cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: Also making HS algo configurable when signing with a client secret
Date Thu, 12 Nov 2015 12:14:00 GMT
Repository: cxf
Updated Branches:
  refs/heads/master 531f9a9f3 -> ecc3acd1b


Also making HS algo configurable when signing with a client secret


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/ecc3acd1
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/ecc3acd1
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/ecc3acd1

Branch: refs/heads/master
Commit: ecc3acd1bd0f99be834f35dd0b481657fdabf020
Parents: 531f9a9
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Thu Nov 12 12:13:29 2015 +0000
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Thu Nov 12 12:13:29 2015 +0000

----------------------------------------------------------------------
 .../oauth2/provider/AbstractOAuthJoseJwtProducer.java     | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/ecc3acd1/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthJoseJwtProducer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthJoseJwtProducer.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthJoseJwtProducer.java
index e5bf012..1bd78fe 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthJoseJwtProducer.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthJoseJwtProducer.java
@@ -18,8 +18,11 @@
  */
 package org.apache.cxf.rs.security.oauth2.provider;
 
+import java.util.Properties;
+
 import javax.crypto.SecretKey;
 
+import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils;
 import org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm;
 import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
 import org.apache.cxf.rs.security.jose.jwe.JweEncryptionProvider;
@@ -42,8 +45,11 @@ public abstract class AbstractOAuthJoseJwtProducer extends AbstractJoseJwtProduc
     
     protected JwsSignatureProvider getInitializedSignatureProvider(String clientSecret) {
         if (signWithClientSecret) {
-            byte[] hmac = CryptoUtils.decodeSequence(clientSecret);
-            return JwsUtils.getHmacSignatureProvider(hmac, SignatureAlgorithm.HS256);
+            Properties props = JwsUtils.loadSignatureOutProperties(false);
+            SignatureAlgorithm sigAlgo = JwsUtils.getSignatureAlgorithm(props, SignatureAlgorithm.HS256);
+            if (AlgorithmUtils.isHmacSign(sigAlgo)) {
+                return JwsUtils.getHmacSignatureProvider(clientSecret, SignatureAlgorithm.HS256);
+            }
         }
         return null;
     }


Mime
View raw message