Search in sources :

Example 6 with JSONWebKey

use of io.jans.as.model.jwk.JSONWebKey in project jans by JanssenProject.

the class JwksResource method getKeyById.

@GET
@ProtectedApi(scopes = { ApiAccessConstants.JWKS_READ_ACCESS })
@Path(ApiConstants.KID_PATH)
public Response getKeyById(@PathParam(ApiConstants.KID) @NotNull String kid) {
    log.debug("Fetch JWK details by kid = " + kid);
    WebKeysConfiguration webkeys = configurationService.findConf().getWebKeys();
    log.debug("WebKeysConfiguration before addding new key =" + webkeys);
    JSONWebKey jwk = getJSONWebKey(webkeys, kid);
    return Response.ok(jwk).build();
}
Also used : JSONWebKey(io.jans.as.model.jwk.JSONWebKey) WebKeysConfiguration(io.jans.as.model.config.WebKeysConfiguration) ProtectedApi(io.jans.configapi.core.rest.ProtectedApi)

Example 7 with JSONWebKey

use of io.jans.as.model.jwk.JSONWebKey in project jans by JanssenProject.

the class KeyGeneratorService method generateKeys.

private JSONWebKeySet generateKeys(List<Algorithm> signatureAlgorithms, List<Algorithm> encryptionAlgorithms, int expiration_hours) {
    LOG.trace("Generating jwks keys...");
    JSONWebKeySet jwks = new JSONWebKeySet();
    Calendar calendar = new GregorianCalendar();
    calendar.add(Calendar.HOUR, expiration_hours);
    for (Algorithm algorithm : signatureAlgorithms) {
        try {
            SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.fromString(algorithm.name());
            JSONObject result = this.cryptoProvider.generateKey(algorithm, calendar.getTimeInMillis());
            JSONWebKey key = JSONWebKey.fromJSONObject(result);
            jwks.getKeys().add(key);
        } catch (Exception ex) {
            LOG.error(ex.getMessage(), ex);
        }
    }
    for (Algorithm algorithm : encryptionAlgorithms) {
        try {
            KeyEncryptionAlgorithm encryptionAlgorithm = KeyEncryptionAlgorithm.fromName(algorithm.getParamName());
            JSONObject result = this.cryptoProvider.generateKey(algorithm, calendar.getTimeInMillis());
            JSONWebKey key = JSONWebKey.fromJSONObject(result);
            jwks.getKeys().add(key);
        } catch (Exception ex) {
            LOG.error(ex.getMessage(), ex);
        }
    }
    // LOG.trace("jwks: ", jwks);
    LOG.trace("jwks generated successfully.");
    return jwks;
}
Also used : JSONWebKey(io.jans.as.model.jwk.JSONWebKey) JSONObject(org.json.JSONObject) JSONWebKeySet(io.jans.as.model.jwk.JSONWebKeySet) Calendar(java.util.Calendar) GregorianCalendar(java.util.GregorianCalendar) KeyEncryptionAlgorithm(io.jans.as.model.crypto.encryption.KeyEncryptionAlgorithm) GregorianCalendar(java.util.GregorianCalendar) SignatureAlgorithm(io.jans.as.model.crypto.signature.SignatureAlgorithm) SignatureAlgorithm(io.jans.as.model.crypto.signature.SignatureAlgorithm) Algorithm(io.jans.as.model.jwk.Algorithm) KeyEncryptionAlgorithm(io.jans.as.model.crypto.encryption.KeyEncryptionAlgorithm) CryptoProviderException(io.jans.as.model.exception.CryptoProviderException) HttpException(io.jans.ca.server.HttpException)

Example 8 with JSONWebKey

use of io.jans.as.model.jwk.JSONWebKey in project jans by JanssenProject.

the class TokenRestWebServiceImpl method runDPoP.

private String runDPoP(HttpServletRequest httpRequest) throws InvalidJwtException, JWKException, NoSuchAlgorithmException, NoSuchProviderException {
    String dpopStr = httpRequest.getHeader(TokenRequestParam.DPOP);
    if (StringUtils.isBlank(dpopStr))
        return null;
    Jwt dpop = Jwt.parseOrThrow(dpopStr);
    JSONWebKey jwk = JSONWebKey.fromJSONObject(dpop.getHeader().getJwk());
    String dpopJwkThumbprint = jwk.getJwkThumbprint();
    if (dpopJwkThumbprint == null)
        throw new InvalidJwtException("Invalid DPoP Proof Header. The jwk header is not valid.");
    return dpopJwkThumbprint;
}
Also used : InvalidJwtException(io.jans.as.model.exception.InvalidJwtException) JSONWebKey(io.jans.as.model.jwk.JSONWebKey) Jwt(io.jans.as.model.jwt.Jwt)

Example 9 with JSONWebKey

use of io.jans.as.model.jwk.JSONWebKey in project jans by JanssenProject.

the class JwkResponse method getKeys.

public List<JSONWebKey> getKeys(Algorithm algorithm) {
    List<JSONWebKey> jsonWebKeys = new ArrayList<JSONWebKey>();
    if (AlgorithmFamily.RSA.equals(algorithm.getFamily())) {
        for (JSONWebKey jsonWebKey : jwks.getKeys()) {
            if (jsonWebKey.getAlg().equals(algorithm)) {
                jsonWebKeys.add(jsonWebKey);
            }
        }
    } else if (AlgorithmFamily.EC.equals(algorithm.getFamily())) {
        for (JSONWebKey jsonWebKey : jwks.getKeys()) {
            if (jsonWebKey.getAlg().equals(algorithm)) {
                jsonWebKeys.add(jsonWebKey);
            }
        }
    }
    Collections.sort(jsonWebKeys, KeySelectionStrategy.compareExp());
    return jsonWebKeys;
}
Also used : JSONWebKey(io.jans.as.model.jwk.JSONWebKey) ArrayList(java.util.ArrayList)

Example 10 with JSONWebKey

use of io.jans.as.model.jwk.JSONWebKey in project jans by JanssenProject.

the class JwkResponse method getPublicKey.

@Deprecated
public PublicKey getPublicKey(String keyId) {
    PublicKey publicKey = null;
    JSONWebKey JSONWebKey = getKeyValue(keyId);
    if (JSONWebKey != null) {
        switch(JSONWebKey.getKty()) {
            case RSA:
                publicKey = new RSAPublicKey(JSONWebKey.getN(), JSONWebKey.getE());
                break;
            case EC:
                publicKey = new ECDSAPublicKey(SignatureAlgorithm.fromString(JSONWebKey.getAlg().getParamName()), JSONWebKey.getX(), JSONWebKey.getY());
                break;
            default:
                break;
        }
    }
    return publicKey;
}
Also used : JSONWebKey(io.jans.as.model.jwk.JSONWebKey) RSAPublicKey(io.jans.as.model.crypto.signature.RSAPublicKey) PublicKey(io.jans.as.model.crypto.PublicKey) ECDSAPublicKey(io.jans.as.model.crypto.signature.ECDSAPublicKey) RSAPublicKey(io.jans.as.model.crypto.signature.RSAPublicKey) ECDSAPublicKey(io.jans.as.model.crypto.signature.ECDSAPublicKey)

Aggregations

JSONWebKey (io.jans.as.model.jwk.JSONWebKey)27 Test (org.testng.annotations.Test)12 BaseTest (io.jans.as.client.BaseTest)11 ResponseType (io.jans.as.model.common.ResponseType)10 Parameters (org.testng.annotations.Parameters)10 TokenResponse (io.jans.as.client.TokenResponse)9 AuthCryptoProvider (io.jans.as.model.crypto.AuthCryptoProvider)9 DPoP (io.jans.as.model.jwt.DPoP)9 JSONWebKeySet (io.jans.as.model.jwk.JSONWebKeySet)6 JSONObject (org.json.JSONObject)6 RSAPublicKeyImpl (sun.security.rsa.RSAPublicKeyImpl)6 PublicKey (java.security.PublicKey)5 RSAPublicKey (io.jans.as.model.crypto.signature.RSAPublicKey)4 CryptoProviderException (io.jans.as.model.exception.CryptoProviderException)4 JwkClient (io.jans.as.client.JwkClient)3 JwkResponse (io.jans.as.client.JwkResponse)3 WebKeysConfiguration (io.jans.as.model.config.WebKeysConfiguration)3 ECDSAPublicKey (io.jans.as.model.crypto.signature.ECDSAPublicKey)3 Jwt (io.jans.as.model.jwt.Jwt)3 AuthorizationGrant (io.jans.as.server.model.common.AuthorizationGrant)3