cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: Another attempt to minimize a number of JOSE classes, removing JwsJson header wrappers
Date Mon, 16 Feb 2015 17:38:42 GMT
Repository: cxf
Updated Branches:
  refs/heads/master e8514ea3f -> 6991bdb7f


Another attempt to minimize a number of JOSE classes, removing JwsJson header wrappers


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/6991bdb7
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/6991bdb7
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/6991bdb7

Branch: refs/heads/master
Commit: 6991bdb7fbff79cfece59efc798b436c52b33239
Parents: e8514ea
Author: Sergey Beryozkin <sberyozkin@talend.com>
Authored: Mon Feb 16 17:38:26 2015 +0000
Committer: Sergey Beryozkin <sberyozkin@talend.com>
Committed: Mon Feb 16 17:38:26 2015 +0000

----------------------------------------------------------------------
 .../jose/jaxrs/JwsJsonWriterInterceptor.java    | 16 ++--
 .../rs/security/jose/jws/JwsJsonConsumer.java   |  3 +-
 .../rs/security/jose/jws/JwsJsonProducer.java   | 27 ++++---
 .../jose/jws/JwsJsonProtectedHeader.java        | 59 --------------
 .../jose/jws/JwsJsonSignatureEntry.java         | 25 +++---
 .../jose/jws/JwsJsonUnprotectedHeader.java      | 58 --------------
 .../jose/cookbook/JwsJoseCookBookTest.java      | 82 ++++++++------------
 .../security/jose/jws/JwsJsonProducerTest.java  |  8 +-
 8 files changed, 80 insertions(+), 198 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/6991bdb7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonWriterInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonWriterInterceptor.java
b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonWriterInterceptor.java
index 443a738..c5159a1 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonWriterInterceptor.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonWriterInterceptor.java
@@ -30,19 +30,21 @@ import javax.ws.rs.ext.WriterInterceptor;
 import javax.ws.rs.ext.WriterInterceptorContext;
 
 import org.apache.cxf.common.util.Base64UrlOutputStream;
+import org.apache.cxf.common.util.Base64UrlUtility;
 import org.apache.cxf.common.util.StringUtils;
 import org.apache.cxf.io.CachedOutputStream;
 import org.apache.cxf.jaxrs.utils.JAXRSUtils;
 import org.apache.cxf.rs.security.jose.JoseConstants;
 import org.apache.cxf.rs.security.jose.JoseHeaders;
+import org.apache.cxf.rs.security.jose.JoseHeadersReaderWriter;
 import org.apache.cxf.rs.security.jose.jws.JwsJsonOutputStream;
 import org.apache.cxf.rs.security.jose.jws.JwsJsonProducer;
-import org.apache.cxf.rs.security.jose.jws.JwsJsonProtectedHeader;
 import org.apache.cxf.rs.security.jose.jws.JwsSignature;
 import org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider;
 
 @Priority(Priorities.JWS_WRITE_PRIORITY)
 public class JwsJsonWriterInterceptor extends AbstractJwsJsonWriterProvider implements WriterInterceptor
{
+    private JoseHeadersReaderWriter writer = new JoseHeadersReaderWriter();
     private boolean contentTypeRequired = true;
     private boolean useJwsOutputStream;
     @Override
@@ -57,10 +59,10 @@ public class JwsJsonWriterInterceptor extends AbstractJwsJsonWriterProvider
impl
             List<String> protectedHeaders = new ArrayList<String>(sigProviders.size());
             List<JwsSignature> signatures = new ArrayList<JwsSignature>(sigProviders.size());
             for (JwsSignatureProvider signer : sigProviders) {
-                JwsJsonProtectedHeader protectedHeader = prepareProtectedHeader(ctx, signer);
-                String encoded = protectedHeader.getEncodedHeaderEntries();
+                JoseHeaders protectedHeader = prepareProtectedHeader(ctx, signer);
+                String encoded = Base64UrlUtility.encode(writer.toJson(protectedHeader));
                 protectedHeaders.add(encoded);
-                JwsSignature signature = signer.createJwsSignature(protectedHeader.getHeaderEntries());
+                JwsSignature signature = signer.createJwsSignature(protectedHeader);
                 byte[] start = StringUtils.toBytesUTF8(encoded + ".");
                 signature.update(start, 0, start.length);
                 signatures.add(signature);
@@ -79,7 +81,7 @@ public class JwsJsonWriterInterceptor extends AbstractJwsJsonWriterProvider
impl
             ctx.proceed();
             JwsJsonProducer p = new JwsJsonProducer(new String(cos.getBytes(), "UTF-8"));
             for (JwsSignatureProvider signer : sigProviders) {
-                JwsJsonProtectedHeader protectedHeader = prepareProtectedHeader(ctx, signer);
+                JoseHeaders protectedHeader = prepareProtectedHeader(ctx, signer);
                 p.signWith(signer, protectedHeader, null);    
             }
             ctx.setMediaType(JAXRSUtils.toMediaType(JoseConstants.MEDIA_TYPE_JOSE_JSON));
@@ -88,12 +90,12 @@ public class JwsJsonWriterInterceptor extends AbstractJwsJsonWriterProvider
impl
         
     }
     
-    private JwsJsonProtectedHeader prepareProtectedHeader(WriterInterceptorContext ctx, 
+    private JoseHeaders prepareProtectedHeader(WriterInterceptorContext ctx, 
                                                           JwsSignatureProvider signer) {
         JoseHeaders headers = new JoseHeaders();
         headers.setAlgorithm(signer.getAlgorithm());
         setContentTypeIfNeeded(headers, ctx);
-        return new JwsJsonProtectedHeader(headers);
+        return headers;
     }
     
     public void setContentTypeRequired(boolean contentTypeRequired) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/6991bdb7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumer.java
b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumer.java
index 2445062..2b32d9a 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumer.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumer.java
@@ -30,6 +30,7 @@ import org.apache.cxf.common.util.StringUtils;
 import org.apache.cxf.helpers.CastUtils;
 import org.apache.cxf.jaxrs.provider.json.JsonMapObject;
 import org.apache.cxf.jaxrs.provider.json.JsonMapObjectReaderWriter;
+import org.apache.cxf.rs.security.jose.JoseHeaders;
 import org.apache.cxf.rs.security.jose.JoseUtils;
 import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
 
@@ -87,7 +88,7 @@ public class JwsJsonConsumer {
             new JwsJsonSignatureEntry(encodedJwsPayload, 
                                       protectedHeader, 
                                       signature, 
-                                      header != null ? new JwsJsonUnprotectedHeader(header)
: null);
+                                      header != null ? new JoseHeaders(header) : null);
     }
     public String getSignedDocument() {
         return this.jwsSignedDocument;

http://git-wip-us.apache.org/repos/asf/cxf/blob/6991bdb7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducer.java
b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducer.java
index b77ae78..bd72a53 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducer.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducer.java
@@ -27,13 +27,16 @@ import javax.ws.rs.core.MultivaluedMap;
 
 import org.apache.cxf.common.util.Base64UrlUtility;
 import org.apache.cxf.common.util.StringUtils;
+import org.apache.cxf.rs.security.jose.JoseConstants;
 import org.apache.cxf.rs.security.jose.JoseHeaders;
+import org.apache.cxf.rs.security.jose.JoseHeadersReaderWriter;
 import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
 public class JwsJsonProducer {
     private boolean supportFlattened;
     private String plainPayload;
     private String encodedPayload;
     private List<JwsJsonSignatureEntry> signatures = new LinkedList<JwsJsonSignatureEntry>();
+    private JoseHeadersReaderWriter writer = new JoseHeadersReaderWriter();
     public JwsJsonProducer(String tbsDocument) {
         this(tbsDocument, false);
     }
@@ -94,10 +97,10 @@ public class JwsJsonProducer {
     public String signWith(JwsSignatureProvider signer) {
         JoseHeaders headers = new JoseHeaders();
         headers.setAlgorithm(signer.getAlgorithm());
-        return signWith(signer, new JwsJsonProtectedHeader(headers));
+        return signWith(signer, headers);
     }
     public String signWith(JwsSignatureProvider signer, 
-                           JwsJsonProtectedHeader protectedHeader) {
+                           JoseHeaders protectedHeader) {
         return signWith(signer, protectedHeader, null);
     }
     public String signWith(JsonWebKey jwk) {
@@ -110,26 +113,27 @@ public class JwsJsonProducer {
         return signWith(JwsUtils.getHmacSignatureProvider(key, algo));
     }
     public String signWith(JwsSignatureProvider signer,
-                           JwsJsonProtectedHeader protectedHeader,
-                           JwsJsonUnprotectedHeader unprotectedHeader) {
+                           JoseHeaders protectedHeader,
+                           JoseHeaders unprotectedHeader) {
         JoseHeaders unionHeaders = new JoseHeaders();
          
         if (protectedHeader != null) {
-            unionHeaders.asMap().putAll(protectedHeader.getHeaderEntries().asMap());
+            unionHeaders.asMap().putAll(protectedHeader.asMap());
         }
         if (unprotectedHeader != null) {
+            checkCriticalHeaders(unprotectedHeader);
             if (!Collections.disjoint(unionHeaders.asMap().keySet(), 
-                                     unprotectedHeader.getHeaderEntries().asMap().keySet()))
{
+                                     unprotectedHeader.asMap().keySet())) {
                 throw new SecurityException("Protected and unprotected headers have duplicate
values");
             }
-            unionHeaders.asMap().putAll(unprotectedHeader.getHeaderEntries().asMap());
+            unionHeaders.asMap().putAll(unprotectedHeader.asMap());
         }
         if (unionHeaders.getAlgorithm() == null) {
             throw new SecurityException("Algorithm header is not set");
         }
         String sequenceToBeSigned;
         if (protectedHeader != null) {
-            sequenceToBeSigned = protectedHeader.getEncodedHeaderEntries()
+            sequenceToBeSigned = Base64UrlUtility.encode(writer.toJson(protectedHeader))
                     + "." + getUnsignedEncodedPayload();
         } else {
             sequenceToBeSigned = "." + getUnsignedEncodedPayload();
@@ -142,7 +146,7 @@ public class JwsJsonProducer {
         JwsJsonSignatureEntry signature;
         if (protectedHeader != null) {
             signature = new JwsJsonSignatureEntry(encodedPayload,
-                    protectedHeader.getEncodedHeaderEntries(),
+                    Base64UrlUtility.encode(writer.toJson(protectedHeader)),
                     encodedSignatureBytes,
                     unprotectedHeader);
         } else {
@@ -157,4 +161,9 @@ public class JwsJsonProducer {
         signatures.add(signature);
         return getJwsJsonSignedDocument();
     }
+    private static void checkCriticalHeaders(JoseHeaders unprotected) {
+        if (unprotected.asMap().containsKey(JoseConstants.HEADER_CRITICAL)) {
+            throw new SecurityException();
+        }
+    }
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/6991bdb7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProtectedHeader.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProtectedHeader.java
b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProtectedHeader.java
deleted file mode 100644
index dd94b25..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProtectedHeader.java
+++ /dev/null
@@ -1,59 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jws;
-
-import java.util.Map;
-
-import org.apache.cxf.common.util.Base64UrlUtility;
-import org.apache.cxf.rs.security.jose.JoseHeaders;
-import org.apache.cxf.rs.security.jose.JoseHeadersReaderWriter;
-
-public class JwsJsonProtectedHeader {
-
-    private JoseHeadersReaderWriter writer = new JoseHeadersReaderWriter();
-    private JoseHeaders headerEntries;
-
-    public JwsJsonProtectedHeader() {
-    }
-    public JwsJsonProtectedHeader(JoseHeaders headerEntries) {
-        this.headerEntries = headerEntries;
-    }
-    public JwsJsonProtectedHeader(Map<String, Object> values) {
-        this.headerEntries = new JoseHeaders(values);
-    }
-    public void setHeaderEntries(JoseHeaders headerEntries) {
-        this.headerEntries = headerEntries;
-    }
-    public JoseHeaders getHeaderEntries() {
-        return headerEntries;
-    }
-    public void addHeader(String name, Object value) {
-        headerEntries.setHeader(name, value);
-    }
-    public Object getHeader(String name) {
-        return headerEntries.getHeader(name);
-    }
-    public String toJson() {
-        return writer.headersToJson(headerEntries);
-    }
-    public String getEncodedHeaderEntries() {
-        return Base64UrlUtility.encode(toJson());
-    }
-
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/6991bdb7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonSignatureEntry.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonSignatureEntry.java
b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonSignatureEntry.java
index ceca651..5b249ad 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonSignatureEntry.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonSignatureEntry.java
@@ -20,6 +20,7 @@ package org.apache.cxf.rs.security.jose.jws;
 
 import java.util.Collections;
 
+import org.apache.cxf.common.util.Base64UrlUtility;
 import org.apache.cxf.common.util.StringUtils;
 import org.apache.cxf.rs.security.jose.JoseConstants;
 import org.apache.cxf.rs.security.jose.JoseHeaders;
@@ -32,14 +33,15 @@ public class JwsJsonSignatureEntry {
     private String encodedJwsPayload;
     private String encodedProtectedHeader;
     private String encodedSignature;
-    private JwsJsonProtectedHeader protectedHeader;
-    private JwsJsonUnprotectedHeader unprotectedHeader;
+    private JoseHeaders protectedHeader;
+    private JoseHeaders unprotectedHeader;
     private JoseHeaders unionHeaders;
+    private JoseHeadersReaderWriter writer = new JoseHeadersReaderWriter();
       
     public JwsJsonSignatureEntry(String encodedJwsPayload,
                                  String encodedProtectedHeader,
                                  String encodedSignature,
-                                 JwsJsonUnprotectedHeader unprotectedHeader) {
+                                 JoseHeaders unprotectedHeader) {
         if (encodedProtectedHeader == null && unprotectedHeader == null || encodedSignature
== null) {
             throw new SecurityException("Invalid security entry");
         }
@@ -49,8 +51,7 @@ public class JwsJsonSignatureEntry {
         this.encodedSignature = encodedSignature;
         this.unprotectedHeader = unprotectedHeader;
         if (encodedProtectedHeader != null) {
-            this.protectedHeader = new JwsJsonProtectedHeader(
-                    new JoseHeadersReaderWriter().fromJsonHeaders(JoseUtils.decodeToString(encodedProtectedHeader)));
+            this.protectedHeader = writer.fromJsonHeaders(JoseUtils.decodeToString(encodedProtectedHeader));
         }
         prepare();
     }
@@ -58,14 +59,14 @@ public class JwsJsonSignatureEntry {
         unionHeaders = new JoseHeaders();
         
         if (protectedHeader != null) {
-            unionHeaders.asMap().putAll(protectedHeader.getHeaderEntries().asMap());
+            unionHeaders.asMap().putAll(protectedHeader.asMap());
         }
         if (unprotectedHeader != null) {
             if (!Collections.disjoint(unionHeaders.asMap().keySet(), 
-                                     unprotectedHeader.getHeaderEntries().asMap().keySet()))
{
+                                     unprotectedHeader.asMap().keySet())) {
                 throw new SecurityException("Protected and unprotected headers have duplicate
values");
             }
-            unionHeaders.asMap().putAll(unprotectedHeader.getHeaderEntries().asMap());
+            unionHeaders.asMap().putAll(unprotectedHeader.asMap());
         }
     }
     public String getEncodedJwsPayload() {
@@ -80,10 +81,10 @@ public class JwsJsonSignatureEntry {
     public String getEncodedProtectedHeader() {
         return encodedProtectedHeader;
     }
-    public JwsJsonProtectedHeader getProtectedHeader() {
+    public JoseHeaders getProtectedHeader() {
         return protectedHeader;
     }
-    public JwsJsonUnprotectedHeader getUnprotectedHeader() {
+    public JoseHeaders getUnprotectedHeader() {
         return unprotectedHeader;
     }
     public JoseHeaders getUnionHeader() {
@@ -133,13 +134,13 @@ public class JwsJsonSignatureEntry {
             sb.append("{");
         }
         if (protectedHeader != null) {
-            sb.append("\"protected\":\"" + protectedHeader.getEncodedHeaderEntries() + "\"");
+            sb.append("\"protected\":\"" + Base64UrlUtility.encode(writer.toJson(protectedHeader))
+ "\"");
         }
         if (unprotectedHeader != null) {
             if (protectedHeader != null) {
                 sb.append(",");
             }
-            sb.append("\"header\":" + unprotectedHeader.toJson());
+            sb.append("\"header\":" + writer.toJson(unprotectedHeader));
         }
         sb.append(",");
         sb.append("\"signature\":\"" + encodedSignature + "\"");

http://git-wip-us.apache.org/repos/asf/cxf/blob/6991bdb7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonUnprotectedHeader.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonUnprotectedHeader.java
b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonUnprotectedHeader.java
deleted file mode 100644
index 90a7d1f..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonUnprotectedHeader.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jws;
-
-import java.util.Map;
-
-import org.apache.cxf.rs.security.jose.JoseConstants;
-import org.apache.cxf.rs.security.jose.JoseHeaders;
-import org.apache.cxf.rs.security.jose.JoseHeadersReaderWriter;
-
-public class JwsJsonUnprotectedHeader {
-
-    private JoseHeadersReaderWriter writer = new JoseHeadersReaderWriter();
-    private JoseHeaders headerEntries;
-
-    public JwsJsonUnprotectedHeader() {
-    }
-    public JwsJsonUnprotectedHeader(JoseHeaders headers) {
-        headerEntries = headers;
-    }
-
-    public JwsJsonUnprotectedHeader(Map<String, Object> values) {
-        this(new JoseHeaders(values));
-    }
-
-       
-    public void addHeader(String name, Object value) {
-        if (JoseConstants.HEADER_CRITICAL.equals(name)) {
-            throw new SecurityException();
-        }
-        headerEntries.setHeader(name, value);
-    }
-    public Object getHeader(String name) {
-        return headerEntries.getHeader(name);
-    }
-    public JoseHeaders getHeaderEntries() {
-        return headerEntries;
-    }
-    public String toJson() {
-        return writer.headersToJson(headerEntries);
-    } 
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/6991bdb7/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/JwsJoseCookBookTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/JwsJoseCookBookTest.java
b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/JwsJoseCookBookTest.java
index da0ac98..52088d8 100644
--- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/JwsJoseCookBookTest.java
+++ b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/JwsJoseCookBookTest.java
@@ -29,6 +29,7 @@ import org.apache.cxf.helpers.IOUtils;
 import org.apache.cxf.jaxrs.provider.json.JsonMapObjectReaderWriter;
 import org.apache.cxf.rs.security.jose.JoseConstants;
 import org.apache.cxf.rs.security.jose.JoseHeaders;
+import org.apache.cxf.rs.security.jose.JoseHeadersReaderWriter;
 import org.apache.cxf.rs.security.jose.jwa.Algorithm;
 import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
 import org.apache.cxf.rs.security.jose.jwk.JsonWebKeys;
@@ -38,10 +39,9 @@ import org.apache.cxf.rs.security.jose.jws.JwsCompactConsumer;
 import org.apache.cxf.rs.security.jose.jws.JwsCompactProducer;
 import org.apache.cxf.rs.security.jose.jws.JwsJsonConsumer;
 import org.apache.cxf.rs.security.jose.jws.JwsJsonProducer;
-import org.apache.cxf.rs.security.jose.jws.JwsJsonProtectedHeader;
-import org.apache.cxf.rs.security.jose.jws.JwsJsonUnprotectedHeader;
 import org.apache.cxf.rs.security.jose.jws.JwsUtils;
 import org.bouncycastle.jce.provider.BouncyCastleProvider;
+
 import org.junit.Test;
 
 import static org.junit.Assert.assertEquals;
@@ -375,10 +375,9 @@ public class JwsJoseCookBookTest {
         JwsJsonProducer jsonProducer = new JwsJsonProducer(PAYLOAD);
         assertEquals(jsonProducer.getPlainPayload(), PAYLOAD);
         assertEquals(jsonProducer.getUnsignedEncodedPayload(), ENCODED_PAYLOAD);
-        JoseHeaders joseHeaders = new JoseHeaders();
-        joseHeaders.setAlgorithm(JoseConstants.RS_SHA_256_ALGO);
-        joseHeaders.setKeyId(RSA_KID_VALUE);
-        JwsJsonProtectedHeader protectedHeader = new JwsJsonProtectedHeader(joseHeaders);
+        JoseHeaders protectedHeader = new JoseHeaders();
+        protectedHeader.setAlgorithm(JoseConstants.RS_SHA_256_ALGO);
+        protectedHeader.setKeyId(RSA_KID_VALUE);
         jsonProducer.signWith(JwsUtils.getSignatureProvider(rsaKey, JoseConstants.RS_SHA_256_ALGO),
protectedHeader);
         assertEquals(jsonProducer.getJwsJsonSignedDocument(), RSA_V1_5_JSON_GENERAL_SERIALIZATION);
         JwsJsonConsumer jsonConsumer = new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument());
@@ -420,10 +419,9 @@ public class JwsJoseCookBookTest {
         JwsJsonProducer jsonProducer = new JwsJsonProducer(PAYLOAD);
         assertEquals(jsonProducer.getPlainPayload(), PAYLOAD);
         assertEquals(jsonProducer.getUnsignedEncodedPayload(), ENCODED_PAYLOAD);
-        JoseHeaders joseHeaders = new JoseHeaders();
-        joseHeaders.setAlgorithm(JoseConstants.PS_SHA_384_ALGO);
-        joseHeaders.setKeyId(RSA_KID_VALUE);
-        JwsJsonProtectedHeader protectedHeader = new JwsJsonProtectedHeader(joseHeaders);
+        JoseHeaders protectedHeader = new JoseHeaders();
+        protectedHeader.setAlgorithm(JoseConstants.PS_SHA_384_ALGO);
+        protectedHeader.setKeyId(RSA_KID_VALUE);
         jsonProducer.signWith(JwsUtils.getSignatureProvider(rsaKey, JoseConstants.PS_SHA_384_ALGO),
protectedHeader);
         assertEquals(jsonProducer.getJwsJsonSignedDocument().length(), RSA_PSS_JSON_GENERAL_SERIALIZATION.length());
         JwsJsonConsumer jsonConsumer = new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument());
@@ -493,10 +491,9 @@ public class JwsJoseCookBookTest {
         JwsJsonProducer jsonProducer = new JwsJsonProducer(PAYLOAD);
         assertEquals(jsonProducer.getPlainPayload(), PAYLOAD);
         assertEquals(jsonProducer.getUnsignedEncodedPayload(), ENCODED_PAYLOAD);
-        JoseHeaders joseHeaders = new JoseHeaders();
-        joseHeaders.setAlgorithm(JoseConstants.HMAC_SHA_256_ALGO);
-        joseHeaders.setKeyId(HMAC_KID_VALUE);
-        JwsJsonProtectedHeader protectedHeader = new JwsJsonProtectedHeader(joseHeaders);
+        JoseHeaders protectedHeader = new JoseHeaders();
+        protectedHeader.setAlgorithm(JoseConstants.HMAC_SHA_256_ALGO);
+        protectedHeader.setKeyId(HMAC_KID_VALUE);
         jsonProducer.signWith(JwsUtils.getSignatureProvider(key, JoseConstants.HMAC_SHA_256_ALGO),
protectedHeader);
         assertEquals(jsonProducer.getJwsJsonSignedDocument(), HMAC_JSON_GENERAL_SERIALIZATION);
         JwsJsonConsumer jsonConsumer = new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument());
@@ -529,10 +526,9 @@ public class JwsJoseCookBookTest {
         JwsJsonProducer jsonProducer = new JwsJsonProducer(PAYLOAD);
         assertEquals(jsonProducer.getPlainPayload(), PAYLOAD);
         assertEquals(jsonProducer.getUnsignedEncodedPayload(), ENCODED_PAYLOAD);
-        JoseHeaders joseHeaders = new JoseHeaders();
-        joseHeaders.setAlgorithm(JoseConstants.HMAC_SHA_256_ALGO);
-        joseHeaders.setKeyId(HMAC_KID_VALUE);
-        JwsJsonProtectedHeader protectedHeader = new JwsJsonProtectedHeader(joseHeaders);
+        JoseHeaders protectedHeader = new JoseHeaders();
+        protectedHeader.setAlgorithm(JoseConstants.HMAC_SHA_256_ALGO);
+        protectedHeader.setKeyId(HMAC_KID_VALUE);
         jsonProducer.signWith(JwsUtils.getSignatureProvider(key, JoseConstants.HMAC_SHA_256_ALGO),
protectedHeader);
         assertEquals(jsonProducer.getJwsJsonSignedDocument(true), HMAC_DETACHED_JSON_GENERAL_SERIALIZATION);
         JwsJsonConsumer jsonConsumer =
@@ -550,12 +546,10 @@ public class JwsJoseCookBookTest {
         JwsJsonProducer jsonProducer = new JwsJsonProducer(PAYLOAD);
         assertEquals(jsonProducer.getPlainPayload(), PAYLOAD);
         assertEquals(jsonProducer.getUnsignedEncodedPayload(), ENCODED_PAYLOAD);
-        JoseHeaders joseProtectedHeaders = new JoseHeaders();
-        joseProtectedHeaders.setAlgorithm(JoseConstants.HMAC_SHA_256_ALGO);
-        JwsJsonProtectedHeader protectedHeader = new JwsJsonProtectedHeader(joseProtectedHeaders);
-        JoseHeaders joseUnprotectedHeaders = new JoseHeaders();
-        joseUnprotectedHeaders.setKeyId(HMAC_KID_VALUE);
-        JwsJsonUnprotectedHeader unprotectedHeader = new JwsJsonUnprotectedHeader(joseUnprotectedHeaders);
+        JoseHeaders protectedHeader = new JoseHeaders();
+        protectedHeader.setAlgorithm(JoseConstants.HMAC_SHA_256_ALGO);
+        JoseHeaders unprotectedHeader = new JoseHeaders();
+        unprotectedHeader.setKeyId(HMAC_KID_VALUE);
         JsonWebKeys jwks = readKeySet("cookbookSecretSet.txt");
         List<JsonWebKey> keys = jwks.getKeys();
         JsonWebKey key = keys.get(0);
@@ -580,10 +574,9 @@ public class JwsJoseCookBookTest {
         JwsJsonProducer jsonProducer = new JwsJsonProducer(PAYLOAD);
         assertEquals(jsonProducer.getPlainPayload(), PAYLOAD);
         assertEquals(jsonProducer.getUnsignedEncodedPayload(), ENCODED_PAYLOAD);
-        JoseHeaders joseUnprotectedHeaders = new JoseHeaders();
-        joseUnprotectedHeaders.setAlgorithm(JoseConstants.HMAC_SHA_256_ALGO);
-        joseUnprotectedHeaders.setKeyId(HMAC_KID_VALUE);
-        JwsJsonUnprotectedHeader unprotectedHeader = new JwsJsonUnprotectedHeader(joseUnprotectedHeaders);
+        JoseHeaders unprotectedHeader = new JoseHeaders();
+        unprotectedHeader.setAlgorithm(JoseConstants.HMAC_SHA_256_ALGO);
+        unprotectedHeader.setKeyId(HMAC_KID_VALUE);
         JsonWebKeys jwks = readKeySet("cookbookSecretSet.txt");
         List<JsonWebKey> keys = jwks.getKeys();
         JsonWebKey key = keys.get(0);
@@ -614,40 +607,33 @@ public class JwsJoseCookBookTest {
             JwsJsonProducer jsonProducer = new JwsJsonProducer(PAYLOAD);
             assertEquals(jsonProducer.getPlainPayload(), PAYLOAD);
             assertEquals(jsonProducer.getUnsignedEncodedPayload(), ENCODED_PAYLOAD);
-            JoseHeaders firstSignerProtectedJoseHeaders = new JoseHeaders();
-            firstSignerProtectedJoseHeaders.setAlgorithm(JoseConstants.RS_SHA_256_ALGO);
-            JwsJsonProtectedHeader fristSignerProtectedHeader =
-                    new JwsJsonProtectedHeader(firstSignerProtectedJoseHeaders);
-            JoseHeaders firstSignerUnprotectedJoseHeaders = new JoseHeaders();
-            firstSignerUnprotectedJoseHeaders.setKeyId(RSA_KID_VALUE);
-            JwsJsonUnprotectedHeader firstSignerUnprotectedHeader =
-                    new JwsJsonUnprotectedHeader(firstSignerUnprotectedJoseHeaders);
+            JoseHeaders firstSignerProtectedHeader = new JoseHeaders();
+            firstSignerProtectedHeader.setAlgorithm(JoseConstants.RS_SHA_256_ALGO);
+            JoseHeaders firstSignerUnprotectedHeader = new JoseHeaders();
+            firstSignerUnprotectedHeader.setKeyId(RSA_KID_VALUE);
             JsonWebKeys jwks = readKeySet("cookbookPrivateSet.txt");
             List<JsonWebKey> keys = jwks.getKeys();
             JsonWebKey rsaKey = keys.get(1);
             jsonProducer.signWith(JwsUtils.getSignatureProvider(rsaKey, JoseConstants.RS_SHA_256_ALGO),
-                    fristSignerProtectedHeader, firstSignerUnprotectedHeader);
+                    firstSignerProtectedHeader, firstSignerUnprotectedHeader);
             assertEquals(jsonProducer.getSignatureEntries().get(0).toJson(),
                     FIRST_SIGNATURE_ENTRY_MULTIPLE_SIGNATURES);
 
-            JoseHeaders secondSignerUnprotectedJoseHeaders = new JoseHeaders();
-            secondSignerUnprotectedJoseHeaders.setAlgorithm(JoseConstants.ES_SHA_512_ALGO);
-            secondSignerUnprotectedJoseHeaders.setKeyId(ECDSA_KID_VALUE);
-            JwsJsonUnprotectedHeader secondSignerUnprotectedHeader =
-                    new JwsJsonUnprotectedHeader(secondSignerUnprotectedJoseHeaders);
+            JoseHeaders secondSignerUnprotectedHeader = new JoseHeaders();
+            secondSignerUnprotectedHeader.setAlgorithm(JoseConstants.ES_SHA_512_ALGO);
+            secondSignerUnprotectedHeader.setKeyId(ECDSA_KID_VALUE);
             JsonWebKey ecKey = keys.get(0);
             jsonProducer.signWith(JwsUtils.getSignatureProvider(ecKey, JoseConstants.ES_SHA_512_ALGO),
                     null, secondSignerUnprotectedHeader);
-            assertEquals(jsonProducer.getSignatureEntries().get(1).getUnprotectedHeader().toJson(),
+            assertEquals(new JoseHeadersReaderWriter().toJson(
+                jsonProducer.getSignatureEntries().get(1).getUnprotectedHeader()),
                     SECOND_SIGNATURE_UNPROTECTED_HEADER_MULTIPLE_SIGNATURES);
             assertEquals(jsonProducer.getSignatureEntries().get(1).toJson().length(),
                     SECOND_SIGNATURE_ENTRY_MULTIPLE_SIGNATURES.length());
 
-            JoseHeaders thirdSignerProtectedJoseHeaders = new JoseHeaders();
-            thirdSignerProtectedJoseHeaders.setAlgorithm(JoseConstants.HMAC_SHA_256_ALGO);
-            thirdSignerProtectedJoseHeaders.setKeyId(HMAC_KID_VALUE);
-            JwsJsonProtectedHeader thirdSignerProtectedHeader =
-                    new JwsJsonProtectedHeader(thirdSignerProtectedJoseHeaders);
+            JoseHeaders thirdSignerProtectedHeader = new JoseHeaders();
+            thirdSignerProtectedHeader.setAlgorithm(JoseConstants.HMAC_SHA_256_ALGO);
+            thirdSignerProtectedHeader.setKeyId(HMAC_KID_VALUE);
             JsonWebKeys secretJwks = readKeySet("cookbookSecretSet.txt");
             List<JsonWebKey> secretKeys = secretJwks.getKeys();
             JsonWebKey hmacKey = secretKeys.get(0);

http://git-wip-us.apache.org/repos/asf/cxf/blob/6991bdb7/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducerTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducerTest.java
b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducerTest.java
index 3b5b492..fa94e46 100644
--- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducerTest.java
+++ b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducerTest.java
@@ -76,7 +76,7 @@ public class JwsJsonProducerTest extends Assert {
                
         producer.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY_1,
                           JoseConstants.HMAC_SHA_256_ALGO),
-                          new JwsJsonProtectedHeader(headerEntries));
+                          headerEntries);
         assertEquals(SIGNED_JWS_JSON_DOCUMENT,
                      producer.getJwsJsonSignedDocument());
     }
@@ -88,7 +88,7 @@ public class JwsJsonProducerTest extends Assert {
                
         producer.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY_1,
                           JoseConstants.HMAC_SHA_256_ALGO),
-                          new JwsJsonProtectedHeader(headerEntries));
+                          headerEntries);
         assertEquals(SIGNED_JWS_JSON_FLAT_DOCUMENT,
                      producer.getJwsJsonSignedDocument());
     }
@@ -100,10 +100,10 @@ public class JwsJsonProducerTest extends Assert {
                
         producer.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY_1,
                           JoseConstants.HMAC_SHA_256_ALGO),
-                          new JwsJsonProtectedHeader(headerEntries));
+                          headerEntries);
         producer.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY_2,
                           JoseConstants.HMAC_SHA_256_ALGO),
-                          new JwsJsonProtectedHeader(headerEntries));
+                          headerEntries);
         assertEquals(DUAL_SIGNED_JWS_JSON_DOCUMENT,
                      producer.getJwsJsonSignedDocument());
     }


Mime
View raw message