Examples with DifferentAlgorithmsException - org.apache.cxf.rs.security.httpsignature.exception.DifferentAlgorithmsException

Example 1 with DifferentAlgorithmsException

use of org.apache.cxf.rs.security.httpsignature.exception.DifferentAlgorithmsException in project cxf by apache.

the class TomitribeSignatureValidator method validate.

@Override
public void validate(Map<String, List<String>> messageHeaders, AlgorithmProvider algorithmProvider, KeyProvider keyProvider, SecurityProvider securityProvider, String method, String uri, List<String> requiredHeaders) {
    Signature signature = extractSignatureFromHeader(messageHeaders.get("Signature").get(0));
    String providedAlgorithm = algorithmProvider.getAlgorithmName(signature.getKeyId());
    String signatureAlgorithm = signature.getAlgorithm().toString();
    if (!providedAlgorithm.equals(signatureAlgorithm)) {
        throw new DifferentAlgorithmsException("signature algorithm from header and provided are different");
    }
    Key key = keyProvider.getKey(signature.getKeyId());
    java.security.Provider provider = securityProvider != null ? securityProvider.getProvider(signature.getKeyId()) : null;
    runVerifier(messageHeaders, key, signature, provider, method, uri, requiredHeaders);
}

Also used : Signature(org.tomitribe.auth.signatures.Signature) Key(java.security.Key) DifferentAlgorithmsException(org.apache.cxf.rs.security.httpsignature.exception.DifferentAlgorithmsException)

Aggregations

Key (java.security.Key)1 DifferentAlgorithmsException (org.apache.cxf.rs.security.httpsignature.exception.DifferentAlgorithmsException)1 Signature (org.tomitribe.auth.signatures.Signature)1