use of org.jose4j.jwk.JsonWebKeySet in project cas by apereo.
the class OidcDefaultJsonWebKeystoreCacheLoader method load.
@Override
public Optional<RsaJsonWebKey> load(final String issuer) throws Exception {
final Optional<JsonWebKeySet> jwks = buildJsonWebKeySet();
if (!jwks.isPresent() || jwks.get().getJsonWebKeys().isEmpty()) {
return Optional.empty();
}
final RsaJsonWebKey key = getJsonSigningWebKeyFromJwks(jwks.get());
if (key == null) {
return Optional.empty();
}
return Optional.of(key);
}
use of org.jose4j.jwk.JsonWebKeySet in project cas by apereo.
the class OidcJsonWebKeystoreGeneratorService method generate.
/**
* Generate.
*/
@PostConstruct
public void generate() {
try {
final File file = oidcProperties.getJwksFile().getFile();
if (!file.exists()) {
final RsaJsonWebKey rsaJsonWebKey = RsaJwkGenerator.generateJwk(2048);
final JsonWebKeySet jsonWebKeySet = new JsonWebKeySet(rsaJsonWebKey);
final String data = jsonWebKeySet.toJson(JsonWebKey.OutputControlLevel.INCLUDE_PRIVATE);
FileUtils.write(file, data, StandardCharsets.UTF_8);
LOGGER.debug("Generated JSON web keystore at [{}]", file);
} else {
LOGGER.debug("Located JSON web keystore at [{}]", file);
}
} catch (final Exception e) {
throw Throwables.propagate(e);
}
}
use of org.jose4j.jwk.JsonWebKeySet in project cas by apereo.
the class OidcServiceJsonWebKeystoreCacheLoader method buildJsonWebKeySet.
private Optional<JsonWebKeySet> buildJsonWebKeySet(final OidcRegisteredService service) throws Exception {
try {
LOGGER.debug("Loading JSON web key from [{}]", service.getJwks());
final Resource resource = this.resourceLoader.getResource(service.getJwks());
final JsonWebKeySet jsonWebKeySet = buildJsonWebKeySet(resource);
if (jsonWebKeySet == null || jsonWebKeySet.getJsonWebKeys().isEmpty()) {
LOGGER.warn("No JSON web keys could be found for [{}]", service);
return Optional.empty();
}
final long badKeysCount = jsonWebKeySet.getJsonWebKeys().stream().filter(k -> StringUtils.isBlank(k.getAlgorithm()) && StringUtils.isBlank(k.getKeyId()) && StringUtils.isBlank(k.getKeyType())).count();
if (badKeysCount == jsonWebKeySet.getJsonWebKeys().size()) {
LOGGER.warn("No valid JSON web keys could be found for [{}]", service);
return Optional.empty();
}
final RsaJsonWebKey webKey = getJsonSigningWebKeyFromJwks(jsonWebKeySet);
if (webKey.getPublicKey() == null) {
LOGGER.warn("JSON web key retrieved [{}] has no associated public key", webKey.getKeyId());
return Optional.empty();
}
return Optional.of(jsonWebKeySet);
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
}
return Optional.empty();
}
Aggregations