cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject [2/2] cxf git commit: making JoseHeaders abstract and its setAlgorithm protected with lots of related changes
Date Wed, 22 Jul 2015 19:41:00 GMT
making JoseHeaders abstract and its setAlgorithm protected with lots of related changes


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/f82e14c7
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/f82e14c7
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/f82e14c7

Branch: refs/heads/3.0.x-fixes
Commit: f82e14c710fd90e4c3f70b6568f0631a51b07d27
Parents: 5d02121
Author: Sergey Beryozkin <sberyozkin@talend.com>
Authored: Wed Jul 22 22:37:32 2015 +0300
Committer: Sergey Beryozkin <sberyozkin@talend.com>
Committed: Wed Jul 22 22:40:32 2015 +0300

----------------------------------------------------------------------
 .../cxf/rs/security/jose/JoseHeaders.java       |  6 +-
 .../security/jose/JoseHeadersReaderWriter.java  | 38 ----------
 .../jose/jaxrs/AbstractJwsReaderProvider.java   |  4 +-
 .../jose/jaxrs/AbstractJwsWriterProvider.java   |  3 +-
 .../jose/jaxrs/JwsClientResponseFilter.java     |  4 +-
 .../jose/jaxrs/JwsContainerRequestFilter.java   |  6 +-
 .../jose/jaxrs/JwsJsonWriterInterceptor.java    | 10 +--
 .../jose/jaxrs/JwsWriterInterceptor.java        |  6 +-
 .../jaxrs/JwtAuthenticationClientFilter.java    |  4 +-
 .../jose/jaxrs/JwtJwsAuthenticationFilter.java  |  4 +-
 .../rs/security/jose/jwa/AlgorithmUtils.java    |  2 +-
 .../security/jose/jwa/SignatureAlgorithm.java   |  5 +-
 .../jose/jwe/AbstractJweEncryption.java         |  8 +--
 .../security/jose/jwe/JweCompactConsumer.java   | 10 +--
 .../security/jose/jwe/JweCompactProducer.java   |  4 +-
 .../cxf/rs/security/jose/jwe/JweHeaders.java    |  4 +-
 .../rs/security/jose/jwe/JweJsonProducer.java   |  4 +-
 .../jose/jwe/JweJwtCompactProducer.java         |  7 +-
 .../cxf/rs/security/jose/jwe/JweUtils.java      |  2 +-
 .../PbesHmacAesWrapKeyDecryptionAlgorithm.java  |  2 +-
 .../jose/jws/AbstractJwsSignatureProvider.java  | 11 ++-
 .../jose/jws/HmacJwsSignatureProvider.java      |  7 +-
 .../jose/jws/HmacJwsSignatureVerifier.java      |  9 ++-
 .../security/jose/jws/JwsCompactConsumer.java   | 20 +++---
 .../security/jose/jws/JwsCompactProducer.java   | 25 ++++---
 .../rs/security/jose/jws/JwsJsonConsumer.java   |  9 ++-
 .../rs/security/jose/jws/JwsJsonProducer.java   | 18 ++---
 .../jose/jws/JwsJsonSignatureEntry.java         | 12 ++--
 .../jose/jws/JwsJwtCompactConsumer.java         | 10 ++-
 .../jose/jws/JwsJwtCompactProducer.java         |  3 +-
 .../cxf/rs/security/jose/jws/JwsUtils.java      | 19 ++---
 .../jose/jws/NoneJwsSignatureProvider.java      |  2 +-
 .../jose/jws/NoneJwsSignatureVerifier.java      |  5 +-
 .../jws/PrivateKeyJwsSignatureProvider.java     |  6 +-
 .../jose/jws/PublicKeyJwsSignatureVerifier.java |  6 +-
 .../cxf/rs/security/jose/jwt/JwtTokenJson.java  | 37 ----------
 .../security/jose/jwt/JwtTokenReaderWriter.java | 21 +-----
 .../jose/cookbook/JwsJoseCookBookTest.java      | 75 ++++++++++----------
 .../jose/jwe/JwePbeHmacAesWrapTest.java         |  3 +-
 .../security/jose/jws/JwsCompactHeaderTest.java | 21 +++---
 .../jose/jws/JwsCompactReaderWriterTest.java    | 42 +++++------
 .../security/jose/jws/JwsJsonProducerTest.java  | 14 ++--
 42 files changed, 209 insertions(+), 299 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeaders.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeaders.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeaders.java
index 66c7863..df7867d 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeaders.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeaders.java
@@ -26,7 +26,7 @@ import org.apache.cxf.helpers.CastUtils;
 import org.apache.cxf.jaxrs.provider.json.JsonMapObject;
 import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
 
-public class JoseHeaders extends JsonMapObject {
+public abstract class JoseHeaders extends JsonMapObject {
     public JoseHeaders() {
     }
     
@@ -61,11 +61,11 @@ public class JoseHeaders extends JsonMapObject {
         return (String)getHeader(JoseConstants.HEADER_CONTENT_TYPE);
     }
     
-    public void setAlgorithm(String algo) {
+    protected void setAlgorithm(String algo) {
         setHeader(JoseConstants.HEADER_ALGORITHM, algo);
     }
     
-    public String getAlgorithm() {
+    protected String getAlgorithm() {
         Object prop = getHeader(JoseConstants.HEADER_ALGORITHM);
         return prop == null ? null : prop.toString();
     }

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeadersReaderWriter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeadersReaderWriter.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeadersReaderWriter.java
deleted file mode 100644
index 37a0aa5..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeadersReaderWriter.java
+++ /dev/null
@@ -1,38 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose;
-
-import org.apache.cxf.jaxrs.provider.json.JsonMapObjectReaderWriter;
-
-
-
-
-
-public class JoseHeadersReaderWriter extends JsonMapObjectReaderWriter {
-    public String headersToJson(JoseHeaders headers) {
-        return toJson(headers);
-    }
-    
-    public JoseHeaders fromJsonHeaders(String headersJson) {
-        JoseHeaders headers = new JoseHeaders();
-        fromJson(headers, headersJson);
-        return headers;
-    }
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsReaderProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsReaderProvider.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsReaderProvider.java
index 90d6c74..0e8b0d0 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsReaderProvider.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsReaderProvider.java
@@ -18,7 +18,7 @@
  */
 package org.apache.cxf.rs.security.jose.jaxrs;
 
-import org.apache.cxf.rs.security.jose.JoseHeaders;
+import org.apache.cxf.rs.security.jose.jws.JwsHeaders;
 import org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier;
 import org.apache.cxf.rs.security.jose.jws.JwsUtils;
 
@@ -30,7 +30,7 @@ public class AbstractJwsReaderProvider {
         this.sigVerifier = signatureVerifier;
     }
 
-    protected JwsSignatureVerifier getInitializedSigVerifier(JoseHeaders headers) {
+    protected JwsSignatureVerifier getInitializedSigVerifier(JwsHeaders headers) {
         if (sigVerifier != null) {
             return sigVerifier;    
         } 

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsWriterProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsWriterProvider.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsWriterProvider.java
index 02f5390..33ec0b0 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsWriterProvider.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsWriterProvider.java
@@ -27,6 +27,7 @@ import org.apache.cxf.helpers.IOUtils;
 import org.apache.cxf.rs.security.jose.JoseHeaders;
 import org.apache.cxf.rs.security.jose.JoseUtils;
 import org.apache.cxf.rs.security.jose.jws.JwsCompactProducer;
+import org.apache.cxf.rs.security.jose.jws.JwsHeaders;
 import org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider;
 import org.apache.cxf.rs.security.jose.jws.JwsUtils;
 
@@ -37,7 +38,7 @@ public class AbstractJwsWriterProvider {
         this.sigProvider = signatureProvider;
     }
     
-    protected JwsSignatureProvider getInitializedSigProvider(JoseHeaders headers) {
+    protected JwsSignatureProvider getInitializedSigProvider(JwsHeaders headers) {
         setRequestContextProperty(headers);
         if (sigProvider != null) {
             return sigProvider;    

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsClientResponseFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsClientResponseFilter.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsClientResponseFilter.java
index e70bead..8b811ec 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsClientResponseFilter.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsClientResponseFilter.java
@@ -37,14 +37,14 @@ public class JwsClientResponseFilter extends AbstractJwsReaderProvider implement
     @Override
     public void filter(ClientRequestContext req, ClientResponseContext res) throws IOException {
         JwsCompactConsumer p = new JwsCompactConsumer(IOUtils.readStringFromStream(res.getEntityStream()));
-        JwsSignatureVerifier theSigVerifier = getInitializedSigVerifier(p.getJoseHeaders());
+        JwsSignatureVerifier theSigVerifier = getInitializedSigVerifier(p.getJwsHeaders());
         if (!p.verifySignatureWith(theSigVerifier)) {
             throw new JwsException(JwsException.Error.INVALID_SIGNATURE);
         }
         byte[] bytes = p.getDecodedJwsPayloadBytes();
         res.setEntityStream(new ByteArrayInputStream(bytes));
         res.getHeaders().putSingle("Content-Length", Integer.toString(bytes.length));
-        String ct = JoseUtils.checkContentType(p.getJoseHeaders().getContentType(), getDefaultMediaType());
+        String ct = JoseUtils.checkContentType(p.getJwsHeaders().getContentType(), getDefaultMediaType());
         if (ct != null) {
             res.getHeaders().putSingle("Content-Type", ct);
         }

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsContainerRequestFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsContainerRequestFilter.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsContainerRequestFilter.java
index 6eb15e4..8a3a069 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsContainerRequestFilter.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsContainerRequestFilter.java
@@ -42,17 +42,17 @@ public class JwsContainerRequestFilter extends AbstractJwsReaderProvider impleme
             return;
         }
         JwsCompactConsumer p = new JwsCompactConsumer(IOUtils.readStringFromStream(context.getEntityStream()));
-        JwsSignatureVerifier theSigVerifier = getInitializedSigVerifier(p.getJoseHeaders());
+        JwsSignatureVerifier theSigVerifier = getInitializedSigVerifier(p.getJwsHeaders());
         if (!p.verifySignatureWith(theSigVerifier)) {
             context.abortWith(JAXRSUtils.toResponse(400));
             return;
         }
-        JoseUtils.validateRequestContextProperty(p.getJoseHeaders());
+        JoseUtils.validateRequestContextProperty(p.getJwsHeaders());
         byte[] bytes = p.getDecodedJwsPayloadBytes();
         context.setEntityStream(new ByteArrayInputStream(bytes));
         context.getHeaders().putSingle("Content-Length", Integer.toString(bytes.length));
         
-        String ct = JoseUtils.checkContentType(p.getJoseHeaders().getContentType(), getDefaultMediaType());
+        String ct = JoseUtils.checkContentType(p.getJwsHeaders().getContentType(), getDefaultMediaType());
         if (ct != null) {
             context.getHeaders().putSingle("Content-Type", ct);
         }

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonWriterInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonWriterInterceptor.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonWriterInterceptor.java
index 7f7435d..722ae59 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonWriterInterceptor.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonWriterInterceptor.java
@@ -33,10 +33,10 @@ import org.apache.cxf.common.util.Base64UrlOutputStream;
 import org.apache.cxf.common.util.Base64UrlUtility;
 import org.apache.cxf.common.util.StringUtils;
 import org.apache.cxf.io.CachedOutputStream;
+import org.apache.cxf.jaxrs.provider.json.JsonMapObjectReaderWriter;
 import org.apache.cxf.jaxrs.utils.JAXRSUtils;
 import org.apache.cxf.rs.security.jose.JoseConstants;
 import org.apache.cxf.rs.security.jose.JoseHeaders;
-import org.apache.cxf.rs.security.jose.JoseHeadersReaderWriter;
 import org.apache.cxf.rs.security.jose.jws.JwsHeaders;
 import org.apache.cxf.rs.security.jose.jws.JwsJsonOutputStream;
 import org.apache.cxf.rs.security.jose.jws.JwsJsonProducer;
@@ -45,7 +45,7 @@ import org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider;
 
 @Priority(Priorities.JWS_WRITE_PRIORITY)
 public class JwsJsonWriterInterceptor extends AbstractJwsJsonWriterProvider implements WriterInterceptor {
-    private JoseHeadersReaderWriter writer = new JoseHeadersReaderWriter();
+    private JsonMapObjectReaderWriter writer = new JsonMapObjectReaderWriter();
     private boolean contentTypeRequired = true;
     private boolean useJwsOutputStream;
     @Override
@@ -82,7 +82,7 @@ public class JwsJsonWriterInterceptor extends AbstractJwsJsonWriterProvider impl
             ctx.proceed();
             JwsJsonProducer p = new JwsJsonProducer(new String(cos.getBytes(), "UTF-8"));
             for (JwsSignatureProvider signer : sigProviders) {
-                JoseHeaders protectedHeader = prepareProtectedHeader(ctx, signer);
+                JwsHeaders protectedHeader = prepareProtectedHeader(ctx, signer);
                 p.signWith(signer, protectedHeader, null);    
             }
             ctx.setMediaType(JAXRSUtils.toMediaType(JoseConstants.MEDIA_TYPE_JOSE_JSON));
@@ -92,9 +92,9 @@ public class JwsJsonWriterInterceptor extends AbstractJwsJsonWriterProvider impl
     }
     
     private JwsHeaders prepareProtectedHeader(WriterInterceptorContext ctx, 
-                                                          JwsSignatureProvider signer) {
+                                              JwsSignatureProvider signer) {
         JwsHeaders headers = new JwsHeaders();
-        headers.setAlgorithm(signer.getAlgorithm().getJwaName());
+        headers.setSignatureAlgorithm(signer.getAlgorithm());
         setContentTypeIfNeeded(headers, ctx);
         return headers;
     }

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsWriterInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsWriterInterceptor.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsWriterInterceptor.java
index 52a09d1..5deaceb 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsWriterInterceptor.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsWriterInterceptor.java
@@ -31,10 +31,10 @@ import org.apache.cxf.common.util.Base64UrlOutputStream;
 import org.apache.cxf.common.util.Base64UrlUtility;
 import org.apache.cxf.common.util.StringUtils;
 import org.apache.cxf.io.CachedOutputStream;
+import org.apache.cxf.jaxrs.provider.json.JsonMapObjectReaderWriter;
 import org.apache.cxf.jaxrs.utils.JAXRSUtils;
 import org.apache.cxf.rs.security.jose.JoseConstants;
 import org.apache.cxf.rs.security.jose.JoseHeaders;
-import org.apache.cxf.rs.security.jose.JoseHeadersReaderWriter;
 import org.apache.cxf.rs.security.jose.jws.JwsCompactProducer;
 import org.apache.cxf.rs.security.jose.jws.JwsHeaders;
 import org.apache.cxf.rs.security.jose.jws.JwsOutputStream;
@@ -45,7 +45,7 @@ import org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider;
 public class JwsWriterInterceptor extends AbstractJwsWriterProvider implements WriterInterceptor {
     private boolean contentTypeRequired = true;
     private boolean useJwsOutputStream;
-    private JoseHeadersReaderWriter writer = new JoseHeadersReaderWriter();
+    private JsonMapObjectReaderWriter writer = new JsonMapObjectReaderWriter();
     @Override
     public void aroundWriteTo(WriterInterceptorContext ctx) throws IOException, WebApplicationException {
         if (ctx.getEntity() == null) {
@@ -59,7 +59,7 @@ public class JwsWriterInterceptor extends AbstractJwsWriterProvider implements W
         if (useJwsOutputStream) {
             JwsSignature jwsSignature = sigProvider.createJwsSignature(headers);
             JwsOutputStream jwsStream = new JwsOutputStream(actualOs, jwsSignature);
-            byte[] headerBytes = StringUtils.toBytesUTF8(writer.headersToJson(headers));
+            byte[] headerBytes = StringUtils.toBytesUTF8(writer.toJson(headers));
             Base64UrlUtility.encodeAndStream(headerBytes, 0, headerBytes.length, jwsStream);
             jwsStream.write(new byte[]{'.'});
                         

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtAuthenticationClientFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtAuthenticationClientFilter.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtAuthenticationClientFilter.java
index 70a1905..a8f6ff0 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtAuthenticationClientFilter.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtAuthenticationClientFilter.java
@@ -31,8 +31,8 @@ import org.apache.cxf.configuration.security.AuthorizationPolicy;
 import org.apache.cxf.endpoint.Endpoint;
 import org.apache.cxf.jaxrs.utils.JAXRSUtils;
 import org.apache.cxf.rs.security.jose.JoseException;
-import org.apache.cxf.rs.security.jose.JoseHeaders;
 import org.apache.cxf.rs.security.jose.JoseUtils;
+import org.apache.cxf.rs.security.jose.jwe.JweHeaders;
 import org.apache.cxf.rs.security.jose.jwt.AbstractJoseJwtProducer;
 import org.apache.cxf.rs.security.jose.jwt.JwtClaims;
 import org.apache.cxf.rs.security.jose.jwt.JwtToken;
@@ -54,7 +54,7 @@ public class JwtAuthenticationClientFilter extends AbstractJoseJwtProducer
                 claims.setSubject(ap.getUserName());
                 claims.setClaim("password", ap.getPassword());
                 claims.setIssuedAt(System.currentTimeMillis() / 1000);
-                jwt = new JwtToken(new JoseHeaders(), claims);
+                jwt = new JwtToken(new JweHeaders(), claims);
                 jweRequired = true;
             }
         }

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtJwsAuthenticationFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtJwsAuthenticationFilter.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtJwsAuthenticationFilter.java
index 63b18a8..e495104 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtJwsAuthenticationFilter.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtJwsAuthenticationFilter.java
@@ -49,7 +49,7 @@ public class JwtJwsAuthenticationFilter extends AbstractJwsReaderProvider implem
         }
         
         JwsJwtCompactConsumer p = new JwsJwtCompactConsumer(schemeData[1]);
-        JwsSignatureVerifier theSigVerifier = getInitializedSigVerifier(p.getJoseHeaders());
+        JwsSignatureVerifier theSigVerifier = getInitializedSigVerifier(p.getJwsHeaders());
         if (!p.verifySignatureWith(theSigVerifier)) {
             context.abortWith(JAXRSUtils.toResponse(400));
             return;
@@ -61,7 +61,7 @@ public class JwtJwsAuthenticationFilter extends AbstractJwsReaderProvider implem
         
     }
     protected void setRequestContextProperty(Message m, JwsCompactConsumer c) {
-        Object headerContext = c.getJoseHeaders().getHeader(JWS_CONTEXT_PROPERTY);
+        Object headerContext = c.getJwsHeaders().getHeader(JWS_CONTEXT_PROPERTY);
         if (headerContext != null) {
             m.put(JWS_CONTEXT_PROPERTY, headerContext);
         }

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/AlgorithmUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/AlgorithmUtils.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/AlgorithmUtils.java
index f505caa..76854ca 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/AlgorithmUtils.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/AlgorithmUtils.java
@@ -79,7 +79,7 @@ public final class AlgorithmUtils {
     public static final String ES_SHA_256_ALGO = "ES256";
     public static final String ES_SHA_384_ALGO = "ES384";
     public static final String ES_SHA_512_ALGO = "ES512";
-    public static final String PLAIN_TEXT_ALGO = "none";
+    public static final String NONE_TEXT_ALGO = "none";
     // Java
     public static final String HMAC_SHA_256_JAVA = "HmacSHA256";
     public static final String HMAC_SHA_384_JAVA = "HmacSHA384";

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/SignatureAlgorithm.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/SignatureAlgorithm.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/SignatureAlgorithm.java
index 1e88df0..fe6418a 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/SignatureAlgorithm.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa/SignatureAlgorithm.java
@@ -39,7 +39,7 @@ public enum SignatureAlgorithm {
     ES384(AlgorithmUtils.ES_SHA_384_ALGO, AlgorithmUtils.ES_SHA_384_JAVA, 384),
     ES512(AlgorithmUtils.ES_SHA_512_ALGO, AlgorithmUtils.ES_SHA_512_JAVA, 512),
     
-    PLAIN(AlgorithmUtils.PLAIN_TEXT_ALGO, null, -1);
+    NONE(AlgorithmUtils.NONE_TEXT_ALGO, null, -1);
     
     
     private final String jwaName;
@@ -72,6 +72,9 @@ public enum SignatureAlgorithm {
         if (algo == null) {
             return null;
         }
+        if (AlgorithmUtils.NONE_TEXT_ALGO.equals(algo)) {
+            return NONE;
+        }
         return SignatureAlgorithm.valueOf(algo.replace('-', '_')
                                         .replace('+', '_'));
         

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java
index 20b8eae..3edaeee 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AbstractJweEncryption.java
@@ -27,8 +27,8 @@ import javax.crypto.Cipher;
 import javax.crypto.SecretKey;
 
 import org.apache.cxf.common.logging.LogUtils;
+import org.apache.cxf.jaxrs.provider.json.JsonMapObjectReaderWriter;
 import org.apache.cxf.rs.security.jose.JoseConstants;
-import org.apache.cxf.rs.security.jose.JoseHeadersReaderWriter;
 import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils;
 import org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm;
 import org.apache.cxf.rs.security.jose.jwa.KeyAlgorithm;
@@ -40,7 +40,7 @@ public abstract class AbstractJweEncryption implements JweEncryptionProvider {
     protected static final int DEFAULT_AUTH_TAG_LENGTH = 128;
     private ContentEncryptionProvider contentEncryptionAlgo;
     private KeyEncryptionProvider keyEncryptionAlgo;
-    private JoseHeadersReaderWriter writer = new JoseHeadersReaderWriter();
+    private JsonMapObjectReaderWriter writer = new JsonMapObjectReaderWriter();
     protected AbstractJweEncryption(ContentEncryptionProvider contentEncryptionAlgo,
                                     KeyEncryptionProvider keyEncryptionAlgo) {
         this.keyEncryptionAlgo = keyEncryptionAlgo;
@@ -150,7 +150,7 @@ public abstract class AbstractJweEncryption implements JweEncryptionProvider {
     public ContentAlgorithm getContentAlgorithm() {
         return getContentEncryptionAlgorithm().getAlgorithm();
     }
-    protected JoseHeadersReaderWriter getJwtHeadersWriter() {
+    protected JsonMapObjectReaderWriter getJwtHeadersWriter() {
         return writer;
     }
     
@@ -209,7 +209,7 @@ public abstract class AbstractJweEncryption implements JweEncryptionProvider {
             getEncryptedContentEncryptionKey(theHeaders, theCek);
         
         
-        String protectedHeadersJson = writer.headersToJson(protectedHeaders);
+        String protectedHeadersJson = writer.toJson(protectedHeaders);
         
         byte[] additionalEncryptionParam = getAAD(protectedHeadersJson, 
                                                   jweInput == null ? null : jweInput.getAad());

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweCompactConsumer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweCompactConsumer.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweCompactConsumer.java
index cd34c7c..9371726 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweCompactConsumer.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweCompactConsumer.java
@@ -25,9 +25,9 @@ import java.util.logging.Logger;
 import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.common.util.Base64Exception;
 import org.apache.cxf.common.util.Base64UrlUtility;
+import org.apache.cxf.jaxrs.provider.json.JsonMapObject;
+import org.apache.cxf.jaxrs.provider.json.JsonMapObjectReaderWriter;
 import org.apache.cxf.rs.security.jose.JoseException;
-import org.apache.cxf.rs.security.jose.JoseHeaders;
-import org.apache.cxf.rs.security.jose.JoseHeadersReaderWriter;
 import org.apache.cxf.rs.security.jose.JoseUtils;
 
 
@@ -46,13 +46,13 @@ public class JweCompactConsumer {
             byte[] initVector = Base64UrlUtility.decode(parts[2]);
             byte[] encryptedContent = Base64UrlUtility.decode(parts[3]);
             byte[] authTag = Base64UrlUtility.decode(parts[4]);
-            JoseHeadersReaderWriter reader = new JoseHeadersReaderWriter();
-            JoseHeaders joseHeaders = reader.fromJsonHeaders(headersJson);
+            JsonMapObjectReaderWriter reader = new JsonMapObjectReaderWriter();
+            JsonMapObject joseHeaders = reader.fromJsonToJsonObject(headersJson);
             if (joseHeaders.getUpdateCount() != null) { 
                 LOG.warning("Duplicate headers have been detected");
                 throw new JweException(JweException.Error.INVALID_COMPACT_JWE);
             }
-            JweHeaders jweHeaders = new JweHeaders(joseHeaders);
+            JweHeaders jweHeaders = new JweHeaders(joseHeaders.asMap());
             jweDecryptionInput = new JweDecryptionInput(encryptedCEK,
                                                         initVector, 
                                                         encryptedContent,

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweCompactProducer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweCompactProducer.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweCompactProducer.java
index a261d54..53e7ec3 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweCompactProducer.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweCompactProducer.java
@@ -24,7 +24,7 @@ import java.io.OutputStream;
 
 import org.apache.cxf.common.util.Base64UrlUtility;
 import org.apache.cxf.common.util.StringUtils;
-import org.apache.cxf.rs.security.jose.JoseHeadersReaderWriter;
+import org.apache.cxf.jaxrs.provider.json.JsonMapObjectReaderWriter;
 
 
 public class JweCompactProducer {
@@ -85,7 +85,7 @@ public class JweCompactProducer {
                                cipherInitVector);
     }
     private static String getHeadersJson(JweHeaders headers) {
-        return new JoseHeadersReaderWriter().headersToJson(headers);
+        return new JsonMapObjectReaderWriter().toJson(headers);
         
     }
     public static StringBuilder startJweContent(StringBuilder sb,

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweHeaders.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweHeaders.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweHeaders.java
index b287df5..e276ce2 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweHeaders.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweHeaders.java
@@ -23,9 +23,9 @@ import java.util.Map;
 
 import org.apache.cxf.common.util.Base64UrlUtility;
 import org.apache.cxf.common.util.StringUtils;
+import org.apache.cxf.jaxrs.provider.json.JsonMapObjectReaderWriter;
 import org.apache.cxf.rs.security.jose.JoseConstants;
 import org.apache.cxf.rs.security.jose.JoseHeaders;
-import org.apache.cxf.rs.security.jose.JoseHeadersReaderWriter;
 import org.apache.cxf.rs.security.jose.JoseType;
 import org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm;
 import org.apache.cxf.rs.security.jose.jwa.KeyAlgorithm;
@@ -100,7 +100,7 @@ public class JweHeaders extends JoseHeaders {
         return (JoseHeaders)super.setHeader(name, value);
     }
     public byte[] toCipherAdditionalAuthData() { 
-        return toCipherAdditionalAuthData(new JoseHeadersReaderWriter().headersToJson(this));
+        return toCipherAdditionalAuthData(new JsonMapObjectReaderWriter().toJson(this));
     }
     public static byte[] toCipherAdditionalAuthData(String headersJson) { 
         byte[] headerBytes = StringUtils.toBytesUTF8(headersJson);

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducer.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducer.java
index 4fbf737..ba5365e 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducer.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweJsonProducer.java
@@ -29,12 +29,12 @@ import java.util.logging.Logger;
 
 import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.common.util.Base64UrlUtility;
+import org.apache.cxf.jaxrs.provider.json.JsonMapObjectReaderWriter;
 import org.apache.cxf.rs.security.jose.JoseConstants;
-import org.apache.cxf.rs.security.jose.JoseHeadersReaderWriter;
 
 public class JweJsonProducer {
     protected static final Logger LOG = LogUtils.getL7dLogger(JweJsonProducer.class);
-    private JoseHeadersReaderWriter writer = new JoseHeadersReaderWriter();
+    private JsonMapObjectReaderWriter writer = new JsonMapObjectReaderWriter();
     private JweHeaders protectedHeader;
     private JweHeaders unprotectedHeader;
     private byte[] content;

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweJwtCompactProducer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweJwtCompactProducer.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweJwtCompactProducer.java
index ad4ad08..98702b4 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweJwtCompactProducer.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweJwtCompactProducer.java
@@ -22,7 +22,6 @@ import java.security.interfaces.RSAPublicKey;
 import javax.crypto.SecretKey;
 
 import org.apache.cxf.common.util.StringUtils;
-import org.apache.cxf.rs.security.jose.JoseHeaders;
 import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
 import org.apache.cxf.rs.security.jose.jwt.JwtClaims;
 import org.apache.cxf.rs.security.jose.jwt.JwtToken;
@@ -33,12 +32,12 @@ public class JweJwtCompactProducer  {
     private JweHeaders headers;
     private String claimsJson;
     public JweJwtCompactProducer(JwtToken token) {
-        this(token.getHeaders(), token.getClaims());
+        this(new JweHeaders(token.getHeaders()), token.getClaims());
     }
     public JweJwtCompactProducer(JwtClaims claims) {
-        this(new JoseHeaders(), claims);
+        this(new JweHeaders(), claims);
     }
-    public JweJwtCompactProducer(JoseHeaders joseHeaders, JwtClaims claims) {
+    public JweJwtCompactProducer(JweHeaders joseHeaders, JwtClaims claims) {
         headers = new JweHeaders(joseHeaders);
         claimsJson = JwtUtils.claimsToJson(claims);
     }

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
index 065091a..5c79dbf 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
@@ -541,7 +541,7 @@ public final class JweUtils {
                                                 String compression) {
         JweHeaders headers = new JweHeaders();
         if (keyEncryptionAlgo != null) {
-            headers.setAlgorithm(keyEncryptionAlgo);
+            headers.setKeyEncryptionAlgorithm(KeyAlgorithm.getAlgorithm(keyEncryptionAlgo));
         }
         headers.setContentEncryptionAlgorithm(ContentAlgorithm.getAlgorithm(contentEncryptionAlgo));
         if (compression != null) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/PbesHmacAesWrapKeyDecryptionAlgorithm.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/PbesHmacAesWrapKeyDecryptionAlgorithm.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/PbesHmacAesWrapKeyDecryptionAlgorithm.java
index 80fd2db..9770ae9 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/PbesHmacAesWrapKeyDecryptionAlgorithm.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/PbesHmacAesWrapKeyDecryptionAlgorithm.java
@@ -51,7 +51,7 @@ public class PbesHmacAesWrapKeyDecryptionAlgorithm implements KeyDecryptionAlgor
         JweHeaders jweHeaders = jweDecryptionInput.getJweHeaders();
         byte[] saltInput = getDecodedBytes(jweHeaders.getHeader("p2s"));
         int pbesCount = jweHeaders.getIntegerHeader("p2c");
-        String keyAlgoJwt = jweHeaders.getAlgorithm();
+        String keyAlgoJwt = jweHeaders.getKeyEncryptionAlgorithm().getJwaName();
         int keySize = PbesHmacAesWrapKeyEncryptionAlgorithm.getKeySize(keyAlgoJwt);
         byte[] derivedKey = PbesHmacAesWrapKeyEncryptionAlgorithm
             .createDerivedKey(keyAlgoJwt, keySize, password, saltInput, pbesCount);

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/AbstractJwsSignatureProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/AbstractJwsSignatureProvider.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/AbstractJwsSignatureProvider.java
index 812c037..df400fa 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/AbstractJwsSignatureProvider.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/AbstractJwsSignatureProvider.java
@@ -21,7 +21,6 @@ package org.apache.cxf.rs.security.jose.jws;
 import java.util.logging.Logger;
 
 import org.apache.cxf.common.logging.LogUtils;
-import org.apache.cxf.rs.security.jose.JoseHeaders;
 import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
 
 
@@ -37,12 +36,12 @@ public abstract class AbstractJwsSignatureProvider implements JwsSignatureProvid
         if (headers == null) {
             headers = new JwsHeaders();
         }
-        String algo = headers.getAlgorithm();
-        if (algo != null) {
-            checkAlgorithm(algo);
+        SignatureAlgorithm sigAlgo = headers.getSignatureAlgorithm();
+        if (sigAlgo != null) {
+            checkAlgorithm(sigAlgo.getJwaName());
         } else {
             checkAlgorithm(algorithm.getJwaName());
-            headers.setAlgorithm(algorithm.getJwaName());
+            headers.setSignatureAlgorithm(algorithm);
         }
         return headers;
     }
@@ -61,7 +60,7 @@ public abstract class AbstractJwsSignatureProvider implements JwsSignatureProvid
         return doCreateJwsSignature(prepareHeaders(headers));
     }
     
-    protected abstract JwsSignature doCreateJwsSignature(JoseHeaders headers);
+    protected abstract JwsSignature doCreateJwsSignature(JwsHeaders headers);
     
     protected void checkAlgorithm(String algo) {
         if (algo == null) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureProvider.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureProvider.java
index 0c88113..ce1db97 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureProvider.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureProvider.java
@@ -24,7 +24,6 @@ import javax.crypto.Mac;
 
 import org.apache.cxf.common.util.Base64Exception;
 import org.apache.cxf.common.util.Base64UrlUtility;
-import org.apache.cxf.rs.security.jose.JoseHeaders;
 import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils;
 import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
 import org.apache.cxf.rt.security.crypto.HmacUtils;
@@ -51,8 +50,10 @@ public class HmacJwsSignatureProvider extends AbstractJwsSignatureProvider {
         }
     }
     
-    protected JwsSignature doCreateJwsSignature(JoseHeaders headers) {
-        final Mac mac = HmacUtils.getInitializedMac(key, AlgorithmUtils.toJavaName(headers.getAlgorithm()),
+    protected JwsSignature doCreateJwsSignature(JwsHeaders headers) {
+        final String sigAlgo = headers.getSignatureAlgorithm().getJwaName();
+        final Mac mac = HmacUtils.getInitializedMac(key, 
+                                                    AlgorithmUtils.toJavaName(sigAlgo),
                                                     hmacSpec);
         return new JwsSignature() {
 

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureVerifier.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureVerifier.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureVerifier.java
index e0a4c68..69643da 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureVerifier.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/HmacJwsSignatureVerifier.java
@@ -57,17 +57,20 @@ public class HmacJwsSignatureVerifier implements JwsSignatureVerifier {
     }
     
     private byte[] computeMac(JwsHeaders headers, String text) {
+        final String sigAlgo = checkAlgorithm(headers.getSignatureAlgorithm());
         return HmacUtils.computeHmac(key, 
-                                     AlgorithmUtils.toJavaName(checkAlgorithm(headers.getAlgorithm())),
+                                     AlgorithmUtils.toJavaName(sigAlgo),
                                      hmacSpec,
                                      text);
     }
     
-    protected String checkAlgorithm(String algo) {
-        if (algo == null) {
+    protected String checkAlgorithm(SignatureAlgorithm sigAlgo) {
+        
+        if (sigAlgo == null) {
             LOG.warning("Signature algorithm is not set");
             throw new JwsException(JwsException.Error.ALGORITHM_NOT_SET);
         }
+        String algo = sigAlgo.getJwaName();
         if (!AlgorithmUtils.isHmacSign(algo)
             || !algo.equals(supportedAlgo.getJwaName())) {
             LOG.warning("Invalid signature algorithm: " + algo);

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactConsumer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactConsumer.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactConsumer.java
index 2f860e4..4c721c5 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactConsumer.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactConsumer.java
@@ -24,15 +24,15 @@ import java.util.logging.Logger;
 
 import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.common.util.StringUtils;
-import org.apache.cxf.rs.security.jose.JoseHeaders;
-import org.apache.cxf.rs.security.jose.JoseHeadersReaderWriter;
+import org.apache.cxf.jaxrs.provider.json.JsonMapObject;
+import org.apache.cxf.jaxrs.provider.json.JsonMapObjectReaderWriter;
 import org.apache.cxf.rs.security.jose.JoseUtils;
 import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
 import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
 
 public class JwsCompactConsumer {
     protected static final Logger LOG = LogUtils.getL7dLogger(JwsCompactConsumer.class);
-    private JoseHeadersReaderWriter reader = new JoseHeadersReaderWriter();
+    private JsonMapObjectReaderWriter reader = new JsonMapObjectReaderWriter();
     private String encodedSequence;
     private String encodedSignature;
     private String headersJson;
@@ -43,7 +43,7 @@ public class JwsCompactConsumer {
     public JwsCompactConsumer(String encodedJws, String encodedDetachedPayload) {
         this(encodedJws, encodedDetachedPayload, null);
     }
-    protected JwsCompactConsumer(String encodedJws, String encodedDetachedPayload, JoseHeadersReaderWriter r) {
+    protected JwsCompactConsumer(String encodedJws, String encodedDetachedPayload, JsonMapObjectReaderWriter r) {
         if (r != null) {
             this.reader = r;
         }
@@ -88,17 +88,17 @@ public class JwsCompactConsumer {
     public byte[] getDecodedSignature() {
         return encodedSignature.isEmpty() ? new byte[]{} : JoseUtils.decode(encodedSignature);
     }
-    public JwsHeaders getJoseHeaders() {
-        JoseHeaders joseHeaders = reader.fromJsonHeaders(headersJson);
+    public JwsHeaders getJwsHeaders() {
+        JsonMapObject joseHeaders = reader.fromJsonToJsonObject(headersJson);
         if (joseHeaders.getUpdateCount() != null) {
             LOG.warning("Duplicate headers have been detected");
             throw new JwsException(JwsException.Error.INVALID_COMPACT_JWS);
         }
-        return new JwsHeaders(joseHeaders);
+        return new JwsHeaders(joseHeaders.asMap());
     }
     public boolean verifySignatureWith(JwsSignatureVerifier validator) {
         try {
-            if (validator.verify(getJoseHeaders(), getUnsignedEncodedSequence(), getDecodedSignature())) {
+            if (validator.verify(getJwsHeaders(), getUnsignedEncodedSequence(), getDecodedSignature())) {
                 return true;
             }
         } catch (JwsException ex) {
@@ -123,9 +123,9 @@ public class JwsCompactConsumer {
         return verifySignatureWith(JwsUtils.getHmacSignatureVerifier(key, algo));
     }
     public boolean validateCriticalHeaders() {
-        return JwsUtils.validateCriticalHeaders(getJoseHeaders());
+        return JwsUtils.validateCriticalHeaders(getJwsHeaders());
     }
-    protected JoseHeadersReaderWriter getReader() {
+    protected JsonMapObjectReaderWriter getReader() {
         return reader;
     }
     

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactProducer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactProducer.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactProducer.java
index 6a549aa..20213ea 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactProducer.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactProducer.java
@@ -22,13 +22,12 @@ import java.security.PrivateKey;
 
 import org.apache.cxf.common.util.Base64UrlUtility;
 import org.apache.cxf.common.util.StringUtils;
-import org.apache.cxf.rs.security.jose.JoseHeadersReaderWriter;
-import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils;
+import org.apache.cxf.jaxrs.provider.json.JsonMapObjectReaderWriter;
 import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
 import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
 
 public class JwsCompactProducer {
-    private JoseHeadersReaderWriter writer = new JoseHeadersReaderWriter();
+    private JsonMapObjectReaderWriter writer = new JsonMapObjectReaderWriter();
     private JwsHeaders headers;
     private String plainJwsPayload;
     private String signature;
@@ -38,14 +37,14 @@ public class JwsCompactProducer {
     public JwsCompactProducer(JwsHeaders headers, String plainJwsPayload) {
         this(headers, null, plainJwsPayload);
     }
-    protected JwsCompactProducer(JwsHeaders headers, JoseHeadersReaderWriter w, String plainJwsPayload) {
+    protected JwsCompactProducer(JwsHeaders headers, JsonMapObjectReaderWriter w, String plainJwsPayload) {
         this.headers = headers;
         if (w != null) {
             this.writer = w;
         }
         this.plainJwsPayload = plainJwsPayload;
     }
-    public JwsHeaders getJoseHeaders() {
+    public JwsHeaders getJwsHeaders() {
         if (headers == null) {
             headers = new JwsHeaders();
         }
@@ -56,7 +55,7 @@ public class JwsCompactProducer {
     }
     private String getUnsignedEncodedJws(boolean detached) {
         checkAlgorithm();
-        return Base64UrlUtility.encode(writer.headersToJson(getJoseHeaders())) 
+        return Base64UrlUtility.encode(writer.toJson(getJwsHeaders())) 
                + "." 
                + (detached ? "" : Base64UrlUtility.encode(plainJwsPayload));
     }
@@ -76,21 +75,21 @@ public class JwsCompactProducer {
     }
     public String signWith(JsonWebKey jwk) {
         return signWith(JwsUtils.getSignatureProvider(jwk, 
-                            SignatureAlgorithm.getAlgorithm(headers.getAlgorithm())));
+                        headers.getSignatureAlgorithm()));
     }
     
     public String signWith(PrivateKey key) {
         return signWith(JwsUtils.getPrivateKeySignatureProvider(key, 
-                                   SignatureAlgorithm.getAlgorithm(headers.getAlgorithm())));
+                                   headers.getSignatureAlgorithm()));
     }
     public String signWith(byte[] key) {
         return signWith(JwsUtils.getHmacSignatureProvider(key, 
-                   SignatureAlgorithm.getAlgorithm(headers.getAlgorithm())));
+                   headers.getSignatureAlgorithm()));
     }
     
     public String signWith(JwsSignatureProvider signer) {
         byte[] bytes = StringUtils.toBytesUTF8(getUnsignedEncodedJws());
-        byte[] sig = signer.sign(getJoseHeaders(), bytes);
+        byte[] sig = signer.sign(getJwsHeaders(), bytes);
         return setSignatureBytes(sig);
     }
     
@@ -108,10 +107,10 @@ public class JwsCompactProducer {
         this.signature = sig;
     }
     private boolean isPlainText() {
-        return AlgorithmUtils.PLAIN_TEXT_ALGO.equals(getAlgorithm());
+        return SignatureAlgorithm.NONE == getAlgorithm();
     }
-    private String getAlgorithm() {
-        return getJoseHeaders().getAlgorithm();
+    private SignatureAlgorithm getAlgorithm() {
+        return getJwsHeaders().getSignatureAlgorithm();
     }
     private void checkAlgorithm() {
         if (getAlgorithm() == null) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumer.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumer.java
index 33dc8bf..bf15ace 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumer.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonConsumer.java
@@ -32,7 +32,6 @@ import org.apache.cxf.common.util.StringUtils;
 import org.apache.cxf.helpers.CastUtils;
 import org.apache.cxf.jaxrs.provider.json.JsonMapObject;
 import org.apache.cxf.jaxrs.provider.json.JsonMapObjectReaderWriter;
-import org.apache.cxf.rs.security.jose.JoseHeaders;
 import org.apache.cxf.rs.security.jose.JoseUtils;
 import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
 import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
@@ -97,7 +96,7 @@ public class JwsJsonConsumer {
             new JwsJsonSignatureEntry(encodedJwsPayload, 
                                       protectedHeader, 
                                       signature, 
-                                      header != null ? new JoseHeaders(header) : null);
+                                      header != null ? new JwsHeaders(header) : null);
     }
     public String getSignedDocument() {
         return this.jwsSignedDocument;
@@ -114,12 +113,12 @@ public class JwsJsonConsumer {
     public List<JwsJsonSignatureEntry> getSignatureEntries() {
         return Collections.unmodifiableList(signatureEntries);
     }
-    public MultivaluedMap<String, JwsJsonSignatureEntry> getSignatureEntryMap() {
+    public MultivaluedMap<SignatureAlgorithm, JwsJsonSignatureEntry> getSignatureEntryMap() {
         return JwsUtils.getJwsJsonSignatureMap(signatureEntries);
     }
     public boolean verifySignatureWith(JwsSignatureVerifier validator) {
         List<JwsJsonSignatureEntry> theSignatureEntries = 
-            getSignatureEntryMap().get(validator.getAlgorithm().getJwaName());
+            getSignatureEntryMap().get(validator.getAlgorithm());
         if (theSignatureEntries != null) {
             for (JwsJsonSignatureEntry signatureEntry : theSignatureEntries) {
                 if (signatureEntry.verifySignatureWith(validator)) {
@@ -151,7 +150,7 @@ public class JwsJsonConsumer {
         List<JwsJsonSignatureEntry> validatedSignatures = new LinkedList<JwsJsonSignatureEntry>();
         for (JwsSignatureVerifier validator : validators) {
             List<JwsJsonSignatureEntry> theSignatureEntries = 
-                getSignatureEntryMap().get(validator.getAlgorithm().getJwaName());
+                getSignatureEntryMap().get(validator.getAlgorithm());
             if (theSignatureEntries != null) {
                 for (JwsJsonSignatureEntry sigEntry : theSignatureEntries) {
                     if (sigEntry.verifySignatureWith(validator)) {     

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducer.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducer.java
index 16841b7..4d2a827 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducer.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonProducer.java
@@ -29,9 +29,9 @@ import javax.ws.rs.core.MultivaluedMap;
 import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.common.util.Base64UrlUtility;
 import org.apache.cxf.common.util.StringUtils;
+import org.apache.cxf.jaxrs.provider.json.JsonMapObjectReaderWriter;
 import org.apache.cxf.rs.security.jose.JoseConstants;
 import org.apache.cxf.rs.security.jose.JoseHeaders;
-import org.apache.cxf.rs.security.jose.JoseHeadersReaderWriter;
 import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
 import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
 public class JwsJsonProducer {
@@ -40,7 +40,7 @@ public class JwsJsonProducer {
     private String plainPayload;
     private String encodedPayload;
     private List<JwsJsonSignatureEntry> signatures = new LinkedList<JwsJsonSignatureEntry>();
-    private JoseHeadersReaderWriter writer = new JoseHeadersReaderWriter();
+    private JsonMapObjectReaderWriter writer = new JsonMapObjectReaderWriter();
     public JwsJsonProducer(String tbsDocument) {
         this(tbsDocument, false);
     }
@@ -90,7 +90,7 @@ public class JwsJsonProducer {
         return signatures;
     }
     
-    public MultivaluedMap<String, JwsJsonSignatureEntry> getSignatureEntryMap() {
+    public MultivaluedMap<SignatureAlgorithm, JwsJsonSignatureEntry> getSignatureEntryMap() {
         return JwsUtils.getJwsJsonSignatureMap(signatures);
     }
     public String signWith(List<JwsSignatureProvider> signers) {
@@ -100,12 +100,12 @@ public class JwsJsonProducer {
         return getJwsJsonSignedDocument(); 
     }
     public String signWith(JwsSignatureProvider signer) {
-        JoseHeaders headers = new JoseHeaders();
-        headers.setAlgorithm(signer.getAlgorithm().getJwaName());
+        JwsHeaders headers = new JwsHeaders();
+        headers.setSignatureAlgorithm(signer.getAlgorithm());
         return signWith(signer, headers);
     }
     public String signWith(JwsSignatureProvider signer, 
-                           JoseHeaders protectedHeader) {
+                           JwsHeaders protectedHeader) {
         return signWith(signer, protectedHeader, null);
     }
     public String signWith(JsonWebKey jwk) {
@@ -118,8 +118,8 @@ public class JwsJsonProducer {
         return signWith(JwsUtils.getHmacSignatureProvider(key, algo));
     }
     public String signWith(JwsSignatureProvider signer,
-                           JoseHeaders protectedHeader,
-                           JoseHeaders unprotectedHeader) {
+                           JwsHeaders protectedHeader,
+                           JwsHeaders unprotectedHeader) {
         JwsHeaders unionHeaders = new JwsHeaders();
          
         if (protectedHeader != null) {
@@ -134,7 +134,7 @@ public class JwsJsonProducer {
             }
             unionHeaders.asMap().putAll(unprotectedHeader.asMap());
         }
-        if (unionHeaders.getAlgorithm() == null) {
+        if (unionHeaders.getSignatureAlgorithm() == null) {
             LOG.warning("Algorithm header is not set");
             throw new JwsException(JwsException.Error.INVALID_JSON_JWS);
         }

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonSignatureEntry.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonSignatureEntry.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonSignatureEntry.java
index 2238a3b..054c3d3 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonSignatureEntry.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJsonSignatureEntry.java
@@ -24,9 +24,9 @@ import java.util.logging.Logger;
 import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.common.util.Base64UrlUtility;
 import org.apache.cxf.common.util.StringUtils;
+import org.apache.cxf.jaxrs.provider.json.JsonMapObjectReaderWriter;
 import org.apache.cxf.rs.security.jose.JoseConstants;
 import org.apache.cxf.rs.security.jose.JoseHeaders;
-import org.apache.cxf.rs.security.jose.JoseHeadersReaderWriter;
 import org.apache.cxf.rs.security.jose.JoseUtils;
 import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
 
@@ -36,15 +36,15 @@ public class JwsJsonSignatureEntry {
     private String encodedJwsPayload;
     private String encodedProtectedHeader;
     private String encodedSignature;
-    private JoseHeaders protectedHeader;
-    private JoseHeaders unprotectedHeader;
+    private JwsHeaders protectedHeader;
+    private JwsHeaders unprotectedHeader;
     private JwsHeaders unionHeaders;
-    private JoseHeadersReaderWriter writer = new JoseHeadersReaderWriter();
+    private JsonMapObjectReaderWriter writer = new JsonMapObjectReaderWriter();
       
     public JwsJsonSignatureEntry(String encodedJwsPayload,
                                  String encodedProtectedHeader,
                                  String encodedSignature,
-                                 JoseHeaders unprotectedHeader) {
+                                 JwsHeaders unprotectedHeader) {
         if (encodedProtectedHeader == null && unprotectedHeader == null || encodedSignature == null) {
             LOG.warning("Invalid Signature entry");
             throw new JwsException(JwsException.Error.INVALID_JSON_JWS);
@@ -55,7 +55,7 @@ public class JwsJsonSignatureEntry {
         this.encodedSignature = encodedSignature;
         this.unprotectedHeader = unprotectedHeader;
         if (encodedProtectedHeader != null) {
-            this.protectedHeader = writer.fromJsonHeaders(JoseUtils.decodeToString(encodedProtectedHeader));
+            this.protectedHeader = new JwsHeaders(writer.fromJson(JoseUtils.decodeToString(encodedProtectedHeader)));
         }
         prepare();
     }

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJwtCompactConsumer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJwtCompactConsumer.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJwtCompactConsumer.java
index cfa6e39..e2bcfa8 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJwtCompactConsumer.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJwtCompactConsumer.java
@@ -20,7 +20,6 @@ package org.apache.cxf.rs.security.jose.jws;
 
 import org.apache.cxf.rs.security.jose.jwt.JwtClaims;
 import org.apache.cxf.rs.security.jose.jwt.JwtToken;
-import org.apache.cxf.rs.security.jose.jwt.JwtTokenJson;
 import org.apache.cxf.rs.security.jose.jwt.JwtTokenReaderWriter;
 
 public class JwsJwtCompactConsumer extends JwsCompactConsumer {
@@ -28,16 +27,15 @@ public class JwsJwtCompactConsumer extends JwsCompactConsumer {
     public JwsJwtCompactConsumer(String encodedJws) {
         super(encodedJws, null, new JwtTokenReaderWriter());
     }
-    public JwtTokenJson getDecodedJsonToken() {
-        return new JwtTokenJson(getDecodedJsonHeaders(), getDecodedJwsPayload());
-    }
     public JwtClaims getJwtClaims() {
         return getJwtToken().getClaims();
     }
     public JwtToken getJwtToken() {
         if (token == null) {
-            token = ((JwtTokenReaderWriter)getReader()).fromJson(
-                new JwtTokenJson(getDecodedJsonHeaders(), getDecodedJwsPayload()));
+            JwsHeaders theHeaders = super.getJwsHeaders();
+            JwtClaims theClaims = 
+                ((JwtTokenReaderWriter)getReader()).fromJsonClaims(getDecodedJwsPayload());
+            token = new JwtToken(theHeaders, theClaims);
         }
         return token;
     }

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJwtCompactProducer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJwtCompactProducer.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJwtCompactProducer.java
index 8995cda..aaaa004 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJwtCompactProducer.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsJwtCompactProducer.java
@@ -36,7 +36,8 @@ public class JwsJwtCompactProducer extends JwsCompactProducer {
         this(new JwtToken(headers, claims), null);
     }
     protected JwsJwtCompactProducer(JwtToken token, JwtTokenReaderWriter w) {
-        super(new JwsHeaders(token.getHeaders()), w, JwtUtils.claimsToJson(token.getClaims(), w));
+        super(new JwsHeaders(token.getHeaders()), w, 
+              JwtUtils.claimsToJson(token.getClaims(), w));
     }
     
     

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
index 646d33a..011c4e4 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
@@ -173,18 +173,19 @@ public final class JwsUtils {
         }
         return null;
     }
-    public static MultivaluedMap<String, JwsJsonSignatureEntry> getJwsJsonSignatureMap(
+    public static MultivaluedMap<SignatureAlgorithm, JwsJsonSignatureEntry> getJwsJsonSignatureMap(
         List<JwsJsonSignatureEntry> signatures) {
-        MultivaluedMap<String, JwsJsonSignatureEntry> map = new MetadataMap<String, JwsJsonSignatureEntry>();
+        MultivaluedMap<SignatureAlgorithm, JwsJsonSignatureEntry> map = 
+            new MetadataMap<SignatureAlgorithm, JwsJsonSignatureEntry>();
         for (JwsJsonSignatureEntry entry : signatures) {
-            map.add(entry.getUnionHeader().getAlgorithm(), entry);
+            map.add(entry.getUnionHeader().getSignatureAlgorithm(), entry);
         }
         return map;
     }
     public static JwsSignatureProvider loadSignatureProvider(boolean required) {
         return loadSignatureProvider(null, required);    
     }
-    public static JwsSignatureProvider loadSignatureProvider(JoseHeaders headers, boolean required) {
+    public static JwsSignatureProvider loadSignatureProvider(JwsHeaders headers, boolean required) {
         Message m = JAXRSUtils.getCurrentMessage();
         Properties props = KeyManagementUtils.loadStoreProperties(m, required, 
                                                                   RSSEC_SIGNATURE_OUT_PROPS, RSSEC_SIGNATURE_PROPS);
@@ -193,14 +194,14 @@ public final class JwsUtils {
         }
         JwsSignatureProvider theSigProvider = loadSignatureProvider(m, props, headers, false);
         if (headers != null) {
-            headers.setAlgorithm(theSigProvider.getAlgorithm().getJwaName());
+            headers.setSignatureAlgorithm(theSigProvider.getAlgorithm());
         }
         return theSigProvider;
     }
     public static JwsSignatureVerifier loadSignatureVerifier(boolean required) {
         return loadSignatureVerifier(null, required);
     }
-    public static JwsSignatureVerifier loadSignatureVerifier(JoseHeaders headers, boolean required) {
+    public static JwsSignatureVerifier loadSignatureVerifier(JwsHeaders headers, boolean required) {
         Message m = JAXRSUtils.getCurrentMessage();
         Properties props = KeyManagementUtils.loadStoreProperties(m, required, 
                                                                   RSSEC_SIGNATURE_IN_PROPS, RSSEC_SIGNATURE_PROPS);
@@ -297,7 +298,7 @@ public final class JwsUtils {
     }
     private static JwsSignatureVerifier loadSignatureVerifier(Message m, 
                                                               Properties props,
-                                                              JoseHeaders inHeaders, 
+                                                              JwsHeaders inHeaders, 
                                                               boolean ignoreNullVerifier) {
         JwsSignatureVerifier theVerifier = null;
         String inHeaderKid = null;
@@ -311,12 +312,12 @@ public final class JwsUtils {
                     throw new JwsException(JwsException.Error.INVALID_KEY);
                 }
                 return getSignatureVerifier(publicJwk, 
-                                            SignatureAlgorithm.getAlgorithm(inHeaders.getAlgorithm()));
+                                            inHeaders.getSignatureAlgorithm());
             } else if (inHeaders.getHeader(JoseConstants.HEADER_X509_CHAIN) != null) {
                 List<X509Certificate> chain = KeyManagementUtils.toX509CertificateChain(inHeaders.getX509Chain());
                 KeyManagementUtils.validateCertificateChain(props, chain);
                 return getPublicKeySignatureVerifier(chain.get(0).getPublicKey(), 
-                                                     SignatureAlgorithm.getAlgorithm(inHeaders.getAlgorithm()));
+                                                     inHeaders.getSignatureAlgorithm());
             }
         }
         

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureProvider.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureProvider.java
index 3f6a5ca..6ed31fd 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureProvider.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureProvider.java
@@ -24,7 +24,7 @@ public class NoneJwsSignatureProvider implements JwsSignatureProvider {
 
     @Override
     public SignatureAlgorithm getAlgorithm() {
-        return SignatureAlgorithm.PLAIN;
+        return SignatureAlgorithm.NONE;
     }
 
     @Override

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureVerifier.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureVerifier.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureVerifier.java
index 0373bf8..441261b 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureVerifier.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureVerifier.java
@@ -24,12 +24,13 @@ public class NoneJwsSignatureVerifier implements JwsSignatureVerifier {
 
     @Override
     public boolean verify(JwsHeaders headers, String unsignedText, byte[] signature) {
-        return headers.getAlgorithm().equals(getAlgorithm().getJwaName()) && signature.length == 0;
+        return headers.getSignatureAlgorithm() == getAlgorithm() 
+            && signature.length == 0;
     }
 
     @Override
     public SignatureAlgorithm getAlgorithm() {
-        return SignatureAlgorithm.PLAIN;
+        return SignatureAlgorithm.NONE;
     }
 
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PrivateKeyJwsSignatureProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PrivateKeyJwsSignatureProvider.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PrivateKeyJwsSignatureProvider.java
index 258d5e3..476d90f 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PrivateKeyJwsSignatureProvider.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PrivateKeyJwsSignatureProvider.java
@@ -24,7 +24,6 @@ import java.security.Signature;
 import java.security.SignatureException;
 import java.security.spec.AlgorithmParameterSpec;
 
-import org.apache.cxf.rs.security.jose.JoseHeaders;
 import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils;
 import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
 import org.apache.cxf.rt.security.crypto.CryptoUtils;
@@ -47,9 +46,10 @@ public class PrivateKeyJwsSignatureProvider extends AbstractJwsSignatureProvider
         this.random = random;
         this.signatureSpec = spec;
     }
-    protected JwsSignature doCreateJwsSignature(JoseHeaders headers) {
+    protected JwsSignature doCreateJwsSignature(JwsHeaders headers) {
+        final String sigAlgo = headers.getSignatureAlgorithm().getJwaName();
         final Signature s = CryptoUtils.getSignature(key, 
-                                                     AlgorithmUtils.toJavaName(headers.getAlgorithm()),
+                                                     AlgorithmUtils.toJavaName(sigAlgo),
                                                      random,
                                                      signatureSpec);
         return doCreateJwsSignature(s);

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PublicKeyJwsSignatureVerifier.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PublicKeyJwsSignatureVerifier.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PublicKeyJwsSignatureVerifier.java
index 86fabca..917890f 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PublicKeyJwsSignatureVerifier.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/PublicKeyJwsSignatureVerifier.java
@@ -48,14 +48,16 @@ public class PublicKeyJwsSignatureVerifier implements JwsSignatureVerifier {
             return CryptoUtils.verifySignature(StringUtils.toBytesUTF8(unsignedText), 
                                                signature, 
                                                key, 
-                                               AlgorithmUtils.toJavaName(checkAlgorithm(headers.getAlgorithm())),
+                                               AlgorithmUtils.toJavaName(checkAlgorithm(
+                                                                              headers.getSignatureAlgorithm())),
                                                signatureSpec);
         } catch (Exception ex) {
             LOG.warning("Invalid signature: " + ex.getMessage());
             throw new JwsException(JwsException.Error.INVALID_SIGNATURE, ex);
         }
     }
-    protected String checkAlgorithm(String algo) {
+    protected String checkAlgorithm(SignatureAlgorithm sigAlgo) {
+        String algo = sigAlgo.getJwaName();
         if (algo == null) {
             LOG.warning("Signature algorithm is not set");
             throw new JwsException(JwsException.Error.ALGORITHM_NOT_SET);

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtTokenJson.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtTokenJson.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtTokenJson.java
deleted file mode 100644
index e8e79f0..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtTokenJson.java
+++ /dev/null
@@ -1,37 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jwt;
-
-
-
-public class JwtTokenJson {
-    private String headersJson;
-    private String claimsJson;
-    public JwtTokenJson(String headersJson, String claimsJson) {
-        this.headersJson = headersJson;
-        this.claimsJson = claimsJson;
-    }
-    public String getHeadersJson() {
-        return headersJson;
-    }
-    public String getClaimsJson() {
-        return claimsJson;
-    }
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/f82e14c7/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtTokenReaderWriter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtTokenReaderWriter.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtTokenReaderWriter.java
index 42cc004..0ebf8a3 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtTokenReaderWriter.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtTokenReaderWriter.java
@@ -22,13 +22,12 @@ import java.util.Arrays;
 import java.util.HashSet;
 import java.util.Set;
 
-import org.apache.cxf.rs.security.jose.JoseHeaders;
-import org.apache.cxf.rs.security.jose.JoseHeadersReaderWriter;
+import org.apache.cxf.jaxrs.provider.json.JsonMapObjectReaderWriter;
 
 
 
 
-public class JwtTokenReaderWriter extends JoseHeadersReaderWriter {
+public class JwtTokenReaderWriter extends JsonMapObjectReaderWriter {
     private static final Set<String> DATE_PROPERTIES = 
         new HashSet<String>(Arrays.asList(JwtConstants.CLAIM_EXPIRY, 
                                           JwtConstants.CLAIM_ISSUED_AT, 
@@ -38,12 +37,6 @@ public class JwtTokenReaderWriter extends JoseHeadersReaderWriter {
         return toJson(claims);
     }
 
-    public JwtTokenJson tokenToJson(JwtToken token) {
-        return new JwtTokenJson(toJson(token.getHeaders()),
-                                    toJson(token.getClaims()));
-    }
-    
-    
     public JwtClaims fromJsonClaims(String claimsJson) {
         JwtClaims claims = new JwtClaims();
         fromJson(claims, claimsJson);
@@ -51,16 +44,6 @@ public class JwtTokenReaderWriter extends JoseHeadersReaderWriter {
         
     }
     
-    private JwtToken fromJson(String headersJson, String claimsJson) {
-        JoseHeaders headers = fromJsonHeaders(headersJson);
-        JwtClaims claims = fromJsonClaims(claimsJson);
-        return new JwtToken(headers, claims);
-    }
-    
-    public JwtToken fromJson(JwtTokenJson pair) {
-        return fromJson(pair.getHeadersJson(), pair.getClaimsJson());
-    }
-    
     @Override
     protected Object readPrimitiveValue(String name, String json, int from, int to) {
         Object value = super.readPrimitiveValue(name, json, from, to);


Mime
View raw message