use of org.keycloak.crypto.SignatureSignerContext in project keycloak by keycloak.
the class ClientRegistrationTokenUtils method updateTokenSignature.
public static String updateTokenSignature(KeycloakSession session, ClientRegistrationAuth auth) {
String algorithm = session.tokens().signatureAlgorithm(TokenCategory.INTERNAL);
SignatureSignerContext signer = session.getProvider(SignatureProvider.class, algorithm).signer();
if (signer.getKid().equals(auth.getKid())) {
return auth.getToken();
} else {
RegistrationAccessToken regToken = new RegistrationAccessToken();
regToken.setRegistrationAuth(auth.getRegistrationAuth().toString().toLowerCase());
regToken.type(auth.getJwt().getType());
regToken.id(auth.getJwt().getId());
regToken.issuedAt(Time.currentTime());
regToken.expiration(0);
regToken.issuer(auth.getJwt().getIssuer());
regToken.audience(auth.getJwt().getIssuer());
String token = new JWSBuilder().jsonContent(regToken).sign(signer);
return token;
}
}
use of org.keycloak.crypto.SignatureSignerContext in project keycloak by keycloak.
the class OAuthClient method createSigner.
public SignatureSignerContext createSigner(PrivateKey privateKey, String kid, String algorithm) {
KeyWrapper keyWrapper = new KeyWrapper();
keyWrapper.setAlgorithm(algorithm);
keyWrapper.setKid(kid);
keyWrapper.setPrivateKey(privateKey);
SignatureSignerContext signer;
switch(algorithm) {
case Algorithm.ES256:
case Algorithm.ES384:
case Algorithm.ES512:
signer = new ServerECDSASignatureSignerContext(keyWrapper);
break;
default:
signer = new AsymmetricSignatureSignerContext(keyWrapper);
}
return signer;
}
use of org.keycloak.crypto.SignatureSignerContext in project keycloak by keycloak.
the class ClientAuthSignedJWTTest method createSignledRequestToken.
private String createSignledRequestToken(PrivateKey privateKey, PublicKey publicKey, String algorithm, JsonWebToken jwt) {
String kid = KeyUtils.createKeyId(publicKey);
SignatureSignerContext signer = oauth.createSigner(privateKey, kid, algorithm);
String ret = new JWSBuilder().kid(kid).jsonContent(jwt).sign(signer);
return ret;
}
Aggregations