cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [2/2] cxf git commit: Introduce new configuration constants to reference keys/certs/ids etc. in the header
Date Thu, 22 Oct 2015 14:31:47 GMT
Introduce new configuration constants to reference keys/certs/ids etc. in the header


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/7fc812de
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/7fc812de
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/7fc812de

Branch: refs/heads/3.0.x-fixes
Commit: 7fc812decc8ed0c6d6058d463727de69b53f8bb2
Parents: 98d0065
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Thu Oct 22 15:17:38 2015 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Thu Oct 22 15:23:27 2015 +0100

----------------------------------------------------------------------
 .../rs/security/jose/common/JoseConstants.java  | 64 +++++++++++++++++---
 .../jose/common/KeyManagementUtils.java         | 27 +++++++++
 .../cxf/rs/security/jose/jwe/JweUtils.java      | 47 ++++++++++----
 .../cxf/rs/security/jose/jwk/JwkUtils.java      | 25 ++++----
 .../cxf/rs/security/jose/jws/JwsUtils.java      | 46 +++++++++++---
 .../jaxrs/security/jwt/JAXRSJweJwsTest.java     | 14 ++---
 6 files changed, 172 insertions(+), 51 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/7fc812de/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/JoseConstants.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/JoseConstants.java
b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/JoseConstants.java
index ef65982..604155f 100644
--- a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/JoseConstants.java
+++ b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/JoseConstants.java
@@ -53,7 +53,7 @@ public final class JoseConstants {
     //
     
     // 
-    // Shared Keys/keystore configuration
+    // Shared configuration
     //
     
     /**
@@ -100,10 +100,28 @@ public final class JoseConstants {
     public static final String RSSEC_KEY_PSWD_PROVIDER = "rs.security.key.password.provider";
     
     /**
+     * Include the JWK public key (for signature or encryption) in the "jwk" header.
+     */
+    public static final String RSSEC_INCLUDE_PUBLIC_KEY = "rs.security.include.public.key";
+    
+    /**
+     * Include the X.509 certificate (for signature or encryption) in the "x5c" header.
+     */
+    public static final String RSSEC_INCLUDE_CERT = "rs.security.include.cert";
+    
+    /**
+     * Include the JWK key id (for signature or encryption) in the "kid" header.
+     */
+    public static final String RSSEC_INCLUDE_KEY_ID = "rs.security.include.key.id";
+    
+    /**
+     * Include the X.509 certificate SHA-1 digest (for signature or encryption) in the "x5t"
header.
+     */
+    public static final String RSSEC_INCLUDE_CERT_SHA1 = "rs.security.include.cert.sha1";
+    
+    /**
      * TODO documentation for these
      */
-    public static final String RSSEC_REPORT_KEY_PROP = "rs.security.report.public.key";
-    public static final String RSSEC_REPORT_KEY_ID_PROP = "rs.security.report.public.key.id";
     public static final String RSSEC_ACCEPT_PUBLIC_KEY_PROP = "rs.security.accept.public.key.properties";
     public static final String RSSEC_KEY_STORE_JWKSET = "rs.security.keystore.jwkset";
     public static final String RSSEC_KEY_STORE_JWKKEY = "rs.security.keystore.jwkkey";
@@ -164,10 +182,24 @@ public final class JoseConstants {
     public static final String RSSEC_SIGNATURE_LIST_PROPS = "rs.security.signature.list.properties";
     
     /**
-     * TODO documentation for these
+     * Include the JWK public key for signature in the "jwk" header.
+     */
+    public static final String RSSEC_SIGNATURE_INCLUDE_PUBLIC_KEY = "rs.security.signature.include.public.key";
+    
+    /**
+     * Include the X.509 certificate for signaturein the "x5c" header.
      */
-    public static final String RSSEC_SIGNATURE_REPORT_KEY_PROP = "rs.security.signature.report.public.key";
-    public static final String RSSEC_SIGNATURE_REPORT_KEY_ID_PROP = "rs.security.signature.report.public.key.id";
+    public static final String RSSEC_SIGNATURE_INCLUDE_CERT = "rs.security.signature.include.cert";
+    
+    /**
+     * Include the JWK key id for signature in the "kid" header.
+     */
+    public static final String RSSEC_SIGNATURE_INCLUDE_KEY_ID = "rs.security.signature.include.key.id";
+    
+    /**
+     * Include the X.509 certificate SHA-1 digest for signature in the "x5t" header.
+     */
+    public static final String RSSEC_SIGNATURE_INCLUDE_CERT_SHA1 = "rs.security.signature.include.cert.sha1";
     
     //
     // JWE specific Configuration
@@ -232,10 +264,24 @@ public final class JoseConstants {
     public static final String RSSEC_ENCRYPTION_PROPS = "rs.security.encryption.properties";
     
     /**
-     * TODO documentation for these
+     * Include the JWK public key for encryption in the "jwk" header.
+     */
+    public static final String RSSEC_ENCRYPTION_INCLUDE_PUBLIC_KEY = "rs.security.encryption.include.public.key";
+    
+    /**
+     * Include the X.509 certificate for encryption the "x5c" header.
+     */
+    public static final String RSSEC_ENCRYPTION_INCLUDE_CERT = "rs.security.encryption.include.cert";
+    
+    /**
+     * Include the JWK key id for encryption in the "kid" header.
+     */
+    public static final String RSSEC_ENCRYPTION_INCLUDE_KEY_ID = "rs.security.encryption.include.key.id";
+    
+    /**
+     * Include the X.509 certificate SHA-1 digest for encryption in the "x5t" header.
      */
-    public static final String RSSEC_ENCRYPTION_REPORT_KEY_PROP = "rs.security.encryption.report.public.key";
-    public static final String RSSEC_ENCRYPTION_REPORT_KEY_ID_PROP = "rs.security.encryption.report.public.key.id";
+    public static final String RSSEC_ENCRYPTION_INCLUDE_CERT_SHA1 = "rs.security.encryption.include.cert.sha1";
     
     //
     // JWT specific configuration

http://git-wip-us.apache.org/repos/asf/cxf/blob/7fc812de/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/KeyManagementUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/KeyManagementUtils.java
b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/KeyManagementUtils.java
index 0c32919..04b56b4 100644
--- a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/KeyManagementUtils.java
+++ b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/KeyManagementUtils.java
@@ -21,6 +21,7 @@ package org.apache.cxf.rs.security.jose.common;
 
 import java.io.InputStream;
 import java.security.KeyStore;
+import java.security.NoSuchAlgorithmException;
 import java.security.PrivateKey;
 import java.security.PublicKey;
 import java.security.cert.CertPath;
@@ -29,6 +30,7 @@ import java.security.cert.CertPathBuilderResult;
 import java.security.cert.CertPathValidator;
 import java.security.cert.CertStore;
 import java.security.cert.Certificate;
+import java.security.cert.CertificateEncodingException;
 import java.security.cert.CollectionCertStoreParameters;
 import java.security.cert.PKIXBuilderParameters;
 import java.security.cert.X509CertSelector;
@@ -38,15 +40,18 @@ import java.util.Arrays;
 import java.util.Enumeration;
 import java.util.List;
 import java.util.Properties;
+import java.util.logging.Level;
 import java.util.logging.Logger;
 
 import org.apache.cxf.Bus;
 import org.apache.cxf.common.logging.LogUtils;
+import org.apache.cxf.common.util.Base64UrlUtility;
 import org.apache.cxf.message.Message;
 import org.apache.cxf.message.MessageUtils;
 import org.apache.cxf.phase.PhaseInterceptorChain;
 import org.apache.cxf.rs.security.jose.jwk.KeyOperation;
 import org.apache.cxf.rt.security.crypto.CryptoUtils;
+import org.apache.cxf.rt.security.crypto.MessageDigestUtils;
 
 /**
  * Encryption helpers
@@ -56,10 +61,32 @@ public final class KeyManagementUtils {
     
     private KeyManagementUtils() {
     }
+    
     public static List<String> loadAndEncodeX509CertificateOrChain(Message m, Properties
props) {
         X509Certificate[] chain = loadX509CertificateOrChain(m, props);
         return encodeX509CertificateChain(chain);
     }
+    
+    public static String loadDigestAndEncodeX509Certificate(Message m, Properties props)
{
+        X509Certificate[] certs = loadX509CertificateOrChain(m, props);
+        if (certs != null && certs.length > 0) {
+            try {
+                byte[] digest = 
+                    MessageDigestUtils.createDigest(certs[0].getEncoded(), 
+                                                MessageDigestUtils.ALGO_SHA_1);
+                return Base64UrlUtility.encode(digest);
+            } catch (NoSuchAlgorithmException ex) {
+                LOG.log(Level.FINE, "Error creating digest", ex);
+                throw new JoseException(ex);
+            } catch (CertificateEncodingException ex) {
+                LOG.log(Level.FINE, "Error creating digest", ex);
+                throw new JoseException(ex);
+            }
+        }
+        
+        return null;
+    }
+    
     public static X509Certificate[] loadX509CertificateOrChain(Message m, Properties props)
{
         KeyStore keyStore = KeyManagementUtils.loadPersistKeyStore(m, props);
         String alias = props.getProperty(JoseConstants.RSSEC_KEY_STORE_ALIAS);

http://git-wip-us.apache.org/repos/asf/cxf/blob/7fc812de/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
index 5e6aece..0d2e50d 100644
--- a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
+++ b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
@@ -281,14 +281,13 @@ public final class JweUtils {
             return null;
         }
         
-        boolean reportPublicKey = 
+        boolean includeCert = 
             headers != null && MessageUtils.isTrue(
-                MessageUtils.getContextualProperty(m, JoseConstants.RSSEC_ENCRYPTION_REPORT_KEY_PROP,

-                                                   JoseConstants.RSSEC_REPORT_KEY_PROP));
-        boolean reportPublicKeyId = 
-            headers != null && MessageUtils.isTrue(
-                MessageUtils.getContextualProperty(m, JoseConstants.RSSEC_ENCRYPTION_REPORT_KEY_ID_PROP,

-                                                   JoseConstants.RSSEC_REPORT_KEY_ID_PROP));
+                MessageUtils.getContextualProperty(m, JoseConstants.RSSEC_ENCRYPTION_INCLUDE_CERT,

+                                                   JoseConstants.RSSEC_INCLUDE_CERT));
+        boolean includeCertSha1 = headers != null && MessageUtils.isTrue(
+                MessageUtils.getContextualProperty(m, JoseConstants.RSSEC_ENCRYPTION_INCLUDE_CERT_SHA1,

+                                                   JoseConstants.RSSEC_INCLUDE_CERT_SHA1));
         
         KeyEncryptionProvider keyEncryptionProvider = null;
         String keyEncryptionAlgo = getKeyEncryptionAlgo(m, props, null, null);
@@ -304,19 +303,43 @@ public final class JweUtils {
                 keyEncryptionAlgo = getKeyEncryptionAlgo(m, props, jwk.getAlgorithm(), 
                                                          getDefaultKeyAlgo(jwk));
                 keyEncryptionProvider = getKeyEncryptionProvider(jwk, keyAlgo);
-                if (reportPublicKey || reportPublicKeyId) {
-                    JwkUtils.setPublicKeyInfo(jwk, headers, keyEncryptionAlgo, 
-                                              reportPublicKey, reportPublicKeyId);
+                
+                boolean includePublicKey = headers != null && MessageUtils.isTrue(
+                    MessageUtils.getContextualProperty(m, JoseConstants.RSSEC_ENCRYPTION_INCLUDE_PUBLIC_KEY,
+                                                       JoseConstants.RSSEC_INCLUDE_PUBLIC_KEY));
+                boolean includeKeyId = headers != null && MessageUtils.isTrue(
+                    MessageUtils.getContextualProperty(m, JoseConstants.RSSEC_ENCRYPTION_INCLUDE_KEY_ID,
+                                                       JoseConstants.RSSEC_INCLUDE_KEY_ID));
+                
+                if (includeCert) {
+                    JwkUtils.includeCertChain(jwk, headers, keyEncryptionAlgo);
+                }
+                if (includeCertSha1 && headers != null) {
+                    String digest = KeyManagementUtils.loadDigestAndEncodeX509Certificate(m,
props);
+                    if (digest != null) {
+                        headers.setX509Thumbprint(digest);
+                    }
+                }
+                if (includePublicKey) {
+                    JwkUtils.includePublicKey(jwk, headers, keyEncryptionAlgo);
+                }
+                if (includeKeyId && jwk.getKeyId() != null && headers !=
null) {
+                    headers.setKeyId(jwk.getKeyId());
                 }
             }
         } else {
             keyEncryptionProvider = getPublicKeyEncryptionProvider(
                 KeyManagementUtils.loadPublicKey(m, props), 
                 keyAlgo);
-            if (reportPublicKey) {
+            if (includeCert) {
                 headers.setX509Chain(KeyManagementUtils.loadAndEncodeX509CertificateOrChain(m,
props));
             }
-            
+            if (includeCertSha1 && headers != null) {
+                String digest = KeyManagementUtils.loadDigestAndEncodeX509Certificate(m,
props);
+                if (digest != null) {
+                    headers.setX509Thumbprint(digest);
+                }
+            }
         }
         
         String compression = props.getProperty(JoseConstants.RSSEC_ENCRYPTION_ZIP_ALGORITHM);

http://git-wip-us.apache.org/repos/asf/cxf/blob/7fc812de/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JwkUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JwkUtils.java
b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JwkUtils.java
index cb76567..5ab72e0 100644
--- a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JwkUtils.java
+++ b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwk/JwkUtils.java
@@ -508,24 +508,23 @@ public final class JwkUtils {
     private static JweHeaders toJweHeaders(String ct) {
         return new JweHeaders(Collections.<String, Object>singletonMap(JoseConstants.HEADER_CONTENT_TYPE,
ct));
     }
-    public static void setPublicKeyInfo(JsonWebKey jwk, JoseHeaders headers, String algo,
-                                        boolean reportPublicKey, boolean reportPublicKeyId)
{
-        if (reportPublicKey && KeyType.RSA.equals(jwk.getKeyType())) {
+    
+    public static void includeCertChain(JsonWebKey jwk, JoseHeaders headers, String algo)
{
+        if (KeyType.RSA.equals(jwk.getKeyType())) {
             List<String> chain = CastUtils.cast((List<?>)jwk.getProperty("x5c"));
-            //TODO: if needed the chain can be reported as part of a 'jwk' property
             if (chain != null) {
                 headers.setX509Chain(chain);
-            } else {
-                JsonWebKey jwkPublic = JwkUtils.fromRSAPublicKey(JwkUtils.toRSAPublicKey(jwk),
algo);
-                if (reportPublicKeyId && jwk.getKeyId() != null) {
-                    jwkPublic.setKeyId(jwk.getKeyId());
-                }
-                headers.setJsonWebKey(jwkPublic);
             }
         }
-        if (reportPublicKeyId && jwk.getKeyId() != null) {
-            headers.setKeyId(jwk.getKeyId());
+    }
+    
+    public static void includePublicKey(JsonWebKey jwk, JoseHeaders headers, String algo)
{
+        if (KeyType.RSA.equals(jwk.getKeyType())) {
+            JsonWebKey jwkPublic = JwkUtils.fromRSAPublicKey(JwkUtils.toRSAPublicKey(jwk),
algo);
+            if (jwk.getKeyId() != null) {
+                jwkPublic.setKeyId(jwk.getKeyId());
+            }
+            headers.setJsonWebKey(jwkPublic);
         }
-        
     }
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/7fc812de/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
index 958c52e..f5db51b 100644
--- a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
+++ b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
@@ -267,20 +267,40 @@ public final class JwsUtils {
                                                               boolean ignoreNullProvider)
{
         JwsSignatureProvider theSigProvider = null;
         
-        boolean reportPublicKey = headers != null && MessageUtils.isTrue(
-                MessageUtils.getContextualProperty(m, JoseConstants.RSSEC_REPORT_KEY_PROP,

-                                                   JoseConstants.RSSEC_REPORT_KEY_PROP));
-        boolean reportPublicKeyId = 
-            headers != null && MessageUtils.isTrue(
-                MessageUtils.getContextualProperty(m, JoseConstants.RSSEC_REPORT_KEY_ID_PROP,
-                                                   JoseConstants.RSSEC_REPORT_KEY_ID_PROP));
+        boolean includeCert = headers != null && MessageUtils.isTrue(
+                MessageUtils.getContextualProperty(m, JoseConstants.RSSEC_SIGNATURE_INCLUDE_CERT,

+                                                   JoseConstants.RSSEC_INCLUDE_CERT));
+        boolean includeCertSha1 = headers != null && MessageUtils.isTrue(
+                MessageUtils.getContextualProperty(m, JoseConstants.RSSEC_SIGNATURE_INCLUDE_CERT_SHA1,

+                                                   JoseConstants.RSSEC_INCLUDE_CERT_SHA1));
+        
         if (JoseConstants.HEADER_JSON_WEB_KEY.equals(props.get(JoseConstants.RSSEC_KEY_STORE_TYPE)))
{
             JsonWebKey jwk = JwkUtils.loadJsonWebKey(m, props, KeyOperation.SIGN);
             if (jwk != null) {
                 String signatureAlgo = getSignatureAlgo(m, props, jwk.getAlgorithm(), getDefaultKeyAlgo(jwk));
                 theSigProvider = JwsUtils.getSignatureProvider(jwk, SignatureAlgorithm.getAlgorithm(signatureAlgo));
-                if (reportPublicKey || reportPublicKeyId) {
-                    JwkUtils.setPublicKeyInfo(jwk, headers, signatureAlgo, reportPublicKey,
reportPublicKeyId);
+                
+                boolean includePublicKey = headers != null && MessageUtils.isTrue(
+                    MessageUtils.getContextualProperty(m, JoseConstants.RSSEC_SIGNATURE_INCLUDE_PUBLIC_KEY,
+                                                       JoseConstants.RSSEC_INCLUDE_PUBLIC_KEY));
+                boolean includeKeyId = headers != null && MessageUtils.isTrue(
+                    MessageUtils.getContextualProperty(m, JoseConstants.RSSEC_SIGNATURE_INCLUDE_KEY_ID,
+                                                       JoseConstants.RSSEC_INCLUDE_KEY_ID));
+                
+                if (includeCert) {
+                    JwkUtils.includeCertChain(jwk, headers, signatureAlgo);
+                }
+                if (includeCertSha1 && headers != null) {
+                    String digest = KeyManagementUtils.loadDigestAndEncodeX509Certificate(m,
props);
+                    if (digest != null) {
+                        headers.setX509Thumbprint(digest);
+                    }
+                }
+                if (includePublicKey) {
+                    JwkUtils.includePublicKey(jwk, headers, signatureAlgo);
+                }
+                if (includeKeyId && jwk.getKeyId() != null && headers !=
null) {
+                    headers.setKeyId(jwk.getKeyId());
                 }
             }
         } else {
@@ -288,9 +308,15 @@ public final class JwsUtils {
             PrivateKey pk = KeyManagementUtils.loadPrivateKey(m, props, KeyOperation.SIGN);
             theSigProvider = getPrivateKeySignatureProvider(pk, 
                                                             SignatureAlgorithm.getAlgorithm(signatureAlgo));
-            if (reportPublicKey) {
+            if (includeCert && headers != null) {
                 headers.setX509Chain(KeyManagementUtils.loadAndEncodeX509CertificateOrChain(m,
props));
             }
+            if (includeCertSha1 && headers != null) {
+                String digest = KeyManagementUtils.loadDigestAndEncodeX509Certificate(m,
props);
+                if (digest != null) {
+                    headers.setX509Thumbprint(digest);
+                }
+            }
         }
         if (theSigProvider == null && !ignoreNullProvider) {
             LOG.warning("Provider is not available");

http://git-wip-us.apache.org/repos/asf/cxf/blob/7fc812de/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
index f0dd763..c3e9c7f 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
@@ -243,7 +243,7 @@ public class JAXRSJweJwsTest extends AbstractBusClientServerTestBase {
         }
         String address = "https://localhost:" + PORT + "/jwejwsrsaCertInHeaders";
         BookStore bs = createJweJwsBookStore(address, null, null);
-        WebClient.getConfig(bs).getRequestContext().put("rs.security.report.public.key",
"true");
+        WebClient.getConfig(bs).getRequestContext().put("rs.security.include.cert", "true");
         String text = bs.echoText("book");
         assertEquals("book", text);
     }
@@ -349,8 +349,8 @@ public class JAXRSJweJwsTest extends AbstractBusClientServerTestBase {
         doTestJwsJwkRSA("https://localhost:" + PORT + "/jwsjwkrsa", false, true);
     }
     private void doTestJwsJwkRSA(String address, 
-                                 boolean reportPublicKey,
-                                 boolean reportPublicKeyId) throws Exception {
+                                 boolean includePublicKey,
+                                 boolean includeKeyId) throws Exception {
         JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
         SpringBusFactory bf = new SpringBusFactory();
         URL busFile = JAXRSJweJwsTest.class.getResource("client.xml");
@@ -368,11 +368,11 @@ public class JAXRSJweJwsTest extends AbstractBusClientServerTestBase
{
             "org/apache/cxf/systest/jaxrs/security/alice.jwk.properties");
         bean.getProperties(true).put("rs.security.signature.in.properties",
             "org/apache/cxf/systest/jaxrs/security/bob.jwk.properties");
-        if (reportPublicKey) {
-            bean.getProperties(true).put("rs.security.report.public.key", true);
+        if (includePublicKey) {
+            bean.getProperties(true).put("rs.security.include.public.key", true);
         }
-        if (reportPublicKeyId) {
-            bean.getProperties(true).put("rs.security.report.public.key.id", true);
+        if (includeKeyId) {
+            bean.getProperties(true).put("rs.security.include.key.id", true);
         }
         BookStore bs = bean.create(BookStore.class);
         String text = bs.echoText("book");


Mime
View raw message