Example 1 with AsymmetricSignatureProvider
use of org.keycloak.crypto.AsymmetricSignatureProvider in project keycloak by keycloak.
the class AbstractOAuth2IdentityProvider method getSignatureContext.
protected SignatureSignerContext getSignatureContext() {
if (getConfig().getClientAuthMethod().equals(OIDCLoginProtocol.CLIENT_SECRET_JWT)) {
try (VaultStringSecret vaultStringSecret = session.vault().getStringSecret(getConfig().getClientSecret())) {
KeyWrapper key = new KeyWrapper();
String alg = getConfig().getClientAssertionSigningAlg() != null ? getConfig().getClientAssertionSigningAlg() : Algorithm.HS256;
key.setAlgorithm(alg);
byte[] decodedSecret = vaultStringSecret.get().orElse(getConfig().getClientSecret()).getBytes();
SecretKey secret = new SecretKeySpec(decodedSecret, 0, decodedSecret.length, alg);
key.setSecretKey(secret);
return new MacSignatureSignerContext(key);
}
}
String alg = getConfig().getClientAssertionSigningAlg() != null ? getConfig().getClientAssertionSigningAlg() : Algorithm.RS256;
return new AsymmetricSignatureProvider(session, alg).signer();
}
Also used :
KeyWrapper(org.keycloak.crypto.KeyWrapper)
SecretKey(javax.crypto.SecretKey)
VaultStringSecret(org.keycloak.vault.VaultStringSecret)
SecretKeySpec(javax.crypto.spec.SecretKeySpec)
AsymmetricSignatureProvider(org.keycloak.crypto.AsymmetricSignatureProvider)
MacSignatureSignerContext(org.keycloak.crypto.MacSignatureSignerContext)
Aggregations
SecretKey (javax.crypto.SecretKey)1
SecretKeySpec (javax.crypto.spec.SecretKeySpec)1
AsymmetricSignatureProvider (org.keycloak.crypto.AsymmetricSignatureProvider)1
KeyWrapper (org.keycloak.crypto.KeyWrapper)1
MacSignatureSignerContext (org.keycloak.crypto.MacSignatureSignerContext)1
VaultStringSecret (org.keycloak.vault.VaultStringSecret)1
