Search in sources :

Example 1 with SymmetricKey

use of oidc.model.SymmetricKey in project OpenConext-oidcng by OpenConext.

the class KeyRolloverTest method rolloverSymmetricKeys.

@Test
public void rolloverSymmetricKeys() throws GeneralSecurityException, IOException {
    resetAndCreateSymmetricKeys(3);
    List<SymmetricKey> symmetricKeys = mongoTemplate.findAll(SymmetricKey.class);
    assertEquals(3, symmetricKeys.size());
    List<SigningKey> signingKeys = IntStream.rangeClosed(0, 5).mapToObj(i -> new SigningKey("key_" + i, symmetricKeys.get(0).getKeyId(), "jwk", new Date())).collect(toList());
    mongoTemplate.bulkOps(BulkOperations.BulkMode.ORDERED, SigningKey.class).remove(new Query()).insert(signingKeys).execute();
    KeyRollover keyRollover = new KeyRollover(tokenGenerator, mongoTemplate, true, sequenceRepository);
    keyRollover.doSymmetricKeyRollover();
    List<String> keyIds = mongoTemplate.findAll(SymmetricKey.class).stream().map(SymmetricKey::getKeyId).sorted().collect(toList());
    assertEquals(Arrays.asList(symmetricKeys.get(0).getKeyId(), sequenceRepository.currentSymmetricKeyId()).stream().sorted().collect(toList()), keyIds);
    mongoTemplate.bulkOps(BulkOperations.BulkMode.ORDERED, SigningKey.class).remove(new Query()).execute();
}
Also used : IntStream(java.util.stream.IntStream) Arrays(java.util.Arrays) BulkOperations(org.springframework.data.mongodb.core.BulkOperations) Date(java.util.Date) Assert.assertTrue(org.junit.Assert.assertTrue) Test(org.junit.Test) IOException(java.io.IOException) Query(org.springframework.data.mongodb.core.query.Query) AccessToken(oidc.model.AccessToken) List(java.util.List) Collectors.toList(java.util.stream.Collectors.toList) GeneralSecurityException(java.security.GeneralSecurityException) SigningKey(oidc.model.SigningKey) Assert.assertFalse(org.junit.Assert.assertFalse) ParseException(java.text.ParseException) SymmetricKey(oidc.model.SymmetricKey) Assert.assertEquals(org.junit.Assert.assertEquals) AbstractIntegrationTest(oidc.AbstractIntegrationTest) SeedUtils(oidc.SeedUtils) RefreshToken(oidc.model.RefreshToken) Query(org.springframework.data.mongodb.core.query.Query) SigningKey(oidc.model.SigningKey) SymmetricKey(oidc.model.SymmetricKey) Date(java.util.Date) Test(org.junit.Test) AbstractIntegrationTest(oidc.AbstractIntegrationTest)

Example 2 with SymmetricKey

use of oidc.model.SymmetricKey in project OpenConext-oidcng by OpenConext.

the class KeyRollover method doSymmetricKeyRollover.

public List<String> doSymmetricKeyRollover() {
    try {
        SymmetricKey symmetricKey = tokenGenerator.rolloverSymmetricKeys();
        LOG.info("Successful symmetric key rollover. New symmetric key: " + symmetricKey.getKeyId());
        return cleanUpSymmetricKeys();
    } catch (Exception e) {
        LOG.error("Rollover exception", e);
        return Collections.emptyList();
    }
}
Also used : SymmetricKey(oidc.model.SymmetricKey)

Example 3 with SymmetricKey

use of oidc.model.SymmetricKey in project OpenConext-oidcng by OpenConext.

the class AbstractIntegrationTest method resetAndCreateSymmetricKeys.

protected void resetAndCreateSymmetricKeys(int numberOfSymmetricKeys) throws GeneralSecurityException, IOException {
    mongoTemplate.dropCollection(SymmetricKey.class);
    for (int i = 1; i < numberOfSymmetricKeys + 1; i++) {
        SymmetricKey symmetricKey = tokenGenerator.rolloverSymmetricKeys();
        assertNotNull(symmetricKey.getKeyId());
    }
}
Also used : SymmetricKey(oidc.model.SymmetricKey)

Example 4 with SymmetricKey

use of oidc.model.SymmetricKey in project OpenConext-oidcng by OpenConext.

the class KeyRollover method cleanUpSymmetricKeys.

public List<String> cleanUpSymmetricKeys() {
    List<String> symmetricKeyValues = mongoTemplate.findDistinct("symmetricKeyId", SigningKey.class, String.class);
    symmetricKeyValues.add(sequenceRepository.currentSymmetricKeyId());
    Query query = Query.query(Criteria.where("keyId").not().in(symmetricKeyValues));
    List<SymmetricKey> symmetricKeys = mongoTemplate.findAllAndRemove(query, SymmetricKey.class);
    List<String> deleted = symmetricKeys.stream().map(SymmetricKey::getKeyId).collect(Collectors.toList());
    LOG.info("Deleted symmetric keys that are no longer referenced by signing keys: " + String.join(", ", deleted));
    return deleted;
}
Also used : Query(org.springframework.data.mongodb.core.query.Query) SymmetricKey(oidc.model.SymmetricKey)

Aggregations

SymmetricKey (oidc.model.SymmetricKey)4 Query (org.springframework.data.mongodb.core.query.Query)2 IOException (java.io.IOException)1 GeneralSecurityException (java.security.GeneralSecurityException)1 ParseException (java.text.ParseException)1 Arrays (java.util.Arrays)1 Date (java.util.Date)1 List (java.util.List)1 Collectors.toList (java.util.stream.Collectors.toList)1 IntStream (java.util.stream.IntStream)1 AbstractIntegrationTest (oidc.AbstractIntegrationTest)1 SeedUtils (oidc.SeedUtils)1 AccessToken (oidc.model.AccessToken)1 RefreshToken (oidc.model.RefreshToken)1 SigningKey (oidc.model.SigningKey)1 Assert.assertEquals (org.junit.Assert.assertEquals)1 Assert.assertFalse (org.junit.Assert.assertFalse)1 Assert.assertTrue (org.junit.Assert.assertTrue)1 Test (org.junit.Test)1 BulkOperations (org.springframework.data.mongodb.core.BulkOperations)1