Search in sources :

Example 1 with AbstractJwsSigner

use of org.gluu.oxauth.model.jws.AbstractJwsSigner in project oxAuth by GluuFederation.

the class JwtCrossCheckTest method validate.

private static void validate(String jwtAsString, OxAuthCryptoProvider cryptoProvider, String kid, SignatureAlgorithm signatureAlgorithm) throws Exception {
    SignedJWT signedJWT = SignedJWT.parse(jwtAsString);
    Jwt jwt = Jwt.parse(jwtAsString);
    JWSVerifier nimbusVerifier = null;
    AbstractJwsSigner oxauthVerifier = null;
    switch(signatureAlgorithm.getFamily()) {
        case EC:
            final ECKey ecKey = ECKey.load(cryptoProvider.getKeyStore(), kid, cryptoProvider.getKeyStoreSecret().toCharArray());
            final ECPublicKey ecPublicKey = ecKey.toECPublicKey();
            nimbusVerifier = new ECDSAVerifier(ecKey);
            oxauthVerifier = new ECDSASigner(jwt.getHeader().getSignatureAlgorithm(), new ECDSAPublicKey(jwt.getHeader().getSignatureAlgorithm(), ecPublicKey.getW().getAffineX(), ecPublicKey.getW().getAffineY()));
            break;
        case RSA:
            RSAKey rsaKey = RSAKey.load(cryptoProvider.getKeyStore(), kid, cryptoProvider.getKeyStoreSecret().toCharArray());
            final java.security.interfaces.RSAPublicKey rsaPublicKey = rsaKey.toRSAPublicKey();
            nimbusVerifier = new RSASSAVerifier(rsaKey);
            oxauthVerifier = new RSASigner(signatureAlgorithm, new RSAPublicKey(rsaPublicKey.getModulus(), rsaPublicKey.getPublicExponent()));
            break;
    }
    assertNotNull(nimbusVerifier);
    assertNotNull(oxauthVerifier);
    // Nimbus
    assertTrue(signedJWT.verify(nimbusVerifier));
    // oxauth cryptoProvider
    boolean validJwt = cryptoProvider.verifySignature(jwt.getSigningInput(), jwt.getEncodedSignature(), kid, null, null, jwt.getHeader().getSignatureAlgorithm());
    assertTrue(validJwt);
    // oxauth verifier
    assertTrue(oxauthVerifier.validate(jwt));
}
Also used : RSAKey(com.nimbusds.jose.jwk.RSAKey) ECDSASigner(org.gluu.oxauth.model.jws.ECDSASigner) Jwt(org.gluu.oxauth.model.jwt.Jwt) RSASSAVerifier(com.nimbusds.jose.crypto.RSASSAVerifier) JWSVerifier(com.nimbusds.jose.JWSVerifier) AbstractJwsSigner(org.gluu.oxauth.model.jws.AbstractJwsSigner) ECKey(com.nimbusds.jose.jwk.ECKey) SignedJWT(com.nimbusds.jwt.SignedJWT) ECDSAVerifier(com.nimbusds.jose.crypto.ECDSAVerifier) ECPublicKey(java.security.interfaces.ECPublicKey) RSAPublicKey(org.gluu.oxauth.model.crypto.signature.RSAPublicKey) RSASigner(org.gluu.oxauth.model.jws.RSASigner) ECDSAPublicKey(org.gluu.oxauth.model.crypto.signature.ECDSAPublicKey)

Aggregations

JWSVerifier (com.nimbusds.jose.JWSVerifier)1 ECDSAVerifier (com.nimbusds.jose.crypto.ECDSAVerifier)1 RSASSAVerifier (com.nimbusds.jose.crypto.RSASSAVerifier)1 ECKey (com.nimbusds.jose.jwk.ECKey)1 RSAKey (com.nimbusds.jose.jwk.RSAKey)1 SignedJWT (com.nimbusds.jwt.SignedJWT)1 ECPublicKey (java.security.interfaces.ECPublicKey)1 ECDSAPublicKey (org.gluu.oxauth.model.crypto.signature.ECDSAPublicKey)1 RSAPublicKey (org.gluu.oxauth.model.crypto.signature.RSAPublicKey)1 AbstractJwsSigner (org.gluu.oxauth.model.jws.AbstractJwsSigner)1 ECDSASigner (org.gluu.oxauth.model.jws.ECDSASigner)1 RSASigner (org.gluu.oxauth.model.jws.RSASigner)1 Jwt (org.gluu.oxauth.model.jwt.Jwt)1