Examples with JwsVerificationSignature org.apache.cxf.rs.security.jose.jws.JwsVerificationSignature used on opensource projects

Search in sources :

Example 1 with JwsVerificationSignature

use of org.apache.cxf.rs.security.jose.jws.JwsVerificationSignature in project cxf by apache.

the class JwsMultipartSignatureInFilter method filter.

@Override
public void filter(List<Attachment> atts) {
    if (atts.size() < 2) {
        throw ExceptionUtils.toBadRequestException(null, null);
    }
    Attachment sigPart = atts.remove(atts.size() - 1);
    final String jwsSequence;
    try {
        jwsSequence = IOUtils.readStringFromStream(sigPart.getDataHandler().getInputStream());
    } catch (IOException ex) {
        throw ExceptionUtils.toBadRequestException(null, null);
    }
    final String base64UrlEncodedHeaders;
    final String base64UrlEncodedSignature;
    if (!useJwsJsonSignatureFormat) {
        String[] parts = JoseUtils.getCompactParts(jwsSequence);
        if (parts.length != 3 || !parts[1].isEmpty()) {
            throw ExceptionUtils.toBadRequestException(null, null);
        }
        base64UrlEncodedHeaders = parts[0];
        base64UrlEncodedSignature = parts[2];
    } else {
        Map<String, Object> parts = reader.fromJson(jwsSequence);
        if (parts.size() != 2 || !parts.containsKey("protected") || !parts.containsKey("signature")) {
            throw ExceptionUtils.toBadRequestException(null, null);
        }
        base64UrlEncodedHeaders = (String) parts.get("protected");
        base64UrlEncodedSignature = (String) parts.get("signature");
    }
    JwsHeaders headers = new JwsHeaders(new JsonMapObjectReaderWriter().fromJson(JoseUtils.decodeToString(base64UrlEncodedHeaders)));
    JoseUtils.traceHeaders(headers);
    if (Boolean.FALSE != headers.getPayloadEncodingStatus()) {
        throw ExceptionUtils.toBadRequestException(null, null);
    }
    final JwsSignatureVerifier theVerifier;
    if (verifier == null) {
        Properties props = KeyManagementUtils.loadStoreProperties(message, true, JoseConstants.RSSEC_SIGNATURE_IN_PROPS, JoseConstants.RSSEC_SIGNATURE_PROPS);
        theVerifier = JwsUtils.loadSignatureVerifier(message, props, headers);
    } else {
        theVerifier = verifier;
    }
    JwsVerificationSignature sig = theVerifier.createJwsVerificationSignature(headers);
    if (sig == null) {
        throw ExceptionUtils.toBadRequestException(null, null);
    }
    byte[] signatureBytes = JoseUtils.decode(base64UrlEncodedSignature);
    byte[] headerBytesWithDot = StringUtils.toBytesASCII(base64UrlEncodedHeaders + '.');
    sig.update(headerBytesWithDot, 0, headerBytesWithDot.length);
    int attSize = atts.size();
    for (int i = 0; i < attSize; i++) {
        Attachment dataPart = atts.get(i);
        final InputStream dataPartStream;
        try {
            dataPartStream = dataPart.getDataHandler().getDataSource().getInputStream();
        } catch (IOException ex) {
            throw ExceptionUtils.toBadRequestException(ex, null);
        }
        boolean verifyOnLastRead = i == attSize - 1 ? true : false;
        JwsInputStream jwsStream = new JwsInputStream(dataPartStream, sig, signatureBytes, verifyOnLastRead);
        final InputStream newStream;
        if (bufferPayload) {
            CachedOutputStream cos = new CachedOutputStream();
            try {
                IOUtils.copy(jwsStream, cos);
                newStream = cos.getInputStream();
            } catch (Exception ex) {
                throw ExceptionUtils.toBadRequestException(ex, null);
            }
        } else {
            newStream = jwsStream;
        }
        Attachment newDataPart = new Attachment(newStream, dataPart.getHeaders());
        atts.set(i, newDataPart);
    }
}
Also used : JwsInputStream(org.apache.cxf.rs.security.jose.jws.JwsInputStream) InputStream(java.io.InputStream) JsonMapObjectReaderWriter(org.apache.cxf.jaxrs.json.basic.JsonMapObjectReaderWriter) Attachment(org.apache.cxf.jaxrs.ext.multipart.Attachment) IOException(java.io.IOException) Properties(java.util.Properties) IOException(java.io.IOException) CachedOutputStream(org.apache.cxf.io.CachedOutputStream) JwsSignatureVerifier(org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier) JwsHeaders(org.apache.cxf.rs.security.jose.jws.JwsHeaders) JwsVerificationSignature(org.apache.cxf.rs.security.jose.jws.JwsVerificationSignature) JwsInputStream(org.apache.cxf.rs.security.jose.jws.JwsInputStream)

Aggregations

IOException (java.io.IOException)1 InputStream (java.io.InputStream)1 Properties (java.util.Properties)1 CachedOutputStream (org.apache.cxf.io.CachedOutputStream)1 Attachment (org.apache.cxf.jaxrs.ext.multipart.Attachment)1 JsonMapObjectReaderWriter (org.apache.cxf.jaxrs.json.basic.JsonMapObjectReaderWriter)1 JwsHeaders (org.apache.cxf.rs.security.jose.jws.JwsHeaders)1 JwsInputStream (org.apache.cxf.rs.security.jose.jws.JwsInputStream)1 JwsSignatureVerifier (org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier)1 JwsVerificationSignature (org.apache.cxf.rs.security.jose.jws.JwsVerificationSignature)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial