(RSA_SECOND_PRIME_CRT_VALUE, key.getProperty(JsonWebKey.RSA_SECOND_PRIME_CRT));
-        assertEquals(RSA_FIRST_CRT_COEFFICIENT_VALUE, key.getProperty(JsonWebKey.RSA_FIRST_CRT_COEFFICIENT));
-    }
-    private void validatePublicEcKey(JsonWebKey key) {
-        assertEquals(EC_X_COORDINATE_VALUE, key.getProperty(JsonWebKey.EC_X_COORDINATE));
-        assertEquals(EC_Y_COORDINATE_VALUE, key.getProperty(JsonWebKey.EC_Y_COORDINATE));
-        assertEquals(EC_KID_VALUE, key.getKid());
-        assertEquals(JsonWebKey.KEY_TYPE_ELLIPTIC, key.getKeyType());
-        assertEquals(EC_CURVE_VALUE, key.getProperty(JsonWebKey.EC_CURVE));
-        assertEquals(JsonWebKey.PUBLIC_KEY_USE_ENCRYPT, key.getPublicKeyUse());
-    }
-    private void validatePrivateEcKey(JsonWebKey key) {
-        validatePublicEcKey(key);
-        assertEquals(EC_PRIVATE_KEY_VALUE, key.getProperty(JsonWebKey.EC_PRIVATE_KEY));
-    }
-
-    public JsonWebKeys readKeySet(String fileName) throws Exception {
-        InputStream is = JsonWebKeyTest.class.getResourceAsStream(fileName);
-        String s = IOUtils.readStringFromStream(is);
-        return JwkUtils.readJwkSet(s);
-    }
-    public JsonWebKey readKey(String key) throws Exception {
-        return JwkUtils.readJwkKey(key);
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/2e5f5a13/rt/rs/security/oauth-parent/oauth2-jwt/src/test/java/org/apache/cxf/rs/security/jose/jwk/jwkPrivateSet.txt
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/test/java/org/apache/cxf/rs/security/jose/jwk/jwkPrivateSet.txt
b/rt/rs/security/oauth-parent/oauth2-jwt/src/test/java/org/apache/cxf/rs/security/jose/jwk/jwkPrivateSet.txt
deleted file mode 100644
index cb30c04..0000000
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/test/java/org/apache/cxf/rs/security/jose/jwk/jwkPrivateSet.txt
+++ /dev/null
@@ -1,23 +0,0 @@
-{"keys":
-       [
-         {"kty":"EC",
-          "crv":"P-256",
-          "x":"MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4",
-          "y":"4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM",
-          "d":"870MB6gfuTJ4HtUnUvYMyJpr5eUZNP4Bk43bVdj3eAE",
-          "use":"enc",
-          "kid":"1"},
-
-         {"kty":"RSA",
-          "n":"0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx4cbbfAAtVT86zwu1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMstn64tZ_2W-5JsGY4Hc5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2QvzqY368QQMicAtaSqzs8KJZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbISD08qNLyrdkt-bFTWhAI4vMQFh6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqbw0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw",
-          "e":"AQAB",
-          "d":"X4cTteJY_gn4FYPsXB8rdXix5vwsg1FLN5E3EaG6RJoVH-HLLKD9M7dx5oo7GURknchnrRweUkC7hT5fJLM0WbFAKNLWY2vv7B6NqXSzUvxT0_YSfqijwp3RTzlBaCxWp4doFk5N2o8Gy_nHNKroADIkJ46pRUohsXywbReAdYaMwFs9tv8d_cPVY3i07a3t8MN6TNwm0dSawm9v47UiCl3Sk5ZiG7xojPLu4sbg1U2jx4IBTNBznbJSzFHK66jT8bgkuqsk0GjskDJk19Z4qwjwbsnn4j2WBii3RL-Us2lGVkY8fkFzme1z0HbIkfz0Y6mqnOYtqc0X4jfcKoAC8Q",
-          "p":"83i-7IvMGXoMXCskv73TKr8637FiO7Z27zv8oj6pbWUQyLPQBQxtPVnwD20R-60eTDmD2ujnMt5PoqMrm8RfmNhVWDtjjMmCMjOpSXicFHj7XOuVIYQyqVWlWEh6dN36GVZYk93N8Bc9vY41xy8B9RzzOGVQzXvNEvn7O0nVbfs",
-          "q":"3dfOR9cuYq-0S-mkFLzgItgMEfFzB2q3hWehMuG0oCuqnb3vobLyumqjVZQO1dIrdwgTnCdpYzBcOfW5r370AFXjiWft_NGEiovonizhKpo9VVS78TzFgxkIdrecRezsZ-1kYd_s1qDbxtkDEgfAITAG9LUnADun4vIcb6yelxk",
-          "dp":"G4sPXkc6Ya9y8oJW9_ILj4xuppu0lzi_H7VTkS8xj5SdX3coE0oimYwxIi2emTAue0UOa5dpgFGyBJ4c8tQ2VF402XRugKDTP8akYhFo5tAA77Qe_NmtuYZc3C3m3I24G2GvR5sSDxUyAN2zq8Lfn9EUms6rY3Ob8YeiKkTiBj0",
-          "dq":"s9lAH9fggBsoFR8Oac2R_E2gw282rT2kGOAhvIllETE1efrA6huUUvMfBcMpn8lqeW6vzznYY5SSQF7pMdC_agI3nG8Ibp1BUb0JUiraRNqUfLhcQb_d9GF4Dh7e74WbRsobRonujTYN1xCaP6TO61jvWrX-L18txXw494Q_cgk",
-          "qi":"GyM_p6JrXySiz1toFgKbWV-JdI3jQ4ypu9rbMWx3rQJBfmt0FoYzgUIZEVFEcOqwemRN81zoDAaa-Bk0KWNGDjJHZDdDmFhW3AN7lI-puxk_mHZGJ11rxyR8O55XLSe3SPmRfKwZI6yU24ZxvQKFYItdldUKGzO6Ia6zTKhAVRU",
-          "alg":"RS256",
-          "kid":"2011-04-29"}
-       ]
-     }

http://git-wip-us.apache.org/repos/asf/cxf/blob/2e5f5a13/rt/rs/security/oauth-parent/oauth2-jwt/src/test/java/org/apache/cxf/rs/security/jose/jwk/jwkPublicSet.txt
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/test/java/org/apache/cxf/rs/security/jose/jwk/jwkPublicSet.txt
b/rt/rs/security/oauth-parent/oauth2-jwt/src/test/java/org/apache/cxf/rs/security/jose/jwk/jwkPublicSet.txt
deleted file mode 100644
index 5a4a839..0000000
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/test/java/org/apache/cxf/rs/security/jose/jwk/jwkPublicSet.txt
+++ /dev/null
@@ -1,17 +0,0 @@
-{"keys":
-       [
-         {"kty":"EC",
-          "crv":"P-256",
-          "x":"MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4",
-          "y":"4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM",
-          "use":"enc",
-          "kid":"1"},
-
-         {"kty":"RSA",
-          "n": "0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx4cbbfAAtVT86zwu1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMstn64tZ_2W-5JsGY4Hc5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2QvzqY368QQMicAtaSqzs8KJZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbISD08qNLyrdkt-bFTWhAI4vMQFh6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqbw0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw",
-          "e":"AQAB",
-          "alg":"RS256",
-          "kid":"2011-04-29"}
-          
-       ]
-     }
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/cxf/blob/2e5f5a13/rt/rs/security/oauth-parent/oauth2-jwt/src/test/java/org/apache/cxf/rs/security/jose/jwk/jwkSecretSet.txt
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/test/java/org/apache/cxf/rs/security/jose/jwk/jwkSecretSet.txt
b/rt/rs/security/oauth-parent/oauth2-jwt/src/test/java/org/apache/cxf/rs/security/jose/jwk/jwkSecretSet.txt
deleted file mode 100644
index 6520c75..0000000
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/test/java/org/apache/cxf/rs/security/jose/jwk/jwkSecretSet.txt
+++ /dev/null
@@ -1,13 +0,0 @@
-{"keys":
-       [
-         {"kty":"oct",
-          "alg":"A128KW",
-          "k":"GawgguFyGrWKav7AX4VKUg",
-          "kid":"AesWrapKey"},
-
-         {"kty":"oct",
-          "alg":"HS256",
-          "k":"AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow",
-          "kid":"HMACKey"}
-       ]
-     }
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/cxf/blob/2e5f5a13/rt/rs/security/oauth-parent/oauth2-jwt/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsCompactReaderWriterTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsCompactReaderWriterTest.java
b/rt/rs/security/oauth-parent/oauth2-jwt/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsCompactReaderWriterTest.java
deleted file mode 100644
index 5a08733..0000000
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsCompactReaderWriterTest.java
+++ /dev/null
@@ -1,256 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jws;
-
-import java.security.PrivateKey;
-import java.security.interfaces.ECPrivateKey;
-import java.security.interfaces.ECPublicKey;
-import java.security.interfaces.RSAPublicKey;
-import java.util.Arrays;
-import java.util.LinkedHashMap;
-import java.util.List;
-import java.util.Map;
-
-import org.apache.cxf.rs.security.jose.jwa.Algorithm;
-import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
-import org.apache.cxf.rs.security.jose.jwt.JwtClaims;
-import org.apache.cxf.rs.security.jose.jwt.JwtConstants;
-import org.apache.cxf.rs.security.jose.jwt.JwtHeaders;
-import org.apache.cxf.rs.security.jose.jwt.JwtToken;
-import org.apache.cxf.rs.security.jose.jwt.JwtTokenReaderWriter;
-import org.apache.cxf.rs.security.jose.jwt.JwtTokenWriter;
-import org.apache.cxf.rs.security.oauth2.utils.crypto.CryptoUtils;
-
-import org.junit.Assert;
-import org.junit.Test;
-
-public class JwsCompactReaderWriterTest extends Assert {
-    
-    public static final String ENCODED_TOKEN_SIGNED_BY_MAC = 
-        "eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9"
-        + ".eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ"
-        + ".dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk";
-    
-    
-    private static final String ENCODED_MAC_KEY = "AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75"
-        + "aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow";
-    
-    private static final String ENCODED_TOKEN_WITH_JSON_KEY_SIGNED_BY_MAC = 
-        "eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIU"
-        + "zI1NiIsDQogImp3ayI6eyJrdHkiOiJvY3QiLA0KICJrZXlfb3BzIjpbDQogInNpZ24iLA0KICJ2ZXJpZnkiDQogXX19"
-        + ".eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ"
-        + ".8cFZqb15gEDYRZqSzUu23nQnKNynru1ADByRPvmmOq8";
-    
-    private static final String RSA_MODULUS_ENCODED = "ofgWCuLjybRlzo0tZWJjNiuSfb4p4fAkd_wWJcyQoTbji9k0l8W26mPddx"
-        + "HmfHQp-Vaw-4qPCJrcS2mJPMEzP1Pt0Bm4d4QlL-yRT-SFd2lZS-pCgNMs"
-        + "D1W_YpRPEwOWvG6b32690r2jZ47soMZo9wGzjb_7OMg0LOL-bSf63kpaSH"
-        + "SXndS5z5rexMdbBYUsLA9e-KXBdQOS-UTo7WTBEMa2R2CapHg665xsmtdV"
-        + "MTBQY4uDZlxvb3qCo5ZwKh9kG4LT6_I5IhlJH7aGhyxXFvUK-DWNmoudF8"
-        + "NAco9_h9iaGNj8q2ethFkMLs91kzk2PAcDTW9gb54h4FRWyuXpoQ";
-    private static final String RSA_PUBLIC_EXPONENT_ENCODED = "AQAB";
-    private static final String RSA_PRIVATE_EXPONENT_ENCODED = 
-        "Eq5xpGnNCivDflJsRQBXHx1hdR1k6Ulwe2JZD50LpXyWPEAeP88vLNO97I"
-        + "jlA7_GQ5sLKMgvfTeXZx9SE-7YwVol2NXOoAJe46sui395IW_GO-pWJ1O0"
-        + "BkTGoVEn2bKVRUCgu-GjBVaYLU6f3l9kJfFNS3E0QbVdxzubSu3Mkqzjkn"
-        + "439X0M_V51gfpRLI9JYanrC4D4qAdGcopV_0ZHHzQlBjudU2QvXt4ehNYT"
-        + "CBr6XCLQUShb1juUO1ZdiYoFaFQT5Tw8bGUl_x_jTj3ccPDVZFD9pIuhLh"
-        + "BOneufuBiB4cS98l2SR_RQyGWSeWjnczT0QU91p1DhOVRuOopznQ";
-    private static final String ENCODED_TOKEN_SIGNED_BY_PRIVATE_KEY =
-        "eyJhbGciOiJSUzI1NiJ9"
-        + "."
-        + "eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt"
-        + "cGxlLmNvbS9pc19yb290Ijp0cnVlfQ"
-        + "."
-        + "cC4hiUPoj9Eetdgtv3hF80EGrhuB__dzERat0XF9g2VtQgr9PJbu3XOiZj5RZmh7"
-        + "AAuHIm4Bh-0Qc_lF5YKt_O8W2Fp5jujGbds9uJdbF9CUAr7t1dnZcAcQjbKBYNX4"
-        + "BAynRFdiuB--f_nZLgrnbyTyWzO75vRK5h6xBArLIARNPvkSjtQBMHlb1L07Qe7K"
-        + "0GarZRmB_eSN9383LcOLn6_dO--xi12jzDwusC-eOkHWEsqtFZESc6BfI7noOPqv"
-        + "hJ1phCnvWh6IeYI2w9QOYEUipUTI8np6LbgGY9Fs98rqVt5AXLIhWkWywlVmtVrB"
-        + "p0igcN_IoypGlUPQGe77Rw";
-     
-    private static final String EC_PRIVATE_KEY_ENCODED = 
-        "jpsQnnGQmL-YBIffH1136cspYG6-0iY7X1fCE9-E9LI";
-    private static final String EC_X_POINT_ENCODED = 
-        "f83OJ3D2xF1Bg8vub9tLe1gHMzV76e8Tus9uPHvRVEU";
-    private static final String EC_Y_POINT_ENCODED = 
-        "x_FEzRu9m36HLN_tue659LNpXW6pCyStikYjKIWI5a0";
-    @Test
-    public void testWriteJwsSignedByMacSpecExample() throws Exception {
-        JwtHeaders headers = new JwtHeaders(Algorithm.HmacSHA256.getJwtName());
-        JwsCompactProducer jws = initSpecJwtTokenWriter(headers);
-        jws.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY, Algorithm.HmacSHA256.getJwtName()));
-        
-        assertEquals(ENCODED_TOKEN_SIGNED_BY_MAC, jws.getSignedEncodedJws());
-        
-    }
-    
-    @Test
-    public void testWriteReadJwsUnsigned() throws Exception {
-        JwtHeaders headers = new JwtHeaders(JwtConstants.PLAIN_TEXT_ALGO);
-        
-        JwtClaims claims = new JwtClaims();
-        claims.setIssuer("https://jwt-idp.example.com");
-        claims.setSubject("mailto:mike@example.com");
-        claims.setAudience("https://jwt-rp.example.net");
-        claims.setNotBefore(1300815780L);
-        claims.setExpiryTime(1300819380L);
-        claims.setClaim("http://claims.example.com/member", true);
-        
-        JwsCompactProducer writer = new JwsJwtCompactProducer(headers, claims);
-        String signed = writer.getSignedEncodedJws();
-        
-        JwsJwtCompactConsumer reader = new JwsJwtCompactConsumer(signed);
-        assertEquals(0, reader.getDecodedSignature().length);
-        
-        JwtToken token = reader.getJwtToken();
-        assertEquals(new JwtToken(headers, claims), token);
-    }
-
-    @Test
-    public void testReadJwsSignedByMacSpecExample() throws Exception {
-        JwsJwtCompactConsumer jws = new JwsJwtCompactConsumer(ENCODED_TOKEN_SIGNED_BY_MAC);
-        assertTrue(jws.verifySignatureWith(new HmacJwsSignatureVerifier(ENCODED_MAC_KEY)));
-        JwtToken token = jws.getJwtToken();
-        JwtHeaders headers = token.getHeaders();
-        assertEquals(JwtConstants.TYPE_JWT, headers.getType());
-        assertEquals(Algorithm.HmacSHA256.getJwtName(), headers.getAlgorithm());
-        validateSpecClaim(token.getClaims());
-    }
-    
-    @Test
-    public void testWriteJwsWithJwkSignedByMac() throws Exception {
-        JsonWebKey key = new JsonWebKey();
-        key.setKeyType(JsonWebKey.KEY_TYPE_OCTET);
-        key.setKeyOperation(Arrays.asList(
-            new String[]{JsonWebKey.KEY_OPER_SIGN, JsonWebKey.KEY_OPER_VERIFY}));
-        doTestWriteJwsWithJwkSignedByMac(key);
-    }
-    
-    @Test
-    public void testWriteJwsWithJwkAsMapSignedByMac() throws Exception {
-        Map<String, Object> map = new LinkedHashMap<String, Object>();
-        map.put(JsonWebKey.KEY_TYPE, JsonWebKey.KEY_TYPE_OCTET);
-        map.put(JsonWebKey.KEY_OPERATIONS,
-                new String[]{JsonWebKey.KEY_OPER_SIGN, JsonWebKey.KEY_OPER_VERIFY});
-        doTestWriteJwsWithJwkSignedByMac(map);
-    }
-    
-    private void doTestWriteJwsWithJwkSignedByMac(Object jsonWebKey) throws Exception {
-        JwtHeaders headers = new JwtHeaders(Algorithm.HmacSHA256.getJwtName());
-        
-        headers.setHeader(JwtConstants.HEADER_JSON_WEB_KEY, jsonWebKey);
-        
-        JwtClaims claims = new JwtClaims();
-        claims.setIssuer("joe");
-        claims.setExpiryTime(1300819380L);
-        claims.setClaim("http://example.com/is_root", Boolean.TRUE);
-        
-        JwtToken token = new JwtToken(headers, claims);
-        JwsCompactProducer jws = new JwsJwtCompactProducer(token, getWriter());
-        jws.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY, Algorithm.HmacSHA256.getJwtName()));
-        
-        assertEquals(ENCODED_TOKEN_WITH_JSON_KEY_SIGNED_BY_MAC, jws.getSignedEncodedJws());
-    }
-    
-    @Test
-    public void testReadJwsWithJwkSignedByMac() throws Exception {
-        JwsJwtCompactConsumer jws = new JwsJwtCompactConsumer(ENCODED_TOKEN_WITH_JSON_KEY_SIGNED_BY_MAC);
-        assertTrue(jws.verifySignatureWith(new HmacJwsSignatureVerifier(ENCODED_MAC_KEY)));
-        JwtToken token = jws.getJwtToken();
-        JwtHeaders headers = token.getHeaders();
-        assertEquals(JwtConstants.TYPE_JWT, headers.getType());
-        assertEquals(Algorithm.HmacSHA256.getJwtName(), headers.getAlgorithm());
-        
-        JsonWebKey key = headers.getJsonWebKey();
-        assertEquals(JsonWebKey.KEY_TYPE_OCTET, key.getKeyType());
-        List<String> keyOps = key.getKeyOperation();
-        assertEquals(2, keyOps.size());
-        assertEquals(JsonWebKey.KEY_OPER_SIGN, keyOps.get(0));
-        assertEquals(JsonWebKey.KEY_OPER_VERIFY, keyOps.get(1));
-        
-        validateSpecClaim(token.getClaims());
-    }
-    
-    private void validateSpecClaim(JwtClaims claims) {
-        assertEquals("joe", claims.getIssuer());
-        assertEquals(Long.valueOf(1300819380), claims.getExpiryTime());
-        assertEquals(Boolean.TRUE, claims.getClaim("http://example.com/is_root"));
-    }
-    
-    @Test
-    public void testWriteJwsSignedByPrivateKey() throws Exception {
-        JwtHeaders headers = new JwtHeaders();
-        headers.setAlgorithm(Algorithm.SHA256withRSA.getJwtName());
-        JwsCompactProducer jws = initSpecJwtTokenWriter(headers);
-        PrivateKey key = CryptoUtils.getRSAPrivateKey(RSA_MODULUS_ENCODED, RSA_PRIVATE_EXPONENT_ENCODED);
-        jws.signWith(new PrivateKeyJwsSignatureProvider(key, Algorithm.SHA256withRSA.getJwtName()));
-        
-        assertEquals(ENCODED_TOKEN_SIGNED_BY_PRIVATE_KEY, jws.getSignedEncodedJws());
-    }
-    
-    @Test
-    public void testWriteReadJwsSignedByESPrivateKey() throws Exception {
-        JwtHeaders headers = new JwtHeaders();
-        headers.setAlgorithm(Algorithm.SHA256withECDSA.getJwtName());
-        JwsCompactProducer jws = initSpecJwtTokenWriter(headers);
-        ECPrivateKey privateKey = CryptoUtils.getECPrivateKey(JsonWebKey.EC_CURVE_P256,
-                                                              EC_PRIVATE_KEY_ENCODED);
-        jws.signWith(new EcDsaJwsSignatureProvider(privateKey, Algorithm.SHA256withECDSA.getJwtName()));
-        String signedJws = jws.getSignedEncodedJws();
-        
-        ECPublicKey publicKey = CryptoUtils.getECPublicKey(JsonWebKey.EC_CURVE_P256,
-                                                           EC_X_POINT_ENCODED, 
-                                                           EC_Y_POINT_ENCODED);
-        JwsJwtCompactConsumer jwsConsumer = new JwsJwtCompactConsumer(signedJws);
-        assertTrue(jwsConsumer.verifySignatureWith(new PublicKeyJwsSignatureVerifier(publicKey)));
-        JwtToken token = jwsConsumer.getJwtToken();
-        JwtHeaders headersReceived = token.getHeaders();
-        assertEquals(Algorithm.SHA256withECDSA.getJwtName(), headersReceived.getAlgorithm());
-        validateSpecClaim(token.getClaims());
-    }
-    
-    @Test
-    public void testReadJwsSignedByPrivateKey() throws Exception {
-        JwsJwtCompactConsumer jws = new JwsJwtCompactConsumer(ENCODED_TOKEN_SIGNED_BY_PRIVATE_KEY);
-        RSAPublicKey key = CryptoUtils.getRSAPublicKey(RSA_MODULUS_ENCODED, RSA_PUBLIC_EXPONENT_ENCODED);
-        assertTrue(jws.verifySignatureWith(new PublicKeyJwsSignatureVerifier(key)));
-        JwtToken token = jws.getJwtToken();
-        JwtHeaders headers = token.getHeaders();
-        assertEquals(Algorithm.SHA256withRSA.getJwtName(), headers.getAlgorithm());
-        validateSpecClaim(token.getClaims());
-    }
-    
-    private JwsCompactProducer initSpecJwtTokenWriter(JwtHeaders headers) throws Exception
{
-        
-        JwtClaims claims = new JwtClaims();
-        claims.setIssuer("joe");
-        claims.setExpiryTime(1300819380L);
-        claims.setClaim("http://example.com/is_root", Boolean.TRUE);
-        
-        JwtToken token = new JwtToken(headers, claims);
-        return new JwsJwtCompactProducer(token, getWriter());
-    }
-
-    
-    private JwtTokenWriter getWriter() {
-        JwtTokenReaderWriter jsonWriter = new JwtTokenReaderWriter();
-        jsonWriter.setFormat(true);
-        return jsonWriter;
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/2e5f5a13/rt/rs/security/oauth-parent/pom.xml
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/pom.xml b/rt/rs/security/oauth-parent/pom.xml
index c59a4ec..8d5324f 100644
--- a/rt/rs/security/oauth-parent/pom.xml
+++ b/rt/rs/security/oauth-parent/pom.xml
@@ -39,6 +39,6 @@
         <module>oauth</module>
         <module>oauth2</module>
         <module>oauth2-saml</module>
-        <module>oauth2-jwt</module>
+        <module>oauth2-jose</module>
     </modules>
 </project>


Mime
View raw message