public static ECDSAPublicKey getECDSAPublicKey(String jwkSetUrl, String keyId) { ECDSAPublicKey publicKey = null; JwkClient jwkClient = new JwkClient(jwkSetUrl); JwkResponse jwkResponse = jwkClient.exec(); if (jwkResponse != null && jwkResponse.getStatus() == 200) { PublicKey pk = jwkResponse.getPublicKey(keyId); if (pk instanceof ECDSAPublicKey) { publicKey = (ECDSAPublicKey) pk; } } return publicKey; } }
public static RSAPublicKey getRSAPublicKey(String jwkSetUri, String keyId, ClientExecutor clientExecutor) { RSAPublicKey publicKey = null; JwkClient jwkClient = new JwkClient(jwkSetUri); jwkClient.setExecutor(clientExecutor); JwkResponse jwkResponse = jwkClient.exec(); if (jwkResponse != null && jwkResponse.getStatus() == 200) { PublicKey pk = jwkResponse.getPublicKey(keyId); if (pk instanceof RSAPublicKey) { publicKey = (RSAPublicKey) pk; } } return publicKey; }
@Parameters({"clientJwksUri", "RS256_keyId", "dnName", "keyStoreFile", "keyStoreSecret"}) @Test public void testRS256(final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException, InvalidKeySpecException, IllegalBlockSizeException, IOException, NoSuchPaddingException, BadPaddingException { try { showTitle("Test RS256"); JwkClient jwkClient = new JwkClient(clientJwksUri); JwkResponse jwkResponse = jwkClient.exec(); String signingInput = "eyJhbGciOiJIUzI1NiJ9.eyJub25jZSI6ICI2Qm9HN1QwR0RUZ2wiLCAiaWRfdG9rZW4iOiB7Im1heF9hZ2UiOiA4NjQwMH0sICJzdGF0ZSI6ICJTVEFURTAiLCAicmVkaXJlY3RfdXJpIjogImh0dHBzOi8vbG9jYWxob3N0L2NhbGxiYWNrMSIsICJ1c2VyaW5mbyI6IHsiY2xhaW1zIjogeyJuYW1lIjogbnVsbH19LCAiY2xpZW50X2lkIjogIkAhMTExMSEwMDA4IUU2NTQuQjQ2MCIsICJzY29wZSI6IFsib3BlbmlkIl0sICJyZXNwb25zZV90eXBlIjogWyJjb2RlIl19"; OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName); String encodedSignature = cryptoProvider.sign(signingInput, keyId, null, SignatureAlgorithm.RS256); System.out.println("Encoded Signature: " + encodedSignature); boolean signatureVerified = cryptoProvider.verifySignature( signingInput, encodedSignature, keyId, jwkResponse.getJwks().toJSONObject(), null, SignatureAlgorithm.RS256); assertTrue(signatureVerified, "Invalid signature"); } catch (Exception e) { fail(e.getMessage(), e); } }
@Parameters({"clientJwksUri", "RS384_keyId", "dnName", "keyStoreFile", "keyStoreSecret"}) @Test public void testRS384(final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException, InvalidKeySpecException, IllegalBlockSizeException, IOException, NoSuchPaddingException, BadPaddingException { try { showTitle("Test RS384"); JwkClient jwkClient = new JwkClient(clientJwksUri); JwkResponse jwkResponse = jwkClient.exec(); String signingInput = "eyJhbGciOiJIUzI1NiJ9.eyJub25jZSI6ICI2Qm9HN1QwR0RUZ2wiLCAiaWRfdG9rZW4iOiB7Im1heF9hZ2UiOiA4NjQwMH0sICJzdGF0ZSI6ICJTVEFURTAiLCAicmVkaXJlY3RfdXJpIjogImh0dHBzOi8vbG9jYWxob3N0L2NhbGxiYWNrMSIsICJ1c2VyaW5mbyI6IHsiY2xhaW1zIjogeyJuYW1lIjogbnVsbH19LCAiY2xpZW50X2lkIjogIkAhMTExMSEwMDA4IUU2NTQuQjQ2MCIsICJzY29wZSI6IFsib3BlbmlkIl0sICJyZXNwb25zZV90eXBlIjogWyJjb2RlIl19"; OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName); String encodedSignature = cryptoProvider.sign(signingInput, keyId, null, SignatureAlgorithm.RS384); System.out.println("Encoded Signature: " + encodedSignature); boolean signatureVerified = cryptoProvider.verifySignature( signingInput, encodedSignature, keyId, jwkResponse.getJwks().toJSONObject(), null, SignatureAlgorithm.RS384); assertTrue(signatureVerified, "Invalid signature"); } catch (Exception e) { fail(e.getMessage(), e); } }
@Parameters({"clientJwksUri", "RS512_keyId", "dnName", "keyStoreFile", "keyStoreSecret"}) @Test public void testRS512(final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException, InvalidKeySpecException, IllegalBlockSizeException, IOException, NoSuchPaddingException, BadPaddingException { try { showTitle("Test RS512"); JwkClient jwkClient = new JwkClient(clientJwksUri); JwkResponse jwkResponse = jwkClient.exec(); String signingInput = "eyJhbGciOiJIUzI1NiJ9.eyJub25jZSI6ICI2Qm9HN1QwR0RUZ2wiLCAiaWRfdG9rZW4iOiB7Im1heF9hZ2UiOiA4NjQwMH0sICJzdGF0ZSI6ICJTVEFURTAiLCAicmVkaXJlY3RfdXJpIjogImh0dHBzOi8vbG9jYWxob3N0L2NhbGxiYWNrMSIsICJ1c2VyaW5mbyI6IHsiY2xhaW1zIjogeyJuYW1lIjogbnVsbH19LCAiY2xpZW50X2lkIjogIkAhMTExMSEwMDA4IUU2NTQuQjQ2MCIsICJzY29wZSI6IFsib3BlbmlkIl0sICJyZXNwb25zZV90eXBlIjogWyJjb2RlIl19"; OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName); String encodedSignature = cryptoProvider.sign(signingInput, keyId, null, SignatureAlgorithm.RS512); System.out.println("Encoded Signature: " + encodedSignature); boolean signatureVerified = cryptoProvider.verifySignature( signingInput, encodedSignature, keyId, jwkResponse.getJwks().toJSONObject(), null, SignatureAlgorithm.RS512); assertTrue(signatureVerified, "Invalid signature"); } catch (Exception e) { fail(e.getMessage(), e); } }
@Parameters({"clientJwksUri", "ES384_keyId", "dnName", "keyStoreFile", "keyStoreSecret"}) @Test public void testES384(final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, SignatureException, InvalidKeyException, InvalidKeySpecException, IllegalBlockSizeException, IOException, NoSuchPaddingException, BadPaddingException { try { showTitle("Test ES384"); JwkClient jwkClient = new JwkClient(clientJwksUri); JwkResponse jwkResponse = jwkClient.exec(); String signingInput = "eyJhbGciOiJIUzI1NiJ9.eyJub25jZSI6ICI2Qm9HN1QwR0RUZ2wiLCAiaWRfdG9rZW4iOiB7Im1heF9hZ2UiOiA4NjQwMH0sICJzdGF0ZSI6ICJTVEFURTAiLCAicmVkaXJlY3RfdXJpIjogImh0dHBzOi8vbG9jYWxob3N0L2NhbGxiYWNrMSIsICJ1c2VyaW5mbyI6IHsiY2xhaW1zIjogeyJuYW1lIjogbnVsbH19LCAiY2xpZW50X2lkIjogIkAhMTExMSEwMDA4IUU2NTQuQjQ2MCIsICJzY29wZSI6IFsib3BlbmlkIl0sICJyZXNwb25zZV90eXBlIjogWyJjb2RlIl19"; OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName); String encodedSignature = cryptoProvider.sign(signingInput, keyId, null, SignatureAlgorithm.ES384); System.out.println("Encoded Signature: " + encodedSignature); boolean signatureVerified = cryptoProvider.verifySignature( signingInput, encodedSignature, keyId, jwkResponse.getJwks().toJSONObject(), null, SignatureAlgorithm.ES384); assertTrue(signatureVerified, "Invalid signature"); } catch (Exception e) { fail(e.getMessage(), e); } }
@Parameters({"clientJwksUri", "ES512_keyId", "dnName", "keyStoreFile", "keyStoreSecret"}) @Test public void testES512(final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, SignatureException, InvalidKeyException, InvalidKeySpecException, IllegalBlockSizeException, IOException, NoSuchPaddingException, BadPaddingException { try { showTitle("Test ES512"); JwkClient jwkClient = new JwkClient(clientJwksUri); JwkResponse jwkResponse = jwkClient.exec(); String signingInput = "eyJhbGciOiJIUzI1NiJ9.eyJub25jZSI6ICI2Qm9HN1QwR0RUZ2wiLCAiaWRfdG9rZW4iOiB7Im1heF9hZ2UiOiA4NjQwMH0sICJzdGF0ZSI6ICJTVEFURTAiLCAicmVkaXJlY3RfdXJpIjogImh0dHBzOi8vbG9jYWxob3N0L2NhbGxiYWNrMSIsICJ1c2VyaW5mbyI6IHsiY2xhaW1zIjogeyJuYW1lIjogbnVsbH19LCAiY2xpZW50X2lkIjogIkAhMTExMSEwMDA4IUU2NTQuQjQ2MCIsICJzY29wZSI6IFsib3BlbmlkIl0sICJyZXNwb25zZV90eXBlIjogWyJjb2RlIl19"; OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName); String encodedSignature = cryptoProvider.sign(signingInput, keyId, null, SignatureAlgorithm.ES512); System.out.println("Encoded Signature: " + encodedSignature); boolean signatureVerified = cryptoProvider.verifySignature( signingInput, encodedSignature, keyId, jwkResponse.getJwks().toJSONObject(), null, SignatureAlgorithm.ES512); assertTrue(signatureVerified, "Invalid signature"); } catch (Exception e) { fail(e.getMessage(), e); } }
@Parameters({"clientJwksUri", "ES256_keyId", "dnName", "keyStoreFile", "keyStoreSecret"}) @Test public void testES256(final String clientJwksUri, final String keyId, final String dnName, final String keyStoreFile, final String keyStoreSecret) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, SignatureException, InvalidKeyException, InvalidKeySpecException, IllegalBlockSizeException, IOException, NoSuchPaddingException, BadPaddingException { try { showTitle("Test ES256"); JwkClient jwkClient = new JwkClient(clientJwksUri); JwkResponse jwkResponse = jwkClient.exec(); String signingInput = "eyJhbGciOiJIUzI1NiJ9.eyJub25jZSI6ICI2Qm9HN1QwR0RUZ2wiLCAiaWRfdG9rZW4iOiB7Im1heF9hZ2UiOiA4NjQwMH0sICJzdGF0ZSI6ICJTVEFURTAiLCAicmVkaXJlY3RfdXJpIjogImh0dHBzOi8vbG9jYWxob3N0L2NhbGxiYWNrMSIsICJ1c2VyaW5mbyI6IHsiY2xhaW1zIjogeyJuYW1lIjogbnVsbH19LCAiY2xpZW50X2lkIjogIkAhMTExMSEwMDA4IUU2NTQuQjQ2MCIsICJzY29wZSI6IFsib3BlbmlkIl0sICJyZXNwb25zZV90eXBlIjogWyJjb2RlIl19"; OxAuthCryptoProvider cryptoProvider = new OxAuthCryptoProvider(keyStoreFile, keyStoreSecret, dnName); String encodedSignature = cryptoProvider.sign(signingInput, keyId, null, SignatureAlgorithm.ES256); System.out.println("Encoded Signature: " + encodedSignature); boolean signatureVerified = cryptoProvider.verifySignature( signingInput, encodedSignature, keyId, jwkResponse.getJwks().toJSONObject(), null, SignatureAlgorithm.ES256); assertTrue(signatureVerified, "Invalid signature"); } catch (Exception e) { fail(e.getMessage(), e); } }
@Test public void requestJwks() throws Exception { showTitle("requestJwks"); JwkClient jwkClient = new JwkClient(jwksUri); JwkResponse response = jwkClient.exec(); showClient(jwkClient); assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity()); assertNotNull(response.getEntity(), "Unexpected result: entity is null"); assertNotNull(response.getJwks(), "Unexpected result: jwks is null"); assertNotNull(response.getJwks().getKeys(), "Unexpected result: keys is null"); assertTrue(response.getJwks().getKeys().size() > 0, "Unexpected result: keys is empty"); for (JSONWebKey JSONWebKey : response.getJwks().getKeys()) { assertNotNull(JSONWebKey.getKid(), "Unexpected result: kid is null"); assertNotNull(JSONWebKey.getUse(), "Unexpected result: use is null"); } }
@Parameters({"clientJwksUri"}) @Test public void requestClientJwks(final String clientJwksUri) throws Exception { showTitle("requestJwks"); JwkClient jwkClient = new JwkClient(clientJwksUri); JwkResponse response = jwkClient.exec(); showClient(jwkClient); assertEquals(response.getStatus(), 200, "Unexpected response code: " + response.getEntity()); assertNotNull(response.getEntity(), "Unexpected result: entity is null"); assertNotNull(response.getJwks(), "Unexpected result: jwks is null"); assertNotNull(response.getJwks().getKeys(), "Unexpected result: keys is null"); assertTrue(response.getJwks().getKeys().size() > 0, "Unexpected result: keys is empty"); for (JSONWebKey JSONWebKey : response.getJwks().getKeys()) { assertNotNull(JSONWebKey.getKid(), "Unexpected result: kid is null"); assertNotNull(JSONWebKey.getUse(), "Unexpected result: use is null"); } } }
JwkResponse jwkResponse = jwkClient.exec();
String keyId = jwt.getHeader().getClaimAsString(JwtHeaderName.KEY_ID); JwkClient jwkClient = new JwkClient(jwksUri); JwkResponse jwkResponse = jwkClient.exec();
String keyId = jwt.getHeader().getClaimAsString(JwtHeaderName.KEY_ID); JwkClient jwkClient = new JwkClient(jwksUri); JwkResponse jwkResponse = jwkClient.exec();
String keyId = jwt.getHeader().getClaimAsString(JwtHeaderName.KEY_ID); JwkClient jwkClient = new JwkClient(jwksUri); JwkResponse jwkResponse = jwkClient.exec();
String keyId = jwt.getHeader().getClaimAsString(JwtHeaderName.KEY_ID); JwkClient jwkClient = new JwkClient(jwksUri); JwkResponse jwkResponse = jwkClient.exec();
String keyId = jwt.getHeader().getClaimAsString(JwtHeaderName.KEY_ID); JwkClient jwkClient = new JwkClient(jwksUri); JwkResponse jwkResponse = jwkClient.exec();
String keyId = jwt.getHeader().getClaimAsString(JwtHeaderName.KEY_ID); JwkClient jwkClient = new JwkClient(jwksUri); JwkResponse jwkResponse = jwkClient.exec();
JwkResponse jwkResponse = jwkClient.exec(); String serverKeyId = jwkResponse.getKeyId(SignatureAlgorithm.RS256); assertNotNull(serverKeyId);
JwkResponse jwkResponse = jwkClient.exec(); String keyId = jwkResponse.getKeyId(SignatureAlgorithm.RS256); assertNotNull(keyId);
JwkResponse jwkResponse = jwkClient.exec(); String keyId = jwkResponse.getKeyId(SignatureAlgorithm.RS256); assertNotNull(keyId);