Example 1 with Base64UrlOutputStream
use of org.apache.cxf.common.util.Base64UrlOutputStream in project cxf by apache.
the class JwsJsonWriterInterceptor method aroundWriteTo.
@Override
public void aroundWriteTo(WriterInterceptorContext ctx) throws IOException, WebApplicationException {
if (ctx.getEntity() == null) {
ctx.proceed();
return;
}
List<String> propLocs = getPropertyLocations();
List<JwsHeaders> protectedHeaders = new ArrayList<>(propLocs.size());
for (int i = 0; i < propLocs.size(); i++) {
protectedHeaders.add(new JwsHeaders());
}
List<JwsSignatureProvider> sigProviders = getInitializedSigProviders(propLocs, protectedHeaders);
OutputStream actualOs = ctx.getOutputStream();
if (useJwsOutputStream) {
List<String> encodedProtectedHeaders = new ArrayList<>(sigProviders.size());
List<JwsSignature> signatures = new ArrayList<>(sigProviders.size());
int size = sigProviders.size();
for (int i = 0; i < size; i++) {
JwsSignatureProvider signer = sigProviders.get(i);
JwsHeaders protectedHeader = protectedHeaders.get(i);
prepareProtectedHeader(protectedHeader, ctx, signer, size == 1);
String encoded = Base64UrlUtility.encode(writer.toJson(protectedHeader));
encodedProtectedHeaders.add(encoded);
JwsSignature signature = signer.createJwsSignature(protectedHeader);
byte[] start = StringUtils.toBytesUTF8(encoded + ".");
signature.update(start, 0, start.length);
signatures.add(signature);
}
ctx.setMediaType(JAXRSUtils.toMediaType(JoseConstants.MEDIA_TYPE_JOSE_JSON));
actualOs.write(StringUtils.toBytesUTF8("{\"payload\":\""));
JwsJsonOutputStream jwsStream = new JwsJsonOutputStream(actualOs, encodedProtectedHeaders, signatures);
Base64UrlOutputStream base64Stream = null;
if (encodePayload) {
base64Stream = new Base64UrlOutputStream(jwsStream);
ctx.setOutputStream(base64Stream);
} else {
ctx.setOutputStream(jwsStream);
}
ctx.proceed();
if (base64Stream != null) {
base64Stream.flush();
}
jwsStream.flush();
} else {
CachedOutputStream cos = new CachedOutputStream();
ctx.setOutputStream(cos);
ctx.proceed();
JwsJsonProducer p = new JwsJsonProducer(new String(cos.getBytes(), StandardCharsets.UTF_8));
int size = sigProviders.size();
for (int i = 0; i < size; i++) {
JwsSignatureProvider signer = sigProviders.get(i);
JwsHeaders protectedHeader = protectedHeaders.get(i);
prepareProtectedHeader(protectedHeader, ctx, signer, size == 1);
p.signWith(signer, protectedHeader, null);
}
ctx.setMediaType(JAXRSUtils.toMediaType(JoseConstants.MEDIA_TYPE_JOSE_JSON));
writeJws(p, actualOs);
}
}
Also used :
JwsSignature(org.apache.cxf.rs.security.jose.jws.JwsSignature)
OutputStream(java.io.OutputStream)
Base64UrlOutputStream(org.apache.cxf.common.util.Base64UrlOutputStream)
JwsJsonOutputStream(org.apache.cxf.rs.security.jose.jws.JwsJsonOutputStream)
CachedOutputStream(org.apache.cxf.io.CachedOutputStream)
ArrayList(java.util.ArrayList)
CachedOutputStream(org.apache.cxf.io.CachedOutputStream)
JwsHeaders(org.apache.cxf.rs.security.jose.jws.JwsHeaders)
JwsJsonOutputStream(org.apache.cxf.rs.security.jose.jws.JwsJsonOutputStream)
Base64UrlOutputStream(org.apache.cxf.common.util.Base64UrlOutputStream)
JwsJsonProducer(org.apache.cxf.rs.security.jose.jws.JwsJsonProducer)
JwsSignatureProvider(org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider)
Example 2 with Base64UrlOutputStream
use of org.apache.cxf.common.util.Base64UrlOutputStream in project cxf by apache.
the class JwsWriterInterceptor method aroundWriteTo.
@Override
public void aroundWriteTo(WriterInterceptorContext ctx) throws IOException, WebApplicationException {
if (ctx.getEntity() == null) {
ctx.proceed();
return;
}
JwsHeaders headers = new JwsHeaders();
JwsSignatureProvider sigProvider = getInitializedSigProvider(headers);
setContentTypeIfNeeded(headers, ctx);
if (!encodePayload) {
headers.setPayloadEncodingStatus(false);
}
protectHttpHeadersIfNeeded(ctx, headers);
OutputStream actualOs = ctx.getOutputStream();
if (useJwsOutputStream) {
JwsSignature jwsSignature = sigProvider.createJwsSignature(headers);
JoseUtils.traceHeaders(headers);
JwsOutputStream jwsStream = new JwsOutputStream(actualOs, jwsSignature, true);
byte[] headerBytes = StringUtils.toBytesUTF8(writer.toJson(headers));
Base64UrlUtility.encodeAndStream(headerBytes, 0, headerBytes.length, jwsStream);
jwsStream.write(new byte[] { '.' });
Base64UrlOutputStream base64Stream = null;
if (encodePayload) {
base64Stream = new Base64UrlOutputStream(jwsStream);
ctx.setOutputStream(base64Stream);
} else {
ctx.setOutputStream(jwsStream);
}
ctx.proceed();
setJoseMediaType(ctx);
if (base64Stream != null) {
base64Stream.flush();
}
jwsStream.flush();
} else {
CachedOutputStream cos = new CachedOutputStream();
ctx.setOutputStream(cos);
ctx.proceed();
JwsCompactProducer p = new JwsCompactProducer(headers, new String(cos.getBytes(), StandardCharsets.UTF_8));
setJoseMediaType(ctx);
writeJws(p, sigProvider, actualOs);
}
}
Also used :
JwsOutputStream(org.apache.cxf.rs.security.jose.jws.JwsOutputStream)
JwsHeaders(org.apache.cxf.rs.security.jose.jws.JwsHeaders)
JwsSignature(org.apache.cxf.rs.security.jose.jws.JwsSignature)
Base64UrlOutputStream(org.apache.cxf.common.util.Base64UrlOutputStream)
JwsOutputStream(org.apache.cxf.rs.security.jose.jws.JwsOutputStream)
OutputStream(java.io.OutputStream)
CachedOutputStream(org.apache.cxf.io.CachedOutputStream)
JwsCompactProducer(org.apache.cxf.rs.security.jose.jws.JwsCompactProducer)
Base64UrlOutputStream(org.apache.cxf.common.util.Base64UrlOutputStream)
JwsSignatureProvider(org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider)
CachedOutputStream(org.apache.cxf.io.CachedOutputStream)
Aggregations
OutputStream (java.io.OutputStream)2
Base64UrlOutputStream (org.apache.cxf.common.util.Base64UrlOutputStream)2
CachedOutputStream (org.apache.cxf.io.CachedOutputStream)2
JwsHeaders (org.apache.cxf.rs.security.jose.jws.JwsHeaders)2
JwsSignature (org.apache.cxf.rs.security.jose.jws.JwsSignature)2
JwsSignatureProvider (org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider)2
ArrayList (java.util.ArrayList)1
JwsCompactProducer (org.apache.cxf.rs.security.jose.jws.JwsCompactProducer)1
JwsJsonOutputStream (org.apache.cxf.rs.security.jose.jws.JwsJsonOutputStream)1
JwsJsonProducer (org.apache.cxf.rs.security.jose.jws.JwsJsonProducer)1
JwsOutputStream (org.apache.cxf.rs.security.jose.jws.JwsOutputStream)1
