List of usage examples for org.springframework.security.jwt.crypto.sign MacSigner MacSigner
public MacSigner(SecretKey key)
From source file:org.springframework.security.jwt.filter.DefaultJwtTokenService.java
public DefaultJwtTokenService(String secret) { Assert.notNull(secret, "secret must not be null"); this.secret = secret; this.signerVerifier = new MacSigner(secret); }
From source file:org.cloudfoundry.identity.uaa.oauth.token.SignerProvider.java
public SignatureVerifier getVerifier() { if (isAssymetricKey(signingKey)) { return new RsaVerifier(verifierKey); } else {//from w w w.j a v a 2 s. com return new MacSigner(verifierKey); } }
From source file:org.cloudfoundry.identity.uaa.oauth.JwtTokenEnhancer.java
/** * Sets the JWT signing key. It can be either a simple MAC key or an RSA key. RSA keys should be in OpenSSH format, * as produced by <tt>ssh-keygen</tt>. * /*from w w w . ja v a 2 s .co m*/ * @param key the key to be used for signing JWTs. */ public void setSigningKey(String key) { Assert.hasText(key); key = key.trim(); this.signingKey = key; if (key.startsWith("-----BEGIN")) { signer = new RsaSigner(key); logger.info("Configured with RSA signing key"); } else { // Assume it's an HMAC key verifierKey = key; signer = new MacSigner(key); } }
From source file:org.cloudfoundry.identity.uaa.oauth.SignerProvider.java
/** * Sets the JWT signing key and corresponding key for verifying siugnatures produced by this class. * * The signing key can be either a simple MAC key or an RSA * key. RSA keys should be in OpenSSH format, * as produced by <tt>ssh-keygen</tt>. * * @param signingKey the key to be used for signing JWTs. *///from w w w . j a va 2 s . com public void setSigningKey(String signingKey) { Assert.hasText(signingKey); signingKey = signingKey.trim(); this.signingKey = signingKey; if (isAssymetricKey(signingKey)) { KeyPair keyPair = parseKeyPair(signingKey); signer = new RsaSigner(signingKey); pemEncodePublicKey(keyPair); logger.debug("Configured with RSA signing key"); try { verifier = new RsaVerifier(verifierKey); } catch (Exception e) { throw new RuntimeException("Unable to create an RSA verifier from verifierKey", e); } byte[] test = "test".getBytes(); try { verifier.verify(test, signer.sign(test)); logger.debug("Signing and verification RSA keys match"); } catch (InvalidSignatureException e) { throw new RuntimeException("Signing and verification RSA keys do not match", e); } type = "RSA"; } else { // Assume it's an HMAC key this.verifierKey = signingKey; MacSigner macSigner = new MacSigner(signingKey); signer = macSigner; verifier = macSigner; Assert.state(this.verifierKey == null || this.signingKey == this.verifierKey, "For MAC signing you do not need to specify the verifier key separately, and if you do it must match the signing key"); type = "MAC"; } }
From source file:org.cloudfoundry.identity.uaa.oauth.token.SignerProvider.java
/** * Sets the JWT signing key. It can be either a simple MAC key or an RSA * key. RSA keys should be in OpenSSH format, * as produced by <tt>ssh-keygen</tt>. * // w ww .jav a 2 s.c o m * @param key the key to be used for signing JWTs. */ public void setSigningKey(String key) { Assert.hasText(key); key = key.trim(); this.signingKey = key; if (isAssymetricKey(key)) { signer = new RsaSigner(key); logger.debug("Configured with RSA signing key"); } else { // Assume it's an HMAC key this.verifierKey = key; signer = new MacSigner(key); } }
From source file:org.springframework.security.oauth2.provider.token.JwtTokenEnhancer.java
/** * Sets the JWT signing key. It can be either a simple MAC key or an RSA key. RSA keys should be in OpenSSH format, * as produced by <tt>ssh-keygen</tt>. * //from ww w . j ava 2s. c om * @param key the key to be used for signing JWTs. */ public void setSigningKey(String key) { Assert.hasText(key); key = key.trim(); this.signingKey = key; if (isPublic(key)) { signer = new RsaSigner(key); logger.info("Configured with RSA signing key"); } else { // Assume it's a MAC key this.verifierKey = key; signer = new MacSigner(key); } }
From source file:org.springframework.security.oauth2.provider.token.JwtTokenEnhancer.java
public void afterPropertiesSet() throws Exception { // Check the signing and verification keys match if (signer instanceof RsaSigner) { RsaVerifier verifier;/*from w ww . j a va 2 s. c om*/ try { verifier = new RsaVerifier(verifierKey); } catch (Exception e) { logger.warn("Unable to create an RSA verifier from verifierKey"); return; } byte[] test = "test".getBytes(); try { verifier.verify(test, signer.sign(test)); logger.info("Signing and verification RSA keys match"); } catch (InvalidSignatureException e) { logger.error("Signing and verification RSA keys do not match"); } } else { // Avoid a race condition where Assert.state(this.signingKey == this.verifierKey, "For MAC signing you do not need to specify the verifier key separately, and if you do it must match the signing key"); } SignatureVerifier verifier = new MacSigner(verifierKey); try { verifier = new RsaVerifier(verifierKey); } catch (Exception e) { logger.warn("Unable to create an RSA verifier from verifierKey"); } this.verifier = verifier; }
From source file:org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter.java
public void afterPropertiesSet() throws Exception { // Check the signing and verification keys match if (signer instanceof RsaSigner) { RsaVerifier verifier;/*from w w w . j ava 2 s.c o m*/ try { verifier = new RsaVerifier(verifierKey); } catch (Exception e) { logger.warn("Unable to create an RSA verifier from verifierKey"); return; } byte[] test = "test".getBytes(); try { verifier.verify(test, signer.sign(test)); logger.info("Signing and verification RSA keys match"); } catch (InvalidSignatureException e) { logger.error("Signing and verification RSA keys do not match"); } } else { // Avoid a race condition where setters are called in the wrong order. Use of == is intentional. Assert.state(this.signingKey == this.verifierKey, "For MAC signing you do not need to specify the verifier key separately, and if you do it must match the signing key"); } SignatureVerifier verifier = new MacSigner(verifierKey); try { verifier = new RsaVerifier(verifierKey); } catch (Exception e) { logger.warn("Unable to create an RSA verifier from verifierKey"); } this.verifier = verifier; }