Return-Path: X-Original-To: apmail-cxf-commits-archive@www.apache.org Delivered-To: apmail-cxf-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id C91AA10E89 for ; Fri, 27 Feb 2015 14:09:26 +0000 (UTC) Received: (qmail 80777 invoked by uid 500); 27 Feb 2015 14:09:21 -0000 Delivered-To: apmail-cxf-commits-archive@cxf.apache.org Received: (qmail 80674 invoked by uid 500); 27 Feb 2015 14:09:21 -0000 Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list commits@cxf.apache.org Received: (qmail 80644 invoked by uid 99); 27 Feb 2015 14:09:21 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 27 Feb 2015 14:09:21 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 7CB37E03E4; Fri, 27 Feb 2015 14:09:21 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: sergeyb@apache.org To: commits@cxf.apache.org Date: Fri, 27 Feb 2015 14:09:21 -0000 Message-Id: X-Mailer: ASF-Git Admin Mailer Subject: [1/4] cxf git commit: [CXF-6220] JWA algorithm cleanup with a lot of cosmetic changes Repository: cxf Updated Branches: refs/heads/3.0.x-fixes 6821aca48 -> e57a012ee http://git-wip-us.apache.org/repos/asf/cxf/blob/e57a012e/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsCompactHeaderTest.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsCompactHeaderTest.java b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsCompactHeaderTest.java index a6fc066..55b448a 100644 --- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsCompactHeaderTest.java +++ b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsCompactHeaderTest.java @@ -21,8 +21,8 @@ package org.apache.cxf.rs.security.jose.jws; import java.util.ArrayList; import java.util.List; -import org.apache.cxf.rs.security.jose.JoseConstants; -import org.apache.cxf.rs.security.jose.jwa.Algorithm; +import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils; +import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm; import org.junit.Assert; import org.junit.Test; @@ -121,7 +121,7 @@ public class JwsCompactHeaderTest extends Assert { JwsCompactConsumer jwsConsumer = new JwsCompactConsumer(MISSING_ALG_HEADER_FIELD_IN_JWS); assertFalse(jwsConsumer.verifySignatureWith(new HmacJwsSignatureVerifier(ENCODED_MAC_KEY, - Algorithm.HmacSHA256.getJwtName()))); + SignatureAlgorithm.HS256))); } @Test @@ -129,7 +129,7 @@ public class JwsCompactHeaderTest extends Assert { JwsCompactConsumer jwsConsumer = new JwsCompactConsumer(TWO_ALG_HEADER_FIELDS_IN_JWS_BOGUS_FIRST); assertFalse(jwsConsumer.verifySignatureWith(new HmacJwsSignatureVerifier(ENCODED_MAC_KEY, - Algorithm.HmacSHA256.getJwtName()))); + SignatureAlgorithm.HS256))); } @Test @@ -137,7 +137,7 @@ public class JwsCompactHeaderTest extends Assert { JwsCompactConsumer jwsConsumer = new JwsCompactConsumer(TWO_ALG_HEADER_FIELDS_IN_JWS_BOGUS_LAST); assertFalse(jwsConsumer.verifySignatureWith(new HmacJwsSignatureVerifier(ENCODED_MAC_KEY, - Algorithm.HmacSHA256.getJwtName()))); + SignatureAlgorithm.HS256))); } @Test @@ -147,10 +147,10 @@ public class JwsCompactHeaderTest extends Assert { JwsCompactConsumer jwsConsumerAltered = new JwsCompactConsumer(ALG_HEADER_VALUE_NONE_IN_JWS); assertTrue(jwsConsumerOriginal.verifySignatureWith(new HmacJwsSignatureVerifier(ENCODED_MAC_KEY, - Algorithm.HmacSHA256.getJwtName()))); + SignatureAlgorithm.HS256))); assertFalse(jwsConsumerAltered.verifySignatureWith(new HmacJwsSignatureVerifier(ENCODED_MAC_KEY, - Algorithm.HmacSHA256.getJwtName()))); + SignatureAlgorithm.HS256))); } @Test @@ -165,11 +165,11 @@ public class JwsCompactHeaderTest extends Assert { String criticalValue2 = "criticalValue2"; String criticalValue3 = "criticalValue3"; JwsCompactProducer producer = new JwsCompactProducer(payload); - producer.getJoseHeaders().setAlgorithm(JoseConstants.HMAC_SHA_512_ALGO); + producer.getJoseHeaders().setAlgorithm(AlgorithmUtils.HMAC_SHA_512_ALGO); List criticalHeader = new ArrayList(); criticalHeader.add(criticalParameter1); producer.getJoseHeaders().setCritical(criticalHeader); - producer.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY, Algorithm.HmacSHA256.getJwtName())); + producer.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY, SignatureAlgorithm.HS256)); String signedJws = producer.getSignedEncodedJws(); JwsCompactConsumer consumer = new JwsCompactConsumer(signedJws); assertFalse(consumer.validateCriticalHeaders()); @@ -177,12 +177,12 @@ public class JwsCompactHeaderTest extends Assert { criticalHeader.add(criticalParameter2); criticalHeader.add(criticalParameter3); producer = new JwsCompactProducer(payload); - producer.getJoseHeaders().setAlgorithm(JoseConstants.HMAC_SHA_512_ALGO); + producer.getJoseHeaders().setAlgorithm(AlgorithmUtils.HMAC_SHA_512_ALGO); producer.getJoseHeaders().setCritical(criticalHeader); producer.getJoseHeaders().setHeader(criticalParameter1, criticalValue1); producer.getJoseHeaders().setHeader(criticalParameter2, criticalValue2); producer.getJoseHeaders().setHeader(criticalParameter3, criticalValue3); - producer.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY, Algorithm.HmacSHA256.getJwtName())); + producer.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY, SignatureAlgorithm.HS256)); signedJws = producer.getSignedEncodedJws(); consumer = new JwsCompactConsumer(signedJws); assertTrue(consumer.validateCriticalHeaders()); @@ -191,10 +191,10 @@ public class JwsCompactHeaderTest extends Assert { criticalHeader.add(criticalParameter); criticalHeader.add(criticalParameter); producer = new JwsCompactProducer(payload); - producer.getJoseHeaders().setAlgorithm(JoseConstants.HMAC_SHA_512_ALGO); + producer.getJoseHeaders().setAlgorithm(AlgorithmUtils.HMAC_SHA_512_ALGO); producer.getJoseHeaders().setHeader(criticalParameter, criticalValue); producer.getJoseHeaders().setCritical(criticalHeader); - producer.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY, Algorithm.HmacSHA256.getJwtName())); + producer.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY, SignatureAlgorithm.HS256)); signedJws = producer.getSignedEncodedJws(); consumer = new JwsCompactConsumer(signedJws); assertFalse(consumer.validateCriticalHeaders()); http://git-wip-us.apache.org/repos/asf/cxf/blob/e57a012e/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsCompactReaderWriterTest.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsCompactReaderWriterTest.java b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsCompactReaderWriterTest.java index bdf4067..285705b 100644 --- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsCompactReaderWriterTest.java +++ b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsCompactReaderWriterTest.java @@ -31,7 +31,8 @@ import java.util.Map; import org.apache.cxf.common.util.crypto.CryptoUtils; import org.apache.cxf.rs.security.jose.JoseConstants; import org.apache.cxf.rs.security.jose.JoseHeaders; -import org.apache.cxf.rs.security.jose.jwa.Algorithm; +import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils; +import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm; import org.apache.cxf.rs.security.jose.jwk.JsonWebKey; import org.apache.cxf.rs.security.jose.jwt.JwtClaims; import org.apache.cxf.rs.security.jose.jwt.JwtToken; @@ -95,9 +96,9 @@ public class JwsCompactReaderWriterTest extends Assert { public void testWriteJwsSignedByMacSpecExample() throws Exception { JoseHeaders headers = new JoseHeaders(); headers.setType(JoseConstants.TYPE_JWT); - headers.setAlgorithm(Algorithm.HmacSHA256.getJwtName()); + headers.setAlgorithm(SignatureAlgorithm.HS256.getJwaName()); JwsCompactProducer jws = initSpecJwtTokenWriter(headers); - jws.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY, Algorithm.HmacSHA256.getJwtName())); + jws.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY, SignatureAlgorithm.HS256)); assertEquals(ENCODED_TOKEN_SIGNED_BY_MAC, jws.getSignedEncodedJws()); @@ -107,7 +108,7 @@ public class JwsCompactReaderWriterTest extends Assert { public void testWriteReadJwsUnsigned() throws Exception { JoseHeaders headers = new JoseHeaders(); headers.setType(JoseConstants.TYPE_JWT); - headers.setAlgorithm(JoseConstants.PLAIN_TEXT_ALGO); + headers.setAlgorithm(AlgorithmUtils.PLAIN_TEXT_ALGO); JwtClaims claims = new JwtClaims(); claims.setIssuer("https://jwt-idp.example.com"); @@ -131,11 +132,11 @@ public class JwsCompactReaderWriterTest extends Assert { public void testReadJwsSignedByMacSpecExample() throws Exception { JwsJwtCompactConsumer jws = new JwsJwtCompactConsumer(ENCODED_TOKEN_SIGNED_BY_MAC); assertTrue(jws.verifySignatureWith(new HmacJwsSignatureVerifier(ENCODED_MAC_KEY, - Algorithm.HmacSHA256.getJwtName()))); + SignatureAlgorithm.HS256))); JwtToken token = jws.getJwtToken(); JoseHeaders headers = token.getHeaders(); assertEquals(JoseConstants.TYPE_JWT, headers.getType()); - assertEquals(Algorithm.HmacSHA256.getJwtName(), headers.getAlgorithm()); + assertEquals(SignatureAlgorithm.HS256.getJwaName(), headers.getAlgorithm()); validateSpecClaim(token.getClaims()); } @@ -160,7 +161,7 @@ public class JwsCompactReaderWriterTest extends Assert { private void doTestWriteJwsWithJwkSignedByMac(Object jsonWebKey) throws Exception { JoseHeaders headers = new JoseHeaders(); headers.setType(JoseConstants.TYPE_JWT); - headers.setAlgorithm(Algorithm.HmacSHA256.getJwtName()); + headers.setAlgorithm(SignatureAlgorithm.HS256.getJwaName()); headers.setHeader(JoseConstants.HEADER_JSON_WEB_KEY, jsonWebKey); JwtClaims claims = new JwtClaims(); @@ -170,7 +171,7 @@ public class JwsCompactReaderWriterTest extends Assert { JwtToken token = new JwtToken(headers, claims); JwsCompactProducer jws = new JwsJwtCompactProducer(token, getWriter()); - jws.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY, Algorithm.HmacSHA256.getJwtName())); + jws.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY, SignatureAlgorithm.HS256)); assertEquals(ENCODED_TOKEN_WITH_JSON_KEY_SIGNED_BY_MAC, jws.getSignedEncodedJws()); } @@ -179,11 +180,11 @@ public class JwsCompactReaderWriterTest extends Assert { public void testReadJwsWithJwkSignedByMac() throws Exception { JwsJwtCompactConsumer jws = new JwsJwtCompactConsumer(ENCODED_TOKEN_WITH_JSON_KEY_SIGNED_BY_MAC); assertTrue(jws.verifySignatureWith(new HmacJwsSignatureVerifier(ENCODED_MAC_KEY, - Algorithm.HmacSHA256.getJwtName()))); + SignatureAlgorithm.HS256))); JwtToken token = jws.getJwtToken(); JoseHeaders headers = token.getHeaders(); assertEquals(JoseConstants.TYPE_JWT, headers.getType()); - assertEquals(Algorithm.HmacSHA256.getJwtName(), headers.getAlgorithm()); + assertEquals(SignatureAlgorithm.HS256.getJwaName(), headers.getAlgorithm()); JsonWebKey key = headers.getJsonWebKey(); assertEquals(JsonWebKey.KEY_TYPE_OCTET, key.getKeyType()); @@ -204,10 +205,10 @@ public class JwsCompactReaderWriterTest extends Assert { @Test public void testWriteJwsSignedByPrivateKey() throws Exception { JoseHeaders headers = new JoseHeaders(); - headers.setAlgorithm(Algorithm.SHA256withRSA.getJwtName()); + headers.setAlgorithm(SignatureAlgorithm.RS256.getJwaName()); JwsCompactProducer jws = initSpecJwtTokenWriter(headers); PrivateKey key = CryptoUtils.getRSAPrivateKey(RSA_MODULUS_ENCODED, RSA_PRIVATE_EXPONENT_ENCODED); - jws.signWith(new PrivateKeyJwsSignatureProvider(key, Algorithm.SHA256withRSA.getJwtName())); + jws.signWith(new PrivateKeyJwsSignatureProvider(key, SignatureAlgorithm.RS256)); assertEquals(ENCODED_TOKEN_SIGNED_BY_PRIVATE_KEY, jws.getSignedEncodedJws()); } @@ -216,19 +217,18 @@ public class JwsCompactReaderWriterTest extends Assert { Security.addProvider(new BouncyCastleProvider()); try { JoseHeaders outHeaders = new JoseHeaders(); - outHeaders.setAlgorithm(JoseConstants.PS_SHA_256_ALGO); + outHeaders.setAlgorithm(AlgorithmUtils.PS_SHA_256_ALGO); JwsCompactProducer producer = initSpecJwtTokenWriter(outHeaders); PrivateKey privateKey = CryptoUtils.getRSAPrivateKey(RSA_MODULUS_ENCODED, RSA_PRIVATE_EXPONENT_ENCODED); String signed = producer.signWith( - new PrivateKeyJwsSignatureProvider(privateKey, JoseConstants.PS_SHA_256_ALGO)); + new PrivateKeyJwsSignatureProvider(privateKey, SignatureAlgorithm.PS256)); JwsJwtCompactConsumer jws = new JwsJwtCompactConsumer(signed); RSAPublicKey key = CryptoUtils.getRSAPublicKey(RSA_MODULUS_ENCODED, RSA_PUBLIC_EXPONENT_ENCODED); - assertTrue(jws.verifySignatureWith(new PublicKeyJwsSignatureVerifier(key, - JoseConstants.PS_SHA_256_ALGO))); + assertTrue(jws.verifySignatureWith(new PublicKeyJwsSignatureVerifier(key, SignatureAlgorithm.PS256))); JwtToken token = jws.getJwtToken(); JoseHeaders inHeaders = token.getHeaders(); - assertEquals(JoseConstants.PS_SHA_256_ALGO, inHeaders.getAlgorithm()); + assertEquals(AlgorithmUtils.PS_SHA_256_ALGO, inHeaders.getAlgorithm()); validateSpecClaim(token.getClaims()); } finally { Security.removeProvider(BouncyCastleProvider.class.getName()); @@ -238,11 +238,11 @@ public class JwsCompactReaderWriterTest extends Assert { @Test public void testWriteReadJwsSignedByESPrivateKey() throws Exception { JoseHeaders headers = new JoseHeaders(); - headers.setAlgorithm(Algorithm.SHA256withECDSA.getJwtName()); + headers.setAlgorithm(SignatureAlgorithm.ES256.getJwaName()); JwsCompactProducer jws = initSpecJwtTokenWriter(headers); ECPrivateKey privateKey = CryptoUtils.getECPrivateKey(JsonWebKey.EC_CURVE_P256, EC_PRIVATE_KEY_ENCODED); - jws.signWith(new EcDsaJwsSignatureProvider(privateKey, Algorithm.SHA256withECDSA.getJwtName())); + jws.signWith(new EcDsaJwsSignatureProvider(privateKey, SignatureAlgorithm.ES256)); String signedJws = jws.getSignedEncodedJws(); ECPublicKey publicKey = CryptoUtils.getECPublicKey(JsonWebKey.EC_CURVE_P256, @@ -250,10 +250,10 @@ public class JwsCompactReaderWriterTest extends Assert { EC_Y_POINT_ENCODED); JwsJwtCompactConsumer jwsConsumer = new JwsJwtCompactConsumer(signedJws); assertTrue(jwsConsumer.verifySignatureWith(new EcDsaJwsSignatureVerifier(publicKey, - Algorithm.SHA256withECDSA.getJwtName()))); + SignatureAlgorithm.ES256))); JwtToken token = jwsConsumer.getJwtToken(); JoseHeaders headersReceived = token.getHeaders(); - assertEquals(Algorithm.SHA256withECDSA.getJwtName(), headersReceived.getAlgorithm()); + assertEquals(SignatureAlgorithm.ES256.getJwaName(), headersReceived.getAlgorithm()); validateSpecClaim(token.getClaims()); } @@ -261,11 +261,10 @@ public class JwsCompactReaderWriterTest extends Assert { public void testReadJwsSignedByPrivateKey() throws Exception { JwsJwtCompactConsumer jws = new JwsJwtCompactConsumer(ENCODED_TOKEN_SIGNED_BY_PRIVATE_KEY); RSAPublicKey key = CryptoUtils.getRSAPublicKey(RSA_MODULUS_ENCODED, RSA_PUBLIC_EXPONENT_ENCODED); - assertTrue(jws.verifySignatureWith(new PublicKeyJwsSignatureVerifier(key, - JoseConstants.RS_SHA_256_ALGO))); + assertTrue(jws.verifySignatureWith(new PublicKeyJwsSignatureVerifier(key, SignatureAlgorithm.RS256))); JwtToken token = jws.getJwtToken(); JoseHeaders headers = token.getHeaders(); - assertEquals(Algorithm.SHA256withRSA.getJwtName(), headers.getAlgorithm()); + assertEquals(SignatureAlgorithm.RS256.getJwaName(), headers.getAlgorithm()); validateSpecClaim(token.getClaims()); } http://git-wip-us.apache.org/repos/asf/cxf/blob/e57a012e/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducerTest.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducerTest.java b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducerTest.java index fa94e46..00b8ed7 100644 --- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducerTest.java +++ b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducerTest.java @@ -17,8 +17,9 @@ * under the License. */ package org.apache.cxf.rs.security.jose.jws; -import org.apache.cxf.rs.security.jose.JoseConstants; import org.apache.cxf.rs.security.jose.JoseHeaders; +import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils; +import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm; import org.junit.Assert; import org.junit.Test; @@ -72,10 +73,9 @@ public class JwsJsonProducerTest extends Assert { public void testSignWithProtectedHeaderOnly() { JwsJsonProducer producer = new JwsJsonProducer(UNSIGNED_PLAIN_JSON_DOCUMENT); JoseHeaders headerEntries = new JoseHeaders(); - headerEntries.setAlgorithm(JoseConstants.HMAC_SHA_256_ALGO); + headerEntries.setAlgorithm(AlgorithmUtils.HMAC_SHA_256_ALGO); - producer.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY_1, - JoseConstants.HMAC_SHA_256_ALGO), + producer.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY_1, SignatureAlgorithm.HS256), headerEntries); assertEquals(SIGNED_JWS_JSON_DOCUMENT, producer.getJwsJsonSignedDocument()); @@ -84,10 +84,9 @@ public class JwsJsonProducerTest extends Assert { public void testSignWithProtectedHeaderOnlyFlat() { JwsJsonProducer producer = new JwsJsonProducer(UNSIGNED_PLAIN_JSON_DOCUMENT, true); JoseHeaders headerEntries = new JoseHeaders(); - headerEntries.setAlgorithm(JoseConstants.HMAC_SHA_256_ALGO); + headerEntries.setAlgorithm(AlgorithmUtils.HMAC_SHA_256_ALGO); - producer.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY_1, - JoseConstants.HMAC_SHA_256_ALGO), + producer.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY_1, SignatureAlgorithm.HS256), headerEntries); assertEquals(SIGNED_JWS_JSON_FLAT_DOCUMENT, producer.getJwsJsonSignedDocument()); @@ -96,13 +95,11 @@ public class JwsJsonProducerTest extends Assert { public void testDualSignWithProtectedHeaderOnly() { JwsJsonProducer producer = new JwsJsonProducer(UNSIGNED_PLAIN_JSON_DOCUMENT); JoseHeaders headerEntries = new JoseHeaders(); - headerEntries.setAlgorithm(JoseConstants.HMAC_SHA_256_ALGO); + headerEntries.setAlgorithm(AlgorithmUtils.HMAC_SHA_256_ALGO); - producer.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY_1, - JoseConstants.HMAC_SHA_256_ALGO), + producer.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY_1, SignatureAlgorithm.HS256), headerEntries); - producer.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY_2, - JoseConstants.HMAC_SHA_256_ALGO), + producer.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY_2, SignatureAlgorithm.HS256), headerEntries); assertEquals(DUAL_SIGNED_JWS_JSON_DOCUMENT, producer.getJwsJsonSignedDocument()); http://git-wip-us.apache.org/repos/asf/cxf/blob/e57a012e/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/JwtRequestCodeFilter.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/JwtRequestCodeFilter.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/JwtRequestCodeFilter.java index a318c2c..7347229 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/JwtRequestCodeFilter.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/JwtRequestCodeFilter.java @@ -30,7 +30,7 @@ import org.apache.cxf.common.util.crypto.CryptoUtils; import org.apache.cxf.helpers.CastUtils; import org.apache.cxf.jaxrs.impl.MetadataMap; import org.apache.cxf.jaxrs.provider.json.JsonMapObjectReaderWriter; -import org.apache.cxf.rs.security.jose.JoseConstants; +import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils; import org.apache.cxf.rs.security.jose.jwe.JweDecryptionProvider; import org.apache.cxf.rs.security.jose.jwe.JweUtils; import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer; @@ -106,7 +106,7 @@ public class JwtRequestCodeFilter implements AuthorizationCodeRequestFilter { } if (decryptWithClientSecret) { SecretKey key = CryptoUtils.decodeSecretKey(c.getClientSecret()); - return JweUtils.getDirectKeyJweDecryption(key, JoseConstants.A128GCM_ALGO); + return JweUtils.getDirectKeyJweDecryption(key, AlgorithmUtils.A128GCM_ALGO); } return JweUtils.loadDecryptionProvider(false); } @@ -116,12 +116,12 @@ public class JwtRequestCodeFilter implements AuthorizationCodeRequestFilter { } if (verifyWithClientSecret) { byte[] hmac = CryptoUtils.decodeSequence(c.getClientSecret()); - return JwsUtils.getHmacSignatureVerifier(hmac, JoseConstants.HMAC_SHA_256_ALGO); + return JwsUtils.getHmacSignatureVerifier(hmac, AlgorithmUtils.HMAC_SHA_256_ALGO); } else if (verifyWithClientCertificates) { X509Certificate cert = (X509Certificate)CryptoUtils.decodeCertificate(c.getApplicationCertificates().get(0)); return JwsUtils.getRSAKeySignatureVerifier((RSAPublicKey)cert.getPublicKey(), - JoseConstants.RS_SHA_256_ALGO); + AlgorithmUtils.RS_SHA_256_ALGO); } return JwsUtils.loadSignatureVerifier(true); } http://git-wip-us.apache.org/repos/asf/cxf/blob/e57a012e/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/JwtRequestCodeGrant.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/JwtRequestCodeGrant.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/JwtRequestCodeGrant.java index 79f6b89..77a63b9 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/JwtRequestCodeGrant.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/JwtRequestCodeGrant.java @@ -26,7 +26,7 @@ import javax.ws.rs.core.MultivaluedMap; import org.apache.cxf.common.util.StringUtils; import org.apache.cxf.common.util.crypto.CryptoUtils; import org.apache.cxf.jaxrs.impl.MetadataMap; -import org.apache.cxf.rs.security.jose.JoseConstants; +import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils; import org.apache.cxf.rs.security.jose.jwe.JweEncryptionProvider; import org.apache.cxf.rs.security.jose.jwe.JweUtils; import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactProducer; @@ -78,7 +78,7 @@ public class JwtRequestCodeGrant extends AuthorizationCodeGrant { } if (signWithClientSecret) { byte[] hmac = CryptoUtils.decodeSequence(clientSecret); - return JwsUtils.getHmacSignatureProvider(hmac, JoseConstants.HMAC_SHA_256_ALGO); + return JwsUtils.getHmacSignatureProvider(hmac, AlgorithmUtils.HMAC_SHA_256_ALGO); } else { return JwsUtils.loadSignatureProvider(true); } @@ -113,7 +113,7 @@ public class JwtRequestCodeGrant extends AuthorizationCodeGrant { } if (encryptWithClientSecret) { SecretKey key = CryptoUtils.decodeSecretKey(clientSecret); - return JweUtils.getDirectKeyJweEncryption(key, JoseConstants.A128GCM_ALGO); + return JweUtils.getDirectKeyJweEncryption(key, AlgorithmUtils.A128GCM_ALGO); } else { return JweUtils.loadEncryptionProvider(false); } http://git-wip-us.apache.org/repos/asf/cxf/blob/e57a012e/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/jwt/JwtAccessTokenUtils.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/jwt/JwtAccessTokenUtils.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/jwt/JwtAccessTokenUtils.java index ca2d1ab..6cd5f30 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/jwt/JwtAccessTokenUtils.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/jwt/JwtAccessTokenUtils.java @@ -24,8 +24,8 @@ import java.security.interfaces.RSAPublicKey; import javax.crypto.SecretKey; import org.apache.cxf.common.util.StringUtils; -import org.apache.cxf.rs.security.jose.JoseConstants; -import org.apache.cxf.rs.security.jose.jwa.Algorithm; +import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils; +import org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm; import org.apache.cxf.rs.security.jose.jwe.JweDecryption; import org.apache.cxf.rs.security.jose.jwe.JweDecryptionProvider; import org.apache.cxf.rs.security.jose.jwe.JweEncryptionProvider; @@ -51,7 +51,7 @@ public final class JwtAccessTokenUtils { Client client, SecretKey key) { JweEncryptionProvider jweEncryption = - JweUtils.getDirectKeyJweEncryption(key, Algorithm.A128GCM.getJwtName()); + JweUtils.getDirectKeyJweEncryption(key, ContentAlgorithm.A128GCM.getJwaName()); return encryptToAccessToken(jwt, client, jweEncryption); } @@ -75,7 +75,7 @@ public final class JwtAccessTokenUtils { return new BearerAccessToken(client, tokenId, issuedAt, expiresIn); } public static JwtToken decryptFromfromAccessToken(String tokenId, SecretKey key) { - JweDecryption jweDecryption = JweUtils.getDirectKeyJweDecryption(key, Algorithm.A128GCM.getJwtName()); + JweDecryption jweDecryption = JweUtils.getDirectKeyJweDecryption(key, ContentAlgorithm.A128GCM.getJwaName()); return decryptFromAccessToken(tokenId, jweDecryption); } public static JwtToken decryptFromAccessToken(String tokenId, JweDecryptionProvider jweDecryption) { @@ -87,7 +87,7 @@ public final class JwtAccessTokenUtils { Client client, RSAPrivateKey key) { JwsSignatureProvider jws = - JwsUtils.getRSAKeySignatureProvider(key, JoseConstants.RS_SHA_256_ALGO); + JwsUtils.getRSAKeySignatureProvider(key, AlgorithmUtils.RS_SHA_256_ALGO); return signToAccessToken(jwt, client, jws); } @@ -98,7 +98,7 @@ public final class JwtAccessTokenUtils { return toAccessToken(jwt, client, jwtString); } public static JwtToken verifyAccessToken(String tokenId, RSAPublicKey key) { - JwsSignatureVerifier jws = JwsUtils.getRSAKeySignatureVerifier(key, JoseConstants.RS_SHA_256_ALGO); + JwsSignatureVerifier jws = JwsUtils.getRSAKeySignatureVerifier(key, AlgorithmUtils.RS_SHA_256_ALGO); return verifyAccessToken(tokenId, jws); } public static JwtToken verifyAccessToken(String tokenId, JwsSignatureVerifier jws) { http://git-wip-us.apache.org/repos/asf/cxf/blob/e57a012e/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/AbstractJwsJweProducer.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/AbstractJwsJweProducer.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/AbstractJwsJweProducer.java index dfbf8b6..5f8bd8c 100644 --- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/AbstractJwsJweProducer.java +++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/AbstractJwsJweProducer.java @@ -24,7 +24,7 @@ import java.security.interfaces.RSAPublicKey; import javax.crypto.SecretKey; import org.apache.cxf.common.util.crypto.CryptoUtils; -import org.apache.cxf.rs.security.jose.JoseConstants; +import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils; import org.apache.cxf.rs.security.jose.jwe.JweEncryptionProvider; import org.apache.cxf.rs.security.jose.jwe.JweUtils; import org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider; @@ -48,7 +48,7 @@ public abstract class AbstractJwsJweProducer { if (signWithClientSecret) { byte[] hmac = CryptoUtils.decodeSequence(c.getClientSecret()); - return JwsUtils.getHmacSignatureProvider(hmac, JoseConstants.HMAC_SHA_256_ALGO); + return JwsUtils.getHmacSignatureProvider(hmac, AlgorithmUtils.HMAC_SHA_256_ALGO); } else { return JwsUtils.loadSignatureProvider(required); } @@ -60,13 +60,13 @@ public abstract class AbstractJwsJweProducer { JweEncryptionProvider theEncryptionProvider = null; if (encryptWithClientSecret) { SecretKey key = CryptoUtils.decodeSecretKey(c.getClientSecret()); - theEncryptionProvider = JweUtils.getDirectKeyJweEncryption(key, JoseConstants.A128GCM_ALGO); + theEncryptionProvider = JweUtils.getDirectKeyJweEncryption(key, AlgorithmUtils.A128GCM_ALGO); } else if (encryptWithClientCertificates) { X509Certificate cert = (X509Certificate)CryptoUtils.decodeCertificate(c.getApplicationCertificates().get(0)); theEncryptionProvider = JweUtils.createJweEncryptionProvider((RSAPublicKey)cert.getPublicKey(), - JoseConstants.RSA_OAEP_ALGO, - JoseConstants.A128GCM_ALGO, + AlgorithmUtils.RSA_OAEP_ALGO, + AlgorithmUtils.A128GCM_ALGO, null); } if (theEncryptionProvider == null) { http://git-wip-us.apache.org/repos/asf/cxf/blob/e57a012e/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/BookServer.java ---------------------------------------------------------------------- diff --git a/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/BookServer.java b/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/BookServer.java index 8fd0743..be25b8f 100644 --- a/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/BookServer.java +++ b/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/BookServer.java @@ -67,7 +67,6 @@ public class BookServer extends AbstractBusTestServerBase { JAXRSServerFactoryBean sf = new JAXRSServerFactoryBean(); sf.setBus(bus); sf.setResourceClasses(BookStore.class, SimpleBookStore.class, BookStorePerRequest.class); - sf.getInInterceptors().add(new LoggingInInterceptor()); List providers = new ArrayList(); //default lifecycle is per-request, change it to singleton @@ -94,6 +93,8 @@ public class BookServer extends AbstractBusTestServerBase { sf.setProviders(providers); List> inInts = new ArrayList>(); inInts.add(new CustomInFaultyInterceptor()); + inInts.add(new LoggingInInterceptor()); + sf.setInInterceptors(inInts); List> outInts = new ArrayList>(); outInts.add(new CustomOutInterceptor()); http://git-wip-us.apache.org/repos/asf/cxf/blob/e57a012e/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/JAXRSClientServerBookTest.java ---------------------------------------------------------------------- diff --git a/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/JAXRSClientServerBookTest.java b/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/JAXRSClientServerBookTest.java index 42546a0..d3ecb51 100644 --- a/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/JAXRSClientServerBookTest.java +++ b/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/JAXRSClientServerBookTest.java @@ -551,6 +551,7 @@ public class JAXRSClientServerBookTest extends AbstractBusClientServerTestBase { String endpointAddress = "http://localhost:" + PORT + "/bookstore/collections3"; WebClient wc = WebClient.create(endpointAddress); + WebClient.getConfig(wc).getHttpConduit().getClient().setReceiveTimeout(1000000); wc.accept("application/xml").type("application/xml"); Book b1 = new Book("CXF in Action", 123L); Book b2 = new Book("CXF Rocks", 124L); http://git-wip-us.apache.org/repos/asf/cxf/blob/e57a012e/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java ---------------------------------------------------------------------- diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java index e09d032..ad659a5 100644 --- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java +++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java @@ -39,7 +39,10 @@ import org.apache.cxf.rs.security.jose.jaxrs.JweWriterInterceptor; import org.apache.cxf.rs.security.jose.jaxrs.JwsClientResponseFilter; import org.apache.cxf.rs.security.jose.jaxrs.JwsWriterInterceptor; import org.apache.cxf.rs.security.jose.jaxrs.PrivateKeyPasswordProvider; -import org.apache.cxf.rs.security.jose.jwa.Algorithm; +import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils; +import org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm; +import org.apache.cxf.rs.security.jose.jwa.KeyAlgorithm; +import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm; import org.apache.cxf.rs.security.jose.jwe.AesCbcHmacJweDecryption; import org.apache.cxf.rs.security.jose.jwe.AesCbcHmacJweEncryption; import org.apache.cxf.rs.security.jose.jwe.AesWrapKeyDecryptionAlgorithm; @@ -78,7 +81,7 @@ public class JAXRSJweJwsTest extends AbstractBusClientServerTestBase { private static void registerBouncyCastleIfNeeded() throws Exception { try { // Java 8 apparently has it - Cipher.getInstance(Algorithm.AES_GCM_ALGO_JAVA); + Cipher.getInstance(AlgorithmUtils.AES_GCM_ALGO_JAVA); } catch (Throwable t) { // Oracle Java 7 Security.addProvider(new BouncyCastleProvider()); @@ -259,7 +262,7 @@ public class JAXRSJweJwsTest extends AbstractBusClientServerTestBase { } String address = "https://localhost:" + PORT + "/jwejwshmac"; HmacJwsSignatureProvider hmacProvider = - new HmacJwsSignatureProvider(ENCODED_MAC_KEY, Algorithm.HmacSHA256.getJwtName()); + new HmacJwsSignatureProvider(ENCODED_MAC_KEY, SignatureAlgorithm.HS256); BookStore bs = createJweJwsBookStore(address, hmacProvider, null); String text = bs.echoText("book"); assertEquals("book", text); @@ -271,7 +274,7 @@ public class JAXRSJweJwsTest extends AbstractBusClientServerTestBase { } String address = "https://localhost:" + PORT + "/jwejwshmac"; HmacJwsSignatureProvider hmacProvider = - new HmacJwsSignatureProvider(ENCODED_MAC_KEY, Algorithm.HmacSHA256.getJwtName()); + new HmacJwsSignatureProvider(ENCODED_MAC_KEY, SignatureAlgorithm.HS256); BookStore bs = createJweJwsBookStore(address, hmacProvider, Collections.singletonList(new JacksonJsonProvider())); Book book = bs.echoBook(new Book("book", 123L)); @@ -418,8 +421,8 @@ public class JAXRSJweJwsTest extends AbstractBusClientServerTestBase { final String cekEncryptionKey = "GawgguFyGrWKav7AX4VKUg"; AesWrapKeyEncryptionAlgorithm keyEncryption = - new AesWrapKeyEncryptionAlgorithm(cekEncryptionKey, Algorithm.A128KW.getJwtName()); - jweWriter.setEncryptionProvider(new AesCbcHmacJweEncryption(Algorithm.A128CBC_HS256.getJwtName(), + new AesWrapKeyEncryptionAlgorithm(cekEncryptionKey, KeyAlgorithm.A128KW); + jweWriter.setEncryptionProvider(new AesCbcHmacJweEncryption(ContentAlgorithm.A128CBC_HS256, keyEncryption)); // reader http://git-wip-us.apache.org/repos/asf/cxf/blob/e57a012e/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJwsJsonTest.java ---------------------------------------------------------------------- diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJwsJsonTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJwsJsonTest.java index 5ad6401..5ba9dfa 100644 --- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJwsJsonTest.java +++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJwsJsonTest.java @@ -40,7 +40,7 @@ import org.apache.cxf.rs.security.jose.jaxrs.JweClientResponseFilter; import org.apache.cxf.rs.security.jose.jaxrs.JweWriterInterceptor; import org.apache.cxf.rs.security.jose.jaxrs.JwsJsonClientResponseFilter; import org.apache.cxf.rs.security.jose.jaxrs.JwsJsonWriterInterceptor; -import org.apache.cxf.rs.security.jose.jwa.Algorithm; +import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils; import org.apache.cxf.systest.jaxrs.security.Book; import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase; import org.bouncycastle.jce.provider.BouncyCastleProvider; @@ -67,7 +67,7 @@ public class JAXRSJwsJsonTest extends AbstractBusClientServerTestBase { private static void registerBouncyCastleIfNeeded() throws Exception { try { // Java 8 apparently has it - Cipher.getInstance(Algorithm.AES_GCM_ALGO_JAVA); + Cipher.getInstance(AlgorithmUtils.AES_GCM_ALGO_JAVA); } catch (Throwable t) { // Oracle Java 7 Security.addProvider(new BouncyCastleProvider()); http://git-wip-us.apache.org/repos/asf/cxf/blob/e57a012e/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/server.xml ---------------------------------------------------------------------- diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/server.xml b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/server.xml index bd81abb..3e5e1d3 100644 --- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/server.xml +++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/server.xml @@ -42,7 +42,7 @@ under the License. - + @@ -65,7 +65,7 @@ under the License. - +