Search in sources :

Example 6 with JsonWebKeySet

use of org.jose4j.jwk.JsonWebKeySet in project cas by apereo.

the class OidcDefaultJsonWebKeystoreCacheLoader method load.

@Override
public Optional<RsaJsonWebKey> load(final String issuer) throws Exception {
    final Optional<JsonWebKeySet> jwks = buildJsonWebKeySet();
    if (!jwks.isPresent() || jwks.get().getJsonWebKeys().isEmpty()) {
        return Optional.empty();
    }
    final RsaJsonWebKey key = getJsonSigningWebKeyFromJwks(jwks.get());
    if (key == null) {
        return Optional.empty();
    }
    return Optional.of(key);
}
Also used : RsaJsonWebKey(org.jose4j.jwk.RsaJsonWebKey) JsonWebKeySet(org.jose4j.jwk.JsonWebKeySet)

Example 7 with JsonWebKeySet

use of org.jose4j.jwk.JsonWebKeySet in project cas by apereo.

the class OidcJsonWebKeystoreGeneratorService method generate.

/**
     * Generate.
     */
@PostConstruct
public void generate() {
    try {
        final File file = oidcProperties.getJwksFile().getFile();
        if (!file.exists()) {
            final RsaJsonWebKey rsaJsonWebKey = RsaJwkGenerator.generateJwk(2048);
            final JsonWebKeySet jsonWebKeySet = new JsonWebKeySet(rsaJsonWebKey);
            final String data = jsonWebKeySet.toJson(JsonWebKey.OutputControlLevel.INCLUDE_PRIVATE);
            FileUtils.write(file, data, StandardCharsets.UTF_8);
            LOGGER.debug("Generated JSON web keystore at [{}]", file);
        } else {
            LOGGER.debug("Located JSON web keystore at [{}]", file);
        }
    } catch (final Exception e) {
        throw Throwables.propagate(e);
    }
}
Also used : RsaJsonWebKey(org.jose4j.jwk.RsaJsonWebKey) JsonWebKeySet(org.jose4j.jwk.JsonWebKeySet) File(java.io.File) PostConstruct(javax.annotation.PostConstruct)

Example 8 with JsonWebKeySet

use of org.jose4j.jwk.JsonWebKeySet in project cas by apereo.

the class OidcServiceJsonWebKeystoreCacheLoader method buildJsonWebKeySet.

private Optional<JsonWebKeySet> buildJsonWebKeySet(final OidcRegisteredService service) throws Exception {
    try {
        LOGGER.debug("Loading JSON web key from [{}]", service.getJwks());
        final Resource resource = this.resourceLoader.getResource(service.getJwks());
        final JsonWebKeySet jsonWebKeySet = buildJsonWebKeySet(resource);
        if (jsonWebKeySet == null || jsonWebKeySet.getJsonWebKeys().isEmpty()) {
            LOGGER.warn("No JSON web keys could be found for [{}]", service);
            return Optional.empty();
        }
        final long badKeysCount = jsonWebKeySet.getJsonWebKeys().stream().filter(k -> StringUtils.isBlank(k.getAlgorithm()) && StringUtils.isBlank(k.getKeyId()) && StringUtils.isBlank(k.getKeyType())).count();
        if (badKeysCount == jsonWebKeySet.getJsonWebKeys().size()) {
            LOGGER.warn("No valid JSON web keys could be found for [{}]", service);
            return Optional.empty();
        }
        final RsaJsonWebKey webKey = getJsonSigningWebKeyFromJwks(jsonWebKeySet);
        if (webKey.getPublicKey() == null) {
            LOGGER.warn("JSON web key retrieved [{}] has no associated public key", webKey.getKeyId());
            return Optional.empty();
        }
        return Optional.of(jsonWebKeySet);
    } catch (final Exception e) {
        LOGGER.error(e.getMessage(), e);
    }
    return Optional.empty();
}
Also used : Logger(org.slf4j.Logger) ResourceLoader(org.springframework.core.io.ResourceLoader) RsaJsonWebKey(org.jose4j.jwk.RsaJsonWebKey) LoggerFactory(org.slf4j.LoggerFactory) Autowired(org.springframework.beans.factory.annotation.Autowired) StringUtils(org.apache.commons.lang3.StringUtils) JsonWebKeySet(org.jose4j.jwk.JsonWebKeySet) StandardCharsets(java.nio.charset.StandardCharsets) CacheLoader(com.google.common.cache.CacheLoader) IOUtils(org.apache.commons.io.IOUtils) OidcRegisteredService(org.apereo.cas.services.OidcRegisteredService) Optional(java.util.Optional) Resource(org.springframework.core.io.Resource) Resource(org.springframework.core.io.Resource) RsaJsonWebKey(org.jose4j.jwk.RsaJsonWebKey) JsonWebKeySet(org.jose4j.jwk.JsonWebKeySet)

Aggregations

JsonWebKeySet (org.jose4j.jwk.JsonWebKeySet)8 RsaJsonWebKey (org.jose4j.jwk.RsaJsonWebKey)7 StandardCharsets (java.nio.charset.StandardCharsets)3 IOUtils (org.apache.commons.io.IOUtils)3 StringUtils (org.apache.commons.lang3.StringUtils)3 Logger (org.slf4j.Logger)3 LoggerFactory (org.slf4j.LoggerFactory)3 Resource (org.springframework.core.io.Resource)3 CacheLoader (com.google.common.cache.CacheLoader)2 Optional (java.util.Optional)2 OidcRegisteredService (org.apereo.cas.services.OidcRegisteredService)2 Autowired (org.springframework.beans.factory.annotation.Autowired)2 ResourceLoader (org.springframework.core.io.ResourceLoader)2 Assert (com.stormpath.sdk.lang.Assert)1 File (java.io.File)1 PostConstruct (javax.annotation.PostConstruct)1 HttpServletRequest (javax.servlet.http.HttpServletRequest)1 HttpServletResponse (javax.servlet.http.HttpServletResponse)1 PrincipalFactory (org.apereo.cas.authentication.principal.PrincipalFactory)1 ServiceFactory (org.apereo.cas.authentication.principal.ServiceFactory)1