Examples with JwsJsonProducer org.apache.cxf.rs.security.jose.jws.JwsJsonProducer used on opensource projects

Search in sources :

Example 1 with JwsJsonProducer

use of org.apache.cxf.rs.security.jose.jws.JwsJsonProducer in project cxf by apache.

the class JwsJsonWriterInterceptor method aroundWriteTo.

@Override
public void aroundWriteTo(WriterInterceptorContext ctx) throws IOException, WebApplicationException {
    if (ctx.getEntity() == null) {
        ctx.proceed();
        return;
    }
    List<String> propLocs = getPropertyLocations();
    List<JwsHeaders> protectedHeaders = new ArrayList<>(propLocs.size());
    for (int i = 0; i < propLocs.size(); i++) {
        protectedHeaders.add(new JwsHeaders());
    }
    List<JwsSignatureProvider> sigProviders = getInitializedSigProviders(propLocs, protectedHeaders);
    OutputStream actualOs = ctx.getOutputStream();
    if (useJwsOutputStream) {
        List<String> encodedProtectedHeaders = new ArrayList<>(sigProviders.size());
        List<JwsSignature> signatures = new ArrayList<>(sigProviders.size());
        int size = sigProviders.size();
        for (int i = 0; i < size; i++) {
            JwsSignatureProvider signer = sigProviders.get(i);
            JwsHeaders protectedHeader = protectedHeaders.get(i);
            prepareProtectedHeader(protectedHeader, ctx, signer, size == 1);
            String encoded = Base64UrlUtility.encode(writer.toJson(protectedHeader));
            encodedProtectedHeaders.add(encoded);
            JwsSignature signature = signer.createJwsSignature(protectedHeader);
            byte[] start = StringUtils.toBytesUTF8(encoded + ".");
            signature.update(start, 0, start.length);
            signatures.add(signature);
        }
        ctx.setMediaType(JAXRSUtils.toMediaType(JoseConstants.MEDIA_TYPE_JOSE_JSON));
        actualOs.write(StringUtils.toBytesUTF8("{\"payload\":\""));
        JwsJsonOutputStream jwsStream = new JwsJsonOutputStream(actualOs, encodedProtectedHeaders, signatures);
        Base64UrlOutputStream base64Stream = null;
        if (encodePayload) {
            base64Stream = new Base64UrlOutputStream(jwsStream);
            ctx.setOutputStream(base64Stream);
        } else {
            ctx.setOutputStream(jwsStream);
        }
        ctx.proceed();
        if (base64Stream != null) {
            base64Stream.flush();
        }
        jwsStream.flush();
    } else {
        CachedOutputStream cos = new CachedOutputStream();
        ctx.setOutputStream(cos);
        ctx.proceed();
        JwsJsonProducer p = new JwsJsonProducer(new String(cos.getBytes(), StandardCharsets.UTF_8));
        int size = sigProviders.size();
        for (int i = 0; i < size; i++) {
            JwsSignatureProvider signer = sigProviders.get(i);
            JwsHeaders protectedHeader = protectedHeaders.get(i);
            prepareProtectedHeader(protectedHeader, ctx, signer, size == 1);
            p.signWith(signer, protectedHeader, null);
        }
        ctx.setMediaType(JAXRSUtils.toMediaType(JoseConstants.MEDIA_TYPE_JOSE_JSON));
        writeJws(p, actualOs);
    }
}
Also used : JwsSignature(org.apache.cxf.rs.security.jose.jws.JwsSignature) OutputStream(java.io.OutputStream) Base64UrlOutputStream(org.apache.cxf.common.util.Base64UrlOutputStream) JwsJsonOutputStream(org.apache.cxf.rs.security.jose.jws.JwsJsonOutputStream) CachedOutputStream(org.apache.cxf.io.CachedOutputStream) ArrayList(java.util.ArrayList) CachedOutputStream(org.apache.cxf.io.CachedOutputStream) JwsHeaders(org.apache.cxf.rs.security.jose.jws.JwsHeaders) JwsJsonOutputStream(org.apache.cxf.rs.security.jose.jws.JwsJsonOutputStream) Base64UrlOutputStream(org.apache.cxf.common.util.Base64UrlOutputStream) JwsJsonProducer(org.apache.cxf.rs.security.jose.jws.JwsJsonProducer) JwsSignatureProvider(org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider)

Example 2 with JwsJsonProducer

use of org.apache.cxf.rs.security.jose.jws.JwsJsonProducer in project cxf by apache.

the class JwsJoseCookBookTest method testDetachedHMACSignature.

@SuppressWarnings("deprecation")
@Test
public void testDetachedHMACSignature() throws Exception {
    JwsCompactProducer compactProducer = new JwsCompactProducer(PAYLOAD, true);
    compactProducer.getJwsHeaders().setSignatureAlgorithm(SignatureAlgorithm.HS256);
    compactProducer.getJwsHeaders().setKeyId(HMAC_KID_VALUE);
    JsonMapObjectReaderWriter reader = new JsonMapObjectReaderWriter();
    assertEquals(reader.toJson(compactProducer.getJwsHeaders().asMap()), HMAC_SIGNATURE_PROTECTED_HEADER_JSON);
    assertEquals(compactProducer.getUnsignedEncodedJws(), HMAC_SIGNATURE_PROTECTED_HEADER + ".");
    JsonWebKeys jwks = readKeySet("cookbookSecretSet.txt");
    List<JsonWebKey> keys = jwks.getKeys();
    JsonWebKey key = keys.get(0);
    compactProducer.signWith(key);
    assertEquals(compactProducer.getSignedEncodedJws(), DETACHED_HMAC_JWS);
    JwsCompactConsumer compactConsumer = new JwsCompactConsumer(compactProducer.getSignedEncodedJws(), ENCODED_PAYLOAD);
    assertTrue(compactConsumer.verifySignatureWith(key, SignatureAlgorithm.HS256));
    JwsJsonProducer jsonProducer = new JwsJsonProducer(PAYLOAD);
    assertEquals(jsonProducer.getPlainPayload(), PAYLOAD);
    assertEquals(jsonProducer.getUnsignedEncodedPayload(), ENCODED_PAYLOAD);
    JwsHeaders protectedHeader = new JwsHeaders();
    protectedHeader.setSignatureAlgorithm(SignatureAlgorithm.HS256);
    protectedHeader.setKeyId(HMAC_KID_VALUE);
    jsonProducer.signWith(JwsUtils.getSignatureProvider(key, SignatureAlgorithm.HS256), protectedHeader);
    assertEquals(jsonProducer.getJwsJsonSignedDocument(true), HMAC_DETACHED_JSON_GENERAL_SERIALIZATION);
    JwsJsonConsumer jsonConsumer = new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument(true), ENCODED_PAYLOAD);
    assertTrue(jsonConsumer.verifySignatureWith(key, SignatureAlgorithm.HS256));
    jsonProducer = new JwsJsonProducer(PAYLOAD, true);
    jsonProducer.signWith(JwsUtils.getSignatureProvider(key, SignatureAlgorithm.HS256), protectedHeader);
    assertEquals(jsonProducer.getJwsJsonSignedDocument(true), HMAC_DETACHED_JSON_FLATTENED_SERIALIZATION);
    jsonConsumer = new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument(true), ENCODED_PAYLOAD);
    assertTrue(jsonConsumer.verifySignatureWith(key, SignatureAlgorithm.HS256));
}
Also used : JwsHeaders(org.apache.cxf.rs.security.jose.jws.JwsHeaders) JwsCompactConsumer(org.apache.cxf.rs.security.jose.jws.JwsCompactConsumer) JwsCompactProducer(org.apache.cxf.rs.security.jose.jws.JwsCompactProducer) JsonWebKeys(org.apache.cxf.rs.security.jose.jwk.JsonWebKeys) JsonMapObjectReaderWriter(org.apache.cxf.jaxrs.json.basic.JsonMapObjectReaderWriter) JsonWebKey(org.apache.cxf.rs.security.jose.jwk.JsonWebKey) JwsJsonProducer(org.apache.cxf.rs.security.jose.jws.JwsJsonProducer) JwsJsonConsumer(org.apache.cxf.rs.security.jose.jws.JwsJsonConsumer) Test(org.junit.Test)

Example 3 with JwsJsonProducer

use of org.apache.cxf.rs.security.jose.jws.JwsJsonProducer in project cxf by apache.

the class JwsJoseCookBookTest method testProtectingSpecificHeaderFieldsSignature.

@Test
public void testProtectingSpecificHeaderFieldsSignature() throws Exception {
    JwsJsonProducer jsonProducer = new JwsJsonProducer(PAYLOAD);
    assertEquals(jsonProducer.getPlainPayload(), PAYLOAD);
    assertEquals(jsonProducer.getUnsignedEncodedPayload(), ENCODED_PAYLOAD);
    JwsHeaders protectedHeader = new JwsHeaders();
    protectedHeader.setSignatureAlgorithm(SignatureAlgorithm.HS256);
    JwsHeaders unprotectedHeader = new JwsHeaders();
    unprotectedHeader.setKeyId(HMAC_KID_VALUE);
    JsonWebKeys jwks = readKeySet("cookbookSecretSet.txt");
    List<JsonWebKey> keys = jwks.getKeys();
    JsonWebKey key = keys.get(0);
    jsonProducer.signWith(JwsUtils.getSignatureProvider(key, SignatureAlgorithm.HS256), protectedHeader, unprotectedHeader);
    assertEquals(jsonProducer.getJwsJsonSignedDocument(), PROTECTING_SPECIFIC_HEADER_FIELDS_JSON_GENERAL_SERIALIZATION);
    JwsJsonConsumer jsonConsumer = new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument());
    assertTrue(jsonConsumer.verifySignatureWith(key, SignatureAlgorithm.HS256));
    jsonProducer = new JwsJsonProducer(PAYLOAD, true);
    jsonProducer.signWith(JwsUtils.getSignatureProvider(key, SignatureAlgorithm.HS256), protectedHeader, unprotectedHeader);
    assertEquals(jsonProducer.getJwsJsonSignedDocument(), PROTECTING_SPECIFIC_HEADER_FIELDS_JSON_FLATTENED_SERIALIZATION);
    jsonConsumer = new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument());
    assertTrue(jsonConsumer.verifySignatureWith(key, SignatureAlgorithm.HS256));
}
Also used : JwsHeaders(org.apache.cxf.rs.security.jose.jws.JwsHeaders) JsonWebKeys(org.apache.cxf.rs.security.jose.jwk.JsonWebKeys) JsonWebKey(org.apache.cxf.rs.security.jose.jwk.JsonWebKey) JwsJsonProducer(org.apache.cxf.rs.security.jose.jws.JwsJsonProducer) JwsJsonConsumer(org.apache.cxf.rs.security.jose.jws.JwsJsonConsumer) Test(org.junit.Test)

Example 4 with JwsJsonProducer

use of org.apache.cxf.rs.security.jose.jws.JwsJsonProducer in project cxf by apache.

the class JwsJoseCookBookTest method testRSAv15Signature.

@Test
public void testRSAv15Signature() throws Exception {
    JwsCompactProducer compactProducer = new JwsCompactProducer(PAYLOAD);
    compactProducer.getJwsHeaders().setSignatureAlgorithm(SignatureAlgorithm.RS256);
    compactProducer.getJwsHeaders().setKeyId(RSA_KID_VALUE);
    JsonMapObjectReaderWriter reader = new JsonMapObjectReaderWriter();
    assertEquals(reader.toJson(compactProducer.getJwsHeaders().asMap()), RSA_V1_5_SIGNATURE_PROTECTED_HEADER_JSON);
    assertEquals(compactProducer.getUnsignedEncodedJws(), RSA_V1_5_SIGNATURE_PROTECTED_HEADER + "." + ENCODED_PAYLOAD);
    JsonWebKeys jwks = readKeySet("cookbookPrivateSet.txt");
    List<JsonWebKey> keys = jwks.getKeys();
    JsonWebKey rsaKey = keys.get(1);
    compactProducer.signWith(rsaKey);
    assertEquals(compactProducer.getSignedEncodedJws(), RSA_V1_5_SIGNATURE_PROTECTED_HEADER + "." + ENCODED_PAYLOAD + "." + RSA_V1_5_SIGNATURE_VALUE);
    JwsCompactConsumer compactConsumer = new JwsCompactConsumer(compactProducer.getSignedEncodedJws());
    JsonWebKeys publicJwks = readKeySet("cookbookPublicSet.txt");
    List<JsonWebKey> publicKeys = publicJwks.getKeys();
    JsonWebKey rsaPublicKey = publicKeys.get(1);
    assertTrue(compactConsumer.verifySignatureWith(rsaPublicKey, SignatureAlgorithm.RS256));
    JwsJsonProducer jsonProducer = new JwsJsonProducer(PAYLOAD);
    assertEquals(jsonProducer.getPlainPayload(), PAYLOAD);
    assertEquals(jsonProducer.getUnsignedEncodedPayload(), ENCODED_PAYLOAD);
    JwsHeaders protectedHeader = new JwsHeaders();
    protectedHeader.setSignatureAlgorithm(SignatureAlgorithm.RS256);
    protectedHeader.setKeyId(RSA_KID_VALUE);
    jsonProducer.signWith(JwsUtils.getSignatureProvider(rsaKey, SignatureAlgorithm.RS256), protectedHeader);
    assertEquals(jsonProducer.getJwsJsonSignedDocument(), RSA_V1_5_JSON_GENERAL_SERIALIZATION);
    JwsJsonConsumer jsonConsumer = new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument());
    assertTrue(jsonConsumer.verifySignatureWith(rsaPublicKey, SignatureAlgorithm.RS256));
    jsonProducer = new JwsJsonProducer(PAYLOAD, true);
    jsonProducer.signWith(JwsUtils.getSignatureProvider(rsaKey, SignatureAlgorithm.RS256), protectedHeader);
    assertEquals(jsonProducer.getJwsJsonSignedDocument(), RSA_V1_5_JSON_FLATTENED_SERIALIZATION);
    jsonConsumer = new JwsJsonConsumer(jsonProducer.getJwsJsonSignedDocument());
    assertTrue(jsonConsumer.verifySignatureWith(rsaPublicKey, SignatureAlgorithm.RS256));
}
Also used : JwsHeaders(org.apache.cxf.rs.security.jose.jws.JwsHeaders) JwsCompactConsumer(org.apache.cxf.rs.security.jose.jws.JwsCompactConsumer) JwsCompactProducer(org.apache.cxf.rs.security.jose.jws.JwsCompactProducer) JsonWebKeys(org.apache.cxf.rs.security.jose.jwk.JsonWebKeys) JsonMapObjectReaderWriter(org.apache.cxf.jaxrs.json.basic.JsonMapObjectReaderWriter) JsonWebKey(org.apache.cxf.rs.security.jose.jwk.JsonWebKey) JwsJsonProducer(org.apache.cxf.rs.security.jose.jws.JwsJsonProducer) JwsJsonConsumer(org.apache.cxf.rs.security.jose.jws.JwsJsonConsumer) Test(org.junit.Test)

Example 5 with JwsJsonProducer

use of org.apache.cxf.rs.security.jose.jws.JwsJsonProducer in project cxf by apache.

the class ApacheCXFProducer method produceJsonJWS.

private void produceJsonJWS(String plainText, JsonWebKey key, JwsHeaders jwsHeaders, boolean flattened) {
    JwsJsonProducer jwsProducer = new JwsJsonProducer(plainText, flattened);
    JwsSignatureProvider jwsSignatureProvider = JwsUtils.getSignatureProvider(key, jwsHeaders.getSignatureAlgorithm());
    jwsProducer.signWith(jwsSignatureProvider, null, jwsHeaders);
}
Also used : JwsJsonProducer(org.apache.cxf.rs.security.jose.jws.JwsJsonProducer) JwsSignatureProvider(org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider)

Aggregations

JwsJsonProducer (org.apache.cxf.rs.security.jose.jws.JwsJsonProducer)10 JwsHeaders (org.apache.cxf.rs.security.jose.jws.JwsHeaders)9 JsonWebKey (org.apache.cxf.rs.security.jose.jwk.JsonWebKey)8 JsonWebKeys (org.apache.cxf.rs.security.jose.jwk.JsonWebKeys)8 JwsJsonConsumer (org.apache.cxf.rs.security.jose.jws.JwsJsonConsumer)8 Test (org.junit.Test)8 JsonMapObjectReaderWriter (org.apache.cxf.jaxrs.json.basic.JsonMapObjectReaderWriter)5 JwsCompactConsumer (org.apache.cxf.rs.security.jose.jws.JwsCompactConsumer)4 JwsCompactProducer (org.apache.cxf.rs.security.jose.jws.JwsCompactProducer)4 JwsSignatureProvider (org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider)2 BouncyCastleProvider (org.bouncycastle.jce.provider.BouncyCastleProvider)2 OutputStream (java.io.OutputStream)1 ArrayList (java.util.ArrayList)1 Base64UrlOutputStream (org.apache.cxf.common.util.Base64UrlOutputStream)1 CachedOutputStream (org.apache.cxf.io.CachedOutputStream)1 JwsJsonOutputStream (org.apache.cxf.rs.security.jose.jws.JwsJsonOutputStream)1 JwsSignature (org.apache.cxf.rs.security.jose.jws.JwsSignature)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial