final byte[] encodedKey = publicKey.getEncoded(); JSONObject jsonWebKeys = JwtUtil.getJSONWebKeys(client.getJwksUri()); if (jsonWebKeys == null) { log.debug("Unable to load json web keys for client: {}, jwks_uri: {}", clientId, client.getJwksUri());
signatureAlgorithm == SignatureAlgorithm.RS256 || signatureAlgorithm == SignatureAlgorithm.ES256) { digest = JwtUtil.getMessageDigestSHA256(code); } else if (signatureAlgorithm == SignatureAlgorithm.HS384 || signatureAlgorithm == SignatureAlgorithm.RS384 || signatureAlgorithm == SignatureAlgorithm.ES512) { digest = JwtUtil.getMessageDigestSHA384(code); } else if (signatureAlgorithm == SignatureAlgorithm.HS512 || signatureAlgorithm == SignatureAlgorithm.RS384 || signatureAlgorithm == SignatureAlgorithm.ES512) { digest = JwtUtil.getMessageDigestSHA512(code); } else { // Default digest = JwtUtil.getMessageDigestSHA256(code);
final String clientId = sessionIdAttributes.get("client_id"); final String opbs = UUID.randomUUID().toString(); final String sessionState = JwtUtil.bytesToHex(JwtUtil.getMessageDigestSHA256( clientId + " " + appConfiguration.getIssuer() + " " + opbs + " " + salt)) + "." + salt; final String dn = dn(sid);
@Test public void getMessageDigestSHA256() { showTitle("sha256"); try { String input = "The quick brown fox jumps over the lazy dog"; System.out.println("Input: " + input); byte[] digest = JwtUtil.getMessageDigestSHA256(input); BigInteger result = new BigInteger(1, digest); BigInteger expectedResult = new BigInteger("d7a8fbb307d7809469ca9abcb0082e4f8d5651e46d3cdb762d02d0bf37c9e592", 16); System.out.println("Result : " + result); System.out.println("Expected: " + expectedResult); assertEquals(result, expectedResult); } catch (NoSuchProviderException e) { e.printStackTrace(); fail(e.getMessage()); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); fail(e.getMessage()); } catch (UnsupportedEncodingException e) { e.printStackTrace(); fail(e.getMessage()); } }
@Test public void getMessageDigestSHA384() { showTitle("sha384"); try { String input = "The quick brown fox jumps over the lazy dog"; System.out.println("Input: " + input); byte[] digest = JwtUtil.getMessageDigestSHA384(input); BigInteger result = new BigInteger(1, digest); BigInteger expectedResult = new BigInteger("ca737f1014a48f4c0b6dd43cb177b0afd9e5169367544c494011e3317dbf9a509cb1e5dc1e85a941bbee3d7f2afbc9b1", 16); System.out.println("Result : " + result); System.out.println("Expected : " + expectedResult); assertEquals(result, expectedResult); } catch (NoSuchProviderException e) { e.printStackTrace(); fail(e.getMessage()); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); fail(e.getMessage()); } catch (UnsupportedEncodingException e) { e.printStackTrace(); fail(e.getMessage()); } }
@Test public void getMessageDigestSHA512() { showTitle("sha512"); try { String input = "The quick brown fox jumps over the lazy dog"; System.out.println("Input: " + input); byte[] digest = JwtUtil.getMessageDigestSHA512(input); BigInteger result = new BigInteger(1, digest); BigInteger expectedResult = new BigInteger("07e547d9586f6a73f73fbac0435ed76951218fb7d0c8d788a309d785436bbb642e93a252a954f23912547d1e8a3b5ed6e1bfd7097821233fa0538f3db854fee6", 16); System.out.println("Result : " + result); System.out.println("Expected : " + expectedResult); assertEquals(result, expectedResult); } catch (NoSuchProviderException e) { e.printStackTrace(); fail(e.getMessage()); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); fail(e.getMessage()); } catch (UnsupportedEncodingException e) { e.printStackTrace(); fail(e.getMessage()); } } }
@Test public void printAlgorithmsAndProviders() { showTitle("printAlgorithmsAndProviders"); JwtUtil.printAlgorithmsAndProviders(); }
requestJwt = entity; } else { String hash = Base64Util.base64urlencode(JwtUtil.getMessageDigestSHA256(entity)); if (StringUtils.equals(reqUriHash, hash)) { requestJwt = entity;
private boolean validateSignature(SignatureAlgorithm signatureAlgorithm, Client client, String signingInput, String signature) throws Exception { ClientService clientService = CdiUtil.bean(ClientService.class); String sharedSecret = clientService.decryptSecret(client.getClientSecret()); JSONObject jwks = Strings.isNullOrEmpty(client.getJwks()) ? JwtUtil.getJSONWebKeys(client.getJwksUri()) : new JSONObject(client.getJwks()); AbstractCryptoProvider cryptoProvider = CryptoProviderFactory.getCryptoProvider( appConfiguration); boolean validSignature = cryptoProvider.verifySignature(signingInput, signature, keyId, jwks, sharedSecret, signatureAlgorithm); return validSignature; }
jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400); String authJwt = jwtAuthorizationRequest.getEncodedJwt(); String hash = Base64Util.base64urlencode(JwtUtil.getMessageDigestSHA256(authJwt)); String fileName = UUID.randomUUID().toString() + ".txt"; String filePath = requestFileBasePath + File.separator + fileName;
showTitle("jwtStateAlgRSA15EncA128CBCPLUSHS256Test"); JSONObject jwks = JwtUtil.getJSONWebKeys(clientJwksUri); OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
validRequestUri = true; } else { String hash = Base64Util.base64urlencode(JwtUtil.getMessageDigestSHA256(request)); validRequestUri = StringUtils.equals(reqUriHash, hash);
showTitle("jwtStateAlgRSAOAEPEncA256GCMTest"); JSONObject jwks = JwtUtil.getJSONWebKeys(clientJwksUri); OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400); String authJwt = jwtAuthorizationRequest.getEncodedJwt(); String hash = Base64Util.base64urlencode(JwtUtil.getMessageDigestSHA256(authJwt)); String fileName = UUID.randomUUID().toString() + ".txt"; String filePath = requestFileBasePath + File.separator + fileName;
showTitle("jwtStateAlgRSA15EncA256CBCPLUSHS512Test"); JSONObject jwks = JwtUtil.getJSONWebKeys(clientJwksUri); OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);
jwtAuthorizationRequest.getIdTokenMember().setMaxAge(86400); String authJwt = jwtAuthorizationRequest.getEncodedJwt(); String hash = Base64Util.base64urlencode(JwtUtil.getMessageDigestSHA256(authJwt)); String fileName = UUID.randomUUID().toString() + ".txt"; String filePath = requestFileBasePath + File.separator + fileName;
JSONObject jwks = Strings.isNullOrEmpty(softwareStatement.getClaims().getClaimAsString(JWKS_URI.toString())) ? new JSONObject(softwareStatement.getClaims().getClaimAsString(JWKS.toString())) : JwtUtil.getJSONWebKeys(softwareStatement.getClaims().getClaimAsString(JWKS_URI.toString())); AbstractCryptoProvider cryptoProvider = CryptoProviderFactory.getCryptoProvider(appConfiguration); boolean validSignature = cryptoProvider.verifySignature(softwareStatement.getSigningInput(),
JwtUtil.getJSONWebKeys(client.getJwksUri()) : new JSONObject(client.getJwks()); String sharedSecret = clientService.decryptSecret(client.getClientSecret());
} else { if (isKeyIdRequired()) { JSONObject jwks = JwtUtil.getJSONWebKeys(jwksUri); OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(); jwtAuthorizationRequest = new JwtAuthorizationRequest(
JSONObject jwks = JwtUtil.getJSONWebKeys(clientJwksUri); OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName);