Example 1 with JwtToken
use of org.apache.cxf.rs.security.jose.jwt.JwtToken in project cxf by apache.
the class JwsCompactReaderWriterTest method testJwsPsSha.
@Test
public void testJwsPsSha() throws Exception {
Security.addProvider(new BouncyCastleProvider());
try {
JwsHeaders outHeaders = new JwsHeaders();
outHeaders.setSignatureAlgorithm(SignatureAlgorithm.PS256);
JwsCompactProducer producer = initSpecJwtTokenWriter(outHeaders);
PrivateKey privateKey = CryptoUtils.getRSAPrivateKey(RSA_MODULUS_ENCODED, RSA_PRIVATE_EXPONENT_ENCODED);
String signed = producer.signWith(new PrivateKeyJwsSignatureProvider(privateKey, SignatureAlgorithm.PS256));
JwsJwtCompactConsumer jws = new JwsJwtCompactConsumer(signed);
RSAPublicKey key = CryptoUtils.getRSAPublicKey(RSA_MODULUS_ENCODED, RSA_PUBLIC_EXPONENT_ENCODED);
assertTrue(jws.verifySignatureWith(new PublicKeyJwsSignatureVerifier(key, SignatureAlgorithm.PS256)));
JwtToken token = jws.getJwtToken();
JwsHeaders inHeaders = new JwsHeaders(token.getJwsHeaders());
assertEquals(SignatureAlgorithm.PS256, inHeaders.getSignatureAlgorithm());
validateSpecClaim(token.getClaims());
} finally {
Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME);
}
}
Also used :
JwtToken(org.apache.cxf.rs.security.jose.jwt.JwtToken)
PrivateKey(java.security.PrivateKey)
ECPrivateKey(java.security.interfaces.ECPrivateKey)
RSAPublicKey(java.security.interfaces.RSAPublicKey)
BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider)
Test(org.junit.Test)
Example 2 with JwtToken
use of org.apache.cxf.rs.security.jose.jwt.JwtToken in project cxf by apache.
the class JwsCompactReaderWriterTest method testReadJwsWithJwkSignedByMac.
@Test
public void testReadJwsWithJwkSignedByMac() throws Exception {
JwsJwtCompactConsumer jws = new JwsJwtCompactConsumer(ENCODED_TOKEN_WITH_JSON_KEY_SIGNED_BY_MAC);
assertTrue(jws.verifySignatureWith(new HmacJwsSignatureVerifier(ENCODED_MAC_KEY, SignatureAlgorithm.HS256)));
JwtToken token = jws.getJwtToken();
JwsHeaders headers = new JwsHeaders(token.getJwsHeaders());
assertEquals(JoseType.JWT, headers.getType());
assertEquals(SignatureAlgorithm.HS256, headers.getSignatureAlgorithm());
JsonWebKey key = headers.getJsonWebKey();
assertEquals(KeyType.OCTET, key.getKeyType());
List<KeyOperation> keyOps = key.getKeyOperation();
assertEquals(2, keyOps.size());
assertEquals(KeyOperation.SIGN, keyOps.get(0));
assertEquals(KeyOperation.VERIFY, keyOps.get(1));
validateSpecClaim(token.getClaims());
}
Also used :
JwtToken(org.apache.cxf.rs.security.jose.jwt.JwtToken)
KeyOperation(org.apache.cxf.rs.security.jose.jwk.KeyOperation)
JsonWebKey(org.apache.cxf.rs.security.jose.jwk.JsonWebKey)
Test(org.junit.Test)
Example 3 with JwtToken
use of org.apache.cxf.rs.security.jose.jwt.JwtToken in project cxf by apache.
the class JwsCompactReaderWriterTest method doTestWriteJwsWithJwkSignedByMac.
private void doTestWriteJwsWithJwkSignedByMac(Object jsonWebKey) throws Exception {
JwsHeaders headers = new JwsHeaders();
headers.setType(JoseType.JWT);
headers.setSignatureAlgorithm(SignatureAlgorithm.HS256);
headers.setHeader(JoseConstants.HEADER_JSON_WEB_KEY, jsonWebKey);
JwtClaims claims = new JwtClaims();
claims.setIssuer("joe");
claims.setExpiryTime(1300819380L);
claims.setClaim("http://example.com/is_root", Boolean.TRUE);
JwtToken token = new JwtToken(headers, claims);
JwsCompactProducer jws = new JwsJwtCompactProducer(token, getWriter());
jws.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY, SignatureAlgorithm.HS256));
assertEquals(ENCODED_TOKEN_WITH_JSON_KEY_SIGNED_BY_MAC, jws.getSignedEncodedJws());
}Example 4 with JwtToken
use of org.apache.cxf.rs.security.jose.jwt.JwtToken in project cxf by apache.
the class JwsCompactReaderWriterTest method testWriteReadJwsSignedByESPrivateKey.
@Test
public void testWriteReadJwsSignedByESPrivateKey() throws Exception {
JwsHeaders headers = new JwsHeaders();
headers.setSignatureAlgorithm(SignatureAlgorithm.ES256);
JwsCompactProducer jws = initSpecJwtTokenWriter(headers);
ECPrivateKey privateKey = CryptoUtils.getECPrivateKey(JsonWebKey.EC_CURVE_P256, EC_PRIVATE_KEY_ENCODED);
jws.signWith(new EcDsaJwsSignatureProvider(privateKey, SignatureAlgorithm.ES256));
String signedJws = jws.getSignedEncodedJws();
ECPublicKey publicKey = CryptoUtils.getECPublicKey(JsonWebKey.EC_CURVE_P256, EC_X_POINT_ENCODED, EC_Y_POINT_ENCODED);
JwsJwtCompactConsumer jwsConsumer = new JwsJwtCompactConsumer(signedJws);
assertTrue(jwsConsumer.verifySignatureWith(new EcDsaJwsSignatureVerifier(publicKey, SignatureAlgorithm.ES256)));
JwtToken token = jwsConsumer.getJwtToken();
JwsHeaders headersReceived = new JwsHeaders(token.getJwsHeaders());
assertEquals(SignatureAlgorithm.ES256, headersReceived.getSignatureAlgorithm());
validateSpecClaim(token.getClaims());
}
Also used :
JwtToken(org.apache.cxf.rs.security.jose.jwt.JwtToken)
ECPrivateKey(java.security.interfaces.ECPrivateKey)
ECPublicKey(java.security.interfaces.ECPublicKey)
Test(org.junit.Test)
Example 5 with JwtToken
use of org.apache.cxf.rs.security.jose.jwt.JwtToken in project cxf by apache.
the class JwsCompactReaderWriterTest method testReadJwsSignedByPrivateKey.
@Test
public void testReadJwsSignedByPrivateKey() throws Exception {
JwsJwtCompactConsumer jws = new JwsJwtCompactConsumer(ENCODED_TOKEN_SIGNED_BY_PRIVATE_KEY);
RSAPublicKey key = CryptoUtils.getRSAPublicKey(RSA_MODULUS_ENCODED, RSA_PUBLIC_EXPONENT_ENCODED);
assertTrue(jws.verifySignatureWith(new PublicKeyJwsSignatureVerifier(key, SignatureAlgorithm.RS256)));
JwtToken token = jws.getJwtToken();
JwsHeaders headers = new JwsHeaders(token.getJwsHeaders());
assertEquals(SignatureAlgorithm.RS256, headers.getSignatureAlgorithm());
validateSpecClaim(token.getClaims());
}
Also used :
JwtToken(org.apache.cxf.rs.security.jose.jwt.JwtToken)
RSAPublicKey(java.security.interfaces.RSAPublicKey)
Test(org.junit.Test)
Aggregations
JwtToken (org.apache.cxf.rs.security.jose.jwt.JwtToken)132
JwtClaims (org.apache.cxf.rs.security.jose.jwt.JwtClaims)62
JwsJwtCompactConsumer (org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer)61
WebClient (org.apache.cxf.jaxrs.client.WebClient)57
URL (java.net.URL)56
Response (javax.ws.rs.core.Response)54
ArrayList (java.util.ArrayList)44
HashMap (java.util.HashMap)38
JacksonJsonProvider (com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider)35
JwtAuthenticationClientFilter (org.apache.cxf.rs.security.jose.jaxrs.JwtAuthenticationClientFilter)35
JWTTokenProvider (org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider)33
Book (org.apache.cxf.systest.jaxrs.security.Book)28
Date (java.util.Date)20
JwsHeaders (org.apache.cxf.rs.security.jose.jws.JwsHeaders)20
JwsJwtCompactProducer (org.apache.cxf.rs.security.jose.jws.JwsJwtCompactProducer)19
KeyStore (java.security.KeyStore)14
JAXBElement (javax.xml.bind.JAXBElement)13
Crypto (org.apache.wss4j.common.crypto.Crypto)13
X509Certificate (java.security.cert.X509Certificate)12
Element (org.w3c.dom.Element)12
