use of org.apereo.cas.token.cipher.TokenTicketCipherExecutor in project cas by apereo.
the class TokenCoreConfiguration method tokenCipherExecutor.
@Bean
@RefreshScope
@ConditionalOnMissingBean(name = "tokenCipherExecutor")
public CipherExecutor tokenCipherExecutor() {
final EncryptionOptionalSigningJwtCryptographyProperties crypto = casProperties.getAuthn().getToken().getCrypto();
boolean enabled = crypto.isEnabled();
if (!enabled && (StringUtils.isNotBlank(crypto.getEncryption().getKey())) && StringUtils.isNotBlank(crypto.getSigning().getKey())) {
LOGGER.warn("Token encryption/signing is not enabled explicitly in the configuration, yet signing/encryption keys " + "are defined for operations. CAS will proceed to enable the token encryption/signing functionality.");
enabled = true;
}
if (enabled) {
return new TokenTicketCipherExecutor(crypto.getEncryption().getKey(), crypto.getSigning().getKey(), crypto.getAlg(), crypto.isEncryptionEnabled());
}
LOGGER.info("Token cookie encryption/signing is turned off. This " + "MAY NOT be safe in a production environment. Consider using other choices to handle encryption, " + "signing and verification of generated tokens.");
return CipherExecutor.noOp();
}
use of org.apereo.cas.token.cipher.TokenTicketCipherExecutor in project cas by apereo.
the class TokenWebApplicationServiceResponseBuilderTests method verifyDecrypt.
@Test
public void verifyDecrypt() {
final String jwt = "eyJhbGciOiJIUzUxMiJ9.WlhsS05tRllRV2xQYVVwRlVsVlphVXhEU21oaVIyTnBUMmxLYT" + "JGWVNXbE1RMHBzWW0xTmFVOXBTa0pOVkVrMFVUQktSRXhWYUZSTmFsVXlTVzR3TGk0M2JEVnNWVk5PWW5OTGFYbDNh" + "MHhoTUhoUlIxZEJMa053VmpVNVEzTlpTVlprUm5wUVRYbFBjakoyU1MxdVJ6TlVZVGx2Y0ZSM1JUVXdhMnhZWW1sNmNu" + "Wm5VM00zUW5OTk1FRTVNWGQxWldobFdFUndUVk5DWkhRek4yaDRlV3RuTjJGUWIydGFkMjlxZEdkQmVUQXpWV0k0UWpkSF" + "drc3RSM2d3ZEdsbVN6bDFTMHd3WlVsQ1FsbGFiVzVZWWs1UmRFaFpVMjVyU21GQmRIWjBaWEowVkVscmQxaENTelZyUkRkW" + "FFtcDBPVXB6YkVkYVJEaHVVRzVXT0VwaVZXSTRPWFp2Um5SRk0waHhaMUJXY1VkUWVIWlVhalEzYUROeWJsVXliamhhTkdaZl" + "JqQnFUMEZ2U2s1Q1IycHNUVTVoWDJ0cVZVazNlVmQxT1dSNmJFVldUVWxyUlVwS05VeGFSa040TTAxR2RqRlpkREZ2VGtGdVZVY3h" + "SMmczVUhSS0xUaFFkRWxOT0dSbFpYTTJiSGt5Y1hZMWFWQlFaa2hwVVVGSFduRjFkM0V5YkdwVWVIcFNNSEV0V25sSFNISjNSbFpwV0h" + "kdmREUk9UWFJPU1Y5T2JFTnhkMGhOYW5SRFZrSlljMFYwVERsRFpEQjBUMGRqWjNCNWRXeGZTWEJXZEVneFduRlhSbHBPVkZGaldrMVlZ" + "alExUzNOdFVURmZabU54UkU5SGNsUlVTa2g1ZEVwS2JWaEdla0pDY3pGUlZVMXdXVWs0TjFwVE9IVnVPSFJ4VlZrdWEzSkNOMFk0T1hKc" + "U5td3lhMXB1WVZOcE1WUndVUT09.RFGa_ZuEtvPm7vnl0O3Z5D1waPDIbqxiDFTE8WU5zm7ssKACNPA0hRiJIM0Lo5Vs4ATh06LitXmhzxY5Ix9iyA";
final String signingSecret = "EihBwA3OuDQMm4gdWzkqRJ87596G7o7a_naJAJipxFoRJbXK7APRcnCA91Y30rJdh4q-C2dmpfV6eNhQT0bR5A";
final String encryptionSecret = "dJ2YpUd-r_Qd7e3nDm79WiIHkqaLT8yZt6nN5eG0YnE";
final TokenTicketCipherExecutor cipher = new TokenTicketCipherExecutor(encryptionSecret, signingSecret, true);
final String result = cipher.decode(jwt);
assertNotNull(result);
}
Aggregations