cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject git commit: [CXF-5954] Adding a basic JWE system test where keys are loaded from JWK sets
Date Fri, 05 Sep 2014 12:30:18 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes 9cb7b0e97 -> 2c731ed48


[CXF-5954] Adding a basic JWE system test where keys are loaded from JWK sets


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/2c731ed4
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/2c731ed4
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/2c731ed4

Branch: refs/heads/3.0.x-fixes
Commit: 2c731ed48d85933f1881d85130a92c8040dedf82
Parents: 9cb7b0e
Author: Sergey Beryozkin <sberyozkin@talend.com>
Authored: Fri Sep 5 13:26:03 2014 +0100
Committer: Sergey Beryozkin <sberyozkin@talend.com>
Committed: Fri Sep 5 13:29:43 2014 +0100

----------------------------------------------------------------------
 .../cxf/rs/security/oauth2/jwk/JsonWebKey.java  |  2 +-
 .../jaxrs/security/jwt/JAXRSJweJwsTest.java     | 25 +++++++++++++++++++-
 .../cxf/systest/jaxrs/security/jwt/server.xml   | 13 ++++++++++
 .../systest/jaxrs/security/alice.jwk.properties | 21 ++++++++++++++++
 .../systest/jaxrs/security/bob.jwk.properties   | 24 +++++++++++++++++++
 .../jaxrs/security/certs/jwkPrivateSet.txt      |  9 +++++++
 .../jaxrs/security/certs/jwkPublicSet.txt       |  8 +++++++
 7 files changed, 100 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/2c731ed4/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwk/JsonWebKey.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwk/JsonWebKey.java
b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwk/JsonWebKey.java
index bfb61eb..93c3a14 100644
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwk/JsonWebKey.java
+++ b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwk/JsonWebKey.java
@@ -166,7 +166,7 @@ public class JsonWebKey extends AbstractJwtObject {
         return CryptoUtils.getRSAPublicKey(encodedModulus, encodedPublicExponent);
     }
     public RSAPrivateKey toRSAPrivateKey() {
-        String encodedPublicExponent = (String)super.getValue(RSA_PUBLIC_EXP);
+        String encodedPublicExponent = (String)super.getValue(RSA_MODULUS);
         String encodedPrivateExponent = (String)super.getValue(RSA_PRIVATE_EXP);
         return CryptoUtils.getRSAPrivateKey(encodedPublicExponent, encodedPrivateExponent);
     }

http://git-wip-us.apache.org/repos/asf/cxf/blob/2c731ed4/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
index 8f937cc..d339a3e 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
@@ -77,7 +77,30 @@ public class JAXRSJweJwsTest extends AbstractBusClientServerTestBase {
     public static void unregisterBouncyCastleIfNeeded() throws Exception {
         Security.removeProvider(BouncyCastleProvider.class.getName());    
     }
-    
+    @Test
+    public void testJweJwk() throws Exception {
+        String address = "https://localhost:" + PORT + "/jwejwk";
+        JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
+        SpringBusFactory bf = new SpringBusFactory();
+        URL busFile = JAXRSJweJwsTest.class.getResource("client.xml");
+        Bus springBus = bf.createBus(busFile.toString());
+        bean.setBus(springBus);
+        bean.setServiceClass(BookStore.class);
+        bean.setAddress(address);
+        List<Object> providers = new LinkedList<Object>();
+        JweWriterInterceptor jweWriter = new JweWriterInterceptor();
+        jweWriter.setUseJweOutputStream(true);
+        providers.add(jweWriter);
+        providers.add(new JweClientResponseFilter());
+        bean.setProviders(providers);
+        bean.getProperties(true).put("rs.security.encryption.out.properties", 
+                                     "org/apache/cxf/systest/jaxrs/security/bob.jwk.properties");
+        bean.getProperties(true).put("rs.security.encryption.in.properties",
+                                     "org/apache/cxf/systest/jaxrs/security/alice.jwk.properties");
+        BookStore bs = bean.create(BookStore.class);
+        String text = bs.echoText("book");
+        assertEquals("book", text);
+    }
     @Test
     public void testJweRsaJwsRsa() throws Exception {
         String address = "https://localhost:" + PORT + "/jwejwsrsa";

http://git-wip-us.apache.org/repos/asf/cxf/blob/2c731ed4/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/server.xml
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/server.xml
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/server.xml
index 07aad8c..55bf214 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/server.xml
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/server.xml
@@ -101,6 +101,19 @@ under the License.
             <entry key="rs.security.decryption.key.password.provider" value-ref="keyPasswordProvider"/>
         </jaxrs:properties>
     </jaxrs:server>
+    <jaxrs:server address="https://localhost:${testutil.ports.jaxrs-jwt}/jwejwk">
+        <jaxrs:serviceBeans>
+            <ref bean="serviceBean"/>
+        </jaxrs:serviceBeans>
+        <jaxrs:providers>
+            <ref bean="jweInFilter"/>
+            <ref bean="jweOutFilter"/>
+        </jaxrs:providers>
+        <jaxrs:properties>
+            <entry key="rs.security.encryption.in.properties" value="org/apache/cxf/systest/jaxrs/security/alice.jwk.properties"/>
+            <entry key="rs.security.encryption.out.properties" value="org/apache/cxf/systest/jaxrs/security/bob.jwk.properties"/>
+        </jaxrs:properties>
+    </jaxrs:server>
     <jaxrs:server address="https://localhost:${testutil.ports.jaxrs-jwt}/jwejwshmac">
         <jaxrs:serviceBeans>
             <ref bean="serviceBean"/>

http://git-wip-us.apache.org/repos/asf/cxf/blob/2c731ed4/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/alice.jwk.properties
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/alice.jwk.properties
b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/alice.jwk.properties
new file mode 100644
index 0000000..cab78a1
--- /dev/null
+++ b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/alice.jwk.properties
@@ -0,0 +1,21 @@
+#    Licensed to the Apache Software Foundation (ASF) under one
+#    or more contributor license agreements. See the NOTICE file
+#    distributed with this work for additional information
+#    regarding copyright ownership. The ASF licenses this file
+#    to you under the Apache License, Version 2.0 (the
+#    "License"); you may not use this file except in compliance
+#    with the License. You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing,
+#    software distributed under the License is distributed on an
+#    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+#    KIND, either express or implied. See the License for the
+#    specific language governing permissions and limitations
+#    under the License.
+rs.security.keystore.type=jwk
+rs.security.keystore.alias=2011-04-29
+rs.security.keystore.file=org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt
+rs.security.jwe.content.encryption.algorithm=A128GCM
+rs.security.jwe.key.encryption.algorithm=RSA-OAEP

http://git-wip-us.apache.org/repos/asf/cxf/blob/2c731ed4/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/bob.jwk.properties
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/bob.jwk.properties
b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/bob.jwk.properties
new file mode 100644
index 0000000..16aabf0
--- /dev/null
+++ b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/bob.jwk.properties
@@ -0,0 +1,24 @@
+#
+#    Licensed to the Apache Software Foundation (ASF) under one
+#    or more contributor license agreements. See the NOTICE file
+#    distributed with this work for additional information
+#    regarding copyright ownership. The ASF licenses this file
+#    to you under the Apache License, Version 2.0 (the
+#    "License"); you may not use this file except in compliance
+#    with the License. You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing,
+#    software distributed under the License is distributed on an
+#    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+#    KIND, either express or implied. See the License for the
+#    specific language governing permissions and limitations
+#    under the License.
+#
+rs.security.keystore.type=jwk
+rs.security.keystore.alias=2011-04-29
+rs.security.keystore.file=org/apache/cxf/systest/jaxrs/security/certs/jwkPublicSet.txt
+rs.security.jwe.content.encryption.algorithm=A128GCM
+rs.security.jwe.key.encryption.algorithm=RSA-OAEP
+

http://git-wip-us.apache.org/repos/asf/cxf/blob/2c731ed4/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt
b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt
new file mode 100644
index 0000000..cc336cc
--- /dev/null
+++ b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkPrivateSet.txt
@@ -0,0 +1,9 @@
+{"keys":
+       [
+         {"kty":"RSA",
+          "n":"oahUIoWw0K0usKNuOR6H4wkf4oBUXHTxRvgb48E-BVvxkeDNjbC4he8rUWcJoZmds2h7M70imEVhRU5djINXtqllXI4DFqcI1DgjT9LewND8MW2Krf3Spsk_ZkoFnilakGygTwpZ3uesH-PFABNIUYpOiN15dsQRkgr0vEhxN92i2asbOenSZeyaxziK72UwxrrKoExv6kc5twXTq4h-QChLOln0_mtUZwfsRaMStPs6mS6XrgxnxbWhojf663tuEQueGC-FCMfra36C9knDFGzKsNa7LZK2djYgyD3JR_MB_4NUJW_TqOQtwHYbxevoJArm-L5StowjzGy-_bq6Gw",
+          "e":"AQAB",
+          "d":"kLdtIj6GbDks_ApCSTYQtelcNttlKiOyPzMrXHeI-yk1F7-kpDxY4-WY5NWV5KntaEeXS1j82E375xxhWMHXyvjYecPT9fpwR_M9gV8n9Hrh2anTpTD93Dt62ypW3yDsJzBnTnrYu1iwWRgBKrEYY46qAZIrA2xAwnm2X7uGR1hghkqDp0Vqj3kbSCz1XyfCs6_LehBwtxHIyh8Ripy40p24moOAbgxVw3rxT_vlt3UVe4WO3JkJOzlpUf-KTVI2Ptgm-dARxTEtE-id-4OJr0h-K-VFs3VSndVTIznSxfyrj8ILL6MG_Uv8YAu7VILSB3lOW085-4qE3DzgrTjgyQ",
+          "kid":"2011-04-29"}
+       ]
+     }

http://git-wip-us.apache.org/repos/asf/cxf/blob/2c731ed4/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkPublicSet.txt
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkPublicSet.txt
b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkPublicSet.txt
new file mode 100644
index 0000000..4487aa2
--- /dev/null
+++ b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkPublicSet.txt
@@ -0,0 +1,8 @@
+{"keys":
+       [
+         {"kty":"RSA",
+          "n":"oahUIoWw0K0usKNuOR6H4wkf4oBUXHTxRvgb48E-BVvxkeDNjbC4he8rUWcJoZmds2h7M70imEVhRU5djINXtqllXI4DFqcI1DgjT9LewND8MW2Krf3Spsk_ZkoFnilakGygTwpZ3uesH-PFABNIUYpOiN15dsQRkgr0vEhxN92i2asbOenSZeyaxziK72UwxrrKoExv6kc5twXTq4h-QChLOln0_mtUZwfsRaMStPs6mS6XrgxnxbWhojf663tuEQueGC-FCMfra36C9knDFGzKsNa7LZK2djYgyD3JR_MB_4NUJW_TqOQtwHYbxevoJArm-L5StowjzGy-_bq6Gw",
+          "e":"AQAB",
+          "kid":"2011-04-29"}
+       ]
+     }
\ No newline at end of file


Mime
View raw message