cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject [2/3] git commit: [CXF-5944] Moving some of code from the jwt package to the jose package
Date Thu, 25 Sep 2014 17:24:47 GMT
[CXF-5944] Moving some of code from the jwt package to the jose package


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/522b7021
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/522b7021
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/522b7021

Branch: refs/heads/master
Commit: 522b70215ca45ffea813c1294751afc5f44953c0
Parents: eae0b03
Author: Sergey Beryozkin <sberyozkin@talend.com>
Authored: Thu Sep 25 18:23:38 2014 +0100
Committer: Sergey Beryozkin <sberyozkin@talend.com>
Committed: Thu Sep 25 18:23:38 2014 +0100

----------------------------------------------------------------------
 .../rs/security/jose/AbstractJoseObject.java    |  61 ++++++
 .../jose/AbstractJoseObjectReaderWriter.java    | 214 +++++++++++++++++++
 .../cxf/rs/security/jose/JoseConstants.java     |  81 +++++++
 .../cxf/rs/security/jose/JoseHeaders.java       | 157 ++++++++++++++
 .../cxf/rs/security/jose/JoseHeadersReader.java |  24 +++
 .../security/jose/JoseHeadersReaderWriter.java  |  39 ++++
 .../cxf/rs/security/jose/JoseHeadersWriter.java |  25 +++
 .../apache/cxf/rs/security/jose/JoseUtils.java  |  46 ++++
 .../jose/jaxrs/JweClientResponseFilter.java     |   4 +-
 .../jose/jaxrs/JweContainerRequestFilter.java   |   4 +-
 .../jose/jaxrs/JweWriterInterceptor.java        |  12 +-
 .../jose/jaxrs/JwsClientResponseFilter.java     |   4 +-
 .../jose/jaxrs/JwsContainerRequestFilter.java   |   4 +-
 .../jose/jaxrs/JwsJwtMessageBodyWriter.java     |   4 +-
 .../jose/jaxrs/JwsWriterInterceptor.java        |  17 +-
 .../cxf/rs/security/jose/jwa/Algorithm.java     | 183 ++++++++--------
 .../jose/jwe/AbstractJweDecryption.java         |  12 +-
 .../jose/jwe/AbstractJweEncryption.java         |  16 +-
 .../jose/jwe/AesCbcHmacJweDecryption.java       |   4 +-
 .../jose/jwe/AesCbcHmacJweEncryption.java       |   4 +-
 .../jose/jwe/DirectKeyJweDecryption.java        |   6 +-
 .../security/jose/jwe/JweCompactConsumer.java   |   8 +-
 .../security/jose/jwe/JweCompactProducer.java   |  17 +-
 .../cxf/rs/security/jose/jwe/JweHeaders.java    |  24 +--
 .../jose/jwe/WrappedKeyJweDecryption.java       |   8 +-
 .../jose/jwe/WrappedKeyJweEncryption.java       |   6 +-
 .../jose/jwk/DefaultJwkReaderWriter.java        |   4 +-
 .../cxf/rs/security/jose/jwk/JsonWebKey.java    |  18 +-
 .../cxf/rs/security/jose/jwk/JsonWebKeys.java   |   4 +-
 .../jose/jws/AbstractJwsSignatureProvider.java  |  10 +-
 .../jose/jws/HmacJwsSignatureProvider.java      |   3 +-
 .../security/jose/jws/JwsCompactConsumer.java   |  17 +-
 .../security/jose/jws/JwsCompactProducer.java   |  21 +-
 .../cxf/rs/security/jose/jws/JwsHeaders.java    |  32 +++
 .../jose/jws/JwsJwtCompactProducer.java         |   2 +-
 .../security/jose/jws/JwsSignatureProvider.java |   3 +-
 .../jws/PrivateKeyJwsSignatureProvider.java     |   3 +-
 .../rs/security/jose/jwt/AbstractJwtObject.java |  61 ------
 .../jose/jwt/AbstractJwtObjectReaderWriter.java | 212 ------------------
 .../cxf/rs/security/jose/jwt/JwtClaims.java     |   4 +-
 .../cxf/rs/security/jose/jwt/JwtConstants.java  |  55 +----
 .../cxf/rs/security/jose/jwt/JwtHeaders.java    | 135 +-----------
 .../rs/security/jose/jwt/JwtHeadersReader.java  |  24 ---
 .../rs/security/jose/jwt/JwtHeadersWriter.java  |  27 ---
 .../rs/security/jose/jwt/JwtTokenReader.java    |   4 +-
 .../security/jose/jwt/JwtTokenReaderWriter.java |  18 +-
 .../rs/security/jose/jwt/JwtTokenWriter.java    |   4 +-
 .../cxf/rs/security/jose/jwt/JwtUtils.java      |  46 ----
 .../jose/jwe/JweCompactReaderWriterTest.java    |   6 +-
 .../jose/jwe/JwePbeHmacAesWrapTest.java         |  10 +-
 .../rs/security/jose/jwk/JsonWebKeyTest.java    |   8 +-
 .../jose/jws/JwsCompactReaderWriterTest.java    |  10 +-
 52 files changed, 927 insertions(+), 798 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/522b7021/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/AbstractJoseObject.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/AbstractJoseObject.java b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/AbstractJoseObject.java
new file mode 100644
index 0000000..1db9f1c
--- /dev/null
+++ b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/AbstractJoseObject.java
@@ -0,0 +1,61 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.rs.security.jose;
+
+import java.util.LinkedHashMap;
+import java.util.Map;
+
+public abstract class AbstractJoseObject {
+    protected Map<String, Object> values = new LinkedHashMap<String, Object>();
+    
+    protected AbstractJoseObject() {
+        
+    }
+    
+    protected AbstractJoseObject(Map<String, Object> values) {
+        this.values = values;
+    }
+    
+    protected void setValue(String name, Object value) {
+        values.put(name, value);
+    }
+    
+    protected Object getValue(String name) {
+        return values.get(name);
+    }
+
+    public Map<String, Object> asMap() {
+        return new LinkedHashMap<String, Object>(values);
+    }
+    
+    protected Long getLongDate(String name) {
+        Object object = getValue(name);
+        return object instanceof Long ? (Long)object : Long.valueOf(object.toString());
+    }
+    
+    public int hashCode() { 
+        return values.hashCode();
+    }
+    
+    public boolean equals(Object obj) {
+        return obj instanceof AbstractJoseObject && ((AbstractJoseObject)obj).values.equals(this.values);
+    }
+    
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/522b7021/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/AbstractJoseObjectReaderWriter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/AbstractJoseObjectReaderWriter.java b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/AbstractJoseObjectReaderWriter.java
new file mode 100644
index 0000000..3e43a94
--- /dev/null
+++ b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/AbstractJoseObjectReaderWriter.java
@@ -0,0 +1,214 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.jose;
+
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.LinkedHashMap;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import org.apache.cxf.rs.security.jose.jwt.JwtConstants;
+
+
+
+public class AbstractJoseObjectReaderWriter {
+    private static final Set<String> DATE_PROPERTIES = 
+        new HashSet<String>(Arrays.asList(JwtConstants.CLAIM_EXPIRY, 
+                                          JwtConstants.CLAIM_ISSUED_AT, 
+                                          JwtConstants.CLAIM_NOT_BEFORE));
+    private boolean format;
+    
+    protected String toJson(AbstractJoseObject jwt) {
+        StringBuilder sb = new StringBuilder();
+        toJsonInternal(sb, jwt.asMap());
+        return sb.toString();
+    }
+
+    protected void toJsonInternal(StringBuilder sb, Map<String, Object> map) {
+        sb.append("{");
+        for (Iterator<Map.Entry<String, Object>> it = map.entrySet().iterator(); it.hasNext();) {
+            Map.Entry<String, Object> entry = it.next();
+            sb.append("\"").append(entry.getKey()).append("\"");
+            sb.append(":");
+            toJsonInternal(sb, entry.getValue(), it.hasNext());
+        }
+        sb.append("}");
+    }
+    
+    protected void toJsonInternal(StringBuilder sb, Object[] array) {
+        toJsonInternal(sb, Arrays.asList(array));
+    }
+    
+    protected void toJsonInternal(StringBuilder sb, Collection<?> coll) {
+        sb.append("[");
+        formatIfNeeded(sb);
+        for (Iterator<?> iter = coll.iterator(); iter.hasNext();) {
+            toJsonInternal(sb, iter.next(), iter.hasNext());
+        }
+        formatIfNeeded(sb);
+        sb.append("]");
+    }
+    
+    @SuppressWarnings("unchecked")
+    protected void toJsonInternal(StringBuilder sb, Object value, boolean hasNext) {
+        if (AbstractJoseObject.class.isAssignableFrom(value.getClass())) {
+            sb.append(toJson((AbstractJoseObject)value));
+        } else if (value.getClass().isArray()) {
+            toJsonInternal(sb, (Object[])value);
+        } else if (Collection.class.isAssignableFrom(value.getClass())) {
+            toJsonInternal(sb, (Collection<?>)value);
+        } else if (Map.class.isAssignableFrom(value.getClass())) {
+            toJsonInternal(sb, (Map<String, Object>)value);
+        } else {
+            if (value.getClass() == String.class) {
+                sb.append("\"");
+            }
+            sb.append(value);
+            if (value.getClass() == String.class) {
+                sb.append("\"");
+            }
+        }
+        if (hasNext) {
+            sb.append(",");
+            formatIfNeeded(sb);
+        }
+        
+    }
+    
+    protected void formatIfNeeded(StringBuilder sb) {
+        if (format) {
+            sb.append("\r\n ");
+        }
+    }
+        
+    protected void fromJsonInternal(AbstractJoseObject jwt, String json) {
+        String theJson = json.trim();
+        Map<String, Object> values = readJwtObjectAsMap(theJson.substring(1, theJson.length() - 1));
+        fromJsonInternal(jwt, values);
+    }
+    
+    protected void fromJsonInternal(AbstractJoseObject jwt, Map<String, Object> values) {
+        for (Map.Entry<String, Object> entry : values.entrySet()) {
+            jwt.setValue(entry.getKey(), entry.getValue());
+        }
+    }
+    
+    protected Map<String, Object> readJwtObjectAsMap(String json) {
+        Map<String, Object> values = new LinkedHashMap<String, Object>();
+        for (int i = 0; i < json.length(); i++) {
+            if (isWhiteSpace(json.charAt(i))) {
+                continue;
+            }
+            
+            int closingQuote = json.indexOf('"', i + 1);
+            int from = json.charAt(i) == '"' ? i + 1 : i;
+            String name = json.substring(from, closingQuote);
+            int sepIndex = json.indexOf(':', closingQuote + 1);
+            
+            int j = 1;
+            while (isWhiteSpace(json.charAt(sepIndex + j))) {
+                j++;
+            }
+            if (json.charAt(sepIndex + j) == '{') {
+                int closingIndex = getClosingIndex(json, '{', '}', sepIndex + j);
+                String newJson = json.substring(sepIndex + j + 1, closingIndex);
+                values.put(name, readJwtObjectAsMap(newJson));
+                i = closingIndex + 1;
+            } else if (json.charAt(sepIndex + j) == '[') {
+                int closingIndex = getClosingIndex(json, '[', ']', sepIndex + j);
+                String newJson = json.substring(sepIndex + j + 1, closingIndex);
+                values.put(name, readJwtObjectAsList(newJson));
+                i = closingIndex + 1;
+            } else {
+                int commaIndex = getCommaIndex(json, sepIndex + j);
+                Object value = readPrimitiveValue(json, sepIndex + j, commaIndex);
+                if (DATE_PROPERTIES.contains(name)) {
+                    value = Long.valueOf(value.toString());
+                }
+                values.put(name, value);
+                i = commaIndex + 1;
+            }
+            
+        }
+        return values;
+    }
+    protected List<Object> readJwtObjectAsList(String json) {
+        List<Object> values = new LinkedList<Object>();
+        for (int i = 0; i < json.length(); i++) {
+            if (isWhiteSpace(json.charAt(i))) {
+                continue;
+            }
+            if (json.charAt(i) == '{') {
+                int closingIndex = getClosingIndex(json, '{', '}', i);
+                values.add(readJwtObjectAsMap(json.substring(i + 1, closingIndex)));
+                i = closingIndex + 1;
+            } else {
+                int commaIndex = getCommaIndex(json, i);
+                Object value = readPrimitiveValue(json, i, commaIndex);
+                values.add(value);
+                i = commaIndex + 1;
+            }
+        }
+        
+        return values;
+    }
+    protected Object readPrimitiveValue(String json, int from, int to) {
+        Object value = json.substring(from, to);
+        String valueStr = value.toString().trim(); 
+        if (valueStr.startsWith("\"")) {
+            value = valueStr.substring(1, valueStr.length() - 1);
+        } else if ("true".equals(value) || "false".equals(value)) {
+            value = Boolean.valueOf(valueStr);
+        } 
+        return value;
+    }
+    
+    protected static int getCommaIndex(String json, int from) {
+        int commaIndex = json.indexOf(",", from);
+        if (commaIndex == -1) {
+            commaIndex = json.length();
+        }
+        return commaIndex;
+    }
+    protected int getClosingIndex(String json, char openChar, char closeChar, int from) {
+        int nextOpenIndex = json.indexOf(openChar, from + 1);
+        int closingIndex = json.indexOf(closeChar, from + 1);
+        while (nextOpenIndex != -1 && nextOpenIndex < closingIndex) {
+            nextOpenIndex = json.indexOf(openChar, closingIndex + 1);
+            closingIndex = json.indexOf(closeChar, closingIndex + 1);
+        }
+        return closingIndex;
+    }
+    protected boolean isWhiteSpace(char jsonChar) {
+        return jsonChar == ' ' || jsonChar == '\r' || jsonChar == '\n' || jsonChar == '\t';
+    }
+
+    public void setFormat(boolean format) {
+        this.format = format;
+    }
+
+    
+
+    
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/522b7021/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/JoseConstants.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/JoseConstants.java b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/JoseConstants.java
new file mode 100644
index 0000000..a0b6a5b
--- /dev/null
+++ b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/JoseConstants.java
@@ -0,0 +1,81 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.rs.security.jose;
+
+public final class JoseConstants {
+    public static final String HEADER_TYPE = "typ";
+    public static final String HEADER_ALGORITHM = "alg";
+    public static final String HEADER_CONTENT_TYPE = "cty";
+    public static final String HEADER_CRITICAL = "crit";
+    
+    public static final String HEADER_KEY_ID = "kid";
+    public static final String HEADER_X509_URL = "x5u";
+    public static final String HEADER_X509_CHAIN = "x5c";
+    public static final String HEADER_X509_THUMBPRINT = "x5t";
+    public static final String HEADER_X509_THUMBPRINT_SHA256 = "x5t#S256";
+    public static final String HEADER_JSON_WEB_KEY = "jwk";
+    public static final String HEADER_JSON_WEB_KEY_SET = "jku";
+    
+    public static final String JWE_HEADER_KEY_ENC_ALGORITHM = HEADER_ALGORITHM;
+    public static final String JWE_HEADER_CONTENT_ENC_ALGORITHM = "enc";
+    public static final String JWE_HEADER_ZIP_ALGORITHM = "zip";
+    public static final String DEFLATE_ZIP_ALGORITHM = "DEF";
+    
+    public static final String TYPE_JWT = "JWT";
+    public static final String TYPE_JOSE = "JOSE";
+    public static final String TYPE_JOSE_JSON = "JOSE+JSON";
+    public static final String MEDIA_TYPE_JOSE_JSON = "application/jose+json";
+    
+    public static final String PLAIN_TEXT_ALGO = "none";
+    public static final String HMAC_SHA_256_ALGO = "HS256";
+    public static final String HMAC_SHA_384_ALGO = "HS384";
+    public static final String HMAC_SHA_512_ALGO = "HS512";
+    public static final String RS_SHA_256_ALGO = "RS256";
+    public static final String RS_SHA_384_ALGO = "RS384";
+    public static final String RS_SHA_512_ALGO = "RS512";
+    public static final String ES_SHA_256_ALGO = "ES256";
+    public static final String ES_SHA_384_ALGO = "ES384";
+    public static final String ES_SHA_512_ALGO = "ES512";
+    
+    // Key Encryption
+    public static final String RSA_OAEP_ALGO = "RSA-OAEP";
+    public static final String RSA_OAEP_256_ALGO = "RSA-OAEP-256";
+    public static final String RSA_1_5_ALGO = "RSA1_5";
+    public static final String A128KW_ALGO = "A128KW";
+    public static final String A192KW_ALGO = "A192KW";
+    public static final String A256KW_ALGO = "A256KW";
+    public static final String A128GCMKW_ALGO = "A128GCMKW";
+    public static final String A192GCMKW_ALGO = "A192GCMKW";
+    public static final String A256GCMKW_ALGO = "A256GCMKW";
+    public static final String PBES2_HS256_A128KW_ALGO = "PBES2-HS256+A128KW";
+    public static final String PBES2_HS384_A192KW_ALGO = "PBES2-HS384+A192KW";
+    public static final String PBES2_HS512_A256KW_ALGO = "PBES2-HS512+A256KW";
+    // Content Encryption
+    public static final String A128CBC_HS256_ALGO = "A128CBC-HS256";
+    public static final String A192CBC_HS384_ALGO = "A192CBC-HS384";
+    public static final String A256CBC_HS512_ALGO = "A256CBC-HS512";
+    public static final String A128GCM_ALGO = "A128GCM";
+    public static final String A192GCM_ALGO = "A192GCM";
+    public static final String A256GCM_ALGO = "A256GCM";
+    
+    private JoseConstants() {
+        
+    }
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/522b7021/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeaders.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeaders.java b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeaders.java
new file mode 100644
index 0000000..a503665
--- /dev/null
+++ b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeaders.java
@@ -0,0 +1,157 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.rs.security.jose;
+
+import java.util.List;
+import java.util.Map;
+
+import org.apache.cxf.helpers.CastUtils;
+import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
+
+public class JoseHeaders extends AbstractJoseObject {
+    
+    public JoseHeaders() {
+    }
+    
+    public JoseHeaders(Map<String, Object> values) {
+        super(values);
+    }
+    
+    public void setType(String type) {
+        setHeader(JoseConstants.HEADER_TYPE, type);
+    }
+    
+    public String getType() {
+        return (String)getHeader(JoseConstants.HEADER_TYPE);
+    }
+    
+    public void setContentType(String type) {
+        setHeader(JoseConstants.HEADER_CONTENT_TYPE, type);
+    }
+    
+    public String getContentType() {
+        return (String)getHeader(JoseConstants.HEADER_CONTENT_TYPE);
+    }
+    
+    public void setAlgorithm(String algo) {
+        setHeader(JoseConstants.HEADER_ALGORITHM, algo);
+    }
+    
+    public String getAlgorithm() {
+        return (String)getHeader(JoseConstants.HEADER_ALGORITHM);
+    }
+    
+    public void setKeyId(String kid) {
+        setHeader(JoseConstants.HEADER_KEY_ID, kid);
+    }
+    
+    public String getKeyId() {
+        return (String)getHeader(JoseConstants.HEADER_KEY_ID);
+    }
+    
+    public void setX509Url(String x509Url) {
+        setHeader(JoseConstants.HEADER_X509_URL, x509Url);
+    }
+
+    public String getX509Url() {
+        return (String)getHeader(JoseConstants.HEADER_X509_URL);
+    }
+    
+    public void setX509Chain(String x509Chain) {
+        setHeader(JoseConstants.HEADER_X509_CHAIN, x509Chain);
+    }
+
+    public String getX509Chain() {
+        return (String)getHeader(JoseConstants.HEADER_X509_CHAIN);
+    }
+    
+    public void setX509Thumbprint(String x509Thumbprint) {
+        setHeader(JoseConstants.HEADER_X509_THUMBPRINT, x509Thumbprint);
+    }
+    
+    public String getX509Thumbprint() {
+        return (String)getHeader(JoseConstants.HEADER_X509_THUMBPRINT);
+    }
+    
+    public void setX509ThumbprintSHA256(String x509Thumbprint) {
+        super.setValue(JoseConstants.HEADER_X509_THUMBPRINT_SHA256, x509Thumbprint);
+    }
+    
+    public String getX509ThumbprintSHA256() {
+        return (String)super.getValue(JoseConstants.HEADER_X509_THUMBPRINT_SHA256);
+    }
+    
+    public void setCritical(List<String> crit) {
+        setHeader(JoseConstants.HEADER_CRITICAL, crit);
+    }
+    
+    public List<String> getCritical() {
+        return CastUtils.cast((List<?>)getHeader(JoseConstants.HEADER_CRITICAL));
+    }
+    
+    public void setJsonWebKey(JsonWebKey key) {
+        setValue(JoseConstants.HEADER_JSON_WEB_KEY, key);
+    }
+    
+    public JsonWebKey getJsonWebKey() {
+        Object jsonWebKey = getValue(JoseConstants.HEADER_JSON_WEB_KEY);
+        if (jsonWebKey == null || jsonWebKey instanceof JsonWebKey) {
+            return (JsonWebKey)jsonWebKey;
+        }  
+        Map<String, Object> map = CastUtils.cast((Map<?, ?>)jsonWebKey);
+        return new JsonWebKey(map);
+    }
+    
+    public JoseHeaders setHeader(String name, Object value) {
+        setValue(name, value);
+        return this;
+    }
+    
+    public Object getHeader(String name) {
+        return getValue(name);
+    }
+    
+    public JoseHeaders setIntegerHeader(String name, Integer value) {
+        setValue(name, value);
+        return this;
+    }
+    
+    public Integer getIntegerHeader(String name) {
+        Object value = getValue(name);
+        if (value != null) {
+            return value instanceof Integer ? (Integer)value : Integer.parseInt(value.toString());
+        } else {
+            return null;
+        }
+    }
+    public JoseHeaders setLongHeader(String name, Long value) {
+        setValue(name, value);
+        return this;
+    }
+    
+    public Long getLongHeader(String name) {
+        Object value = getValue(name);
+        if (value != null) {
+            return value instanceof Long ? (Long)value : Long.parseLong(value.toString());
+        } else {
+            return null;
+        }
+    }
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/522b7021/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeadersReader.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeadersReader.java b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeadersReader.java
new file mode 100644
index 0000000..a99ca23
--- /dev/null
+++ b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeadersReader.java
@@ -0,0 +1,24 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.jose;
+
+
+public interface JoseHeadersReader {
+    JoseHeaders fromJsonHeaders(String jsonHeaders);
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/522b7021/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeadersReaderWriter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeadersReaderWriter.java b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeadersReaderWriter.java
new file mode 100644
index 0000000..be20ca3
--- /dev/null
+++ b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeadersReaderWriter.java
@@ -0,0 +1,39 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.jose;
+
+
+
+
+
+public class JoseHeadersReaderWriter extends AbstractJoseObjectReaderWriter
+    implements JoseHeadersReader, JoseHeadersWriter {
+    @Override
+    public String headersToJson(JoseHeaders headers) {
+        return toJson(headers);
+    }
+    
+    @Override
+    public JoseHeaders fromJsonHeaders(String headersJson) {
+        JoseHeaders headers = new JoseHeaders();
+        fromJsonInternal(headers, headersJson);
+        return headers;
+    }
+    
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/522b7021/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeadersWriter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeadersWriter.java b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeadersWriter.java
new file mode 100644
index 0000000..54a77e7
--- /dev/null
+++ b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeadersWriter.java
@@ -0,0 +1,25 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.jose;
+
+public interface JoseHeadersWriter {
+    
+    String headersToJson(JoseHeaders headers);
+    
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/522b7021/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/JoseUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/JoseUtils.java b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/JoseUtils.java
new file mode 100644
index 0000000..9abbe79
--- /dev/null
+++ b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/JoseUtils.java
@@ -0,0 +1,46 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.jose;
+
+public final class JoseUtils {
+    private JoseUtils() {
+        
+    }
+    
+    public static String checkContentType(String contentType, String defaultType) {
+        if (contentType != null) {
+            int paramIndex = contentType.indexOf(';');
+            String typeWithoutParams = paramIndex == -1 ? contentType : contentType.substring(0, paramIndex);
+            if (typeWithoutParams.indexOf('/') == -1) {
+                contentType = "application/" + contentType;
+            }
+        } else {
+            contentType = defaultType;
+        }
+        return contentType;
+    }
+    public static String expandContentType(String contentType) {
+        int paramIndex = contentType.indexOf(';');
+        String typeWithoutParams = paramIndex == -1 ? contentType : contentType.substring(0, paramIndex);
+        if (typeWithoutParams.indexOf('/') == -1) {
+            contentType = "application/" + contentType;
+        }
+        return contentType;
+    }
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/522b7021/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweClientResponseFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweClientResponseFilter.java b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweClientResponseFilter.java
index 596d3db..d04d4c2 100644
--- a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweClientResponseFilter.java
+++ b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweClientResponseFilter.java
@@ -26,8 +26,8 @@ import javax.ws.rs.client.ClientRequestContext;
 import javax.ws.rs.client.ClientResponseContext;
 import javax.ws.rs.client.ClientResponseFilter;
 
+import org.apache.cxf.rs.security.jose.JoseUtils;
 import org.apache.cxf.rs.security.jose.jwe.JweDecryptionOutput;
-import org.apache.cxf.rs.security.jose.jwt.JwtUtils;
 
 @Priority(Priorities.JWE_CLIENT_READ_PRIORITY)
 public class JweClientResponseFilter extends AbstractJweDecryptingFilter implements ClientResponseFilter {
@@ -37,7 +37,7 @@ public class JweClientResponseFilter extends AbstractJweDecryptingFilter impleme
         byte[] bytes = out.getContent();
         res.setEntityStream(new ByteArrayInputStream(bytes));
         res.getHeaders().putSingle("Content-Length", Integer.toString(bytes.length));
-        String ct = JwtUtils.checkContentType(out.getHeaders().getContentType(), getDefaultMediaType());
+        String ct = JoseUtils.checkContentType(out.getHeaders().getContentType(), getDefaultMediaType());
         if (ct != null) {
             res.getHeaders().putSingle("Content-Type", ct);
         }

http://git-wip-us.apache.org/repos/asf/cxf/blob/522b7021/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweContainerRequestFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweContainerRequestFilter.java b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweContainerRequestFilter.java
index 449a3a3..c58fe7e 100644
--- a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweContainerRequestFilter.java
+++ b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweContainerRequestFilter.java
@@ -26,8 +26,8 @@ import javax.ws.rs.container.ContainerRequestContext;
 import javax.ws.rs.container.ContainerRequestFilter;
 import javax.ws.rs.container.PreMatching;
 
+import org.apache.cxf.rs.security.jose.JoseUtils;
 import org.apache.cxf.rs.security.jose.jwe.JweDecryptionOutput;
-import org.apache.cxf.rs.security.jose.jwt.JwtUtils;
 
 @PreMatching
 @Priority(Priorities.JWE_SERVER_READ_PRIORITY)
@@ -38,7 +38,7 @@ public class JweContainerRequestFilter extends AbstractJweDecryptingFilter imple
         byte[] bytes = out.getContent();
         context.setEntityStream(new ByteArrayInputStream(bytes));
         context.getHeaders().putSingle("Content-Length", Integer.toString(bytes.length));
-        String ct = JwtUtils.checkContentType(out.getHeaders().getContentType(), getDefaultMediaType());
+        String ct = JoseUtils.checkContentType(out.getHeaders().getContentType(), getDefaultMediaType());
         if (ct != null) {
             context.getHeaders().putSingle("Content-Type", ct);
         }

http://git-wip-us.apache.org/repos/asf/cxf/blob/522b7021/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweWriterInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweWriterInterceptor.java b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweWriterInterceptor.java
index fc03d1a..496ede0 100644
--- a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweWriterInterceptor.java
+++ b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweWriterInterceptor.java
@@ -38,6 +38,9 @@ import org.apache.cxf.jaxrs.utils.JAXRSUtils;
 import org.apache.cxf.jaxrs.utils.ResourceUtils;
 import org.apache.cxf.message.Message;
 import org.apache.cxf.message.MessageUtils;
+import org.apache.cxf.rs.security.jose.JoseConstants;
+import org.apache.cxf.rs.security.jose.JoseHeadersReaderWriter;
+import org.apache.cxf.rs.security.jose.JoseHeadersWriter;
 import org.apache.cxf.rs.security.jose.jwa.Algorithm;
 import org.apache.cxf.rs.security.jose.jwe.AesCbcHmacJweEncryption;
 import org.apache.cxf.rs.security.jose.jwe.AesGcmContentEncryptionAlgorithm;
@@ -52,9 +55,6 @@ import org.apache.cxf.rs.security.jose.jwe.RSAOaepKeyEncryptionAlgorithm;
 import org.apache.cxf.rs.security.jose.jwe.WrappedKeyJweEncryption;
 import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
 import org.apache.cxf.rs.security.jose.jwk.JwkUtils;
-import org.apache.cxf.rs.security.jose.jwt.JwtConstants;
-import org.apache.cxf.rs.security.jose.jwt.JwtHeadersWriter;
-import org.apache.cxf.rs.security.jose.jwt.JwtTokenReaderWriter;
 import org.apache.cxf.rs.security.oauth2.utils.crypto.CryptoUtils;
 
 @Priority(Priorities.JWE_WRITE_PRIORITY)
@@ -67,7 +67,7 @@ public class JweWriterInterceptor implements WriterInterceptor {
     private JweEncryptionProvider encryptionProvider;
     private boolean contentTypeRequired = true;
     private boolean useJweOutputStream;
-    private JwtHeadersWriter writer = new JwtTokenReaderWriter();
+    private JoseHeadersWriter writer = new JoseHeadersReaderWriter();
     @Override
     public void aroundWriteTo(WriterInterceptorContext ctx) throws IOException, WebApplicationException {
         
@@ -87,7 +87,7 @@ public class JweWriterInterceptor implements WriterInterceptor {
             }
         }
         
-        ctx.setMediaType(JAXRSUtils.toMediaType(JwtConstants.MEDIA_TYPE_JOSE_JSON));
+        ctx.setMediaType(JAXRSUtils.toMediaType(JoseConstants.MEDIA_TYPE_JOSE_JSON));
         if (useJweOutputStream) {
             JweEncryptionState encryption = theEncryptionProvider.createJweEncryptionState(ctString);
             try {
@@ -175,7 +175,7 @@ public class JweWriterInterceptor implements WriterInterceptor {
         this.useJweOutputStream = useJweOutputStream;
     }
 
-    public void setWriter(JwtHeadersWriter writer) {
+    public void setWriter(JoseHeadersWriter writer) {
         this.writer = writer;
     }
 

http://git-wip-us.apache.org/repos/asf/cxf/blob/522b7021/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsClientResponseFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsClientResponseFilter.java b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsClientResponseFilter.java
index 53cb5d2..32fc7dc 100644
--- a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsClientResponseFilter.java
+++ b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsClientResponseFilter.java
@@ -27,9 +27,9 @@ import javax.ws.rs.client.ClientResponseContext;
 import javax.ws.rs.client.ClientResponseFilter;
 
 import org.apache.cxf.helpers.IOUtils;
+import org.apache.cxf.rs.security.jose.JoseUtils;
 import org.apache.cxf.rs.security.jose.jws.JwsCompactConsumer;
 import org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier;
-import org.apache.cxf.rs.security.jose.jwt.JwtUtils;
 
 @Priority(Priorities.JWS_CLIENT_READ_PRIORITY)
 public class JwsClientResponseFilter extends AbstractJwsReaderProvider implements ClientResponseFilter {
@@ -44,7 +44,7 @@ public class JwsClientResponseFilter extends AbstractJwsReaderProvider implement
         byte[] bytes = p.getDecodedJwsPayloadBytes();
         res.setEntityStream(new ByteArrayInputStream(bytes));
         res.getHeaders().putSingle("Content-Length", Integer.toString(bytes.length));
-        String ct = JwtUtils.checkContentType(p.getJwtHeaders().getContentType(), getDefaultMediaType());
+        String ct = JoseUtils.checkContentType(p.getJwsHeaders().getContentType(), getDefaultMediaType());
         if (ct != null) {
             res.getHeaders().putSingle("Content-Type", ct);
         }

http://git-wip-us.apache.org/repos/asf/cxf/blob/522b7021/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsContainerRequestFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsContainerRequestFilter.java b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsContainerRequestFilter.java
index 4938706..3bd36b9 100644
--- a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsContainerRequestFilter.java
+++ b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsContainerRequestFilter.java
@@ -28,9 +28,9 @@ import javax.ws.rs.container.PreMatching;
 
 import org.apache.cxf.helpers.IOUtils;
 import org.apache.cxf.jaxrs.utils.JAXRSUtils;
+import org.apache.cxf.rs.security.jose.JoseUtils;
 import org.apache.cxf.rs.security.jose.jws.JwsCompactConsumer;
 import org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier;
-import org.apache.cxf.rs.security.jose.jwt.JwtUtils;
 
 @PreMatching
 @Priority(Priorities.JWS_SERVER_READ_PRIORITY)
@@ -49,7 +49,7 @@ public class JwsContainerRequestFilter extends AbstractJwsReaderProvider impleme
         context.setEntityStream(new ByteArrayInputStream(bytes));
         context.getHeaders().putSingle("Content-Length", Integer.toString(bytes.length));
         
-        String ct = JwtUtils.checkContentType(p.getJwtHeaders().getContentType(), getDefaultMediaType());
+        String ct = JoseUtils.checkContentType(p.getJwsHeaders().getContentType(), getDefaultMediaType());
         if (ct != null) {
             context.getHeaders().putSingle("Content-Type", ct);
         }

http://git-wip-us.apache.org/repos/asf/cxf/blob/522b7021/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJwtMessageBodyWriter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJwtMessageBodyWriter.java b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJwtMessageBodyWriter.java
index 17b11f5..e700ff7 100644
--- a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJwtMessageBodyWriter.java
+++ b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJwtMessageBodyWriter.java
@@ -28,9 +28,9 @@ import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.MultivaluedMap;
 import javax.ws.rs.ext.MessageBodyWriter;
 
+import org.apache.cxf.rs.security.jose.JoseConstants;
 import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactProducer;
 import org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider;
-import org.apache.cxf.rs.security.jose.jwt.JwtConstants;
 import org.apache.cxf.rs.security.jose.jwt.JwtHeaders;
 import org.apache.cxf.rs.security.jose.jwt.JwtToken;
 
@@ -54,7 +54,7 @@ public class JwsJwtMessageBodyWriter  extends AbstractJwsWriterProvider
         JwsJwtCompactProducer p = new JwsJwtCompactProducer(token);
         JwtHeaders jwtHeaders = new JwtHeaders();
         JwsSignatureProvider sigProvider = getInitializedSigProvider(jwtHeaders);
-        jwtHeaders.setContentType(JwtConstants.TYPE_JWT);
+        jwtHeaders.setContentType(JoseConstants.TYPE_JWT);
         writeJws(p, sigProvider, os);
     }
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/522b7021/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsWriterInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsWriterInterceptor.java b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsWriterInterceptor.java
index 5c38928..d01623d 100644
--- a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsWriterInterceptor.java
+++ b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsWriterInterceptor.java
@@ -29,14 +29,15 @@ import javax.ws.rs.ext.WriterInterceptorContext;
 
 import org.apache.cxf.io.CachedOutputStream;
 import org.apache.cxf.jaxrs.utils.JAXRSUtils;
+import org.apache.cxf.rs.security.jose.JoseConstants;
+import org.apache.cxf.rs.security.jose.JoseHeadersReaderWriter;
+import org.apache.cxf.rs.security.jose.JoseHeadersWriter;
 import org.apache.cxf.rs.security.jose.jws.JwsCompactProducer;
+import org.apache.cxf.rs.security.jose.jws.JwsHeaders;
 import org.apache.cxf.rs.security.jose.jws.JwsOutputStream;
 import org.apache.cxf.rs.security.jose.jws.JwsSignature;
 import org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider;
-import org.apache.cxf.rs.security.jose.jwt.JwtConstants;
 import org.apache.cxf.rs.security.jose.jwt.JwtHeaders;
-import org.apache.cxf.rs.security.jose.jwt.JwtHeadersWriter;
-import org.apache.cxf.rs.security.jose.jwt.JwtTokenReaderWriter;
 import org.apache.cxf.rs.security.oauth2.utils.Base64UrlOutputStream;
 import org.apache.cxf.rs.security.oauth2.utils.Base64UrlUtility;
 
@@ -44,13 +45,13 @@ import org.apache.cxf.rs.security.oauth2.utils.Base64UrlUtility;
 public class JwsWriterInterceptor extends AbstractJwsWriterProvider implements WriterInterceptor {
     private boolean contentTypeRequired = true;
     private boolean useJwsOutputStream;
-    private JwtHeadersWriter writer = new JwtTokenReaderWriter();
+    private JoseHeadersWriter writer = new JoseHeadersReaderWriter();
     @Override
     public void aroundWriteTo(WriterInterceptorContext ctx) throws IOException, WebApplicationException {
-        JwtHeaders headers = new JwtHeaders();
+        JwsHeaders headers = new JwsHeaders();
         JwsSignatureProvider sigProvider = getInitializedSigProvider(headers);
         setContentTypeIfNeeded(headers, ctx);
-        ctx.setMediaType(JAXRSUtils.toMediaType(JwtConstants.MEDIA_TYPE_JOSE_JSON));
+        ctx.setMediaType(JAXRSUtils.toMediaType(JoseConstants.MEDIA_TYPE_JOSE_JSON));
         OutputStream actualOs = ctx.getOutputStream();
         if (useJwsOutputStream) {
             JwsSignature jwsSignature = sigProvider.createJwsSignature(headers);
@@ -80,14 +81,14 @@ public class JwsWriterInterceptor extends AbstractJwsWriterProvider implements W
     public void setUseJwsOutputStream(boolean useJwsOutputStream) {
         this.useJwsOutputStream = useJwsOutputStream;
     }
-    public void setWriter(JwtHeadersWriter writer) {
+    public void setWriter(JoseHeadersWriter writer) {
         this.writer = writer;
     }
     private void setContentTypeIfNeeded(JwtHeaders headers, WriterInterceptorContext ctx) {    
         if (contentTypeRequired) {
             MediaType mt = ctx.getMediaType();
             if (mt != null 
-                && !JAXRSUtils.mediaTypeToString(mt).equals(JwtConstants.MEDIA_TYPE_JOSE_JSON)) {
+                && !JAXRSUtils.mediaTypeToString(mt).equals(JoseConstants.MEDIA_TYPE_JOSE_JSON)) {
                 if ("application".equals(mt.getType())) {
                     headers.setContentType(mt.getSubtype());
                 } else {

http://git-wip-us.apache.org/repos/asf/cxf/blob/522b7021/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/Algorithm.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/Algorithm.java b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/Algorithm.java
index f16a0ec..b17918a 100644
--- a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/Algorithm.java
+++ b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/Algorithm.java
@@ -22,46 +22,45 @@ package org.apache.cxf.rs.security.jose.jwa;
 import java.util.HashMap;
 import java.util.Map;
 
-import org.apache.cxf.rs.security.jose.jwt.JwtConstants;
-
+import org.apache.cxf.rs.security.jose.JoseConstants;
 
 
 
 public enum Algorithm {
     // Signature
-    HmacSHA256(JwtConstants.HMAC_SHA_256_ALGO, 256),
-    HmacSHA384(JwtConstants.HMAC_SHA_384_ALGO, 384),
-    HmacSHA512(JwtConstants.HMAC_SHA_512_ALGO, 512),
+    HmacSHA256(JoseConstants.HMAC_SHA_256_ALGO, 256),
+    HmacSHA384(JoseConstants.HMAC_SHA_384_ALGO, 384),
+    HmacSHA512(JoseConstants.HMAC_SHA_512_ALGO, 512),
     
-    SHA256withRSA(JwtConstants.RS_SHA_256_ALGO, 256),
-    SHA384withRSA(JwtConstants.RS_SHA_384_ALGO, 384),
-    SHA512withRSA(JwtConstants.RS_SHA_512_ALGO, 512),
+    SHA256withRSA(JoseConstants.RS_SHA_256_ALGO, 256),
+    SHA384withRSA(JoseConstants.RS_SHA_384_ALGO, 384),
+    SHA512withRSA(JoseConstants.RS_SHA_512_ALGO, 512),
     
-    SHA256withECDSA(JwtConstants.ES_SHA_256_ALGO, 256),
-    SHA384withECDSA(JwtConstants.ES_SHA_384_ALGO, 384),
-    SHA512withECDSA(JwtConstants.ES_SHA_512_ALGO, 512),
+    SHA256withECDSA(JoseConstants.ES_SHA_256_ALGO, 256),
+    SHA384withECDSA(JoseConstants.ES_SHA_384_ALGO, 384),
+    SHA512withECDSA(JoseConstants.ES_SHA_512_ALGO, 512),
     
     // Key Encryption
-    RSA_OAEP(JwtConstants.RSA_OAEP_ALGO, "RSA/ECB/OAEPWithSHA-1AndMGF1Padding", -1),
-    RSA_OAEP_256(JwtConstants.RSA_OAEP_256_ALGO, "RSA/ECB/OAEPWithSHA-256AndMGF1Padding", -1),
-    RSA_1_5(JwtConstants.RSA_1_5_ALGO, "RSA/ECB/PKCS1Padding", -1),
-    A128KW(JwtConstants.A128KW_ALGO, "AESWrap", 128),
-    A192KW(JwtConstants.A192KW_ALGO, "AESWrap", 192),
-    A256KW(JwtConstants.A256KW_ALGO, "AESWrap", 256),
-    A128GCMKW(JwtConstants.A128GCMKW_ALGO, "AES/GCM/NoPadding", 128),
-    A192GCMKW(JwtConstants.A192GCMKW_ALGO, "AES/GCM/NoPadding", 192),
-    A256GCMKW(JwtConstants.A256GCMKW_ALGO, "AES/GCM/NoPadding", 256),
-    PBES2_HS256_A128KW(JwtConstants.PBES2_HS256_A128KW_ALGO, "AESWrap", 128),
-    PBES2_HS384_A192KW(JwtConstants.PBES2_HS384_A192KW_ALGO, "AESWrap", 192),
-    PBES2_HS512_A256KW(JwtConstants.PBES2_HS512_A256KW_ALGO, "AESWrap", 256),
+    RSA_OAEP(JoseConstants.RSA_OAEP_ALGO, "RSA/ECB/OAEPWithSHA-1AndMGF1Padding", -1),
+    RSA_OAEP_256(JoseConstants.RSA_OAEP_256_ALGO, "RSA/ECB/OAEPWithSHA-256AndMGF1Padding", -1),
+    RSA_1_5(JoseConstants.RSA_1_5_ALGO, "RSA/ECB/PKCS1Padding", -1),
+    A128KW(JoseConstants.A128KW_ALGO, "AESWrap", 128),
+    A192KW(JoseConstants.A192KW_ALGO, "AESWrap", 192),
+    A256KW(JoseConstants.A256KW_ALGO, "AESWrap", 256),
+    A128GCMKW(JoseConstants.A128GCMKW_ALGO, "AES/GCM/NoPadding", 128),
+    A192GCMKW(JoseConstants.A192GCMKW_ALGO, "AES/GCM/NoPadding", 192),
+    A256GCMKW(JoseConstants.A256GCMKW_ALGO, "AES/GCM/NoPadding", 256),
+    PBES2_HS256_A128KW(JoseConstants.PBES2_HS256_A128KW_ALGO, "AESWrap", 128),
+    PBES2_HS384_A192KW(JoseConstants.PBES2_HS384_A192KW_ALGO, "AESWrap", 192),
+    PBES2_HS512_A256KW(JoseConstants.PBES2_HS512_A256KW_ALGO, "AESWrap", 256),
     
     // Content Encryption
-    A128GCM(JwtConstants.A128GCM_ALGO, "AES/GCM/NoPadding", 128),
-    A192GCM(JwtConstants.A192GCM_ALGO, "AES/GCM/NoPadding", 192),
-    A256GCM(JwtConstants.A256GCM_ALGO, "AES/GCM/NoPadding", 256),
-    A128CBC_HS256(JwtConstants.A128CBC_HS256_ALGO, "AES/CBC/PKCS7Padding", 128),
-    A192CBC_HS384(JwtConstants.A192CBC_HS384_ALGO, "AES/CBC/PKCS7Padding", 192),
-    A256CBC_HS512(JwtConstants.A256CBC_HS512_ALGO, "AES/CBC/PKCS7Padding", 256);
+    A128GCM(JoseConstants.A128GCM_ALGO, "AES/GCM/NoPadding", 128),
+    A192GCM(JoseConstants.A192GCM_ALGO, "AES/GCM/NoPadding", 192),
+    A256GCM(JoseConstants.A256GCM_ALGO, "AES/GCM/NoPadding", 256),
+    A128CBC_HS256(JoseConstants.A128CBC_HS256_ALGO, "AES/CBC/PKCS7Padding", 128),
+    A192CBC_HS384(JoseConstants.A192CBC_HS384_ALGO, "AES/CBC/PKCS7Padding", 192),
+    A256CBC_HS512(JoseConstants.A256CBC_HS512_ALGO, "AES/CBC/PKCS7Padding", 256);
     
     public static final String HMAC_SHA_256_JAVA = "HmacSHA256";
     public static final String HMAC_SHA_384_JAVA = "HmacSHA384";
@@ -84,55 +83,55 @@ public enum Algorithm {
     private static final Map<String, String> JWT_TO_JAVA_NAMES;
     static {
         JAVA_TO_JWT_NAMES = new HashMap<String, String>();
-        JAVA_TO_JWT_NAMES.put(HMAC_SHA_256_JAVA, JwtConstants.HMAC_SHA_256_ALGO);
-        JAVA_TO_JWT_NAMES.put(HMAC_SHA_384_JAVA, JwtConstants.HMAC_SHA_384_ALGO);
-        JAVA_TO_JWT_NAMES.put(HMAC_SHA_512_JAVA, JwtConstants.HMAC_SHA_512_ALGO);
-        JAVA_TO_JWT_NAMES.put(RS_SHA_256_JAVA, JwtConstants.RS_SHA_256_ALGO);
-        JAVA_TO_JWT_NAMES.put(RS_SHA_384_JAVA, JwtConstants.RS_SHA_384_ALGO);
-        JAVA_TO_JWT_NAMES.put(RS_SHA_512_JAVA, JwtConstants.RS_SHA_512_ALGO);
-        JAVA_TO_JWT_NAMES.put(ES_SHA_256_JAVA, JwtConstants.ES_SHA_256_ALGO);
-        JAVA_TO_JWT_NAMES.put(ES_SHA_384_JAVA, JwtConstants.ES_SHA_384_ALGO);
-        JAVA_TO_JWT_NAMES.put(ES_SHA_512_JAVA, JwtConstants.ES_SHA_512_ALGO);
-        JAVA_TO_JWT_NAMES.put(RSA_OAEP_ALGO_JAVA, JwtConstants.RSA_OAEP_ALGO);
-        JAVA_TO_JWT_NAMES.put(RSA_OAEP_256_ALGO_JAVA, JwtConstants.RSA_OAEP_256_ALGO);
-        JAVA_TO_JWT_NAMES.put(RSA_1_5_ALGO_JAVA, JwtConstants.RSA_1_5_ALGO);
-        JAVA_TO_JWT_NAMES.put(AES_GCM_ALGO_JAVA, JwtConstants.A256GCM_ALGO);
-        JAVA_TO_JWT_NAMES.put(AES_GCM_ALGO_JAVA, JwtConstants.A192GCM_ALGO);
-        JAVA_TO_JWT_NAMES.put(AES_GCM_ALGO_JAVA, JwtConstants.A128GCM_ALGO);
-        JAVA_TO_JWT_NAMES.put(AES_WRAP_ALGO_JAVA, JwtConstants.A128KW_ALGO);
-        JAVA_TO_JWT_NAMES.put(AES_WRAP_ALGO_JAVA, JwtConstants.A192KW_ALGO);
-        JAVA_TO_JWT_NAMES.put(AES_WRAP_ALGO_JAVA, JwtConstants.A256KW_ALGO);
-        JAVA_TO_JWT_NAMES.put(AES_CBC_ALGO_JAVA, JwtConstants.A128CBC_HS256_ALGO);
-        JAVA_TO_JWT_NAMES.put(AES_CBC_ALGO_JAVA, JwtConstants.A192CBC_HS384_ALGO);
-        JAVA_TO_JWT_NAMES.put(AES_CBC_ALGO_JAVA, JwtConstants.A256CBC_HS512_ALGO);
+        JAVA_TO_JWT_NAMES.put(HMAC_SHA_256_JAVA, JoseConstants.HMAC_SHA_256_ALGO);
+        JAVA_TO_JWT_NAMES.put(HMAC_SHA_384_JAVA, JoseConstants.HMAC_SHA_384_ALGO);
+        JAVA_TO_JWT_NAMES.put(HMAC_SHA_512_JAVA, JoseConstants.HMAC_SHA_512_ALGO);
+        JAVA_TO_JWT_NAMES.put(RS_SHA_256_JAVA, JoseConstants.RS_SHA_256_ALGO);
+        JAVA_TO_JWT_NAMES.put(RS_SHA_384_JAVA, JoseConstants.RS_SHA_384_ALGO);
+        JAVA_TO_JWT_NAMES.put(RS_SHA_512_JAVA, JoseConstants.RS_SHA_512_ALGO);
+        JAVA_TO_JWT_NAMES.put(ES_SHA_256_JAVA, JoseConstants.ES_SHA_256_ALGO);
+        JAVA_TO_JWT_NAMES.put(ES_SHA_384_JAVA, JoseConstants.ES_SHA_384_ALGO);
+        JAVA_TO_JWT_NAMES.put(ES_SHA_512_JAVA, JoseConstants.ES_SHA_512_ALGO);
+        JAVA_TO_JWT_NAMES.put(RSA_OAEP_ALGO_JAVA, JoseConstants.RSA_OAEP_ALGO);
+        JAVA_TO_JWT_NAMES.put(RSA_OAEP_256_ALGO_JAVA, JoseConstants.RSA_OAEP_256_ALGO);
+        JAVA_TO_JWT_NAMES.put(RSA_1_5_ALGO_JAVA, JoseConstants.RSA_1_5_ALGO);
+        JAVA_TO_JWT_NAMES.put(AES_GCM_ALGO_JAVA, JoseConstants.A256GCM_ALGO);
+        JAVA_TO_JWT_NAMES.put(AES_GCM_ALGO_JAVA, JoseConstants.A192GCM_ALGO);
+        JAVA_TO_JWT_NAMES.put(AES_GCM_ALGO_JAVA, JoseConstants.A128GCM_ALGO);
+        JAVA_TO_JWT_NAMES.put(AES_WRAP_ALGO_JAVA, JoseConstants.A128KW_ALGO);
+        JAVA_TO_JWT_NAMES.put(AES_WRAP_ALGO_JAVA, JoseConstants.A192KW_ALGO);
+        JAVA_TO_JWT_NAMES.put(AES_WRAP_ALGO_JAVA, JoseConstants.A256KW_ALGO);
+        JAVA_TO_JWT_NAMES.put(AES_CBC_ALGO_JAVA, JoseConstants.A128CBC_HS256_ALGO);
+        JAVA_TO_JWT_NAMES.put(AES_CBC_ALGO_JAVA, JoseConstants.A192CBC_HS384_ALGO);
+        JAVA_TO_JWT_NAMES.put(AES_CBC_ALGO_JAVA, JoseConstants.A256CBC_HS512_ALGO);
         JWT_TO_JAVA_NAMES = new HashMap<String, String>();
-        JWT_TO_JAVA_NAMES.put(JwtConstants.HMAC_SHA_256_ALGO, HMAC_SHA_256_JAVA);
-        JWT_TO_JAVA_NAMES.put(JwtConstants.HMAC_SHA_384_ALGO, HMAC_SHA_384_JAVA);
-        JWT_TO_JAVA_NAMES.put(JwtConstants.HMAC_SHA_512_ALGO, HMAC_SHA_512_JAVA);
-        JWT_TO_JAVA_NAMES.put(JwtConstants.RS_SHA_256_ALGO, RS_SHA_256_JAVA);
-        JWT_TO_JAVA_NAMES.put(JwtConstants.RS_SHA_384_ALGO, RS_SHA_384_JAVA);
-        JWT_TO_JAVA_NAMES.put(JwtConstants.RS_SHA_512_ALGO, RS_SHA_512_JAVA);
-        JWT_TO_JAVA_NAMES.put(JwtConstants.ES_SHA_256_ALGO, ES_SHA_256_JAVA);
-        JWT_TO_JAVA_NAMES.put(JwtConstants.ES_SHA_384_ALGO, ES_SHA_384_JAVA);
-        JWT_TO_JAVA_NAMES.put(JwtConstants.ES_SHA_512_ALGO, ES_SHA_512_JAVA);
-        JWT_TO_JAVA_NAMES.put(JwtConstants.RSA_OAEP_ALGO, RSA_OAEP_ALGO_JAVA);
-        JWT_TO_JAVA_NAMES.put(JwtConstants.RSA_OAEP_256_ALGO, RSA_OAEP_256_ALGO_JAVA);
-        JWT_TO_JAVA_NAMES.put(JwtConstants.RSA_1_5_ALGO, RSA_1_5_ALGO_JAVA);
-        JWT_TO_JAVA_NAMES.put(JwtConstants.A128KW_ALGO, AES_WRAP_ALGO_JAVA);
-        JWT_TO_JAVA_NAMES.put(JwtConstants.A192KW_ALGO, AES_WRAP_ALGO_JAVA);
-        JWT_TO_JAVA_NAMES.put(JwtConstants.A256KW_ALGO, AES_WRAP_ALGO_JAVA);
-        JWT_TO_JAVA_NAMES.put(JwtConstants.A256GCM_ALGO, AES_GCM_ALGO_JAVA);
-        JWT_TO_JAVA_NAMES.put(JwtConstants.A192GCM_ALGO, AES_GCM_ALGO_JAVA);
-        JWT_TO_JAVA_NAMES.put(JwtConstants.A128GCM_ALGO, AES_GCM_ALGO_JAVA);
-        JWT_TO_JAVA_NAMES.put(JwtConstants.A256GCMKW_ALGO, AES_GCM_ALGO_JAVA);
-        JWT_TO_JAVA_NAMES.put(JwtConstants.A192GCMKW_ALGO, AES_GCM_ALGO_JAVA);
-        JWT_TO_JAVA_NAMES.put(JwtConstants.A128GCMKW_ALGO, AES_GCM_ALGO_JAVA);
-        JWT_TO_JAVA_NAMES.put(JwtConstants.A128CBC_HS256_ALGO, AES_CBC_ALGO_JAVA);
-        JWT_TO_JAVA_NAMES.put(JwtConstants.A192CBC_HS384_ALGO, AES_CBC_ALGO_JAVA);
-        JWT_TO_JAVA_NAMES.put(JwtConstants.A256CBC_HS512_ALGO, AES_CBC_ALGO_JAVA);
-        JWT_TO_JAVA_NAMES.put(JwtConstants.PBES2_HS256_A128KW_ALGO, AES_WRAP_ALGO_JAVA);
-        JWT_TO_JAVA_NAMES.put(JwtConstants.PBES2_HS384_A192KW_ALGO, AES_WRAP_ALGO_JAVA);
-        JWT_TO_JAVA_NAMES.put(JwtConstants.PBES2_HS512_A256KW_ALGO, AES_WRAP_ALGO_JAVA);
+        JWT_TO_JAVA_NAMES.put(JoseConstants.HMAC_SHA_256_ALGO, HMAC_SHA_256_JAVA);
+        JWT_TO_JAVA_NAMES.put(JoseConstants.HMAC_SHA_384_ALGO, HMAC_SHA_384_JAVA);
+        JWT_TO_JAVA_NAMES.put(JoseConstants.HMAC_SHA_512_ALGO, HMAC_SHA_512_JAVA);
+        JWT_TO_JAVA_NAMES.put(JoseConstants.RS_SHA_256_ALGO, RS_SHA_256_JAVA);
+        JWT_TO_JAVA_NAMES.put(JoseConstants.RS_SHA_384_ALGO, RS_SHA_384_JAVA);
+        JWT_TO_JAVA_NAMES.put(JoseConstants.RS_SHA_512_ALGO, RS_SHA_512_JAVA);
+        JWT_TO_JAVA_NAMES.put(JoseConstants.ES_SHA_256_ALGO, ES_SHA_256_JAVA);
+        JWT_TO_JAVA_NAMES.put(JoseConstants.ES_SHA_384_ALGO, ES_SHA_384_JAVA);
+        JWT_TO_JAVA_NAMES.put(JoseConstants.ES_SHA_512_ALGO, ES_SHA_512_JAVA);
+        JWT_TO_JAVA_NAMES.put(JoseConstants.RSA_OAEP_ALGO, RSA_OAEP_ALGO_JAVA);
+        JWT_TO_JAVA_NAMES.put(JoseConstants.RSA_OAEP_256_ALGO, RSA_OAEP_256_ALGO_JAVA);
+        JWT_TO_JAVA_NAMES.put(JoseConstants.RSA_1_5_ALGO, RSA_1_5_ALGO_JAVA);
+        JWT_TO_JAVA_NAMES.put(JoseConstants.A128KW_ALGO, AES_WRAP_ALGO_JAVA);
+        JWT_TO_JAVA_NAMES.put(JoseConstants.A192KW_ALGO, AES_WRAP_ALGO_JAVA);
+        JWT_TO_JAVA_NAMES.put(JoseConstants.A256KW_ALGO, AES_WRAP_ALGO_JAVA);
+        JWT_TO_JAVA_NAMES.put(JoseConstants.A256GCM_ALGO, AES_GCM_ALGO_JAVA);
+        JWT_TO_JAVA_NAMES.put(JoseConstants.A192GCM_ALGO, AES_GCM_ALGO_JAVA);
+        JWT_TO_JAVA_NAMES.put(JoseConstants.A128GCM_ALGO, AES_GCM_ALGO_JAVA);
+        JWT_TO_JAVA_NAMES.put(JoseConstants.A256GCMKW_ALGO, AES_GCM_ALGO_JAVA);
+        JWT_TO_JAVA_NAMES.put(JoseConstants.A192GCMKW_ALGO, AES_GCM_ALGO_JAVA);
+        JWT_TO_JAVA_NAMES.put(JoseConstants.A128GCMKW_ALGO, AES_GCM_ALGO_JAVA);
+        JWT_TO_JAVA_NAMES.put(JoseConstants.A128CBC_HS256_ALGO, AES_CBC_ALGO_JAVA);
+        JWT_TO_JAVA_NAMES.put(JoseConstants.A192CBC_HS384_ALGO, AES_CBC_ALGO_JAVA);
+        JWT_TO_JAVA_NAMES.put(JoseConstants.A256CBC_HS512_ALGO, AES_CBC_ALGO_JAVA);
+        JWT_TO_JAVA_NAMES.put(JoseConstants.PBES2_HS256_A128KW_ALGO, AES_WRAP_ALGO_JAVA);
+        JWT_TO_JAVA_NAMES.put(JoseConstants.PBES2_HS384_A192KW_ALGO, AES_WRAP_ALGO_JAVA);
+        JWT_TO_JAVA_NAMES.put(JoseConstants.PBES2_HS512_A256KW_ALGO, AES_WRAP_ALGO_JAVA);
     }
     private final String jwtName;
     private final String javaName;
@@ -187,28 +186,28 @@ public enum Algorithm {
         return javaName;
     }
     public static boolean isAesKeyWrap(String algo) {
-        return JwtConstants.A128KW_ALGO.equals(algo)
-               || JwtConstants.A192KW_ALGO.equals(algo)
-               || JwtConstants.A256KW_ALGO.equals(algo);
+        return JoseConstants.A128KW_ALGO.equals(algo)
+               || JoseConstants.A192KW_ALGO.equals(algo)
+               || JoseConstants.A256KW_ALGO.equals(algo);
     }
     public static boolean isAesGcmKeyWrap(String algo) {
-        return JwtConstants.A128GCMKW_ALGO.equals(algo)
-               || JwtConstants.A192GCMKW_ALGO.equals(algo)
-               || JwtConstants.A256GCMKW_ALGO.equals(algo);
+        return JoseConstants.A128GCMKW_ALGO.equals(algo)
+               || JoseConstants.A192GCMKW_ALGO.equals(algo)
+               || JoseConstants.A256GCMKW_ALGO.equals(algo);
     }
     public static boolean isAesGcm(String algo) {
-        return JwtConstants.A128GCM_ALGO.equals(algo)
-               || JwtConstants.A192GCM_ALGO.equals(algo)
-               || JwtConstants.A256GCM_ALGO.equals(algo);
+        return JoseConstants.A128GCM_ALGO.equals(algo)
+               || JoseConstants.A192GCM_ALGO.equals(algo)
+               || JoseConstants.A256GCM_ALGO.equals(algo);
     }
     public static boolean isHmacSign(String algo) {
-        return JwtConstants.HMAC_SHA_256_ALGO.equals(algo)
-            || JwtConstants.HMAC_SHA_384_ALGO.equals(algo)
-            || JwtConstants.HMAC_SHA_512_ALGO.equals(algo); 
+        return JoseConstants.HMAC_SHA_256_ALGO.equals(algo)
+            || JoseConstants.HMAC_SHA_384_ALGO.equals(algo)
+            || JoseConstants.HMAC_SHA_512_ALGO.equals(algo); 
     }
     public static boolean isAesCbcHmac(String algo) {
-        return JwtConstants.A128CBC_HS256_ALGO.equals(algo)
-            || JwtConstants.A192CBC_HS384_ALGO.equals(algo)
-            || JwtConstants.A256CBC_HS512_ALGO.equals(algo); 
+        return JoseConstants.A128CBC_HS256_ALGO.equals(algo)
+            || JoseConstants.A192CBC_HS384_ALGO.equals(algo)
+            || JoseConstants.A256CBC_HS512_ALGO.equals(algo); 
     }
 }
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/cxf/blob/522b7021/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweDecryption.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweDecryption.java b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweDecryption.java
index e2e1ac7..663a5ec 100644
--- a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweDecryption.java
+++ b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweDecryption.java
@@ -21,10 +21,10 @@ package org.apache.cxf.rs.security.jose.jwe;
 import java.security.Key;
 import java.security.spec.AlgorithmParameterSpec;
 
+import org.apache.cxf.rs.security.jose.JoseConstants;
+import org.apache.cxf.rs.security.jose.JoseHeadersReader;
+import org.apache.cxf.rs.security.jose.JoseHeadersReaderWriter;
 import org.apache.cxf.rs.security.jose.jwa.Algorithm;
-import org.apache.cxf.rs.security.jose.jwt.JwtConstants;
-import org.apache.cxf.rs.security.jose.jwt.JwtHeadersReader;
-import org.apache.cxf.rs.security.jose.jwt.JwtTokenReaderWriter;
 import org.apache.cxf.rs.security.oauth2.utils.crypto.CryptoUtils;
 import org.apache.cxf.rs.security.oauth2.utils.crypto.KeyProperties;
 
@@ -32,9 +32,9 @@ public abstract class AbstractJweDecryption implements JweDecryptionProvider {
     private JweCryptoProperties props;
     private KeyDecryptionAlgorithm keyDecryptionAlgo;
     private ContentDecryptionAlgorithm contentDecryptionAlgo;
-    private JwtHeadersReader reader = new JwtTokenReaderWriter();
+    private JoseHeadersReader reader = new JoseHeadersReaderWriter();
     protected AbstractJweDecryption(JweCryptoProperties props, 
-                                    JwtHeadersReader theReader,
+                                    JoseHeadersReader theReader,
                                     KeyDecryptionAlgorithm keyDecryptionAlgo,
                                     ContentDecryptionAlgorithm contentDecryptionAlgo) {
         this.props = props;
@@ -68,7 +68,7 @@ public abstract class AbstractJweDecryption implements JweDecryptionProvider {
         AlgorithmParameterSpec spec = getContentEncryptionCipherSpec(consumer);
         keyProperties.setAlgoSpec(spec);
         boolean compressionSupported = 
-            JwtConstants.DEFLATE_ZIP_ALGORITHM.equals(consumer.getJweHeaders().getZipAlgorithm());
+            JoseConstants.DEFLATE_ZIP_ALGORITHM.equals(consumer.getJweHeaders().getZipAlgorithm());
         keyProperties.setCompressionSupported(compressionSupported);
         byte[] actualCek = getActualCek(cek, consumer.getJweHeaders().getContentEncryptionAlgorithm());
         Key secretKey = CryptoUtils.createSecretKeySpec(actualCek, keyProperties.getKeyAlgo());

http://git-wip-us.apache.org/repos/asf/cxf/blob/522b7021/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java
index 747d996..86ff16e 100644
--- a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java
+++ b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java
@@ -23,17 +23,17 @@ import java.security.spec.AlgorithmParameterSpec;
 import javax.crypto.Cipher;
 import javax.crypto.SecretKey;
 
+import org.apache.cxf.rs.security.jose.JoseConstants;
+import org.apache.cxf.rs.security.jose.JoseHeadersReaderWriter;
+import org.apache.cxf.rs.security.jose.JoseHeadersWriter;
 import org.apache.cxf.rs.security.jose.jwa.Algorithm;
-import org.apache.cxf.rs.security.jose.jwt.JwtConstants;
-import org.apache.cxf.rs.security.jose.jwt.JwtHeadersWriter;
-import org.apache.cxf.rs.security.jose.jwt.JwtTokenReaderWriter;
 import org.apache.cxf.rs.security.oauth2.utils.crypto.CryptoUtils;
 import org.apache.cxf.rs.security.oauth2.utils.crypto.KeyProperties;
 
 public abstract class AbstractJweEncryption implements JweEncryptionProvider {
     protected static final int DEFAULT_AUTH_TAG_LENGTH = 128;
     private JweHeaders headers;
-    private JwtHeadersWriter writer;
+    private JoseHeadersWriter writer;
     private ContentEncryptionAlgorithm contentEncryptionAlgo;
     private KeyEncryptionAlgorithm keyEncryptionAlgo;
     
@@ -45,11 +45,11 @@ public abstract class AbstractJweEncryption implements JweEncryptionProvider {
     protected AbstractJweEncryption(JweHeaders headers, 
                                     ContentEncryptionAlgorithm contentEncryptionAlgo, 
                                     KeyEncryptionAlgorithm keyEncryptionAlgo,
-                                    JwtHeadersWriter writer) {
+                                    JoseHeadersWriter writer) {
         this.headers = headers;
         this.writer = writer;
         if (this.writer == null) {
-            this.writer = new JwtTokenReaderWriter();
+            this.writer = new JoseHeadersReaderWriter();
         }
         this.keyEncryptionAlgo = keyEncryptionAlgo;
         this.contentEncryptionAlgo = contentEncryptionAlgo;
@@ -110,7 +110,7 @@ public abstract class AbstractJweEncryption implements JweEncryptionProvider {
                                       DEFAULT_AUTH_TAG_LENGTH);
     }
     
-    protected JwtHeadersWriter getJwtHeadersWriter() {
+    protected JoseHeadersWriter getJwtHeadersWriter() {
         return writer;
     }
     protected JweHeaders getJweHeaders() {
@@ -169,7 +169,7 @@ public abstract class AbstractJweEncryption implements JweEncryptionProvider {
         return state;
     }
     private boolean compressionRequired(JweHeaders theHeaders) {
-        return JwtConstants.DEFLATE_ZIP_ALGORITHM.equals(theHeaders.getZipAlgorithm());
+        return JoseConstants.DEFLATE_ZIP_ALGORITHM.equals(theHeaders.getZipAlgorithm());
     }
     protected KeyEncryptionAlgorithm getKeyEncryptionAlgo() {
         return keyEncryptionAlgo;

http://git-wip-us.apache.org/repos/asf/cxf/blob/522b7021/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AesCbcHmacJweDecryption.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AesCbcHmacJweDecryption.java b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AesCbcHmacJweDecryption.java
index 518b006..c29ee2a 100644
--- a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AesCbcHmacJweDecryption.java
+++ b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AesCbcHmacJweDecryption.java
@@ -23,7 +23,7 @@ import java.util.Arrays;
 
 import javax.crypto.spec.IvParameterSpec;
 
-import org.apache.cxf.rs.security.jose.jwt.JwtHeadersReader;
+import org.apache.cxf.rs.security.jose.JoseHeadersReader;
 
 public class AesCbcHmacJweDecryption extends AbstractJweDecryption {
     public AesCbcHmacJweDecryption(KeyDecryptionAlgorithm keyDecryptionAlgo) {
@@ -31,7 +31,7 @@ public class AesCbcHmacJweDecryption extends AbstractJweDecryption {
     }
     public AesCbcHmacJweDecryption(KeyDecryptionAlgorithm keyDecryptionAlgo,
                                    JweCryptoProperties props, 
-                                   JwtHeadersReader reader) {
+                                   JoseHeadersReader reader) {
         super(props, reader, keyDecryptionAlgo, new AesCbcContentDecryptionAlgorithm());
     }
     protected JweDecryptionOutput doDecrypt(JweCompactConsumer consumer, byte[] cek) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/522b7021/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AesCbcHmacJweEncryption.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AesCbcHmacJweEncryption.java b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AesCbcHmacJweEncryption.java
index 5e3eaa5..b58f93d 100644
--- a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AesCbcHmacJweEncryption.java
+++ b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AesCbcHmacJweEncryption.java
@@ -29,8 +29,8 @@ import java.util.Set;
 import javax.crypto.Mac;
 import javax.crypto.spec.IvParameterSpec;
 
+import org.apache.cxf.rs.security.jose.JoseHeadersWriter;
 import org.apache.cxf.rs.security.jose.jwa.Algorithm;
-import org.apache.cxf.rs.security.jose.jwt.JwtHeadersWriter;
 import org.apache.cxf.rs.security.oauth2.utils.crypto.HmacUtils;
 
 public class AesCbcHmacJweEncryption extends AbstractJweEncryption {
@@ -68,7 +68,7 @@ public class AesCbcHmacJweEncryption extends AbstractJweEncryption {
                                    byte[] cek, 
                                    byte[] iv, 
                                    KeyEncryptionAlgorithm keyEncryptionAlgorithm,
-                                   JwtHeadersWriter writer) {
+                                   JoseHeadersWriter writer) {
         super(headers, 
               new AesCbcContentEncryptionAlgorithm(cek, iv, 
                                                    validateCekAlgorithm(headers.getContentEncryptionAlgorithm())),

http://git-wip-us.apache.org/repos/asf/cxf/blob/522b7021/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/DirectKeyJweDecryption.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/DirectKeyJweDecryption.java b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/DirectKeyJweDecryption.java
index 0f1611e..b4a44dc 100644
--- a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/DirectKeyJweDecryption.java
+++ b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/DirectKeyJweDecryption.java
@@ -20,7 +20,7 @@ package org.apache.cxf.rs.security.jose.jwe;
 
 import java.security.Key;
 
-import org.apache.cxf.rs.security.jose.jwt.JwtHeadersReader;
+import org.apache.cxf.rs.security.jose.JoseHeadersReader;
 
 public class DirectKeyJweDecryption extends AbstractJweDecryption {
     public DirectKeyJweDecryption(Key contentDecryptionKey) {    
@@ -30,13 +30,13 @@ public class DirectKeyJweDecryption extends AbstractJweDecryption {
         this(contentDecryptionKey, props, null);
     }
     public DirectKeyJweDecryption(Key contentDecryptionKey, JweCryptoProperties props, 
-                                  JwtHeadersReader reader) {    
+                                  JoseHeadersReader reader) {    
         this(contentDecryptionKey, props, reader,
              new AesGcmContentDecryptionAlgorithm());
     }
     public DirectKeyJweDecryption(Key contentDecryptionKey, 
                                   JweCryptoProperties props, 
-                                  JwtHeadersReader reader,
+                                  JoseHeadersReader reader,
                                   ContentDecryptionAlgorithm cipherProps) {    
         super(props, reader, new DirectKeyDecryptionAlgorithm(contentDecryptionKey),
               cipherProps);

http://git-wip-us.apache.org/repos/asf/cxf/blob/522b7021/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweCompactConsumer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweCompactConsumer.java b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweCompactConsumer.java
index 5cfe012..6181ff4 100644
--- a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweCompactConsumer.java
+++ b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweCompactConsumer.java
@@ -22,8 +22,8 @@ package org.apache.cxf.rs.security.jose.jwe;
 import java.io.UnsupportedEncodingException;
 
 import org.apache.cxf.common.util.Base64Exception;
-import org.apache.cxf.rs.security.jose.jwt.JwtHeadersReader;
-import org.apache.cxf.rs.security.jose.jwt.JwtTokenReaderWriter;
+import org.apache.cxf.rs.security.jose.JoseHeadersReader;
+import org.apache.cxf.rs.security.jose.JoseHeadersReaderWriter;
 import org.apache.cxf.rs.security.oauth2.utils.Base64UrlUtility;
 
 
@@ -35,9 +35,9 @@ public class JweCompactConsumer {
     private byte[] authTag;
     private JweHeaders jweHeaders;
     public JweCompactConsumer(String jweContent) {
-        this(jweContent, new JwtTokenReaderWriter());
+        this(jweContent, new JoseHeadersReaderWriter());
     }
-    public JweCompactConsumer(String jweContent, JwtHeadersReader reader) {
+    public JweCompactConsumer(String jweContent, JoseHeadersReader reader) {
         String[] parts = jweContent.split("\\.");
         if (parts.length != 5) {
             throw new SecurityException("5 JWE parts are expected");

http://git-wip-us.apache.org/repos/asf/cxf/blob/522b7021/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweCompactProducer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweCompactProducer.java b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweCompactProducer.java
index ca0cda8..d035765 100644
--- a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweCompactProducer.java
+++ b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweCompactProducer.java
@@ -22,7 +22,8 @@ package org.apache.cxf.rs.security.jose.jwe;
 import java.io.IOException;
 import java.io.OutputStream;
 
-import org.apache.cxf.rs.security.jose.jwt.JwtHeadersWriter;
+import org.apache.cxf.rs.security.jose.JoseHeadersReaderWriter;
+import org.apache.cxf.rs.security.jose.JoseHeadersWriter;
 import org.apache.cxf.rs.security.jose.jwt.JwtTokenReaderWriter;
 import org.apache.cxf.rs.security.oauth2.utils.Base64UrlUtility;
 
@@ -41,7 +42,7 @@ public class JweCompactProducer {
     }
     
     public JweCompactProducer(JweHeaders headers,
-                       JwtHeadersWriter writer,
+                       JoseHeadersWriter writer,
                        byte[] encryptedContentEncryptionKey,
                        byte[] cipherInitVector,
                        byte[] encryptedContentNoTag,
@@ -73,7 +74,7 @@ public class JweCompactProducer {
              cipherInitVector, encryptedContentWithTag, authTagLengthBits);
     }
     public JweCompactProducer(JweHeaders headers,
-                       JwtHeadersWriter writer,
+                       JoseHeadersWriter writer,
                        byte[] encryptedContentEncryptionKey,
                        byte[] cipherInitVector,
                        byte[] encryptedContentWithTag,
@@ -91,7 +92,7 @@ public class JweCompactProducer {
         
     }
     public static String startJweContent(JweHeaders headers,
-                                                JwtHeadersWriter writer, 
+                                                JoseHeadersWriter writer, 
                                                 byte[] encryptedContentEncryptionKey,
                                                 byte[] cipherInitVector) {
         return startJweContent(new StringBuilder(), 
@@ -99,7 +100,7 @@ public class JweCompactProducer {
     }
     public static StringBuilder startJweContent(StringBuilder sb,
                                         JweHeaders headers,
-                                        JwtHeadersWriter writer, 
+                                        JoseHeadersWriter writer, 
                                         byte[] encryptedContentEncryptionKey,
                                         byte[] cipherInitVector) {
         return startJweContent(sb, 
@@ -108,8 +109,8 @@ public class JweCompactProducer {
                                cipherInitVector);
     }
     private static String getHeadersJson(JweHeaders headers,
-                                         JwtHeadersWriter writer) {
-        writer = writer == null ? new JwtTokenReaderWriter() : writer;
+                                         JoseHeadersWriter writer) {
+        writer = writer == null ? new JoseHeadersReaderWriter() : writer;
         return writer.headersToJson(headers);
         
     }
@@ -131,7 +132,7 @@ public class JweCompactProducer {
     
     public static void startJweContent(OutputStream os,
                                        JweHeaders headers,
-                                       JwtHeadersWriter writer, 
+                                       JoseHeadersWriter writer, 
                                        byte[] encryptedContentEncryptionKey,
                                        byte[] cipherInitVector) throws IOException {
         writer = writer == null ? new JwtTokenReaderWriter() : writer;

http://git-wip-us.apache.org/repos/asf/cxf/blob/522b7021/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweHeaders.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweHeaders.java b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweHeaders.java
index 7fe91d6..29afa8b 100644
--- a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweHeaders.java
+++ b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweHeaders.java
@@ -22,15 +22,15 @@ package org.apache.cxf.rs.security.jose.jwe;
 import java.io.UnsupportedEncodingException;
 import java.util.Map;
 
-import org.apache.cxf.rs.security.jose.jwt.JwtConstants;
-import org.apache.cxf.rs.security.jose.jwt.JwtHeaders;
-import org.apache.cxf.rs.security.jose.jwt.JwtHeadersWriter;
+import org.apache.cxf.rs.security.jose.JoseConstants;
+import org.apache.cxf.rs.security.jose.JoseHeaders;
+import org.apache.cxf.rs.security.jose.JoseHeadersWriter;
 import org.apache.cxf.rs.security.oauth2.utils.Base64UrlUtility;
 
 
 
 
-public class JweHeaders extends JwtHeaders {
+public class JweHeaders extends JoseHeaders {
     
     public JweHeaders() {
     }
@@ -56,7 +56,7 @@ public class JweHeaders extends JwtHeaders {
         }
         setContentEncryptionAlgorithm(ctEncAlgo);
         if (deflate) {
-            setZipAlgorithm(JwtConstants.DEFLATE_ZIP_ALGORITHM);
+            setZipAlgorithm(JoseConstants.DEFLATE_ZIP_ALGORITHM);
         }
     }
     
@@ -69,26 +69,26 @@ public class JweHeaders extends JwtHeaders {
     }
     
     public void setContentEncryptionAlgorithm(String type) {
-        setHeader(JwtConstants.JWE_HEADER_CONTENT_ENC_ALGORITHM, type);
+        setHeader(JoseConstants.JWE_HEADER_CONTENT_ENC_ALGORITHM, type);
     }
     
     public String getContentEncryptionAlgorithm() {
-        return (String)getHeader(JwtConstants.JWE_HEADER_CONTENT_ENC_ALGORITHM);
+        return (String)getHeader(JoseConstants.JWE_HEADER_CONTENT_ENC_ALGORITHM);
     }
     
     public void setZipAlgorithm(String type) {
-        setHeader(JwtConstants.JWE_HEADER_ZIP_ALGORITHM, type);
+        setHeader(JoseConstants.JWE_HEADER_ZIP_ALGORITHM, type);
     }
     
     public String getZipAlgorithm() {
-        return (String)getHeader(JwtConstants.JWE_HEADER_ZIP_ALGORITHM);
+        return (String)getHeader(JoseConstants.JWE_HEADER_ZIP_ALGORITHM);
     }
     
     @Override
-    public JwtHeaders setHeader(String name, Object value) {
-        return (JwtHeaders)super.setHeader(name, value);
+    public JoseHeaders setHeader(String name, Object value) {
+        return (JoseHeaders)super.setHeader(name, value);
     }
-    public byte[] toCipherAdditionalAuthData(JwtHeadersWriter writer) { 
+    public byte[] toCipherAdditionalAuthData(JoseHeadersWriter writer) { 
         return toCipherAdditionalAuthData(writer.headersToJson(this));
     }
     public static byte[] toCipherAdditionalAuthData(String headersJson) { 

http://git-wip-us.apache.org/repos/asf/cxf/blob/522b7021/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/WrappedKeyJweDecryption.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/WrappedKeyJweDecryption.java b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/WrappedKeyJweDecryption.java
index b14effc..6cb40ba 100644
--- a/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/WrappedKeyJweDecryption.java
+++ b/rt/rs/security/oauth-parent/oauth2-jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/WrappedKeyJweDecryption.java
@@ -20,7 +20,7 @@ package org.apache.cxf.rs.security.jose.jwe;
 
 import java.security.Key;
 
-import org.apache.cxf.rs.security.jose.jwt.JwtHeadersReader;
+import org.apache.cxf.rs.security.jose.JoseHeadersReader;
 
 public class WrappedKeyJweDecryption extends AbstractJweDecryption {
     public WrappedKeyJweDecryption(Key cekDecryptionKey) {    
@@ -37,7 +37,7 @@ public class WrappedKeyJweDecryption extends AbstractJweDecryption {
         this(cekDecryptionKey, unwrap, props, null);
     }
     public WrappedKeyJweDecryption(Key cekDecryptionKey, boolean unwrap,
-                                   JweCryptoProperties props, JwtHeadersReader reader) {    
+                                   JweCryptoProperties props, JoseHeadersReader reader) {    
         this(new WrappedKeyDecryptionAlgorithm(cekDecryptionKey, unwrap),
              props, reader);
     }
@@ -45,11 +45,11 @@ public class WrappedKeyJweDecryption extends AbstractJweDecryption {
         this(keyDecryptionAlgo, null, null);
     }
     public WrappedKeyJweDecryption(KeyDecryptionAlgorithm keyDecryptionAlgo,
-                                   JweCryptoProperties props, JwtHeadersReader reader) {    
+                                   JweCryptoProperties props, JoseHeadersReader reader) {    
         this(keyDecryptionAlgo, props, reader, new AesGcmContentDecryptionAlgorithm());
     }
     public WrappedKeyJweDecryption(KeyDecryptionAlgorithm keyDecryptionAlgo,
-                                   JweCryptoProperties props, JwtHeadersReader reader,
+                                   JweCryptoProperties props, JoseHeadersReader reader,
                                    ContentDecryptionAlgorithm cipherProps) {    
         super(props, reader, keyDecryptionAlgo, cipherProps);
     }


Mime
View raw message