Repository: cxf Updated Branches: refs/heads/master 9fc26998d -> c5548689b
Minor updates to the JWE code Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/c5548689 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/c5548689 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/c5548689 Branch: refs/heads/master Commit: c5548689b61809d26b20db1d08331b6988f92734 Parents: 9fc2699 Author: Sergey Beryozkin <[email protected]> Authored: Wed Jun 17 17:45:08 2015 +0100 Committer: Sergey Beryozkin <[email protected]> Committed: Wed Jun 17 17:45:08 2015 +0100 ---------------------------------------------------------------------- .../jwe/AesGcmContentEncryptionAlgorithm.java | 3 ++ .../jose/jwe/DirectKeyDecryptionAlgorithm.java | 4 +++ .../jose/jwe/DirectKeyJweDecryption.java | 32 ++++++++++++++++++++ .../jose/jwe/DirectKeyJweEncryption.java | 27 +++++++++++++++++ .../provider/JoseSessionTokenProvider.java | 2 +- 5 files changed, 67 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/c5548689/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AesGcmContentEncryptionAlgorithm.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AesGcmContentEncryptionAlgorithm.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AesGcmContentEncryptionAlgorithm.java index 1c53a82..4f87829 100644 --- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AesGcmContentEncryptionAlgorithm.java +++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/AesGcmContentEncryptionAlgorithm.java @@ -33,6 +33,9 @@ public class AesGcmContentEncryptionAlgorithm extends AbstractContentEncryptionA public AesGcmContentEncryptionAlgorithm(String encodedCek, String encodedIv, ContentAlgorithm algo) { this((byte[])CryptoUtils.decodeSequence(encodedCek), CryptoUtils.decodeSequence(encodedIv), algo); } + public AesGcmContentEncryptionAlgorithm(String encodedCek, ContentAlgorithm algo) { + this((byte[])CryptoUtils.decodeSequence(encodedCek), null, algo); + } public AesGcmContentEncryptionAlgorithm(SecretKey key, byte[] iv, ContentAlgorithm algo) { this(key.getEncoded(), iv, algo); } http://git-wip-us.apache.org/repos/asf/cxf/blob/c5548689/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/DirectKeyDecryptionAlgorithm.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/DirectKeyDecryptionAlgorithm.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/DirectKeyDecryptionAlgorithm.java index 6bf953d..3f19e6a 100644 --- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/DirectKeyDecryptionAlgorithm.java +++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/DirectKeyDecryptionAlgorithm.java @@ -23,6 +23,7 @@ import java.util.logging.Logger; import org.apache.cxf.common.logging.LogUtils; import org.apache.cxf.rs.security.jose.jwa.KeyAlgorithm; +import org.apache.cxf.rt.security.crypto.CryptoUtils; public class DirectKeyDecryptionAlgorithm implements KeyDecryptionAlgorithm { private static final Logger LOG = LogUtils.getL7dLogger(DirectKeyDecryptionAlgorithm.class); @@ -30,6 +31,9 @@ public class DirectKeyDecryptionAlgorithm implements KeyDecryptionAlgorithm { public DirectKeyDecryptionAlgorithm(Key contentDecryptionKey) { this(contentDecryptionKey.getEncoded()); } + public DirectKeyDecryptionAlgorithm(String encodedContentDecryptionKey) { + this(CryptoUtils.decodeSequence(encodedContentDecryptionKey)); + } public DirectKeyDecryptionAlgorithm(byte[] contentDecryptionKey) { this.contentDecryptionKey = contentDecryptionKey; } http://git-wip-us.apache.org/repos/asf/cxf/blob/c5548689/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/DirectKeyJweDecryption.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/DirectKeyJweDecryption.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/DirectKeyJweDecryption.java new file mode 100644 index 0000000..afc6d8a --- /dev/null +++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/DirectKeyJweDecryption.java @@ -0,0 +1,32 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.cxf.rs.security.jose.jwe; + + + +public class DirectKeyJweDecryption extends JweDecryption { + public DirectKeyJweDecryption(String encodedKey, ContentDecryptionAlgorithm ctAlgo) { + super(new DirectKeyDecryptionAlgorithm(encodedKey), + ctAlgo); + } + public DirectKeyJweDecryption(byte[] key, ContentDecryptionAlgorithm ctAlgo) { + super(new DirectKeyDecryptionAlgorithm(key), + ctAlgo); + } +} http://git-wip-us.apache.org/repos/asf/cxf/blob/c5548689/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/DirectKeyJweEncryption.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/DirectKeyJweEncryption.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/DirectKeyJweEncryption.java new file mode 100644 index 0000000..3c83466 --- /dev/null +++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/DirectKeyJweEncryption.java @@ -0,0 +1,27 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.cxf.rs.security.jose.jwe; + + + +public class DirectKeyJweEncryption extends JweEncryption { + public DirectKeyJweEncryption(ContentEncryptionProvider contentEncryptionAlgo) { + super(new DirectKeyEncryptionAlgorithm(), contentEncryptionAlgo); + } +} http://git-wip-us.apache.org/repos/asf/cxf/blob/c5548689/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java index 91f9cf2..e9cf678 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java @@ -165,7 +165,7 @@ public class JoseSessionTokenProvider implements SessionAuthenticityTokenProvide state.append(ModelEncryptionSupport.SEP); // 5: redirect uri state.append(ModelEncryptionSupport.tokenizeString(secData.getRedirectUri())); - return null; + return state.toString(); } public void setMaxDefaultSessionInterval(int maxDefaultSessionInterval) {
