Repository: cxf Updated Branches: refs/heads/master e545379cd -> e92477bc8
http://git-wip-us.apache.org/repos/asf/cxf/blob/e92477bc/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/JwtRequestCodeGrant.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/JwtRequestCodeGrant.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/JwtRequestCodeGrant.java index 7fb8e1a..8f95506 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/JwtRequestCodeGrant.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/JwtRequestCodeGrant.java @@ -25,7 +25,8 @@ import javax.ws.rs.core.MultivaluedMap; import org.apache.cxf.common.util.StringUtils; import org.apache.cxf.jaxrs.impl.MetadataMap; -import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils; +import org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm; +import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm; import org.apache.cxf.rs.security.jose.jwe.JweEncryptionProvider; import org.apache.cxf.rs.security.jose.jwe.JweUtils; import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactProducer; @@ -78,7 +79,7 @@ public class JwtRequestCodeGrant extends AuthorizationCodeGrant { } if (signWithClientSecret) { byte[] hmac = CryptoUtils.decodeSequence(clientSecret); - return JwsUtils.getHmacSignatureProvider(hmac, AlgorithmUtils.HMAC_SHA_256_ALGO); + return JwsUtils.getHmacSignatureProvider(hmac, SignatureAlgorithm.HS256); } else { return JwsUtils.loadSignatureProvider(true); } @@ -113,7 +114,7 @@ public class JwtRequestCodeGrant extends AuthorizationCodeGrant { } if (encryptWithClientSecret) { SecretKey key = CryptoUtils.decodeSecretKey(clientSecret); - return JweUtils.getDirectKeyJweEncryption(key, AlgorithmUtils.A128GCM_ALGO); + return JweUtils.getDirectKeyJweEncryption(key, ContentAlgorithm.A128GCM); } else { return JweUtils.loadEncryptionProvider(false); } http://git-wip-us.apache.org/repos/asf/cxf/blob/e92477bc/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/jwt/JwtAccessTokenUtils.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/jwt/JwtAccessTokenUtils.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/jwt/JwtAccessTokenUtils.java index 03bf726..1a28191 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/jwt/JwtAccessTokenUtils.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/jwt/JwtAccessTokenUtils.java @@ -24,8 +24,8 @@ import java.security.interfaces.RSAPublicKey; import javax.crypto.SecretKey; import org.apache.cxf.common.util.StringUtils; -import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils; import org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm; +import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm; import org.apache.cxf.rs.security.jose.jwe.JweDecryption; import org.apache.cxf.rs.security.jose.jwe.JweDecryptionProvider; import org.apache.cxf.rs.security.jose.jwe.JweEncryptionProvider; @@ -51,7 +51,7 @@ public final class JwtAccessTokenUtils { Client client, SecretKey key) { JweEncryptionProvider jweEncryption = - JweUtils.getDirectKeyJweEncryption(key, ContentAlgorithm.A128GCM.getJwaName()); + JweUtils.getDirectKeyJweEncryption(key, ContentAlgorithm.A128GCM); return encryptToAccessToken(jwt, client, jweEncryption); } @@ -75,7 +75,7 @@ public final class JwtAccessTokenUtils { return new BearerAccessToken(client, tokenId, issuedAt, expiresIn); } public static JwtToken decryptFromfromAccessToken(String tokenId, SecretKey key) { - JweDecryption jweDecryption = JweUtils.getDirectKeyJweDecryption(key, ContentAlgorithm.A128GCM.getJwaName()); + JweDecryption jweDecryption = JweUtils.getDirectKeyJweDecryption(key, ContentAlgorithm.A128GCM); return decryptFromAccessToken(tokenId, jweDecryption); } public static JwtToken decryptFromAccessToken(String tokenId, JweDecryptionProvider jweDecryption) { @@ -87,7 +87,7 @@ public final class JwtAccessTokenUtils { Client client, RSAPrivateKey key) { JwsSignatureProvider jws = - JwsUtils.getPrivateKeySignatureProvider(key, AlgorithmUtils.RS_SHA_256_ALGO); + JwsUtils.getPrivateKeySignatureProvider(key, SignatureAlgorithm.RS256); return signToAccessToken(jwt, client, jws); } @@ -98,7 +98,8 @@ public final class JwtAccessTokenUtils { return toAccessToken(jwt, client, jwtString); } public static JwtToken verifyAccessToken(String tokenId, RSAPublicKey key) { - JwsSignatureVerifier jws = JwsUtils.getPublicKeySignatureVerifier(key, AlgorithmUtils.RS_SHA_256_ALGO); + JwsSignatureVerifier jws = JwsUtils.getPublicKeySignatureVerifier(key, + SignatureAlgorithm.RS256); return verifyAccessToken(tokenId, jws); } public static JwtToken verifyAccessToken(String tokenId, JwsSignatureVerifier jws) { http://git-wip-us.apache.org/repos/asf/cxf/blob/e92477bc/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/AbstractJwsJweProducer.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/AbstractJwsJweProducer.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/AbstractJwsJweProducer.java index d6f0b68..d8c760a 100644 --- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/AbstractJwsJweProducer.java +++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/AbstractJwsJweProducer.java @@ -23,7 +23,9 @@ import java.security.interfaces.RSAPublicKey; import javax.crypto.SecretKey; -import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils; +import org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm; +import org.apache.cxf.rs.security.jose.jwa.KeyAlgorithm; +import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm; import org.apache.cxf.rs.security.jose.jwe.JweEncryptionProvider; import org.apache.cxf.rs.security.jose.jwe.JweUtils; import org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider; @@ -48,7 +50,7 @@ public abstract class AbstractJwsJweProducer { if (signWithClientSecret) { byte[] hmac = CryptoUtils.decodeSequence(c.getClientSecret()); - return JwsUtils.getHmacSignatureProvider(hmac, AlgorithmUtils.HMAC_SHA_256_ALGO); + return JwsUtils.getHmacSignatureProvider(hmac, SignatureAlgorithm.HS256); } else { return JwsUtils.loadSignatureProvider(required); } @@ -60,13 +62,13 @@ public abstract class AbstractJwsJweProducer { JweEncryptionProvider theEncryptionProvider = null; if (encryptWithClientSecret) { SecretKey key = CryptoUtils.decodeSecretKey(c.getClientSecret()); - theEncryptionProvider = JweUtils.getDirectKeyJweEncryption(key, AlgorithmUtils.A128GCM_ALGO); + theEncryptionProvider = JweUtils.getDirectKeyJweEncryption(key, ContentAlgorithm.A128GCM); } else if (encryptWithClientCertificates) { X509Certificate cert = (X509Certificate)CryptoUtils.decodeCertificate(c.getApplicationCertificates().get(0)); theEncryptionProvider = JweUtils.createJweEncryptionProvider((RSAPublicKey)cert.getPublicKey(), - AlgorithmUtils.RSA_OAEP_ALGO, - AlgorithmUtils.A128GCM_ALGO, + KeyAlgorithm.RSA_OAEP, + ContentAlgorithm.A128GCM, null); } if (theEncryptionProvider == null) {
