Example 16 with JwsSignatureVerifier
use of org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier in project cxf by apache.
the class JwsJsonClientResponseFilter method filter.
@Override
public void filter(ClientRequestContext req, ClientResponseContext res) throws IOException {
if (isMethodWithNoContent(req.getMethod()) || isStatusCodeWithNoContent(res.getStatus()) || isCheckEmptyStream() && !res.hasEntity()) {
return;
}
final String content = IOUtils.readStringFromStream(res.getEntityStream());
if (StringUtils.isEmpty(content)) {
return;
}
JwsSignatureVerifier theSigVerifier = getInitializedSigVerifier();
JwsJsonConsumer c = new JwsJsonConsumer(content);
validate(c, theSigVerifier);
byte[] bytes = c.getDecodedJwsPayloadBytes();
res.setEntityStream(new ByteArrayInputStream(bytes));
res.getHeaders().putSingle("Content-Length", Integer.toString(bytes.length));
// the list is guaranteed to be non-empty
JwsJsonSignatureEntry sigEntry = c.getSignatureEntries().get(0);
String ct = JoseUtils.checkContentType(sigEntry.getUnionHeader().getContentType(), getDefaultMediaType());
if (ct != null) {
res.getHeaders().putSingle("Content-Type", ct);
}
}
Also used :
JwsSignatureVerifier(org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier)
ByteArrayInputStream(java.io.ByteArrayInputStream)
JwsJsonSignatureEntry(org.apache.cxf.rs.security.jose.jws.JwsJsonSignatureEntry)
JwsJsonConsumer(org.apache.cxf.rs.security.jose.jws.JwsJsonConsumer)
Example 17 with JwsSignatureVerifier
use of org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier in project cxf by apache.
the class JoseClientCodeStateManager method fromRedirectState.
@Override
public MultivaluedMap<String, String> fromRedirectState(MessageContext mc, MultivaluedMap<String, String> redirectState) {
String stateParam = redirectState.getFirst(OAuthConstants.STATE);
if (storeInSession) {
stateParam = OAuthUtils.getSessionToken(mc, stateParam);
}
JweDecryptionProvider jwe = getInitializedDecryptionProvider();
if (jwe != null) {
stateParam = jwe.decrypt(stateParam).getContentText();
}
JwsCompactConsumer jws = new JwsCompactConsumer(stateParam);
JwsSignatureVerifier theSigVerifier = getInitializedSigVerifier();
if (!jws.verifySignatureWith(theSigVerifier)) {
throw new SecurityException();
}
String json = jws.getUnsignedEncodedSequence();
Map<String, List<String>> map = CastUtils.cast((Map<?, ?>) jsonp.fromJson(json));
// NOPMD
return (MultivaluedMap<String, String>) map;
}
Also used :
JwsSignatureVerifier(org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier)
JwsCompactConsumer(org.apache.cxf.rs.security.jose.jws.JwsCompactConsumer)
JweDecryptionProvider(org.apache.cxf.rs.security.jose.jwe.JweDecryptionProvider)
List(java.util.List)
MultivaluedMap(javax.ws.rs.core.MultivaluedMap)
Aggregations
JwsSignatureVerifier (org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier)17
JwsCompactConsumer (org.apache.cxf.rs.security.jose.jws.JwsCompactConsumer)5
ByteArrayInputStream (java.io.ByteArrayInputStream)4
JweDecryptionProvider (org.apache.cxf.rs.security.jose.jwe.JweDecryptionProvider)4
JwsJwtCompactConsumer (org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer)4
List (java.util.List)3
JsonWebKey (org.apache.cxf.rs.security.jose.jwk.JsonWebKey)3
JwsJsonConsumer (org.apache.cxf.rs.security.jose.jws.JwsJsonConsumer)3
Principal (java.security.Principal)2
Date (java.util.Date)2
Map (java.util.Map)2
Properties (java.util.Properties)2
MultivaluedMap (javax.ws.rs.core.MultivaluedMap)2
SignatureAlgorithm (org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm)2
JwsException (org.apache.cxf.rs.security.jose.jws.JwsException)2
JwsJsonSignatureEntry (org.apache.cxf.rs.security.jose.jws.JwsJsonSignatureEntry)2
JwtClaims (org.apache.cxf.rs.security.jose.jwt.JwtClaims)2
JwtToken (org.apache.cxf.rs.security.jose.jwt.JwtToken)2
Generators (com.fasterxml.uuid.Generators)1
RandomBasedGenerator (com.fasterxml.uuid.impl.RandomBasedGenerator)1
