cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject [02/10] Changing the oauth2-jwt source folder to oauth2-jose
Date Fri, 19 Sep 2014 14:49:11 GMT
http://git-wip-us.apache.org/repos/asf/cxf/blob/2e5f5a13/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/AbstractJwtObjectReaderWriter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/AbstractJwtObjectReaderWriter.java b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/AbstractJwtObjectReaderWriter.java
deleted file mode 100644
index a70eca7..0000000
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/AbstractJwtObjectReaderWriter.java
+++ /dev/null
@@ -1,212 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jwt;
-
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.LinkedHashMap;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-
-
-public class AbstractJwtObjectReaderWriter {
-    private static final Set<String> DATE_PROPERTIES = 
-        new HashSet<String>(Arrays.asList(JwtConstants.CLAIM_EXPIRY, 
-                                          JwtConstants.CLAIM_ISSUED_AT, 
-                                          JwtConstants.CLAIM_NOT_BEFORE));
-    private boolean format;
-    
-    protected String toJson(AbstractJwtObject jwt) {
-        StringBuilder sb = new StringBuilder();
-        toJsonInternal(sb, jwt.asMap());
-        return sb.toString();
-    }
-
-    protected void toJsonInternal(StringBuilder sb, Map<String, Object> map) {
-        sb.append("{");
-        for (Iterator<Map.Entry<String, Object>> it = map.entrySet().iterator(); it.hasNext();) {
-            Map.Entry<String, Object> entry = it.next();
-            sb.append("\"").append(entry.getKey()).append("\"");
-            sb.append(":");
-            toJsonInternal(sb, entry.getValue(), it.hasNext());
-        }
-        sb.append("}");
-    }
-    
-    protected void toJsonInternal(StringBuilder sb, Object[] array) {
-        toJsonInternal(sb, Arrays.asList(array));
-    }
-    
-    protected void toJsonInternal(StringBuilder sb, Collection<?> coll) {
-        sb.append("[");
-        formatIfNeeded(sb);
-        for (Iterator<?> iter = coll.iterator(); iter.hasNext();) {
-            toJsonInternal(sb, iter.next(), iter.hasNext());
-        }
-        formatIfNeeded(sb);
-        sb.append("]");
-    }
-    
-    @SuppressWarnings("unchecked")
-    protected void toJsonInternal(StringBuilder sb, Object value, boolean hasNext) {
-        if (AbstractJwtObject.class.isAssignableFrom(value.getClass())) {
-            sb.append(toJson((AbstractJwtObject)value));
-        } else if (value.getClass().isArray()) {
-            toJsonInternal(sb, (Object[])value);
-        } else if (Collection.class.isAssignableFrom(value.getClass())) {
-            toJsonInternal(sb, (Collection<?>)value);
-        } else if (Map.class.isAssignableFrom(value.getClass())) {
-            toJsonInternal(sb, (Map<String, Object>)value);
-        } else {
-            if (value.getClass() == String.class) {
-                sb.append("\"");
-            }
-            sb.append(value);
-            if (value.getClass() == String.class) {
-                sb.append("\"");
-            }
-        }
-        if (hasNext) {
-            sb.append(",");
-            formatIfNeeded(sb);
-        }
-        
-    }
-    
-    protected void formatIfNeeded(StringBuilder sb) {
-        if (format) {
-            sb.append("\r\n ");
-        }
-    }
-        
-    protected void fromJsonInternal(AbstractJwtObject jwt, String json) {
-        String theJson = json.trim();
-        Map<String, Object> values = readJwtObjectAsMap(theJson.substring(1, theJson.length() - 1));
-        fromJsonInternal(jwt, values);
-    }
-    
-    protected void fromJsonInternal(AbstractJwtObject jwt, Map<String, Object> values) {
-        for (Map.Entry<String, Object> entry : values.entrySet()) {
-            jwt.setValue(entry.getKey(), entry.getValue());
-        }
-    }
-    
-    protected Map<String, Object> readJwtObjectAsMap(String json) {
-        Map<String, Object> values = new LinkedHashMap<String, Object>();
-        for (int i = 0; i < json.length(); i++) {
-            if (isWhiteSpace(json.charAt(i))) {
-                continue;
-            }
-            
-            int closingQuote = json.indexOf('"', i + 1);
-            int from = json.charAt(i) == '"' ? i + 1 : i;
-            String name = json.substring(from, closingQuote);
-            int sepIndex = json.indexOf(':', closingQuote + 1);
-            
-            int j = 1;
-            while (isWhiteSpace(json.charAt(sepIndex + j))) {
-                j++;
-            }
-            if (json.charAt(sepIndex + j) == '{') {
-                int closingIndex = getClosingIndex(json, '{', '}', sepIndex + j);
-                String newJson = json.substring(sepIndex + j + 1, closingIndex);
-                values.put(name, readJwtObjectAsMap(newJson));
-                i = closingIndex + 1;
-            } else if (json.charAt(sepIndex + j) == '[') {
-                int closingIndex = getClosingIndex(json, '[', ']', sepIndex + j);
-                String newJson = json.substring(sepIndex + j + 1, closingIndex);
-                values.put(name, readJwtObjectAsList(newJson));
-                i = closingIndex + 1;
-            } else {
-                int commaIndex = getCommaIndex(json, sepIndex + j);
-                Object value = readPrimitiveValue(json, sepIndex + j, commaIndex);
-                if (DATE_PROPERTIES.contains(name)) {
-                    value = Long.valueOf(value.toString());
-                }
-                values.put(name, value);
-                i = commaIndex + 1;
-            }
-            
-        }
-        return values;
-    }
-    protected List<Object> readJwtObjectAsList(String json) {
-        List<Object> values = new LinkedList<Object>();
-        for (int i = 0; i < json.length(); i++) {
-            if (isWhiteSpace(json.charAt(i))) {
-                continue;
-            }
-            if (json.charAt(i) == '{') {
-                int closingIndex = getClosingIndex(json, '{', '}', i);
-                values.add(readJwtObjectAsMap(json.substring(i + 1, closingIndex)));
-                i = closingIndex + 1;
-            } else {
-                int commaIndex = getCommaIndex(json, i);
-                Object value = readPrimitiveValue(json, i, commaIndex);
-                values.add(value);
-                i = commaIndex + 1;
-            }
-        }
-        
-        return values;
-    }
-    protected Object readPrimitiveValue(String json, int from, int to) {
-        Object value = json.substring(from, to);
-        String valueStr = value.toString().trim(); 
-        if (valueStr.startsWith("\"")) {
-            value = valueStr.substring(1, valueStr.length() - 1);
-        } else if ("true".equals(value) || "false".equals(value)) {
-            value = Boolean.valueOf(valueStr);
-        } 
-        return value;
-    }
-    
-    protected static int getCommaIndex(String json, int from) {
-        int commaIndex = json.indexOf(",", from);
-        if (commaIndex == -1) {
-            commaIndex = json.length();
-        }
-        return commaIndex;
-    }
-    protected int getClosingIndex(String json, char openChar, char closeChar, int from) {
-        int nextOpenIndex = json.indexOf(openChar, from + 1);
-        int closingIndex = json.indexOf(closeChar, from + 1);
-        while (nextOpenIndex != -1 && nextOpenIndex < closingIndex) {
-            nextOpenIndex = json.indexOf(openChar, closingIndex + 1);
-            closingIndex = json.indexOf(closeChar, closingIndex + 1);
-        }
-        return closingIndex;
-    }
-    protected boolean isWhiteSpace(char jsonChar) {
-        return jsonChar == ' ' || jsonChar == '\r' || jsonChar == '\n' || jsonChar == '\t';
-    }
-
-    public void setFormat(boolean format) {
-        this.format = format;
-    }
-
-    
-
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/2e5f5a13/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtClaims.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtClaims.java b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtClaims.java
deleted file mode 100644
index 46644a8..0000000
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtClaims.java
+++ /dev/null
@@ -1,100 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.rs.security.jose.jwt;
-
-import java.util.Map;
-
-
-
-
-public class JwtClaims extends AbstractJwtObject {
-    
-    public JwtClaims() {
-    }
-    
-    public JwtClaims(Map<String, Object> values) {
-        super(values);
-    }
-    
-    public void setIssuer(String issuer) {
-        setClaim(JwtConstants.CLAIM_ISSUER, issuer);
-    }
-    
-    public String getIssuer() {
-        return (String)getValue(JwtConstants.CLAIM_ISSUER);
-    }
-    
-    public void setSubject(String subject) {
-        setClaim(JwtConstants.CLAIM_SUBJECT, subject);
-    }
-    
-    public String getSubject() {
-        return (String)getClaim(JwtConstants.CLAIM_SUBJECT);
-    }
-    
-    public void setAudience(String audience) {
-        setClaim(JwtConstants.CLAIM_AUDIENCE, audience);
-    }
-    
-    public String getAudience() {
-        return (String)getClaim(JwtConstants.CLAIM_AUDIENCE);
-    }
-    
-    public void setExpiryTime(Long expiresIn) {
-        setClaim(JwtConstants.CLAIM_EXPIRY, expiresIn);
-    }
-    
-    public Long getExpiryTime() {
-        return getLongDate(JwtConstants.CLAIM_EXPIRY);
-    }
-    
-    public void setNotBefore(Long notBefore) {
-        setClaim(JwtConstants.CLAIM_NOT_BEFORE, notBefore);
-    }
-    
-    public Long getNotBefore() {
-        return getLongDate(JwtConstants.CLAIM_NOT_BEFORE);
-    }
-    
-    public void setIssuedAt(Long issuedAt) {
-        setClaim(JwtConstants.CLAIM_ISSUED_AT, issuedAt);
-    }
-    
-    public Long getIssuedAt() {
-        return getLongDate(JwtConstants.CLAIM_ISSUED_AT);
-    }
-    
-    public void setTokenId(String id) {
-        setValue(JwtConstants.CLAIM_JWT_ID, id);
-    }
-    
-    public String getTokenId() {
-        return (String)getClaim(JwtConstants.CLAIM_JWT_ID);
-    }
-    
-    public JwtClaims setClaim(String name, Object value) {
-        setValue(name, value);
-        return this;
-    }
-    
-    public Object getClaim(String name) {
-        return getValue(name);
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/2e5f5a13/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtConstants.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtConstants.java b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtConstants.java
deleted file mode 100644
index e912b31..0000000
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtConstants.java
+++ /dev/null
@@ -1,89 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.rs.security.jose.jwt;
-
-public final class JwtConstants {
-    public static final String HEADER_TYPE = "typ";
-    public static final String HEADER_ALGORITHM = "alg";
-    public static final String HEADER_CONTENT_TYPE = "cty";
-    public static final String HEADER_CRITICAL = "crit";
-    
-    public static final String HEADER_KEY_ID = "kid";
-    public static final String HEADER_X509_URL = "x5u";
-    public static final String HEADER_X509_CHAIN = "x5c";
-    public static final String HEADER_X509_THUMBPRINT = "x5t";
-    public static final String HEADER_X509_THUMBPRINT_SHA256 = "x5t#S256";
-    public static final String HEADER_JSON_WEB_KEY = "jwk";
-    public static final String HEADER_JSON_WEB_KEY_SET = "jku";
-    
-    public static final String JWE_HEADER_KEY_ENC_ALGORITHM = HEADER_ALGORITHM;
-    public static final String JWE_HEADER_CONTENT_ENC_ALGORITHM = "enc";
-    public static final String JWE_HEADER_ZIP_ALGORITHM = "zip";
-    public static final String DEFLATE_ZIP_ALGORITHM = "DEF";
-    
-    public static final String TYPE_JWT = "JWT";
-    public static final String TYPE_JOSE = "JOSE";
-    public static final String TYPE_JOSE_JSON = "JOSE+JSON";
-    public static final String MEDIA_TYPE_JOSE_JSON = "application/jose+json";
-    
-    public static final String CLAIM_ISSUER = "iss";
-    public static final String CLAIM_SUBJECT = "sub";
-    public static final String CLAIM_AUDIENCE = "aud";
-    public static final String CLAIM_EXPIRY = "exp";
-    public static final String CLAIM_NOT_BEFORE = "nbf";
-    public static final String CLAIM_ISSUED_AT = "iat";
-    public static final String CLAIM_JWT_ID = "jti";
-    
-    public static final String PLAIN_TEXT_ALGO = "none";
-    public static final String HMAC_SHA_256_ALGO = "HS256";
-    public static final String HMAC_SHA_384_ALGO = "HS384";
-    public static final String HMAC_SHA_512_ALGO = "HS512";
-    public static final String RS_SHA_256_ALGO = "RS256";
-    public static final String RS_SHA_384_ALGO = "RS384";
-    public static final String RS_SHA_512_ALGO = "RS512";
-    public static final String ES_SHA_256_ALGO = "ES256";
-    public static final String ES_SHA_384_ALGO = "ES384";
-    public static final String ES_SHA_512_ALGO = "ES512";
-    
-    // Key Encryption
-    public static final String RSA_OAEP_ALGO = "RSA-OAEP";
-    public static final String RSA_OAEP_256_ALGO = "RSA-OAEP-256";
-    public static final String RSA_1_5_ALGO = "RSA1_5";
-    public static final String A128KW_ALGO = "A128KW";
-    public static final String A192KW_ALGO = "A192KW";
-    public static final String A256KW_ALGO = "A256KW";
-    public static final String A128GCMKW_ALGO = "A128GCMKW";
-    public static final String A192GCMKW_ALGO = "A192GCMKW";
-    public static final String A256GCMKW_ALGO = "A256GCMKW";
-    public static final String PBES2_HS256_A128KW_ALGO = "PBES2-HS256+A128KW";
-    public static final String PBES2_HS384_A192KW_ALGO = "PBES2-HS384+A192KW";
-    public static final String PBES2_HS512_A256KW_ALGO = "PBES2-HS512+A256KW";
-    // Content Encryption
-    public static final String A128CBC_HS256_ALGO = "A128CBC-HS256";
-    public static final String A192CBC_HS384_ALGO = "A192CBC-HS384";
-    public static final String A256CBC_HS512_ALGO = "A256CBC-HS512";
-    public static final String A128GCM_ALGO = "A128GCM";
-    public static final String A192GCM_ALGO = "A192GCM";
-    public static final String A256GCM_ALGO = "A256GCM";
-    
-    private JwtConstants() {
-        
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/2e5f5a13/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtHeaders.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtHeaders.java b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtHeaders.java
deleted file mode 100644
index b723f7d..0000000
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtHeaders.java
+++ /dev/null
@@ -1,172 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.rs.security.jose.jwt;
-
-import java.util.List;
-import java.util.Map;
-
-import org.apache.cxf.helpers.CastUtils;
-import org.apache.cxf.rs.security.jose.jwa.Algorithm;
-import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
-
-public class JwtHeaders extends AbstractJwtObject {
-    
-    public JwtHeaders() {
-    }
-    
-    public JwtHeaders(String algorithm) {
-        init(algorithm);
-    }
-    
-    public JwtHeaders(Algorithm algo) {
-        init(algo.getJwtName());
-    }
-    
-    public JwtHeaders(Map<String, Object> values) {
-        super(values);
-    }
-    
-    private void init(String algo) {
-        setType(JwtConstants.TYPE_JWT);
-        this.setAlgorithm(algo);
-    }
-    
-    
-    public void setType(String type) {
-        setHeader(JwtConstants.HEADER_TYPE, type);
-    }
-    
-    public String getType() {
-        return (String)getHeader(JwtConstants.HEADER_TYPE);
-    }
-    
-    public void setContentType(String type) {
-        setHeader(JwtConstants.HEADER_CONTENT_TYPE, type);
-    }
-    
-    public String getContentType() {
-        return (String)getHeader(JwtConstants.HEADER_CONTENT_TYPE);
-    }
-    
-    public void setAlgorithm(String algo) {
-        setHeader(JwtConstants.HEADER_ALGORITHM, algo);
-    }
-    
-    public String getAlgorithm() {
-        return (String)getHeader(JwtConstants.HEADER_ALGORITHM);
-    }
-    
-    public void setKeyId(String kid) {
-        setHeader(JwtConstants.HEADER_KEY_ID, kid);
-    }
-    
-    public String getKeyId() {
-        return (String)getHeader(JwtConstants.HEADER_KEY_ID);
-    }
-    
-    public void setX509Url(String x509Url) {
-        setHeader(JwtConstants.HEADER_X509_URL, x509Url);
-    }
-
-    public String getX509Url() {
-        return (String)getHeader(JwtConstants.HEADER_X509_URL);
-    }
-    
-    public void setX509Chain(String x509Chain) {
-        setHeader(JwtConstants.HEADER_X509_CHAIN, x509Chain);
-    }
-
-    public String getX509Chain() {
-        return (String)getHeader(JwtConstants.HEADER_X509_CHAIN);
-    }
-    
-    public void setX509Thumbprint(String x509Thumbprint) {
-        setHeader(JwtConstants.HEADER_X509_THUMBPRINT, x509Thumbprint);
-    }
-    
-    public String getX509Thumbprint() {
-        return (String)getHeader(JwtConstants.HEADER_X509_THUMBPRINT);
-    }
-    
-    public void setX509ThumbprintSHA256(String x509Thumbprint) {
-        super.setValue(JwtConstants.HEADER_X509_THUMBPRINT_SHA256, x509Thumbprint);
-    }
-    
-    public String getX509ThumbprintSHA256() {
-        return (String)super.getValue(JwtConstants.HEADER_X509_THUMBPRINT_SHA256);
-    }
-    
-    public void setCritical(List<String> crit) {
-        setHeader(JwtConstants.HEADER_CRITICAL, crit);
-    }
-    
-    public List<String> getCritical() {
-        return CastUtils.cast((List<?>)getHeader(JwtConstants.HEADER_CRITICAL));
-    }
-    
-    public void setJsonWebKey(JsonWebKey key) {
-        setValue(JwtConstants.HEADER_JSON_WEB_KEY, key);
-    }
-    
-    public JsonWebKey getJsonWebKey() {
-        Object jsonWebKey = getValue(JwtConstants.HEADER_JSON_WEB_KEY);
-        if (jsonWebKey == null || jsonWebKey instanceof JsonWebKey) {
-            return (JsonWebKey)jsonWebKey;
-        }  
-        Map<String, Object> map = CastUtils.cast((Map<?, ?>)jsonWebKey);
-        return new JsonWebKey(map);
-    }
-    
-    public JwtHeaders setHeader(String name, Object value) {
-        setValue(name, value);
-        return this;
-    }
-    
-    public Object getHeader(String name) {
-        return getValue(name);
-    }
-    
-    public JwtHeaders setIntegerHeader(String name, Integer value) {
-        setValue(name, value);
-        return this;
-    }
-    
-    public Integer getIntegerHeader(String name) {
-        Object value = getValue(name);
-        if (value != null) {
-            return value instanceof Integer ? (Integer)value : Integer.parseInt(value.toString());
-        } else {
-            return null;
-        }
-    }
-    public JwtHeaders setLongHeader(String name, Long value) {
-        setValue(name, value);
-        return this;
-    }
-    
-    public Long getLongHeader(String name) {
-        Object value = getValue(name);
-        if (value != null) {
-            return value instanceof Long ? (Long)value : Long.parseLong(value.toString());
-        } else {
-            return null;
-        }
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/2e5f5a13/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtHeadersReader.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtHeadersReader.java b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtHeadersReader.java
deleted file mode 100644
index 8a15819..0000000
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtHeadersReader.java
+++ /dev/null
@@ -1,24 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jwt;
-
-
-public interface JwtHeadersReader {
-    JwtHeaders fromJsonHeaders(String jsonHeaders);
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/2e5f5a13/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtHeadersWriter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtHeadersWriter.java b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtHeadersWriter.java
deleted file mode 100644
index 6c63dea..0000000
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtHeadersWriter.java
+++ /dev/null
@@ -1,27 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jwt;
-
-
-
-public interface JwtHeadersWriter {
-    
-    String headersToJson(JwtHeaders headers);
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/2e5f5a13/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtToken.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtToken.java b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtToken.java
deleted file mode 100644
index 630813c..0000000
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtToken.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jwt;
-
-
-
-public class JwtToken {
-    private JwtHeaders headers;
-    private JwtClaims claims;
-    public JwtToken(JwtHeaders headers, JwtClaims claims) {
-        this.headers = headers;
-        this.claims = claims;
-    }
-    public JwtHeaders getHeaders() {
-        return headers;
-    }
-    public JwtClaims getClaims() {
-        return claims;
-    }
-    public int hashCode() { 
-        return headers.hashCode() + 37 * claims.hashCode();
-    }
-    
-    public boolean equals(Object obj) {
-        return obj instanceof JwtToken 
-            && ((JwtToken)obj).headers.equals(this.headers)
-            && ((JwtToken)obj).claims.equals(this.claims);
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/2e5f5a13/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtTokenJson.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtTokenJson.java b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtTokenJson.java
deleted file mode 100644
index e8e79f0..0000000
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtTokenJson.java
+++ /dev/null
@@ -1,37 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jwt;
-
-
-
-public class JwtTokenJson {
-    private String headersJson;
-    private String claimsJson;
-    public JwtTokenJson(String headersJson, String claimsJson) {
-        this.headersJson = headersJson;
-        this.claimsJson = claimsJson;
-    }
-    public String getHeadersJson() {
-        return headersJson;
-    }
-    public String getClaimsJson() {
-        return claimsJson;
-    }
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/2e5f5a13/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtTokenReader.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtTokenReader.java b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtTokenReader.java
deleted file mode 100644
index 2be6305..0000000
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtTokenReader.java
+++ /dev/null
@@ -1,25 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jwt;
-
-
-public interface JwtTokenReader extends JwtHeadersReader {
-    JwtClaims fromJsonClaims(String jsonClaims);
-    JwtToken fromJson(JwtTokenJson jsonPair);
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/2e5f5a13/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtTokenReaderWriter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtTokenReaderWriter.java b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtTokenReaderWriter.java
deleted file mode 100644
index c207e0e..0000000
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtTokenReaderWriter.java
+++ /dev/null
@@ -1,67 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jwt;
-
-
-
-
-public class JwtTokenReaderWriter extends AbstractJwtObjectReaderWriter
-    implements JwtTokenReader, JwtTokenWriter {
-    @Override
-    public String headersToJson(JwtHeaders headers) {
-        return toJson(headers);
-    }
-
-    @Override
-    public String claimsToJson(JwtClaims claims) {
-        return toJson(claims);
-    }
-
-    @Override
-    public JwtTokenJson tokenToJson(JwtToken token) {
-        return new JwtTokenJson(toJson(token.getHeaders()),
-                                    toJson(token.getClaims()));
-    }
-    
-    @Override
-    public JwtHeaders fromJsonHeaders(String headersJson) {
-        JwtHeaders headers = new JwtHeaders();
-        fromJsonInternal(headers, headersJson);
-        return headers;
-    }
-    
-    @Override
-    public JwtClaims fromJsonClaims(String claimsJson) {
-        JwtClaims claims = new JwtClaims();
-        fromJsonInternal(claims, claimsJson);
-        return claims;
-        
-    }
-    
-    private JwtToken fromJson(String headersJson, String claimsJson) {
-        JwtHeaders headers = fromJsonHeaders(headersJson);
-        JwtClaims claims = fromJsonClaims(claimsJson);
-        return new JwtToken(headers, claims);
-    }
-    
-    @Override
-    public JwtToken fromJson(JwtTokenJson pair) {
-        return fromJson(pair.getHeadersJson(), pair.getClaimsJson());
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/2e5f5a13/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtTokenWriter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtTokenWriter.java b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtTokenWriter.java
deleted file mode 100644
index bdbd029..0000000
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtTokenWriter.java
+++ /dev/null
@@ -1,28 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jwt;
-
-
-
-public interface JwtTokenWriter extends JwtHeadersWriter {
-    
-    String claimsToJson(JwtClaims claims);
-    JwtTokenJson tokenToJson(JwtToken token);
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/2e5f5a13/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtUtils.java b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtUtils.java
deleted file mode 100644
index 6238e2f..0000000
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtUtils.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jwt;
-
-public final class JwtUtils {
-    private JwtUtils() {
-        
-    }
-    
-    public static String checkContentType(String contentType, String defaultType) {
-        if (contentType != null) {
-            int paramIndex = contentType.indexOf(';');
-            String typeWithoutParams = paramIndex == -1 ? contentType : contentType.substring(0, paramIndex);
-            if (typeWithoutParams.indexOf('/') == -1) {
-                contentType = "application/" + contentType;
-            }
-        } else {
-            contentType = defaultType;
-        }
-        return contentType;
-    }
-    public static String expandContentType(String contentType) {
-        int paramIndex = contentType.indexOf(';');
-        String typeWithoutParams = paramIndex == -1 ? contentType : contentType.substring(0, paramIndex);
-        if (typeWithoutParams.indexOf('/') == -1) {
-            contentType = "application/" + contentType;
-        }
-        return contentType;
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/2e5f5a13/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/grant/AbstractJwtBearerGrant.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/grant/AbstractJwtBearerGrant.java b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/grant/AbstractJwtBearerGrant.java
deleted file mode 100644
index 4572b30..0000000
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/grant/AbstractJwtBearerGrant.java
+++ /dev/null
@@ -1,69 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jwt.grant;
-
-import javax.ws.rs.core.MultivaluedMap;
-
-import org.apache.cxf.jaxrs.impl.MetadataMap;
-import org.apache.cxf.rs.security.oauth2.common.AccessTokenGrant;
-import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
-import org.apache.cxf.rs.security.oauth2.utils.Base64UrlUtility;
-import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
-
-public abstract class AbstractJwtBearerGrant implements AccessTokenGrant {
-    private static final long serialVersionUID = 5754722119855372511L;
-    private String assertion;
-    private String scope;
-    private boolean encoded; 
-    private String grantType;
-    protected AbstractJwtBearerGrant(String grantType, String assertion, boolean encoded, String scope) {
-        this.grantType = grantType;
-        this.assertion = assertion;
-        this.encoded = encoded;
-        this.scope = scope;
-    }
-    
-    public String getType() {
-        return grantType;
-    }
-
-    protected MultivaluedMap<String, String> initMap() {
-        MultivaluedMap<String, String> map = new MetadataMap<String, String>();
-        map.putSingle(OAuthConstants.GRANT_TYPE, grantType);
-        return map;
-    }
-
-    protected void addScope(MultivaluedMap<String, String> map) {
-        if (scope != null) {
-            map.putSingle(OAuthConstants.SCOPE, scope);
-        }
-    }
-    
-    protected String encodeAssertion() {
-        if (encoded) {
-            return assertion;
-        }
-        
-        try {
-            return Base64UrlUtility.encode(assertion);
-        } catch (Exception ex) {
-            throw new OAuthServiceException(ex.getMessage(), ex);
-        }
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/2e5f5a13/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/grant/AbstractJwtHandler.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/grant/AbstractJwtHandler.java b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/grant/AbstractJwtHandler.java
deleted file mode 100644
index dbc8ffe..0000000
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/grant/AbstractJwtHandler.java
+++ /dev/null
@@ -1,100 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jwt.grant;
-
-import java.util.List;
-import java.util.Set;
-
-import org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier;
-import org.apache.cxf.rs.security.jose.jwt.JwtClaims;
-import org.apache.cxf.rs.security.jose.jwt.JwtHeaders;
-import org.apache.cxf.rs.security.oauth2.common.Client;
-import org.apache.cxf.rs.security.oauth2.grants.AbstractGrantHandler;
-import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
-import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
-
-
-/**
- * The "JWT Bearer" grant handler
- */
-public abstract class AbstractJwtHandler extends AbstractGrantHandler {
-    private Set<String> supportedIssuers; 
-    private JwsSignatureVerifier jwsVefifier;
-        
-    protected AbstractJwtHandler(List<String> grants) {
-        super(grants);
-    }
-    
-    protected void validateSignature(JwtHeaders headers, String unsignedText, byte[] signature) {
-        if (jwsVefifier.verify(headers, unsignedText, signature)) {    
-            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
-        }
-    }
-    
-    protected void validateClaims(Client client, JwtClaims claims) {
-        validateIssuer(claims.getIssuer());
-        validateSubject(client, claims.getSubject());
-        validateAudience(client, claims.getAudience());
-        validateExpiryTime(claims.getExpiryTime());
-        validateNotBeforeTime(claims.getNotBefore());
-        validateIssuedAtTime(claims.getIssuedAt());
-        validateTokenId(claims.getTokenId());
-    }
-
-    protected void validateIssuer(String issuer) {
-        if (issuer == null || !supportedIssuers.contains(issuer)) {
-            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
-        }
-    }
-    
-    protected void validateSubject(Client client, String subject) {
-        //TODO
-    }
-    protected void validateAudience(Client client, String audience) {
-        //TODO
-    }
-    protected void validateExpiryTime(Long timestamp) {
-        if (timestamp != null) {
-            //TODO
-        }
-    }
-    protected void validateNotBeforeTime(Long timestamp) {
-        if (timestamp != null) {
-            //TODO    
-        }
-    }
-    protected void validateIssuedAtTime(Long timestamp) {
-        if (timestamp != null) {
-            //TODO
-        }
-    }
-    protected void validateTokenId(String tokenId) {
-        if (tokenId != null) {
-            //TODO
-        }
-    }
-    public void setSupportedIssuers(Set<String> supportedIssuers) {
-        this.supportedIssuers = supportedIssuers;
-    }
-
-    public void setJwsVefifier(JwsSignatureVerifier jwsVefifier) {
-        this.jwsVefifier = jwsVefifier;
-    }
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/2e5f5a13/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/grant/Constants.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/grant/Constants.java b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/grant/Constants.java
deleted file mode 100644
index 8714aac..0000000
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/grant/Constants.java
+++ /dev/null
@@ -1,33 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jwt.grant;
-
-public final class Constants {
-    public static final String JWT_BEARER_GRANT = "urn:ietf:params:oauth:grant-type:jwt-bearer";
-    public static final String CLIENT_GRANT_ASSERTION_PARAM = "assertion";
-    
-    public static final String CLIENT_AUTH_ASSERTION_PARAM = "client_assertion";
-    public static final String CLIENT_AUTH_ASSERTION_TYPE = "client_assertion_type";
-    public static final String CLIENT_AUTH_JWT_BEARER = "urn:ietf:params:oauth:client-assertion-type:jwt-bearer";
-   
-    
-    private Constants() {
-        
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/2e5f5a13/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/grant/JwtBearerClientCredentialsGrant.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/grant/JwtBearerClientCredentialsGrant.java b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/grant/JwtBearerClientCredentialsGrant.java
deleted file mode 100644
index f5f86a8..0000000
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/grant/JwtBearerClientCredentialsGrant.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jwt.grant;
-
-import javax.ws.rs.core.MultivaluedMap;
-
-import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
-
-public class JwtBearerClientCredentialsGrant extends AbstractJwtBearerGrant {
-    
-    private static final long serialVersionUID = 4801583498206813025L;
-
-    public JwtBearerClientCredentialsGrant(String assertion, boolean encoded, String scope) {
-        super(OAuthConstants.CLIENT_CREDENTIALS_GRANT, assertion, encoded, scope);
-    }
-    
-    public MultivaluedMap<String, String> toMap() {
-        MultivaluedMap<String, String> map = initMap();
-        map.putSingle(Constants.CLIENT_AUTH_ASSERTION_TYPE, Constants.CLIENT_AUTH_JWT_BEARER);
-        map.putSingle(Constants.CLIENT_AUTH_ASSERTION_PARAM, encodeAssertion());
-        addScope(map);
-        return map;
-    }
-
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/2e5f5a13/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/grant/JwtBearerGrant.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/grant/JwtBearerGrant.java b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/grant/JwtBearerGrant.java
deleted file mode 100644
index 49041b9..0000000
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/grant/JwtBearerGrant.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jwt.grant;
-
-import javax.ws.rs.core.MultivaluedMap;
-
-public class JwtBearerGrant extends AbstractJwtBearerGrant {
-    private static final long serialVersionUID = -7296527609343431294L;
-
-    public JwtBearerGrant(String assertion) {
-        this(assertion, false);
-    }
-    
-    public JwtBearerGrant(String assertion, boolean encoded) {
-        this(assertion, false, null);
-    }
-    
-    public JwtBearerGrant(String assertion, String scope) {
-        this(assertion, false, scope);
-    }
-    
-    public JwtBearerGrant(String assertion, boolean encoded, String scope) {
-        super(Constants.JWT_BEARER_GRANT, assertion, encoded, scope);
-    }
-    
-    public MultivaluedMap<String, String> toMap() {
-        MultivaluedMap<String, String> map = initMap();
-        map.putSingle(Constants.CLIENT_GRANT_ASSERTION_PARAM, encodeAssertion());
-        addScope(map);
-        return map;
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/2e5f5a13/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/grant/JwtBearerGrantHandler.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/grant/JwtBearerGrantHandler.java b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/grant/JwtBearerGrantHandler.java
deleted file mode 100644
index c3a2283..0000000
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/grant/JwtBearerGrantHandler.java
+++ /dev/null
@@ -1,91 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jwt.grant;
-
-import java.util.Arrays;
-
-import javax.ws.rs.core.MultivaluedMap;
-
-import org.apache.cxf.jaxrs.utils.HttpUtils;
-import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer;
-import org.apache.cxf.rs.security.jose.jwt.JwtToken;
-import org.apache.cxf.rs.security.jose.jwt.JwtTokenReader;
-import org.apache.cxf.rs.security.oauth2.common.Client;
-import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
-import org.apache.cxf.rs.security.oauth2.common.UserSubject;
-import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
-import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
-import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
-
-/**
- * The "JWT Bearer" grant handler
- */
-public class JwtBearerGrantHandler extends AbstractJwtHandler {
-    private static final String ENCODED_JWT_BEARER_GRANT;
-    static {
-        //  AccessTokenService may be configured with the form provider
-        // which will not decode by default - so listing both the actual 
-        // and encoded grant type value will help
-        ENCODED_JWT_BEARER_GRANT = HttpUtils.urlEncode(Constants.JWT_BEARER_GRANT, "UTF-8");
-    }
-    private JwtTokenReader jwtReader;
-    public JwtBearerGrantHandler() {
-        super(Arrays.asList(Constants.JWT_BEARER_GRANT, ENCODED_JWT_BEARER_GRANT));
-    }
-
-    @Override
-    public ServerAccessToken createAccessToken(Client client, MultivaluedMap<String, String> params)
-        throws OAuthServiceException {
-        String assertion = params.getFirst(Constants.CLIENT_GRANT_ASSERTION_PARAM);
-        if (assertion == null) {
-            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
-        }
-        try {
-            JwsJwtCompactConsumer jwsReader = getJwsReader(assertion);
-            JwtToken jwtToken = jwsReader.getJwtToken();
-            super.validateSignature(jwtToken.getHeaders(),
-                                    jwsReader.getUnsignedEncodedPayload(), 
-                                    jwsReader.getDecodedSignature());
-            
-                   
-            super.validateClaims(client, jwtToken.getClaims());
-            UserSubject grantSubject = new UserSubject(jwtToken.getClaims().getSubject());
-            
-            return doCreateAccessToken(client, 
-                                       grantSubject,
-                                       Constants.JWT_BEARER_GRANT,
-                                       OAuthUtils.parseScope(params.getFirst(OAuthConstants.SCOPE)));
-        } catch (OAuthServiceException ex) {
-            throw ex;
-        } catch (Exception ex) {
-            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT, ex);
-        }    
-        
-    }
-
-    protected JwsJwtCompactConsumer getJwsReader(String assertion) {
-        return new JwsJwtCompactConsumer(assertion, jwtReader);
-    }
-    
-    public void setJwtReader(JwtTokenReader tokenReader) {
-        this.jwtReader = tokenReader;
-    }
-
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/2e5f5a13/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/grant/JwtUserSubject.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/grant/JwtUserSubject.java b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/grant/JwtUserSubject.java
deleted file mode 100644
index 18eaae1..0000000
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/jose/jwt/grant/JwtUserSubject.java
+++ /dev/null
@@ -1,34 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jwt.grant;
-
-import org.apache.cxf.rs.security.jose.jwt.JwtToken;
-import org.apache.cxf.rs.security.oauth2.common.UserSubject;
-
-public class JwtUserSubject extends UserSubject {
-    private static final long serialVersionUID = -1135272749329239037L;
-    private JwtToken token;
-    public JwtUserSubject(String user, JwtToken token) {
-        super(user);
-        this.token = token;
-    }
-    public JwtToken getToken() {
-        return token;
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/2e5f5a13/rt/rs/security/oauth-parent/oauth2-jwt/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java b/rt/rs/security/oauth-parent/oauth2-jwt/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java
deleted file mode 100644
index ca49a38..0000000
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/test/java/org/apache/cxf/rs/security/jose/jwe/JweCompactReaderWriterTest.java
+++ /dev/null
@@ -1,209 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jwe;
-
-import java.security.Security;
-import java.security.interfaces.RSAPrivateKey;
-import java.security.interfaces.RSAPublicKey;
-
-import javax.crypto.Cipher;
-import javax.crypto.SecretKey;
-
-import org.apache.cxf.rs.security.jose.jwa.Algorithm;
-import org.apache.cxf.rs.security.jose.jws.JwsCompactReaderWriterTest;
-import org.apache.cxf.rs.security.jose.jwt.JwtConstants;
-import org.apache.cxf.rs.security.oauth2.utils.Base64UrlUtility;
-import org.apache.cxf.rs.security.oauth2.utils.crypto.CryptoUtils;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-
-import org.junit.AfterClass;
-import org.junit.Assert;
-import org.junit.BeforeClass;
-import org.junit.Test;
-
-public class JweCompactReaderWriterTest extends Assert {
-    // A1 example
-    private static final byte[] CONTENT_ENCRYPTION_KEY_A1 = {
-        (byte)177, (byte)161, (byte)244, (byte)128, 84, (byte)143, (byte)225,
-        115, 63, (byte)180, 3, (byte)255, 107, (byte)154, (byte)212, (byte)246,
-        (byte)138, 7, 110, 91, 112, 46, 34, 105, 47, 
-        (byte)130, (byte)203, 46, 122, (byte)234, 64, (byte)252};
-    private static final String RSA_MODULUS_ENCODED_A1 = "oahUIoWw0K0usKNuOR6H4wkf4oBUXHTxRvgb48E-BVvxkeDNjbC4he8rUW"
-           + "cJoZmds2h7M70imEVhRU5djINXtqllXI4DFqcI1DgjT9LewND8MW2Krf3S"
-           + "psk_ZkoFnilakGygTwpZ3uesH-PFABNIUYpOiN15dsQRkgr0vEhxN92i2a"
-           + "sbOenSZeyaxziK72UwxrrKoExv6kc5twXTq4h-QChLOln0_mtUZwfsRaMS"
-           + "tPs6mS6XrgxnxbWhojf663tuEQueGC-FCMfra36C9knDFGzKsNa7LZK2dj"
-           + "YgyD3JR_MB_4NUJW_TqOQtwHYbxevoJArm-L5StowjzGy-_bq6Gw";
-    private static final String RSA_PUBLIC_EXPONENT_ENCODED_A1 = "AQAB";
-    private static final String RSA_PRIVATE_EXPONENT_ENCODED_A1 = 
-        "kLdtIj6GbDks_ApCSTYQtelcNttlKiOyPzMrXHeI-yk1F7-kpDxY4-WY5N"
-        + "WV5KntaEeXS1j82E375xxhWMHXyvjYecPT9fpwR_M9gV8n9Hrh2anTpTD9"
-        + "3Dt62ypW3yDsJzBnTnrYu1iwWRgBKrEYY46qAZIrA2xAwnm2X7uGR1hghk"
-        + "qDp0Vqj3kbSCz1XyfCs6_LehBwtxHIyh8Ripy40p24moOAbgxVw3rxT_vl"
-        + "t3UVe4WO3JkJOzlpUf-KTVI2Ptgm-dARxTEtE-id-4OJr0h-K-VFs3VSnd"
-        + "VTIznSxfyrj8ILL6MG_Uv8YAu7VILSB3lOW085-4qE3DzgrTjgyQ";
-    
-    private static final byte[] INIT_VECTOR_A1 = {(byte)227, (byte)197, 117, (byte)252, 2, (byte)219, 
-        (byte)233, 68, (byte)180, (byte)225, 77, (byte)219};
-    
-    // A3 example
-    private static final byte[] CONTENT_ENCRYPTION_KEY_A3 = {
-        4, (byte)211, 31, (byte)197, 84, (byte)157, (byte)252, (byte)254, 11, 100, 
-        (byte)157, (byte)250, 63, (byte)170, 106, (byte)206, 107, 124, (byte)212, 
-        45, 111, 107, 9, (byte)219, (byte)200, (byte)177, 0, (byte)240, (byte)143, 
-        (byte)156, 44, (byte)207};
-    private static final byte[] INIT_VECTOR_A3 = {
-        3, 22, 60, 12, 43, 67, 104, 105, 108, 108, 105, 99, 111, 116, 104, 101};
-    private static final String KEY_ENCRYPTION_KEY_A3 = "GawgguFyGrWKav7AX4VKUg";
-    private static final String JWE_OUTPUT_A3 = 
-        "eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0" 
-        + ".6KB707dM9YTIgHtLvtgWQ8mKwboJW3of9locizkDTHzBC2IlrT1oOQ" 
-        + ".AxY8DCtDaGlsbGljb3RoZQ" 
-        + ".KDlTtXchhZTGufMYmOYGS4HffxPSUrfmqCHXaI9wOGY" 
-        + ".U0m_YmjN04DJvceFICbCVQ";
-    
-    @BeforeClass
-    public static void registerBouncyCastleIfNeeded() throws Exception {
-        try {
-            // Java 8 apparently has it
-            Cipher.getInstance(Algorithm.AES_GCM_ALGO_JAVA);
-        } catch (Throwable t) {
-            // Oracle Java 7
-            Security.addProvider(new BouncyCastleProvider());    
-        }
-    }
-    @AfterClass
-    public static void unregisterBouncyCastleIfNeeded() throws Exception {
-        Security.removeProvider(BouncyCastleProvider.class.getName());    
-    }
-    
-    @Test
-    public void testEncryptDecryptAesWrapA128CBCHS256() throws Exception {
-        final String specPlainText = "Live long and prosper.";
-        JweHeaders headers = new JweHeaders();
-        headers.setAlgorithm(Algorithm.A128KW.getJwtName());
-        headers.setContentEncryptionAlgorithm(Algorithm.A128CBC_HS256.getJwtName());
-        
-        byte[] cekEncryptionKey = Base64UrlUtility.decode(KEY_ENCRYPTION_KEY_A3);
-        
-        AesWrapKeyEncryptionAlgorithm keyEncryption = 
-            new AesWrapKeyEncryptionAlgorithm(cekEncryptionKey, Algorithm.A128KW.getJwtName());
-        JweEncryptionProvider encryption = new AesCbcHmacJweEncryption(headers,
-                                                           CONTENT_ENCRYPTION_KEY_A3, 
-                                                           INIT_VECTOR_A3,
-                                                           keyEncryption);
-        String jweContent = encryption.encrypt(specPlainText.getBytes("UTF-8"), null);
-        assertEquals(JWE_OUTPUT_A3, jweContent);
-        
-        AesWrapKeyDecryptionAlgorithm keyDecryption = new AesWrapKeyDecryptionAlgorithm(cekEncryptionKey);
-        JweDecryptionProvider decryption = new AesCbcHmacJweDecryption(keyDecryption);
-        String decryptedText = decryption.decrypt(jweContent).getContentText();
-        assertEquals(specPlainText, decryptedText);
-    }
-    @Test
-    public void testEncryptDecryptAesGcmWrapA128CBCHS256() throws Exception {
-        final String specPlainText = "Live long and prosper.";
-        JweHeaders headers = new JweHeaders();
-        headers.setAlgorithm(JwtConstants.A128GCMKW_ALGO);
-        headers.setContentEncryptionAlgorithm(Algorithm.A128CBC_HS256.getJwtName());
-        
-        byte[] cekEncryptionKey = Base64UrlUtility.decode(KEY_ENCRYPTION_KEY_A3);
-        
-        AesGcmWrapKeyEncryptionAlgorithm keyEncryption = 
-            new AesGcmWrapKeyEncryptionAlgorithm(cekEncryptionKey, JwtConstants.A128GCMKW_ALGO);
-        JweEncryptionProvider encryption = new AesCbcHmacJweEncryption(headers,
-                                                           CONTENT_ENCRYPTION_KEY_A3, 
-                                                           INIT_VECTOR_A3,
-                                                           keyEncryption);
-        String jweContent = encryption.encrypt(specPlainText.getBytes("UTF-8"), null);
-        
-        AesGcmWrapKeyDecryptionAlgorithm keyDecryption = new AesGcmWrapKeyDecryptionAlgorithm(cekEncryptionKey);
-        JweDecryptionProvider decryption = new AesCbcHmacJweDecryption(keyDecryption);
-        String decryptedText = decryption.decrypt(jweContent).getContentText();
-        assertEquals(specPlainText, decryptedText);
-    }
-    
-    @Test
-    public void testEncryptDecryptSpecExample() throws Exception {
-        final String specPlainText = "The true sign of intelligence is not knowledge but imagination.";
-        String jweContent = encryptContent(specPlainText, true);
-        
-        decrypt(jweContent, specPlainText, true);
-    }
-    
-    @Test
-    public void testDirectKeyEncryptDecrypt() throws Exception {
-        final String specPlainText = "The true sign of intelligence is not knowledge but imagination.";
-        SecretKey key = createSecretKey(true);
-        String jweContent = encryptContentDirect(key, specPlainText);
-        
-        decryptDirect(key, jweContent, specPlainText);
-    }
-    
-    @Test
-    public void testEncryptDecryptJwsToken() throws Exception {
-        String jweContent = encryptContent(JwsCompactReaderWriterTest.ENCODED_TOKEN_SIGNED_BY_MAC, false);
-        decrypt(jweContent, JwsCompactReaderWriterTest.ENCODED_TOKEN_SIGNED_BY_MAC, false);
-    }
-    
-    private String encryptContent(String content, boolean createIfException) throws Exception {
-        RSAPublicKey publicKey = CryptoUtils.getRSAPublicKey(RSA_MODULUS_ENCODED_A1, 
-                                                             RSA_PUBLIC_EXPONENT_ENCODED_A1);
-        SecretKey key = createSecretKey(createIfException);
-        String jwtKeyName = null;
-        if (key == null) {
-            // the encryptor will generate it
-            jwtKeyName = Algorithm.A128GCM.getJwtName();
-        } else {
-            jwtKeyName = Algorithm.toJwtName(key.getAlgorithm(), key.getEncoded().length * 8);
-        }
-        KeyEncryptionAlgorithm keyEncryptionAlgo = new RSAOaepKeyEncryptionAlgorithm(publicKey, 
-                                                       Algorithm.RSA_OAEP.getJwtName()); 
-        ContentEncryptionAlgorithm contentEncryptionAlgo = 
-            new AesGcmContentEncryptionAlgorithm(key == null ? null : key.getEncoded(), INIT_VECTOR_A1, jwtKeyName);
-        JweEncryptionProvider encryptor = new WrappedKeyJweEncryption(keyEncryptionAlgo, contentEncryptionAlgo);
-        return encryptor.encrypt(content.getBytes("UTF-8"), null);
-    }
-    private String encryptContentDirect(SecretKey key, String content) throws Exception {
-        DirectKeyJweEncryption encryptor = new DirectKeyJweEncryption(key, INIT_VECTOR_A1);
-        return encryptor.encrypt(content.getBytes("UTF-8"), null);
-    }
-    private void decrypt(String jweContent, String plainContent, boolean unwrap) throws Exception {
-        RSAPrivateKey privateKey = CryptoUtils.getRSAPrivateKey(RSA_MODULUS_ENCODED_A1, 
-                                                                RSA_PRIVATE_EXPONENT_ENCODED_A1);
-        JweDecryptionProvider decryptor = new WrappedKeyJweDecryption(new RSAOaepKeyDecryptionAlgorithm(privateKey));
-        String decryptedText = decryptor.decrypt(jweContent).getContentText();
-        assertEquals(decryptedText, plainContent);
-    }
-    private void decryptDirect(SecretKey key, String jweContent, String plainContent) throws Exception {
-        DirectKeyJweDecryption decryptor = new DirectKeyJweDecryption(key);
-        String decryptedText = decryptor.decrypt(jweContent).getContentText();
-        assertEquals(decryptedText, plainContent);
-    }
-    private SecretKey createSecretKey(boolean createIfException) throws Exception {
-        SecretKey key = null;
-        if (Cipher.getMaxAllowedKeyLength("AES") > 128) { 
-            key = CryptoUtils.createSecretKeySpec(CONTENT_ENCRYPTION_KEY_A1, "AES");
-        } else if (createIfException) {
-            key = CryptoUtils.createSecretKeySpec(CryptoUtils.generateSecureRandomBytes(128 / 8), "AES");
-        }
-        return key;
-    }
-}
-

http://git-wip-us.apache.org/repos/asf/cxf/blob/2e5f5a13/rt/rs/security/oauth-parent/oauth2-jwt/src/test/java/org/apache/cxf/rs/security/jose/jwe/JwePbeHmacAesWrapTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/test/java/org/apache/cxf/rs/security/jose/jwe/JwePbeHmacAesWrapTest.java b/rt/rs/security/oauth-parent/oauth2-jwt/src/test/java/org/apache/cxf/rs/security/jose/jwe/JwePbeHmacAesWrapTest.java
deleted file mode 100644
index af5ae37..0000000
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/test/java/org/apache/cxf/rs/security/jose/jwe/JwePbeHmacAesWrapTest.java
+++ /dev/null
@@ -1,79 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jwe;
-
-import java.security.Security;
-
-import org.apache.cxf.rs.security.jose.jwa.Algorithm;
-import org.apache.cxf.rs.security.jose.jwt.JwtConstants;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-
-import org.junit.After;
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.Test;
-
-public class JwePbeHmacAesWrapTest extends Assert {
-    @Before
-    public void registerBouncyCastleIfNeeded() throws Exception {
-        Security.addProvider(new BouncyCastleProvider());    
-    }
-    @After
-    public void unregisterBouncyCastleIfNeeded() throws Exception {
-        Security.removeProvider(BouncyCastleProvider.class.getName());    
-    }
-    @Test
-    public void testEncryptDecryptPbesHmacAesWrapA128CBCHS256() throws Exception {
-        final String specPlainText = "Live long and prosper.";
-        JweHeaders headers = new JweHeaders();
-        headers.setAlgorithm(JwtConstants.PBES2_HS256_A128KW_ALGO);
-        headers.setContentEncryptionAlgorithm(Algorithm.A128CBC_HS256.getJwtName());
-        final String password = "Thus from my lips, by yours, my sin is purged."; 
-        KeyEncryptionAlgorithm keyEncryption = 
-            new PbesHmacAesWrapKeyEncryptionAlgorithm(password, JwtConstants.PBES2_HS256_A128KW_ALGO);
-        JweEncryptionProvider encryption = new AesCbcHmacJweEncryption(headers, keyEncryption);
-        String jweContent = encryption.encrypt(specPlainText.getBytes("UTF-8"), null);
-        
-        PbesHmacAesWrapKeyDecryptionAlgorithm keyDecryption = new PbesHmacAesWrapKeyDecryptionAlgorithm(password);
-        JweDecryptionProvider decryption = new AesCbcHmacJweDecryption(keyDecryption);
-        String decryptedText = decryption.decrypt(jweContent).getContentText();
-        assertEquals(specPlainText, decryptedText);
-        
-    }
-    @Test
-    public void testEncryptDecryptPbesHmacAesWrapAesGcm() throws Exception {
-        final String specPlainText = "Live long and prosper.";
-        JweHeaders headers = new JweHeaders();
-        headers.setAlgorithm(JwtConstants.PBES2_HS256_A128KW_ALGO);
-        headers.setContentEncryptionAlgorithm(Algorithm.A128GCM.getJwtName());
-        final String password = "Thus from my lips, by yours, my sin is purged."; 
-        KeyEncryptionAlgorithm keyEncryption = 
-            new PbesHmacAesWrapKeyEncryptionAlgorithm(password, JwtConstants.PBES2_HS256_A128KW_ALGO);
-        JweEncryptionProvider encryption = new WrappedKeyJweEncryption(headers, 
-                                                                       keyEncryption,
-            new AesGcmContentEncryptionAlgorithm(Algorithm.A128GCM.getJwtName()));
-        String jweContent = encryption.encrypt(specPlainText.getBytes("UTF-8"), null);
-        PbesHmacAesWrapKeyDecryptionAlgorithm keyDecryption = new PbesHmacAesWrapKeyDecryptionAlgorithm(password);
-        JweDecryptionProvider decryption = new WrappedKeyJweDecryption(keyDecryption, null, null);
-        String decryptedText = decryption.decrypt(jweContent).getContentText();
-        assertEquals(specPlainText, decryptedText);
-        
-    }
-}
-


Mime
View raw message