Example 1 with KeyStoreManager
use of org.wso2.carbon.core.util.KeyStoreManager in project carbon-apimgt by wso2.
the class Util method getAuthHeader.
public static String getAuthHeader(String username) throws Exception {
// Get the filesystem key store default primary certificate
KeyStoreManager keyStoreManager;
keyStoreManager = KeyStoreManager.getInstance(MultitenantConstants.SUPER_TENANT_ID);
try {
keyStoreManager.getDefaultPrimaryCertificate();
JWSSigner signer = new RSASSASigner((RSAPrivateKey) keyStoreManager.getDefaultPrivateKey());
JWTClaimsSet.Builder jwtClaimsSetBuilder = new JWTClaimsSet.Builder();
jwtClaimsSetBuilder.claim("Username", username);
SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.RS512), jwtClaimsSetBuilder.build());
signedJWT.sign(signer);
// generate authorization header value
return "Bearer " + Base64Utils.encode(signedJWT.serialize().getBytes(Charset.defaultCharset()));
} catch (SignatureException e) {
String msg = "Failed to sign with signature instance";
log.error(msg, e);
throw new Exception(msg, e);
} catch (Exception e) {
String msg = "Failed to get primary default certificate";
log.error(msg, e);
throw new Exception(msg, e);
}
}
Also used :
KeyStoreManager(org.wso2.carbon.core.util.KeyStoreManager)
JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet)
RSASSASigner(com.nimbusds.jose.crypto.RSASSASigner)
SignedJWT(com.nimbusds.jwt.SignedJWT)
SignatureException(java.security.SignatureException)
JWSSigner(com.nimbusds.jose.JWSSigner)
JWSHeader(com.nimbusds.jose.JWSHeader)
SignatureException(java.security.SignatureException)
Example 2 with KeyStoreManager
use of org.wso2.carbon.core.util.KeyStoreManager in project carbon-apimgt by wso2.
the class AbstractJWTGenerator method addCertToHeader.
/**
* Helper method to add public certificate to JWT_HEADER to signature verification.
*
* @throws APIManagementException
* @param tenantDomain
*/
protected String addCertToHeader(String tenantDomain) throws APIManagementException {
try {
Certificate publicCert;
if (tenantBasedSigningEnabled) {
publicCert = SigningUtil.getPublicCertificate(APIUtil.getTenantIdFromTenantDomain(tenantDomain));
} else {
KeyStoreManager keyStoreManager = KeyStoreManager.getInstance(MultitenantConstants.SUPER_TENANT_ID);
publicCert = keyStoreManager.getDefaultPrimaryCertificate();
}
return APIUtil.generateHeader(publicCert, signatureAlgorithm);
} catch (Exception e) {
String error = "Error in obtaining keystore";
throw new APIManagementException(error, e);
}
}
Also used :
KeyStoreManager(org.wso2.carbon.core.util.KeyStoreManager)
APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException)
UserStoreException(org.wso2.carbon.user.api.UserStoreException)
IOException(java.io.IOException)
APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException)
Certificate(java.security.cert.Certificate)
Example 3 with KeyStoreManager
use of org.wso2.carbon.core.util.KeyStoreManager in project carbon-apimgt by wso2.
the class AbstractJWTGenerator method signJWT.
public byte[] signJWT(String assertion, String tenantDomain) throws APIManagementException {
try {
PrivateKey privateKey;
if (tenantBasedSigningEnabled) {
privateKey = SigningUtil.getSigningKey(APIUtil.getTenantIdFromTenantDomain(tenantDomain));
} else {
KeyStoreManager keyStoreManager = KeyStoreManager.getInstance(MultitenantConstants.SUPER_TENANT_ID);
privateKey = keyStoreManager.getDefaultPrivateKey();
}
return APIUtil.signJwt(assertion, privateKey, signatureAlgorithm);
} catch (Exception e) {
throw new APIManagementException(e);
}
}
Also used :
KeyStoreManager(org.wso2.carbon.core.util.KeyStoreManager)
PrivateKey(java.security.PrivateKey)
APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException)
UserStoreException(org.wso2.carbon.user.api.UserStoreException)
IOException(java.io.IOException)
APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException)
Example 4 with KeyStoreManager
use of org.wso2.carbon.core.util.KeyStoreManager in project carbon-apimgt by wso2.
the class DefaultApiKeyGenerator method getApiKeySignKeyStore.
private KeyStore getApiKeySignKeyStore(KeyStoreManager keyStoreManager) throws Exception {
KeyStore apiKeySignKeyStore;
ServerConfigurationService config = keyStoreManager.getServerConfigService();
String apiKeySignKeyStoreName = APIUtil.getApiKeySignKeyStoreName();
if (config.getFirstProperty(APIConstants.KeyStoreManagement.SERVER_APIKEYSIGN_KEYSTORE_FILE.replaceFirst(APIConstants.KeyStoreManagement.KeyStoreName, apiKeySignKeyStoreName)) == null) {
return null;
}
String file = new File(config.getFirstProperty(APIConstants.KeyStoreManagement.SERVER_APIKEYSIGN_KEYSTORE_FILE.replaceFirst(APIConstants.KeyStoreManagement.KeyStoreName, apiKeySignKeyStoreName))).getAbsolutePath();
KeyStore store = KeyStore.getInstance(config.getFirstProperty(APIConstants.KeyStoreManagement.SERVER_APIKEYSIGN_KEYSTORE_TYPE.replaceFirst(APIConstants.KeyStoreManagement.KeyStoreName, apiKeySignKeyStoreName)));
String password = config.getFirstProperty(APIConstants.KeyStoreManagement.SERVER_APIKEYSIGN_KEYSTORE_PASSWORD.replaceFirst(APIConstants.KeyStoreManagement.KeyStoreName, apiKeySignKeyStoreName));
try (FileInputStream in = new FileInputStream(file)) {
store.load(in, password.toCharArray());
apiKeySignKeyStore = store;
}
return apiKeySignKeyStore;
}
Also used :
ServerConfigurationService(org.wso2.carbon.base.api.ServerConfigurationService)
KeyStore(java.security.KeyStore)
File(java.io.File)
FileInputStream(java.io.FileInputStream)
Example 5 with KeyStoreManager
use of org.wso2.carbon.core.util.KeyStoreManager in project carbon-apimgt by wso2.
the class UtilTest method testShouldThrowEceptionWhenSigningFails.
@Test(expected = Exception.class)
public void testShouldThrowEceptionWhenSigningFails() throws Exception {
KeyPairGenerator keygen = KeyPairGenerator.getInstance("RSA");
keygen.initialize(512);
PrivateKey pvtKey = keygen.generateKeyPair().getPrivate();
PowerMockito.mockStatic(KeyStoreManager.class);
KeyStoreManager keyStoreManager = Mockito.mock(KeyStoreManager.class);
PowerMockito.when(KeyStoreManager.getInstance(Mockito.anyInt())).thenReturn(keyStoreManager);
Mockito.when(keyStoreManager.getDefaultPrimaryCertificate()).thenReturn(null);
Mockito.when(keyStoreManager.getDefaultPrivateKey()).thenReturn(pvtKey);
Util.getAuthHeader("admin");
}
Also used :
KeyStoreManager(org.wso2.carbon.core.util.KeyStoreManager)
PrivateKey(java.security.PrivateKey)
KeyPairGenerator(java.security.KeyPairGenerator)
PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)
Test(org.junit.Test)
Aggregations
KeyStoreManager (org.wso2.carbon.core.util.KeyStoreManager)13
APIManagementException (org.wso2.carbon.apimgt.api.APIManagementException)7
PrivateKey (java.security.PrivateKey)5
KeyStore (java.security.KeyStore)3
Certificate (java.security.cert.Certificate)3
Test (org.junit.Test)3
PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)3
JWSSigner (com.nimbusds.jose.JWSSigner)2
RSASSASigner (com.nimbusds.jose.crypto.RSASSASigner)2
IOException (java.io.IOException)2
ServerConfigurationService (org.wso2.carbon.base.api.ServerConfigurationService)2
RegistryException (org.wso2.carbon.registry.core.exceptions.RegistryException)2
UserStoreException (org.wso2.carbon.user.api.UserStoreException)2
JWSHeader (com.nimbusds.jose.JWSHeader)1
JWTClaimsSet (com.nimbusds.jwt.JWTClaimsSet)1
SignedJWT (com.nimbusds.jwt.SignedJWT)1
File (java.io.File)1
FileInputStream (java.io.FileInputStream)1
Key (java.security.Key)1
KeyPairGenerator (java.security.KeyPairGenerator)1
