cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: Introducing few more JWK related enums
Date Wed, 10 Jun 2015 16:37:33 GMT
Repository: cxf
Updated Branches:
  refs/heads/master a1deab44c -> 3d6dfd05d


Introducing few more JWK related enums


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/3d6dfd05
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/3d6dfd05
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/3d6dfd05

Branch: refs/heads/master
Commit: 3d6dfd05d616165d1b8243f3b873eaddc51fe581
Parents: a1deab4
Author: Sergey Beryozkin <sberyozkin@talend.com>
Authored: Wed Jun 10 17:37:14 2015 +0100
Committer: Sergey Beryozkin <sberyozkin@talend.com>
Committed: Wed Jun 10 17:37:14 2015 +0100

----------------------------------------------------------------------
 .../json/JsonMapObjectReaderWriter.java         |  5 ++-
 .../cxf/rs/security/jose/JoseHeaders.java       |  3 +-
 .../security/jose/jaxrs/KeyManagementUtils.java | 29 +++++++------
 .../rs/security/jose/jwa/ContentAlgorithm.java  |  3 ++
 .../cxf/rs/security/jose/jwa/KeyAlgorithm.java  |  3 ++
 .../security/jose/jwa/SignatureAlgorithm.java   |  3 ++
 .../cxf/rs/security/jose/jwe/JweHeaders.java    |  9 ++--
 .../cxf/rs/security/jose/jwe/JweUtils.java      | 29 ++++++++-----
 .../cxf/rs/security/jose/jwk/JsonWebKey.java    | 45 ++++++++++++++------
 .../cxf/rs/security/jose/jwk/JsonWebKeys.java   | 27 +++++-------
 .../cxf/rs/security/jose/jwk/JwkUtils.java      | 23 +++++-----
 .../cxf/rs/security/jose/jws/JwsHeaders.java    | 15 +++++++
 .../cxf/rs/security/jose/jws/JwsUtils.java      | 33 +++++++-------
 .../jose/cookbook/JwkJoseCookBookTest.java      | 18 ++++----
 .../rs/security/jose/jwk/JsonWebKeyTest.java    | 10 ++---
 .../jose/jws/JwsCompactReaderWriterTest.java    | 17 +++++---
 16 files changed, 165 insertions(+), 107 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/3d6dfd05/rt/rs/extensions/providers/src/main/java/org/apache/cxf/jaxrs/provider/json/JsonMapObjectReaderWriter.java
----------------------------------------------------------------------
diff --git a/rt/rs/extensions/providers/src/main/java/org/apache/cxf/jaxrs/provider/json/JsonMapObjectReaderWriter.java b/rt/rs/extensions/providers/src/main/java/org/apache/cxf/jaxrs/provider/json/JsonMapObjectReaderWriter.java
index ca8741f..71fae6c 100644
--- a/rt/rs/extensions/providers/src/main/java/org/apache/cxf/jaxrs/provider/json/JsonMapObjectReaderWriter.java
+++ b/rt/rs/extensions/providers/src/main/java/org/apache/cxf/jaxrs/provider/json/JsonMapObjectReaderWriter.java
@@ -102,11 +102,12 @@ public class JsonMapObjectReaderWriter {
         } else if (Map.class.isAssignableFrom(value.getClass())) {
             toJsonInternal(out, (Map<String, Object>)value);
         } else {
-            if (value.getClass() == String.class) {
+            boolean stringOrEnum = value.getClass() == String.class || value.getClass().isEnum();
+            if (stringOrEnum) {
                 out.append("\"");
             }
             out.append(value.toString());
-            if (value.getClass() == String.class) {
+            if (stringOrEnum) {
                 out.append("\"");
             }
         }

http://git-wip-us.apache.org/repos/asf/cxf/blob/3d6dfd05/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeaders.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeaders.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeaders.java
index a73e7b0..9f787b5 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeaders.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeaders.java
@@ -59,7 +59,8 @@ public class JoseHeaders extends JsonMapObject {
     }
     
     public String getAlgorithm() {
-        return (String)getHeader(JoseConstants.HEADER_ALGORITHM);
+        Object prop = getHeader(JoseConstants.HEADER_ALGORITHM);
+        return prop == null ? null : prop.toString();
     }
     
     public void setKeyId(String kid) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/3d6dfd05/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/KeyManagementUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/KeyManagementUtils.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/KeyManagementUtils.java
index 4bbc43e..1a8b1e8 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/KeyManagementUtils.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/KeyManagementUtils.java
@@ -49,7 +49,7 @@ import org.apache.cxf.jaxrs.utils.ResourceUtils;
 import org.apache.cxf.message.Message;
 import org.apache.cxf.message.MessageUtils;
 import org.apache.cxf.rs.security.jose.JoseException;
-import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
+import org.apache.cxf.rs.security.jose.jwk.KeyOperation;
 import org.apache.cxf.rt.security.crypto.CryptoUtils;
 import org.apache.cxf.security.SecurityContext;
 
@@ -132,7 +132,7 @@ public final class KeyManagementUtils {
                                             Properties props, 
                                             Bus bus, 
                                             PrivateKeyPasswordProvider provider,
-                                            String keyOper,
+                                            KeyOperation keyOper,
                                             String alias) {
         
         String keyPswd = props.getProperty(RSSEC_KEY_PSWD);
@@ -142,11 +142,11 @@ public final class KeyManagementUtils {
         return CryptoUtils.loadPrivateKey(keyStore, keyPswdChars, theAlias);
     }
     
-    public static PrivateKey loadPrivateKey(Message m, String keyStoreLocProp, String keyOper) {
+    public static PrivateKey loadPrivateKey(Message m, String keyStoreLocProp, KeyOperation keyOper) {
         return loadPrivateKey(m, keyStoreLocProp, null, keyOper);
     }
     public static PrivateKey loadPrivateKey(Message m, String keyStoreLocPropPreferred,
-                                            String keyStoreLocPropDefault, String keyOper) {
+                                            String keyStoreLocPropDefault, KeyOperation keyOper) {
         String keyStoreLoc = getMessageProperty(m, keyStoreLocPropPreferred, keyStoreLocPropDefault);
         Bus bus = m.getExchange().getBus();
         try {
@@ -157,13 +157,15 @@ public final class KeyManagementUtils {
         }
     }
     
-    public static String getKeyId(Message m, Properties props, String preferredPropertyName, String keyOper) {
+    public static String getKeyId(Message m, Properties props, 
+                                  String preferredPropertyName, 
+                                  KeyOperation keyOper) {
         String kid = null;
         String altPropertyName = null;
         if (keyOper != null) {
-            if (keyOper.equals(JsonWebKey.KEY_OPER_ENCRYPT) || keyOper.equals(JsonWebKey.KEY_OPER_DECRYPT)) {
+            if (keyOper == KeyOperation.ENCRYPT || keyOper == KeyOperation.DECRYPT) {
                 altPropertyName = preferredPropertyName + ".jwe";
-            } else if (keyOper.equals(JsonWebKey.KEY_OPER_SIGN) || keyOper.equals(JsonWebKey.KEY_OPER_VERIFY)) {
+            } else if (keyOper == KeyOperation.SIGN || keyOper == KeyOperation.VERIFY) {
                 altPropertyName = preferredPropertyName + ".jws";
             }
             String direction = m.getExchange().getOutMessage() == m ? ".out" : ".in";
@@ -182,12 +184,12 @@ public final class KeyManagementUtils {
         }
         return kid;
     }
-    public static PrivateKeyPasswordProvider loadPasswordProvider(Message m, Properties props, String keyOper) {
+    public static PrivateKeyPasswordProvider loadPasswordProvider(Message m, Properties props, KeyOperation keyOper) {
         PrivateKeyPasswordProvider cb = 
             (PrivateKeyPasswordProvider)m.getContextualProperty(RSSEC_KEY_PSWD_PROVIDER);
         if (cb == null && keyOper != null) {
-            String propName = keyOper.equals(JsonWebKey.KEY_OPER_SIGN) ? RSSEC_SIG_KEY_PSWD_PROVIDER
-                : keyOper.equals(JsonWebKey.KEY_OPER_DECRYPT) 
+            String propName = keyOper == KeyOperation.SIGN ? RSSEC_SIG_KEY_PSWD_PROVIDER
+                : keyOper == KeyOperation.DECRYPT 
                 ? RSSEC_DECRYPT_KEY_PSWD_PROVIDER : null;
             if (propName != null) {
                 cb = (PrivateKeyPasswordProvider)m.getContextualProperty(propName);
@@ -196,11 +198,11 @@ public final class KeyManagementUtils {
         return cb;
     }
     
-    public static PrivateKey loadPrivateKey(Message m, Properties props, String keyOper) {
+    public static PrivateKey loadPrivateKey(Message m, Properties props, KeyOperation keyOper) {
         KeyStore keyStore = loadPersistKeyStore(m, props);
         return loadPrivateKey(keyStore, m, props, keyOper, null);
     }
-    private static PrivateKey loadPrivateKey(KeyStore keyStore, Message m, Properties props, String keyOper, 
+    private static PrivateKey loadPrivateKey(KeyStore keyStore, Message m, Properties props, KeyOperation keyOper, 
                                                 String alias) {
         Bus bus = m.getExchange().getBus();
         PrivateKeyPasswordProvider cb = loadPasswordProvider(m, props, keyOper);
@@ -361,7 +363,8 @@ public final class KeyManagementUtils {
         return props; 
     }
     public static PrivateKey loadPrivateKey(Message m, Properties props, 
-                                               List<X509Certificate> inCerts, String keyOper) {
+                                            List<X509Certificate> inCerts, 
+                                            KeyOperation keyOper) {
         KeyStore ks = loadPersistKeyStore(m, props);
         
         try {

http://git-wip-us.apache.org/repos/asf/cxf/blob/3d6dfd05/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/ContentAlgorithm.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/ContentAlgorithm.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/ContentAlgorithm.java
index 5f9e158..1a8b9bc 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/ContentAlgorithm.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/ContentAlgorithm.java
@@ -59,6 +59,9 @@ public enum ContentAlgorithm {
     }
     
     public static ContentAlgorithm getAlgorithm(String algo) {
+        if (algo == null) {
+            return null;
+        }
         return ContentAlgorithm.valueOf(algo.replace('-', '_')
                                         .replace('+', '_'));
         

http://git-wip-us.apache.org/repos/asf/cxf/blob/3d6dfd05/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/KeyAlgorithm.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/KeyAlgorithm.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/KeyAlgorithm.java
index d5b03fb..6fe6bf4 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/KeyAlgorithm.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/KeyAlgorithm.java
@@ -65,6 +65,9 @@ public enum KeyAlgorithm {
         return keySizeBits;
     }
     public static KeyAlgorithm getAlgorithm(String algo) {
+        if (algo == null) {
+            return null;
+        }
         return KeyAlgorithm.valueOf(algo.replace('-', '_')
                                     .replace('+', '_'));
         

http://git-wip-us.apache.org/repos/asf/cxf/blob/3d6dfd05/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/SignatureAlgorithm.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/SignatureAlgorithm.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/SignatureAlgorithm.java
index 79f41a5..1e88df0 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/SignatureAlgorithm.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/SignatureAlgorithm.java
@@ -69,6 +69,9 @@ public enum SignatureAlgorithm {
     }
     
     public static SignatureAlgorithm getAlgorithm(String algo) {
+        if (algo == null) {
+            return null;
+        }
         return SignatureAlgorithm.valueOf(algo.replace('-', '_')
                                         .replace('+', '_'));
         

http://git-wip-us.apache.org/repos/asf/cxf/blob/3d6dfd05/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweHeaders.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweHeaders.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweHeaders.java
index b0bd902..51ca4d7 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweHeaders.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweHeaders.java
@@ -77,8 +77,7 @@ public class JweHeaders extends JoseHeaders {
         return super.getAlgorithm();
     }
     public KeyAlgorithm getKeyEncryptionAlgorithmEnum() {
-        String algo = getKeyEncryptionAlgorithm();
-        return algo == null ? null : KeyAlgorithm.getAlgorithm(algo);
+        return KeyAlgorithm.getAlgorithm(getKeyEncryptionAlgorithm());
     }
     
     public void setContentEncryptionAlgorithm(String type) {
@@ -90,11 +89,11 @@ public class JweHeaders extends JoseHeaders {
     }
     
     public String getContentEncryptionAlgorithm() {
-        return (String)getHeader(JoseConstants.JWE_HEADER_CONTENT_ENC_ALGORITHM);
+        Object prop = getHeader(JoseConstants.JWE_HEADER_CONTENT_ENC_ALGORITHM);
+        return prop == null ? null : prop.toString();
     }
     public ContentAlgorithm getContentEncryptionAlgorithmEnum() {
-        String algo = getContentEncryptionAlgorithm();
-        return algo == null ? null : ContentAlgorithm.getAlgorithm(algo);
+        return ContentAlgorithm.getAlgorithm(getContentEncryptionAlgorithm());
     }
     public void setZipAlgorithm(String type) {
         setHeader(JoseConstants.JWE_HEADER_ZIP_ALGORITHM, type);

http://git-wip-us.apache.org/repos/asf/cxf/blob/3d6dfd05/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
index 1c2c9d6..a6b4b1f 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
@@ -48,6 +48,8 @@ import org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm;
 import org.apache.cxf.rs.security.jose.jwa.KeyAlgorithm;
 import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
 import org.apache.cxf.rs.security.jose.jwk.JwkUtils;
+import org.apache.cxf.rs.security.jose.jwk.KeyOperation;
+import org.apache.cxf.rs.security.jose.jwk.KeyType;
 import org.apache.cxf.rt.security.crypto.MessageDigestUtils;
 
 public final class JweUtils {
@@ -127,10 +129,11 @@ public final class JweUtils {
     public static KeyEncryptionProvider getKeyEncryptionProvider(JsonWebKey jwk, String defaultAlgorithm) {
         String keyEncryptionAlgo = jwk.getAlgorithm() == null ? defaultAlgorithm : jwk.getAlgorithm();
         KeyEncryptionProvider keyEncryptionProvider = null;
-        if (JsonWebKey.KEY_TYPE_RSA.equals(jwk.getKeyType())) {
+        KeyType keyType = jwk.getKeyType();
+        if (KeyType.RSA == keyType) {
             keyEncryptionProvider = getRSAKeyEncryptionProvider(JwkUtils.toRSAPublicKey(jwk, true), 
                                                                  keyEncryptionAlgo);
-        } else if (JsonWebKey.KEY_TYPE_OCTET.equals(jwk.getKeyType())) {
+        } else if (KeyType.OCTET == keyType) {
             keyEncryptionProvider = getSecretKeyEncryptionAlgorithm(JwkUtils.toSecretKey(jwk), 
                                                                     keyEncryptionAlgo);
         } else {
@@ -158,10 +161,11 @@ public final class JweUtils {
     public static KeyDecryptionAlgorithm getKeyDecryptionAlgorithm(JsonWebKey jwk, String defaultAlgorithm) {
         String keyEncryptionAlgo = jwk.getAlgorithm() == null ? defaultAlgorithm : jwk.getAlgorithm();
         KeyDecryptionAlgorithm keyDecryptionProvider = null;
-        if (JsonWebKey.KEY_TYPE_RSA.equals(jwk.getKeyType())) {
+        KeyType keyType = jwk.getKeyType();
+        if (KeyType.RSA == keyType) {
             keyDecryptionProvider = getPrivateKeyDecryptionAlgorithm(JwkUtils.toRSAPrivateKey(jwk), 
                                                                  keyEncryptionAlgo);
-        } else if (JsonWebKey.KEY_TYPE_OCTET.equals(jwk.getKeyType())) {
+        } else if (KeyType.OCTET == keyType) {
             keyDecryptionProvider = getSecretKeyDecryptionAlgorithm(JwkUtils.toSecretKey(jwk),
                                             keyEncryptionAlgo);
         } else {
@@ -191,7 +195,8 @@ public final class JweUtils {
     public static ContentEncryptionProvider getContentEncryptionAlgorithm(JsonWebKey jwk, String defaultAlgorithm) {
         String ctEncryptionAlgo = jwk.getAlgorithm() == null ? defaultAlgorithm : jwk.getAlgorithm();
         ContentEncryptionProvider contentEncryptionProvider = null;
-        if (JsonWebKey.KEY_TYPE_OCTET.equals(jwk.getKeyType())) {
+        KeyType keyType = jwk.getKeyType();
+        if (KeyType.OCTET == keyType) {
             return getContentEncryptionAlgorithm(JwkUtils.toSecretKey(jwk),
                                                  ctEncryptionAlgo);
         }
@@ -220,7 +225,8 @@ public final class JweUtils {
     }
     public static SecretKey getContentDecryptionSecretKey(JsonWebKey jwk, String defaultAlgorithm) {
         String ctEncryptionAlgo = jwk.getAlgorithm() == null ? defaultAlgorithm : jwk.getAlgorithm();
-        if (JsonWebKey.KEY_TYPE_OCTET.equals(jwk.getKeyType()) && AlgorithmUtils.isAesGcm(ctEncryptionAlgo)) {
+        KeyType keyType = jwk.getKeyType();
+        if (KeyType.RSA == keyType && AlgorithmUtils.isAesGcm(ctEncryptionAlgo)) {
             return JwkUtils.toSecretKey(jwk);
         }
         return null;
@@ -276,7 +282,7 @@ public final class JweUtils {
         String contentEncryptionAlgo = getContentEncryptionAlgo(m, props, null);
         ContentEncryptionProvider ctEncryptionProvider = null;
         if (JwkUtils.JWK_KEY_STORE_TYPE.equals(props.get(KeyManagementUtils.RSSEC_KEY_STORE_TYPE))) {
-            JsonWebKey jwk = JwkUtils.loadJsonWebKey(m, props, JsonWebKey.KEY_OPER_ENCRYPT);
+            JsonWebKey jwk = JwkUtils.loadJsonWebKey(m, props, KeyOperation.ENCRYPT);
             keyEncryptionAlgo = getKeyEncryptionAlgo(m, props, jwk.getAlgorithm(), 
                                                      getDefaultKeyAlgo(jwk));
             if ("direct".equals(keyEncryptionAlgo)) {
@@ -325,13 +331,13 @@ public final class JweUtils {
             List<X509Certificate> chain = KeyManagementUtils.toX509CertificateChain(inHeaders.getX509Chain());
             KeyManagementUtils.validateCertificateChain(props, chain);
             PrivateKey privateKey = 
-                KeyManagementUtils.loadPrivateKey(m, props, chain, JsonWebKey.KEY_OPER_DECRYPT);
+                KeyManagementUtils.loadPrivateKey(m, props, chain, KeyOperation.DECRYPT);
             contentEncryptionAlgo = inHeaders.getContentEncryptionAlgorithm();
             keyDecryptionProvider = getPrivateKeyDecryptionAlgorithm(privateKey, 
                                                                  inHeaders.getKeyEncryptionAlgorithm());
         } else {
             if (JwkUtils.JWK_KEY_STORE_TYPE.equals(props.get(KeyManagementUtils.RSSEC_KEY_STORE_TYPE))) {
-                JsonWebKey jwk = JwkUtils.loadJsonWebKey(m, props, JsonWebKey.KEY_OPER_DECRYPT);
+                JsonWebKey jwk = JwkUtils.loadJsonWebKey(m, props, KeyOperation.DECRYPT);
                 keyEncryptionAlgo = getKeyEncryptionAlgo(m, props, jwk.getAlgorithm(),
                                                          getDefaultKeyAlgo(jwk));
                 if ("direct".equals(keyEncryptionAlgo)) {
@@ -342,7 +348,7 @@ public final class JweUtils {
                 }
             } else {
                 keyDecryptionProvider = getPrivateKeyDecryptionAlgorithm(
-                    KeyManagementUtils.loadPrivateKey(m, props, JsonWebKey.KEY_OPER_DECRYPT), keyEncryptionAlgo);
+                    KeyManagementUtils.loadPrivateKey(m, props, KeyOperation.DECRYPT), keyEncryptionAlgo);
             }
         }
         return createJweDecryptionProvider(keyDecryptionProvider, ctDecryptionKey, contentEncryptionAlgo);
@@ -573,7 +579,8 @@ public final class JweUtils {
         return algo;
     }
     private static String getDefaultKeyAlgo(JsonWebKey jwk) {
-        if (JsonWebKey.KEY_TYPE_OCTET.equals(jwk.getKeyType())) {
+        KeyType keyType = jwk.getKeyType();
+        if (KeyType.OCTET == keyType) {
             return AlgorithmUtils.A128GCMKW_ALGO;
         } else {
             return AlgorithmUtils.RSA_OAEP_ALGO;

http://git-wip-us.apache.org/repos/asf/cxf/blob/3d6dfd05/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JsonWebKey.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JsonWebKey.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JsonWebKey.java
index 4252add..a5479d0 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JsonWebKey.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JsonWebKey.java
@@ -18,6 +18,7 @@
  */
 package org.apache.cxf.rs.security.jose.jwk;
 
+import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
 
@@ -67,6 +68,10 @@ public class JsonWebKey extends JsonMapObject {
     public static final String KEY_OPER_VERIFY = "verify";
     public static final String KEY_OPER_ENCRYPT = "encrypt";
     public static final String KEY_OPER_DECRYPT = "decrypt";
+    public static final String KEY_OPER_WRAP_KEY = "wrapKey";
+    public static final String KEY_OPER_UNWRAP_KEY = "unwrapKey";
+    public static final String KEY_OPER_DERIVE_KEY = "deriveKey";
+    public static final String KEY_OPER_DERIVE_BITS = "deriveBits";
     
     public JsonWebKey() {
         
@@ -76,28 +81,42 @@ public class JsonWebKey extends JsonMapObject {
         super(values);
     }
     
-    public void setKeyType(String keyType) {
-        setProperty(KEY_TYPE, keyType);
+    public void setKeyType(KeyType keyType) {
+        setProperty(KEY_TYPE, keyType.toString());
     }
-
-    public String getKeyType() {
-        return (String)getProperty(KEY_TYPE);
+    
+    public KeyType getKeyType() {
+        Object prop = getProperty(KEY_TYPE);
+        return prop == null ? null : KeyType.getKeyType(prop.toString());
     }
 
-    public void setPublicKeyUse(String use) {
-        setProperty(PUBLIC_KEY_USE, use);
+    public void setPublicKeyUse(PublicKeyUse use) {
+        setProperty(PUBLIC_KEY_USE, use.toString());
     }
     
-    public String getPublicKeyUse() {
-        return (String)getProperty(PUBLIC_KEY_USE);
+    public PublicKeyUse getPublicKeyUse() {
+        Object prop = getProperty(PUBLIC_KEY_USE);
+        return prop == null ? null : PublicKeyUse.getPublicKeyUse(prop.toString());
     }
 
-    public void setKeyOperation(List<String> keyOperation) {
-        setProperty(KEY_OPERATIONS, keyOperation);
+    public void setKeyOperation(List<KeyOperation> keyOperation) {
+        List<String> ops = new ArrayList<String>(keyOperation.size());
+        for (KeyOperation op : keyOperation) {
+            ops.add(op.toString());
+        }
+        setProperty(KEY_OPERATIONS, ops);
     }
 
-    public List<String> getKeyOperation() {
-        return CastUtils.cast((List<?>)getProperty(KEY_OPERATIONS));
+    public List<KeyOperation> getKeyOperation() {
+        List<Object> ops = CastUtils.cast((List<?>)getProperty(KEY_OPERATIONS));
+        if (ops == null) {
+            return null;
+        }
+        List<KeyOperation> keyOps = new ArrayList<KeyOperation>(ops.size());
+        for (Object op : ops) {
+            keyOps.add(KeyOperation.getKeyOperation(op.toString()));
+        }
+        return keyOps;
     }
     
     public void setAlgorithm(String algorithm) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/3d6dfd05/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JsonWebKeys.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JsonWebKeys.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JsonWebKeys.java
index e7410ae..1ca3ca8 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JsonWebKeys.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JsonWebKeys.java
@@ -70,41 +70,36 @@ public class JsonWebKeys extends JsonMapObject {
     public JsonWebKey getKey(String kid) {
         return getKeyIdMap().get(kid);
     }
-    public Map<String, List<JsonWebKey>> getKeyTypeMap() {
-        return getKeyPropertyMap(JsonWebKey.KEY_TYPE);
-    }
-    public Map<String, List<JsonWebKey>> getKeyUseMap() {
-        return getKeyPropertyMap(JsonWebKey.PUBLIC_KEY_USE);
-    }
-    private Map<String, List<JsonWebKey>> getKeyPropertyMap(String propertyName) {
+    public Map<KeyType, List<JsonWebKey>> getKeyTypeMap() {
         List<JsonWebKey> keys = getKeys();
         if (keys == null) {
             return Collections.emptyMap();
         }
-        Map<String, List<JsonWebKey>> map = new LinkedHashMap<String, List<JsonWebKey>>();
+        Map<KeyType, List<JsonWebKey>> map = new LinkedHashMap<KeyType, List<JsonWebKey>>();
         for (JsonWebKey key : keys) {
-            String propValue = (String)key.getProperty(propertyName);
-            if (propValue != null) {
-                List<JsonWebKey> list = map.get(propValue);
+            KeyType type = key.getKeyType();
+            if (type != null) {
+                List<JsonWebKey> list = map.get(type);
                 if (list == null) {
                     list = new LinkedList<JsonWebKey>();
-                    map.put(propValue, list);
+                    map.put(type, list);
                 }
                 list.add(key);
             }
         }
         return map;
     }
-    public Map<String, List<JsonWebKey>> getKeyOperationMap() {
+    
+    public Map<KeyOperation, List<JsonWebKey>> getKeyOperationMap() {
         List<JsonWebKey> keys = getKeys();
         if (keys == null) {
             return Collections.emptyMap();
         }
-        Map<String, List<JsonWebKey>> map = new LinkedHashMap<String, List<JsonWebKey>>();
+        Map<KeyOperation, List<JsonWebKey>> map = new LinkedHashMap<KeyOperation, List<JsonWebKey>>();
         for (JsonWebKey key : keys) {
-            List<String> ops = key.getKeyOperation();
+            List<KeyOperation> ops = key.getKeyOperation();
             if (ops != null) {
-                for (String op : ops) {
+                for (KeyOperation op : ops) {
                     List<JsonWebKey> list = map.get(op);
                     if (list == null) {
                         list = new LinkedList<JsonWebKey>();

http://git-wip-us.apache.org/repos/asf/cxf/blob/3d6dfd05/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JwkUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JwkUtils.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JwkUtils.java
index 3544779..511bf9b 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JwkUtils.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JwkUtils.java
@@ -262,13 +262,13 @@ public final class JwkUtils {
             return keys;
         }
     }
-    public static JsonWebKey loadJsonWebKey(Message m, Properties props, String keyOper) {
+    public static JsonWebKey loadJsonWebKey(Message m, Properties props, KeyOperation keyOper) {
         return loadJsonWebKey(m, props, keyOper, null);
     }
-    public static JsonWebKey loadJsonWebKey(Message m, Properties props, String keyOper, String inHeaderKid) {
+    public static JsonWebKey loadJsonWebKey(Message m, Properties props, KeyOperation keyOper, String inHeaderKid) {
         return loadJsonWebKey(m, props, keyOper, inHeaderKid, new DefaultJwkReaderWriter());
     }
-    public static JsonWebKey loadJsonWebKey(Message m, Properties props, String keyOper, String inHeaderKid, 
+    public static JsonWebKey loadJsonWebKey(Message m, Properties props, KeyOperation keyOper, String inHeaderKid, 
                                             JwkReaderWriter reader) {
         PrivateKeyPasswordProvider cb = KeyManagementUtils.loadPasswordProvider(m, props, keyOper);
         JsonWebKeys jwkSet = loadJwkSet(m, props, cb, reader);
@@ -282,18 +282,19 @@ public final class JwkUtils {
         if (kid != null) {
             return jwkSet.getKey(kid);
         } else if (keyOper != null) {
-            List<JsonWebKey> keys = jwkSet.getKeyUseMap().get(keyOper);
+            List<JsonWebKey> keys = jwkSet.getKeyOperationMap().get(keyOper);
             if (keys != null && keys.size() == 1) {
                 return keys.get(0);
             }
         }
         return null;
     }
-    public static List<JsonWebKey> loadJsonWebKeys(Message m, Properties props, String keyOper) {
+    public static List<JsonWebKey> loadJsonWebKeys(Message m, Properties props, KeyOperation keyOper) {
         return loadJsonWebKeys(m, props, keyOper, new DefaultJwkReaderWriter());
     }
 
-    public static List<JsonWebKey> loadJsonWebKeys(Message m, Properties props, String keyOper, 
+    public static List<JsonWebKey> loadJsonWebKeys(Message m, Properties props, 
+                                                   KeyOperation keyOper, 
                                                    JwkReaderWriter reader) {
         PrivateKeyPasswordProvider cb = KeyManagementUtils.loadPasswordProvider(m, props, keyOper);
         JsonWebKeys jwkSet = loadJwkSet(m, props, cb, reader);
@@ -311,7 +312,7 @@ public final class JwkUtils {
             return keys;
         }
         if (keyOper != null) {
-            List<JsonWebKey> keys = jwkSet.getKeyUseMap().get(keyOper);
+            List<JsonWebKey> keys = jwkSet.getKeyOperationMap().get(keyOper);
             if (keys != null && keys.size() == 1) {
                 return Collections.singletonList(keys.get(0));
             }
@@ -338,7 +339,7 @@ public final class JwkUtils {
     }
     public static JsonWebKey fromECPublicKey(ECPublicKey pk, String curve) {
         JsonWebKey jwk = new JsonWebKey();
-        jwk.setKeyType(JsonWebKey.KEY_TYPE_ELLIPTIC);
+        jwk.setKeyType(KeyType.EC);
         jwk.setProperty(JsonWebKey.EC_CURVE, curve);
         jwk.setProperty(JsonWebKey.EC_X_COORDINATE, 
                         Base64UrlUtility.encode(pk.getW().getAffineX().toByteArray()));
@@ -348,7 +349,7 @@ public final class JwkUtils {
     }
     public static JsonWebKey fromECPrivateKey(ECPrivateKey pk, String curve) {
         JsonWebKey jwk = new JsonWebKey();
-        jwk.setKeyType(JsonWebKey.KEY_TYPE_ELLIPTIC);
+        jwk.setKeyType(KeyType.EC);
         jwk.setProperty(JsonWebKey.EC_CURVE, curve);
         jwk.setProperty(JsonWebKey.EC_PRIVATE_KEY, 
                         Base64UrlUtility.encode(pk.getS().toByteArray()));
@@ -431,7 +432,7 @@ public final class JwkUtils {
             throw new SecurityException("Invalid algorithm");
         }
         JsonWebKey jwk = new JsonWebKey();
-        jwk.setKeyType(JsonWebKey.KEY_TYPE_OCTET);
+        jwk.setKeyType(KeyType.OCTET);
         jwk.setAlgorithm(algo);
         String encodedSecretKey = Base64UrlUtility.encode(secretKey.getEncoded());
         jwk.setProperty(JsonWebKey.OCTET_KEY_VALUE, encodedSecretKey);
@@ -453,7 +454,7 @@ public final class JwkUtils {
             throw new SecurityException("Invalid algorithm");
         }
         JsonWebKey jwk = new JsonWebKey();
-        jwk.setKeyType(JsonWebKey.KEY_TYPE_RSA);
+        jwk.setKeyType(KeyType.RSA);
         jwk.setAlgorithm(algo);
         String encodedModulus = Base64UrlUtility.encode(modulus.toByteArray());
         jwk.setProperty(JsonWebKey.RSA_MODULUS, encodedModulus);

http://git-wip-us.apache.org/repos/asf/cxf/blob/3d6dfd05/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsHeaders.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsHeaders.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsHeaders.java
index 8d56763..2477f1a 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsHeaders.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsHeaders.java
@@ -21,6 +21,7 @@ package org.apache.cxf.rs.security.jose.jws;
 import java.util.Map;
 
 import org.apache.cxf.rs.security.jose.JoseHeaders;
+import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
 
 public class JwsHeaders extends JoseHeaders {
     public JwsHeaders() {
@@ -40,4 +41,18 @@ public class JwsHeaders extends JoseHeaders {
         setAlgorithm(sigAlgo);
     }
 
+    public void setSignatureAlgorithm(String type) {
+        setAlgorithm(type);
+    }
+    
+    public void setSignatureAlgorithm(SignatureAlgorithm algo) {
+        this.setSignatureAlgorithm(algo.getJwaName());
+    }
+    
+    public String getSignatureAlgorithm() {
+        return super.getAlgorithm();
+    }
+    public SignatureAlgorithm getSignatureAlgorithmEnum() {
+        return SignatureAlgorithm.getAlgorithm(getSignatureAlgorithm());
+    }
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/3d6dfd05/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
index 38db1b5..f8073cd 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
@@ -47,6 +47,8 @@ import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils;
 import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
 import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
 import org.apache.cxf.rs.security.jose.jwk.JwkUtils;
+import org.apache.cxf.rs.security.jose.jwk.KeyOperation;
+import org.apache.cxf.rs.security.jose.jwk.KeyType;
 
 public final class JwsUtils {
     private static final Logger LOG = LogUtils.getL7dLogger(JwsUtils.class);
@@ -87,15 +89,14 @@ public final class JwsUtils {
     public static JwsSignatureProvider getSignatureProvider(JsonWebKey jwk, String defaultAlgorithm) {
         String signatureAlgo = jwk.getAlgorithm() == null ? defaultAlgorithm : jwk.getAlgorithm();
         JwsSignatureProvider theSigProvider = null;
-        if (JsonWebKey.KEY_TYPE_RSA.equals(jwk.getKeyType())) {
+        KeyType keyType = jwk.getKeyType();
+        if (KeyType.RSA == keyType) {
             theSigProvider = getPrivateKeySignatureProvider(JwkUtils.toRSAPrivateKey(jwk),
                                                             signatureAlgo);
-            
-            
-        } else if (JsonWebKey.KEY_TYPE_OCTET.equals(jwk.getKeyType())) { 
+        } else if (KeyType.OCTET == keyType) { 
             byte[] key = JoseUtils.decode((String)jwk.getProperty(JsonWebKey.OCTET_KEY_VALUE));
             theSigProvider = getHmacSignatureProvider(key, signatureAlgo);
-        } else if (JsonWebKey.KEY_TYPE_ELLIPTIC.equals(jwk.getKeyType())) {
+        } else if (KeyType.EC == jwk.getKeyType()) {
             theSigProvider = getPrivateKeySignatureProvider(JwkUtils.toECPrivateKey(jwk),
                                                             signatureAlgo);
         }
@@ -130,12 +131,13 @@ public final class JwsUtils {
     public static JwsSignatureVerifier getSignatureVerifier(JsonWebKey jwk, String defaultAlgorithm) {
         String signatureAlgo = jwk.getAlgorithm() == null ? defaultAlgorithm : jwk.getAlgorithm();
         JwsSignatureVerifier theVerifier = null;
-        if (JsonWebKey.KEY_TYPE_RSA.equals(jwk.getKeyType())) {
+        KeyType keyType = jwk.getKeyType();
+        if (KeyType.RSA == keyType) {
             theVerifier = getPublicKeySignatureVerifier(JwkUtils.toRSAPublicKey(jwk, true), signatureAlgo);
-        } else if (JsonWebKey.KEY_TYPE_OCTET.equals(jwk.getKeyType())) { 
+        } else if (KeyType.OCTET == keyType) { 
             byte[] key = JoseUtils.decode((String)jwk.getProperty(JsonWebKey.OCTET_KEY_VALUE));
             theVerifier = getHmacSignatureVerifier(key, signatureAlgo);
-        } else if (JsonWebKey.KEY_TYPE_ELLIPTIC.equals(jwk.getKeyType())) {
+        } else if (KeyType.EC == keyType) {
             theVerifier = getPublicKeySignatureVerifier(JwkUtils.toECPublicKey(jwk), signatureAlgo);
         }
         return theVerifier;
@@ -212,7 +214,7 @@ public final class JwsUtils {
         }
         List<JwsSignatureProvider> theSigProviders = null; 
         if (JwkUtils.JWK_KEY_STORE_TYPE.equals(props.get(KeyManagementUtils.RSSEC_KEY_STORE_TYPE))) {
-            List<JsonWebKey> jwks = JwkUtils.loadJsonWebKeys(m, props, JsonWebKey.KEY_OPER_SIGN);
+            List<JsonWebKey> jwks = JwkUtils.loadJsonWebKeys(m, props, KeyOperation.SIGN);
             if (jwks != null) {
                 theSigProviders = new ArrayList<JwsSignatureProvider>(jwks.size());
                 for (JsonWebKey jwk : jwks) {
@@ -235,7 +237,7 @@ public final class JwsUtils {
         }
         List<JwsSignatureVerifier> theVerifiers = null; 
         if (JwkUtils.JWK_KEY_STORE_TYPE.equals(props.get(KeyManagementUtils.RSSEC_KEY_STORE_TYPE))) {
-            List<JsonWebKey> jwks = JwkUtils.loadJsonWebKeys(m, props, JsonWebKey.KEY_OPER_VERIFY);
+            List<JsonWebKey> jwks = JwkUtils.loadJsonWebKeys(m, props, KeyOperation.VERIFY);
             if (jwks != null) {
                 theVerifiers = new ArrayList<JwsSignatureVerifier>(jwks.size());
                 for (JsonWebKey jwk : jwks) {
@@ -267,7 +269,7 @@ public final class JwsUtils {
                 MessageUtils.getContextualProperty(m, RSSEC_REPORT_KEY_ID_PROP,
                                                    KeyManagementUtils.RSSEC_REPORT_KEY_ID_PROP));
         if (JwkUtils.JWK_KEY_STORE_TYPE.equals(props.get(KeyManagementUtils.RSSEC_KEY_STORE_TYPE))) {
-            JsonWebKey jwk = JwkUtils.loadJsonWebKey(m, props, JsonWebKey.KEY_OPER_SIGN);
+            JsonWebKey jwk = JwkUtils.loadJsonWebKey(m, props, KeyOperation.SIGN);
             if (jwk != null) {
                 String signatureAlgo = getSignatureAlgo(m, props, jwk.getAlgorithm(), getDefaultKeyAlgo(jwk));
                 theSigProvider = JwsUtils.getSignatureProvider(jwk, signatureAlgo);
@@ -277,7 +279,7 @@ public final class JwsUtils {
             }
         } else {
             String signatureAlgo = getSignatureAlgo(m, props, null, null);
-            PrivateKey pk = KeyManagementUtils.loadPrivateKey(m, props, JsonWebKey.KEY_OPER_SIGN);
+            PrivateKey pk = KeyManagementUtils.loadPrivateKey(m, props, KeyOperation.SIGN);
             theSigProvider = getPrivateKeySignatureProvider(pk, signatureAlgo);
             if (reportPublicKey) {
                 headers.setX509Chain(KeyManagementUtils.loadAndEncodeX509CertificateOrChain(m, props));
@@ -313,7 +315,7 @@ public final class JwsUtils {
         }
         
         if (JwkUtils.JWK_KEY_STORE_TYPE.equals(props.get(KeyManagementUtils.RSSEC_KEY_STORE_TYPE))) {
-            JsonWebKey jwk = JwkUtils.loadJsonWebKey(m, props, JsonWebKey.KEY_OPER_VERIFY, inHeaderKid);
+            JsonWebKey jwk = JwkUtils.loadJsonWebKey(m, props, KeyOperation.VERIFY, inHeaderKid);
             if (jwk != null) {
                 String signatureAlgo = getSignatureAlgo(m, props, jwk.getAlgorithm(), getDefaultKeyAlgo(jwk));
                 theVerifier = getSignatureVerifier(jwk, signatureAlgo);
@@ -348,9 +350,10 @@ public final class JwsUtils {
         return algo;
     }
     private static String getDefaultKeyAlgo(JsonWebKey jwk) {
-        if (JsonWebKey.KEY_TYPE_OCTET.equals(jwk.getKeyType())) {
+        KeyType keyType = jwk.getKeyType();
+        if (KeyType.OCTET == keyType) {
             return AlgorithmUtils.HMAC_SHA_256_ALGO;
-        } else if (JsonWebKey.KEY_TYPE_ELLIPTIC.equals(jwk.getKeyType())) {
+        } else if (KeyType.EC == keyType) {
             return AlgorithmUtils.ES_SHA_256_ALGO;
         } else {
             return AlgorithmUtils.RS_SHA_256_ALGO;

http://git-wip-us.apache.org/repos/asf/cxf/blob/3d6dfd05/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/JwkJoseCookBookTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/JwkJoseCookBookTest.java b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/JwkJoseCookBookTest.java
index 223e68c..b9cb8bf 100644
--- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/JwkJoseCookBookTest.java
+++ b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/cookbook/JwkJoseCookBookTest.java
@@ -27,6 +27,8 @@ import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils;
 import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
 import org.apache.cxf.rs.security.jose.jwk.JsonWebKeys;
 import org.apache.cxf.rs.security.jose.jwk.JwkUtils;
+import org.apache.cxf.rs.security.jose.jwk.KeyType;
+import org.apache.cxf.rs.security.jose.jwk.PublicKeyUse;
 
 import org.junit.Assert;
 import org.junit.Test;
@@ -97,13 +99,13 @@ public class JwkJoseCookBookTest extends Assert {
     @Test
     public void testPublicSetAsMap() throws Exception {
         JsonWebKeys jwks = readKeySet("cookbookPublicSet.txt");
-        Map<String, List<JsonWebKey>> keysMap = jwks.getKeyTypeMap();
+        Map<KeyType, List<JsonWebKey>> keysMap = jwks.getKeyTypeMap();
         assertEquals(2, keysMap.size());
-        List<JsonWebKey> rsaKeys = keysMap.get("RSA");
+        List<JsonWebKey> rsaKeys = keysMap.get(KeyType.RSA);
         assertEquals(1, rsaKeys.size());
         assertEquals(5, rsaKeys.get(0).asMap().size());
         validatePublicRsaKey(rsaKeys.get(0));
-        List<JsonWebKey> ecKeys = keysMap.get("EC");
+        List<JsonWebKey> ecKeys = keysMap.get(KeyType.EC);
         assertEquals(1, ecKeys.size());
         assertEquals(6, ecKeys.get(0).asMap().size());
         validatePublicEcKey(ecKeys.get(0));
@@ -138,20 +140,20 @@ public class JwkJoseCookBookTest extends Assert {
     private void validateSecretSignKey(JsonWebKey key) {
         assertEquals(SIGN_SECRET_VALUE, key.getProperty(JsonWebKey.OCTET_KEY_VALUE));
         assertEquals(SIGN_KID_VALUE, key.getKeyId());
-        assertEquals(JsonWebKey.KEY_TYPE_OCTET, key.getKeyType());
+        assertEquals(KeyType.OCTET, key.getKeyType());
         assertEquals(AlgorithmUtils.HMAC_SHA_256_ALGO, key.getAlgorithm());
     }
     private void validateSecretEncKey(JsonWebKey key) {
         assertEquals(ENCRYPTION_SECRET_VALUE, key.getProperty(JsonWebKey.OCTET_KEY_VALUE));
         assertEquals(ENCRYPTION_KID_VALUE, key.getKeyId());
-        assertEquals(JsonWebKey.KEY_TYPE_OCTET, key.getKeyType());
+        assertEquals(KeyType.OCTET, key.getKeyType());
         assertEquals(AlgorithmUtils.A256GCM_ALGO, key.getAlgorithm());
     }
     private void validatePublicRsaKey(JsonWebKey key) {
         assertEquals(RSA_MODULUS_VALUE, key.getProperty(JsonWebKey.RSA_MODULUS));
         assertEquals(RSA_PUBLIC_EXP_VALUE, key.getProperty(JsonWebKey.RSA_PUBLIC_EXP));
         assertEquals(RSA_KID_VALUE, key.getKeyId());
-        assertEquals(JsonWebKey.KEY_TYPE_RSA, key.getKeyType());
+        assertEquals(KeyType.RSA, key.getKeyType());
     }
     private void validatePrivateRsaKey(JsonWebKey key) {
         validatePublicRsaKey(key);
@@ -166,9 +168,9 @@ public class JwkJoseCookBookTest extends Assert {
         assertEquals(EC_X_COORDINATE_VALUE, key.getProperty(JsonWebKey.EC_X_COORDINATE));
         assertEquals(EC_Y_COORDINATE_VALUE, key.getProperty(JsonWebKey.EC_Y_COORDINATE));
         assertEquals(EC_KID_VALUE, key.getKeyId());
-        assertEquals(JsonWebKey.KEY_TYPE_ELLIPTIC, key.getKeyType());
+        assertEquals(KeyType.EC, key.getKeyType());
         assertEquals(EC_CURVE_VALUE, key.getProperty(JsonWebKey.EC_CURVE));
-        assertEquals(JsonWebKey.PUBLIC_KEY_USE_SIGN, key.getPublicKeyUse());
+        assertEquals(PublicKeyUse.SIGN, key.getPublicKeyUse());
     }
     private void validatePrivateEcKey(JsonWebKey key) {
         validatePublicEcKey(key);

http://git-wip-us.apache.org/repos/asf/cxf/blob/3d6dfd05/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwk/JsonWebKeyTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwk/JsonWebKeyTest.java b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwk/JsonWebKeyTest.java
index f33ecbb..8ecabd7 100644
--- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwk/JsonWebKeyTest.java
+++ b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwk/JsonWebKeyTest.java
@@ -183,13 +183,13 @@ public class JsonWebKeyTest extends Assert {
     private void validateSecretAesKey(JsonWebKey key) {
         assertEquals(AES_SECRET_VALUE, key.getProperty(JsonWebKey.OCTET_KEY_VALUE));
         assertEquals(AES_KID_VALUE, key.getKeyId());
-        assertEquals(JsonWebKey.KEY_TYPE_OCTET, key.getKeyType());
+        assertEquals(KeyType.OCTET, key.getKeyType());
         assertEquals(AlgorithmUtils.A128KW_ALGO, key.getAlgorithm());
     }
     private void validateSecretHmacKey(JsonWebKey key) {
         assertEquals(HMAC_SECRET_VALUE, key.getProperty(JsonWebKey.OCTET_KEY_VALUE));
         assertEquals(HMAC_KID_VALUE, key.getKeyId());
-        assertEquals(JsonWebKey.KEY_TYPE_OCTET, key.getKeyType());
+        assertEquals(KeyType.OCTET, key.getKeyType());
         assertEquals(AlgorithmUtils.HMAC_SHA_256_ALGO, key.getAlgorithm());
     }
     
@@ -197,7 +197,7 @@ public class JsonWebKeyTest extends Assert {
         assertEquals(RSA_MODULUS_VALUE, key.getProperty(JsonWebKey.RSA_MODULUS));
         assertEquals(RSA_PUBLIC_EXP_VALUE, key.getProperty(JsonWebKey.RSA_PUBLIC_EXP));
         assertEquals(RSA_KID_VALUE, key.getKeyId());
-        assertEquals(JsonWebKey.KEY_TYPE_RSA, key.getKeyType());
+        assertEquals(KeyType.RSA, key.getKeyType());
         assertEquals(AlgorithmUtils.RS_SHA_256_ALGO, key.getAlgorithm());
     }
     private void validatePrivateRsaKey(JsonWebKey key) {
@@ -213,9 +213,9 @@ public class JsonWebKeyTest extends Assert {
         assertEquals(EC_X_COORDINATE_VALUE, key.getProperty(JsonWebKey.EC_X_COORDINATE));
         assertEquals(EC_Y_COORDINATE_VALUE, key.getProperty(JsonWebKey.EC_Y_COORDINATE));
         assertEquals(EC_KID_VALUE, key.getKeyId());
-        assertEquals(JsonWebKey.KEY_TYPE_ELLIPTIC, key.getKeyType());
+        assertEquals(KeyType.EC, key.getKeyType());
         assertEquals(EC_CURVE_VALUE, key.getProperty(JsonWebKey.EC_CURVE));
-        assertEquals(JsonWebKey.PUBLIC_KEY_USE_ENCRYPT, key.getPublicKeyUse());
+        assertEquals(PublicKeyUse.ENCRYPT, key.getPublicKeyUse());
     }
     private void validatePrivateEcKey(JsonWebKey key) {
         validatePublicEcKey(key);

http://git-wip-us.apache.org/repos/asf/cxf/blob/3d6dfd05/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsCompactReaderWriterTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsCompactReaderWriterTest.java b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsCompactReaderWriterTest.java
index 8f65be7..c215e56 100644
--- a/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsCompactReaderWriterTest.java
+++ b/rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsCompactReaderWriterTest.java
@@ -33,11 +33,14 @@ import org.apache.cxf.rs.security.jose.JoseHeaders;
 import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils;
 import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
 import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
+import org.apache.cxf.rs.security.jose.jwk.KeyOperation;
+import org.apache.cxf.rs.security.jose.jwk.KeyType;
 import org.apache.cxf.rs.security.jose.jwt.JwtClaims;
 import org.apache.cxf.rs.security.jose.jwt.JwtToken;
 import org.apache.cxf.rs.security.jose.jwt.JwtTokenReaderWriter;
 import org.apache.cxf.rt.security.crypto.CryptoUtils;
 import org.bouncycastle.jce.provider.BouncyCastleProvider;
+
 import org.junit.Assert;
 import org.junit.Test;
 
@@ -142,9 +145,9 @@ public class JwsCompactReaderWriterTest extends Assert {
     @Test
     public void testWriteJwsWithJwkSignedByMac() throws Exception {
         JsonWebKey key = new JsonWebKey();
-        key.setKeyType(JsonWebKey.KEY_TYPE_OCTET);
+        key.setKeyType(KeyType.OCTET);
         key.setKeyOperation(Arrays.asList(
-            new String[]{JsonWebKey.KEY_OPER_SIGN, JsonWebKey.KEY_OPER_VERIFY}));
+            new KeyOperation[]{KeyOperation.SIGN, KeyOperation.VERIFY}));
         doTestWriteJwsWithJwkSignedByMac(key);
     }
     
@@ -153,7 +156,7 @@ public class JwsCompactReaderWriterTest extends Assert {
         Map<String, Object> map = new LinkedHashMap<String, Object>();
         map.put(JsonWebKey.KEY_TYPE, JsonWebKey.KEY_TYPE_OCTET);
         map.put(JsonWebKey.KEY_OPERATIONS,
-                new String[]{JsonWebKey.KEY_OPER_SIGN, JsonWebKey.KEY_OPER_VERIFY});
+                new KeyOperation[]{KeyOperation.SIGN, KeyOperation.VERIFY});
         doTestWriteJwsWithJwkSignedByMac(map);
     }
     
@@ -186,11 +189,11 @@ public class JwsCompactReaderWriterTest extends Assert {
         assertEquals(SignatureAlgorithm.HS256.getJwaName(), headers.getAlgorithm());
         
         JsonWebKey key = headers.getJsonWebKey();
-        assertEquals(JsonWebKey.KEY_TYPE_OCTET, key.getKeyType());
-        List<String> keyOps = key.getKeyOperation();
+        assertEquals(KeyType.OCTET, key.getKeyType());
+        List<KeyOperation> keyOps = key.getKeyOperation();
         assertEquals(2, keyOps.size());
-        assertEquals(JsonWebKey.KEY_OPER_SIGN, keyOps.get(0));
-        assertEquals(JsonWebKey.KEY_OPER_VERIFY, keyOps.get(1));
+        assertEquals(KeyOperation.SIGN, keyOps.get(0));
+        assertEquals(KeyOperation.VERIFY, keyOps.get(1));
         
         validateSpecClaim(token.getClaims());
     }


Mime
View raw message