Example 86 with JSONArray
use of org.codehaus.jettison.json.JSONArray in project oxAuth by GluuFederation.
the class JwtUtil method getPublicKey.
public static PublicKey getPublicKey(String jwksUri, String jwks, SignatureAlgorithm signatureAlgorithm, String keyId) {
log.debug("Retrieving JWK...");
JSONObject jsonKeyValue = getJsonKey(jwksUri, jwks, keyId);
if (jsonKeyValue == null) {
return null;
}
org.xdi.oxauth.model.crypto.PublicKey publicKey = null;
try {
String resultKeyId = jsonKeyValue.getString(KEY_ID);
if (signatureAlgorithm == null) {
signatureAlgorithm = SignatureAlgorithm.fromString(jsonKeyValue.getString(ALGORITHM));
if (signatureAlgorithm == null) {
log.error(String.format("Failed to determine key '%s' signature algorithm", resultKeyId));
return null;
}
}
JSONObject jsonPublicKey = jsonKeyValue;
if (jsonKeyValue.has(PUBLIC_KEY)) {
// Use internal jwks.json format
jsonPublicKey = jsonKeyValue.getJSONObject(PUBLIC_KEY);
}
if (signatureAlgorithm == SignatureAlgorithm.RS256 || signatureAlgorithm == SignatureAlgorithm.RS384 || signatureAlgorithm == SignatureAlgorithm.RS512) {
//String alg = jsonKeyValue.getString(ALGORITHM);
//String use = jsonKeyValue.getString(KEY_USE);
String exp = jsonPublicKey.getString(EXPONENT);
String mod = jsonPublicKey.getString(MODULUS);
BigInteger publicExponent = new BigInteger(1, Base64Util.base64urldecode(exp));
BigInteger modulus = new BigInteger(1, Base64Util.base64urldecode(mod));
publicKey = new RSAPublicKey(modulus, publicExponent);
} else if (signatureAlgorithm == SignatureAlgorithm.ES256 || signatureAlgorithm == SignatureAlgorithm.ES384 || signatureAlgorithm == SignatureAlgorithm.ES512) {
//String alg = jsonKeyValue.getString(ALGORITHM);
//String use = jsonKeyValue.getString(KEY_USE);
//String crv = jsonKeyValue.getString(CURVE);
String xx = jsonPublicKey.getString(X);
String yy = jsonPublicKey.getString(Y);
BigInteger x = new BigInteger(1, Base64Util.base64urldecode(xx));
BigInteger y = new BigInteger(1, Base64Util.base64urldecode(yy));
publicKey = new ECDSAPublicKey(signatureAlgorithm, x, y);
}
if (publicKey != null && jsonKeyValue.has(CERTIFICATE_CHAIN)) {
final String BEGIN = "-----BEGIN CERTIFICATE-----";
final String END = "-----END CERTIFICATE-----";
JSONArray certChain = jsonKeyValue.getJSONArray(CERTIFICATE_CHAIN);
String certificateString = BEGIN + "\n" + certChain.getString(0) + "\n" + END;
StringReader sr = new StringReader(certificateString);
PEMParser pemReader = new PEMParser(sr);
X509Certificate cert = (X509CertificateObject) pemReader.readObject();
Certificate certificate = new Certificate(signatureAlgorithm, cert);
publicKey.setCertificate(certificate);
}
if (publicKey != null) {
publicKey.setKeyId(resultKeyId);
publicKey.setSignatureAlgorithm(signatureAlgorithm);
}
} catch (Exception ex) {
log.error(ex.getMessage(), ex);
}
return publicKey;
}
Also used :
JSONArray(org.codehaus.jettison.json.JSONArray)
PublicKey(org.xdi.oxauth.model.crypto.PublicKey)
X509Certificate(java.security.cert.X509Certificate)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
JSONObject(org.codehaus.jettison.json.JSONObject)
RSAPublicKey(org.xdi.oxauth.model.crypto.signature.RSAPublicKey)
PEMParser(org.bouncycastle.openssl.PEMParser)
X509CertificateObject(org.bouncycastle.jce.provider.X509CertificateObject)
StringReader(java.io.StringReader)
BigInteger(java.math.BigInteger)
ECDSAPublicKey(org.xdi.oxauth.model.crypto.signature.ECDSAPublicKey)
X509Certificate(java.security.cert.X509Certificate)
Certificate(org.xdi.oxauth.model.crypto.Certificate)
Example 87 with JSONArray
use of org.codehaus.jettison.json.JSONArray in project oxAuth by GluuFederation.
the class AbstractCryptoProvider method getPublicKey.
public PublicKey getPublicKey(String alias, JSONObject jwks) throws Exception {
java.security.PublicKey publicKey = null;
JSONArray webKeys = jwks.getJSONArray(JSON_WEB_KEY_SET);
for (int i = 0; i < webKeys.length(); i++) {
JSONObject key = webKeys.getJSONObject(i);
if (alias.equals(key.getString(KEY_ID))) {
SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.fromString(key.getString(ALGORITHM));
if (signatureAlgorithm != null) {
if (signatureAlgorithm.getFamily().equals(SignatureAlgorithmFamily.RSA)) {
publicKey = new RSAPublicKeyImpl(new BigInteger(1, Base64Util.base64urldecode(key.getString(MODULUS))), new BigInteger(1, Base64Util.base64urldecode(key.getString(EXPONENT))));
} else if (signatureAlgorithm.getFamily().equals(SignatureAlgorithmFamily.EC)) {
AlgorithmParameters parameters = AlgorithmParameters.getInstance(SignatureAlgorithmFamily.EC);
parameters.init(new ECGenParameterSpec(signatureAlgorithm.getCurve().getAlias()));
ECParameterSpec ecParameters = parameters.getParameterSpec(ECParameterSpec.class);
publicKey = KeyFactory.getInstance(SignatureAlgorithmFamily.EC).generatePublic(new ECPublicKeySpec(new ECPoint(new BigInteger(1, Base64Util.base64urldecode(key.getString(X))), new BigInteger(1, Base64Util.base64urldecode(key.getString(Y)))), ecParameters));
}
}
}
}
return publicKey;
}
Also used :
RSAPublicKeyImpl(sun.security.rsa.RSAPublicKeyImpl)
JSONArray(org.codehaus.jettison.json.JSONArray)
ECGenParameterSpec(java.security.spec.ECGenParameterSpec)
PublicKey(java.security.PublicKey)
SignatureAlgorithm(org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm)
ECPoint(java.security.spec.ECPoint)
ECPoint(java.security.spec.ECPoint)
ECPublicKeySpec(java.security.spec.ECPublicKeySpec)
JSONObject(org.codehaus.jettison.json.JSONObject)
ECParameterSpec(java.security.spec.ECParameterSpec)
BigInteger(java.math.BigInteger)
AlgorithmParameters(java.security.AlgorithmParameters)
Example 88 with JSONArray
use of org.codehaus.jettison.json.JSONArray in project oxAuth by GluuFederation.
the class AbstractCryptoProvider method generateJwks.
public static JSONObject generateJwks(int keyRegenerationInterval, int idTokenLifeTime, AppConfiguration configuration) throws Exception {
JSONArray keys = new JSONArray();
GregorianCalendar expirationTime = new GregorianCalendar(TimeZone.getTimeZone("UTC"));
expirationTime.add(GregorianCalendar.HOUR, keyRegenerationInterval);
expirationTime.add(GregorianCalendar.SECOND, idTokenLifeTime);
AbstractCryptoProvider cryptoProvider = CryptoProviderFactory.getCryptoProvider(configuration);
try {
keys.put(cryptoProvider.generateKey(SignatureAlgorithm.RS256, expirationTime.getTimeInMillis()));
} catch (Exception ex) {
}
try {
keys.put(cryptoProvider.generateKey(SignatureAlgorithm.RS384, expirationTime.getTimeInMillis()));
} catch (Exception ex) {
}
try {
keys.put(cryptoProvider.generateKey(SignatureAlgorithm.RS512, expirationTime.getTimeInMillis()));
} catch (Exception ex) {
}
try {
keys.put(cryptoProvider.generateKey(SignatureAlgorithm.ES256, expirationTime.getTimeInMillis()));
} catch (Exception ex) {
}
try {
keys.put(cryptoProvider.generateKey(SignatureAlgorithm.ES384, expirationTime.getTimeInMillis()));
} catch (Exception ex) {
}
try {
keys.put(cryptoProvider.generateKey(SignatureAlgorithm.ES512, expirationTime.getTimeInMillis()));
} catch (Exception ex) {
}
JSONObject jsonObject = new JSONObject();
jsonObject.put(JSON_WEB_KEY_SET, keys);
return jsonObject;
}
Also used :
JSONObject(org.codehaus.jettison.json.JSONObject)
JSONArray(org.codehaus.jettison.json.JSONArray)
GregorianCalendar(java.util.GregorianCalendar)
JSONException(org.codehaus.jettison.json.JSONException)
Example 89 with JSONArray
use of org.codehaus.jettison.json.JSONArray in project oxAuth by GluuFederation.
the class JwtClaimSet method getClaimAsStringList.
public List<String> getClaimAsStringList(String key) {
List<String> list = new ArrayList<String>();
Object claims = getClaim(key);
try {
if (claims != null && claims instanceof JSONArray) {
JSONArray jsonArray = (JSONArray) claims;
for (int i = 0; i < jsonArray.length(); i++) {
list.add(jsonArray.getString(i));
}
} else {
String claim = getClaimAsString(key);
if (claim != null) {
list.add(claim);
}
}
} catch (JSONException e) {
}
return list;
}
Also used :
JSONArray(org.codehaus.jettison.json.JSONArray)
JSONException(org.codehaus.jettison.json.JSONException)
JSONObject(org.codehaus.jettison.json.JSONObject)
Example 90 with JSONArray
use of org.codehaus.jettison.json.JSONArray in project oxAuth by GluuFederation.
the class JwtClaimSet method toMap.
public Map<String, List<String>> toMap() throws InvalidJwtException {
Map<String, List<String>> map = new HashMap<String, java.util.List<String>>();
try {
for (Map.Entry<String, Object> claim : claims.entrySet()) {
String key = claim.getKey();
Object value = claim.getValue();
List<String> values = new ArrayList<String>();
if (value instanceof JSONArray) {
JSONArray jsonArray = (JSONArray) value;
for (int i = 0; i < jsonArray.length(); i++) {
values.add(jsonArray.getString(i));
}
} else if (value != null) {
values.add(value.toString());
}
map.put(key, values);
}
} catch (JSONException e) {
throw new InvalidJwtException(e);
}
return map;
}
Also used :
InvalidJwtException(org.xdi.oxauth.model.exception.InvalidJwtException)
JSONArray(org.codehaus.jettison.json.JSONArray)
JSONException(org.codehaus.jettison.json.JSONException)
java.util(java.util)
JSONObject(org.codehaus.jettison.json.JSONObject)
Aggregations
JSONArray (org.codehaus.jettison.json.JSONArray)338
JSONObject (org.codehaus.jettison.json.JSONObject)280
Test (org.junit.Test)123
WebResource (com.sun.jersey.api.client.WebResource)65
ClientResponse (com.sun.jersey.api.client.ClientResponse)64
JSONException (org.codehaus.jettison.json.JSONException)64
ArrayList (java.util.ArrayList)38
Test (org.testng.annotations.Test)30
Map (java.util.Map)23
HashMap (java.util.HashMap)22
Vertex (com.tinkerpop.blueprints.Vertex)20
Job (org.apache.hadoop.mapreduce.v2.app.job.Job)20
Produces (javax.ws.rs.Produces)17
MockNM (org.apache.hadoop.yarn.server.resourcemanager.MockNM)14
GET (javax.ws.rs.GET)13
RMApp (org.apache.hadoop.yarn.server.resourcemanager.rmapp.RMApp)13
IOException (java.io.IOException)12
JobId (org.apache.hadoop.mapreduce.v2.api.records.JobId)12
HashSet (java.util.HashSet)10
MultivaluedMapImpl (com.sun.jersey.core.util.MultivaluedMapImpl)9
