cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: Optional 'kid' reporting for the keys loaded from JKS too
Date Mon, 12 Sep 2016 11:59:04 GMT
Repository: cxf
Updated Branches:
  refs/heads/master 9e413483e -> f5fabb85a


Optional 'kid' reporting for the keys loaded from JKS too


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/f5fabb85
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/f5fabb85
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/f5fabb85

Branch: refs/heads/master
Commit: f5fabb85a6c245e6920b1e88bdfdae332be8369b
Parents: 9e41348
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Mon Sep 12 12:58:38 2016 +0100
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Mon Sep 12 12:58:38 2016 +0100

----------------------------------------------------------------------
 .../cxf/rs/security/jose/jws/JwsUtils.java       | 19 +++++++++++++------
 .../cxf/rs/security/jose/jws/JwsUtilsTest.java   | 16 ++++++++++++++++
 2 files changed, 29 insertions(+), 6 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/f5fabb85/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
index c7f5a54..4def701 100644
--- a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
+++ b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
@@ -317,9 +317,13 @@ public final class JwsUtils {
     public static JwsSignatureProvider loadSignatureProvider(Properties props,
                                                              JwsHeaders headers) {
         return loadSignatureProvider(PhaseInterceptorChain.getCurrentMessage(),
-                                     props, headers, false);
+                                     props, headers);
+    }
+    public static JwsSignatureProvider loadSignatureProvider(Message m, 
+                                                              Properties props,
+                                                              JwsHeaders headers) {
+        return loadSignatureProvider(m, props, headers, false);
     }
-    
     public static JwsSignatureProvider loadSignatureProvider(String propertiesLoc, Bus bus)
{
         Properties props = loadSignatureProperties(propertiesLoc, bus);
         return loadSignatureProvider(props, null);
@@ -335,7 +339,9 @@ public final class JwsUtils {
                 m, JoseConstants.RSSEC_SIGNATURE_INCLUDE_CERT, false);
         boolean includeCertSha1 = headers != null && MessageUtils.getContextualBoolean(
                 m, JoseConstants.RSSEC_SIGNATURE_INCLUDE_CERT_SHA1, false);
-        
+        boolean includeKeyId = headers != null && MessageUtils.getContextualBoolean(
+                m, JoseConstants.RSSEC_SIGNATURE_INCLUDE_KEY_ID, false);
+                                                                                
         if (JoseConstants.HEADER_JSON_WEB_KEY.equals(props.get(JoseConstants.RSSEC_KEY_STORE_TYPE)))
{
             JsonWebKey jwk = JwkUtils.loadJsonWebKey(m, props, KeyOperation.SIGN);
             if (jwk != null) {
@@ -347,8 +353,6 @@ public final class JwsUtils {
                 
                 boolean includePublicKey = headers != null && MessageUtils.getContextualBoolean(
                     m, JoseConstants.RSSEC_SIGNATURE_INCLUDE_PUBLIC_KEY, false);
-                boolean includeKeyId = headers != null && MessageUtils.getContextualBoolean(
-                    m, JoseConstants.RSSEC_SIGNATURE_INCLUDE_KEY_ID, false);
                 
                 if (includeCert) {
                     JwkUtils.includeCertChain(jwk, headers, signatureAlgo.getJwaName());
@@ -362,7 +366,7 @@ public final class JwsUtils {
                 if (includePublicKey) {
                     JwkUtils.includePublicKey(jwk, headers, signatureAlgo.getJwaName());
                 }
-                if (includeKeyId && jwk.getKeyId() != null && headers !=
null) {
+                if (includeKeyId && jwk.getKeyId() != null) {
                     headers.setKeyId(jwk.getKeyId());
                 }
             }
@@ -382,6 +386,9 @@ public final class JwsUtils {
                         headers.setX509Thumbprint(digest);
                     }
                 }
+                if (includeKeyId && props.containsKey(JoseConstants.RSSEC_KEY_STORE_ALIAS))
{
+                    headers.setKeyId(props.getProperty(JoseConstants.RSSEC_KEY_STORE_ALIAS));
+                }
             }
         }
         if (theSigProvider == null && !ignoreNullProvider) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/f5fabb85/rt/rs/security/jose-parent/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsUtilsTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose-parent/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsUtilsTest.java
b/rt/rs/security/jose-parent/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsUtilsTest.java
index 478331d..9318cff 100644
--- a/rt/rs/security/jose-parent/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsUtilsTest.java
+++ b/rt/rs/security/jose-parent/jose/src/test/java/org/apache/cxf/rs/security/jose/jws/JwsUtilsTest.java
@@ -37,6 +37,21 @@ import org.junit.Test;
 
 public class JwsUtilsTest extends Assert {
     @Test
+    public void testLoadSignatureProviderFromJKS() throws Exception {
+        Properties p = new Properties();
+        p.put(JoseConstants.RSSEC_KEY_STORE_FILE, 
+            "org/apache/cxf/rs/security/jose/jws/alice.jks");
+        p.put(JoseConstants.RSSEC_KEY_STORE_PSWD, "password");
+        p.put(JoseConstants.RSSEC_KEY_PSWD, "password");
+        p.put(JoseConstants.RSSEC_KEY_STORE_ALIAS, "alice");
+        JwsHeaders headers = new JwsHeaders();
+        JwsSignatureProvider jws = JwsUtils.loadSignatureProvider(createMessage(),
+                                                                  p, 
+                                                                  headers);
+        assertNotNull(jws);
+        assertEquals("alice", headers.getKeyId());
+    }
+    @Test
     public void testLoadVerificationKey() throws Exception {
         Properties p = new Properties();
         p.put(JoseConstants.RSSEC_KEY_STORE_FILE, 
@@ -83,6 +98,7 @@ public class JwsUtilsTest extends Assert {
         Exchange e = new ExchangeImpl();
         e.put(Bus.class, BusFactory.getThreadDefaultBus());
         m.setExchange(e);
+        m.put(JoseConstants.RSSEC_SIGNATURE_INCLUDE_KEY_ID, "true");
         e.setInMessage(m);
         return m;
     }


Mime
View raw message