Example usage for org.springframework.security.oauth2.provider.token.store.jwk JwkDefinitionSource JwkDefinitionSource

Introduction

In this page you can find the example usage for org.springframework.security.oauth2.provider.token.store.jwk JwkDefinitionSource JwkDefinitionSource.

Prototype

JwkDefinitionSource(List<String> jwkSetUrls)

Source Link

Document

Creates a new instance using the provided URLs as the location for the JWK Sets.

Usage

From source file:org.springframework.security.oauth2.provider.token.store.jwk.JwkDefinitionSourceITest.java

@Test
public void getDefinitionLoadIfNecessaryWhenMultipleUrlsThenBothUrlsAreLoaded() {
    this.server.enqueue(new MockResponse().setHeader(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON_VALUE)
            .setBody("{\n" + "    \"keys\": [\n" + "        {\n" + "            \"kid\": \"key-id-1\",\n"
                    + "            \"kty\": \"RSA\",\n" + "            \"alg\": \"RS256\",\n"
                    + "            \"use\": \"sig\",\n"
                    + "            \"n\": \"rne3dowbQHcFCzg2ejWb6az5QNxWFiv6kRpd34VDzYNMhWeewfeEL5Pf5clE8Xh1KlllrDYSxtnzUQm-t9p92yEBASfV96ydTYG-ITfxfJzKtJUN-iIS5K9WGYXnDNS4eYZ_ygW-zBU_9NwFMXdwSTzRqHeJmLJrfbmmjoIuuWyfh2Ko52KzyidceR5SJxGeW0ckeyWka1lDf4cr7fv-s093Y_sd2wrNvg0-9IAkXotbxWWXcfMgXFyw0qHFT_5LrKmiwkY3HCaiV5NgEFJmC6fBIG2EOZG4rqjBoYV6LZwrfTMHknaeel9MOZesW6SR2bswtuuWN3DGq2zg0KamLw\",\n"
                    + "            \"e\": \"AQAB\"\n" + "        }\n" + "    ]\n" + "}\n"));
    this.server.enqueue(new MockResponse().setHeader(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON_VALUE)
            .setBody("{\n" + "    \"keys\": [\n" + "        {\n" + "            \"kid\": \"key-id-2\",\n"
                    + "            \"kty\": \"RSA\",\n" + "            \"alg\": \"RS256\",\n"
                    + "            \"use\": \"sig\",\n"
                    + "            \"n\": \"t6Q8PWSi1dkJj9hTP8hNYFlvadM7DflW9mWepOJhJ66w7nyoK1gPNqFMSQRyO125Gp-TEkodhWr0iujjHVx7BcV0llS4w5ACGgPrcAd6ZcSR0-Iqom-QFcNP8Sjg086MwoqQU_LYywlAGZ21WSdS_PERyGFiNnj3QQlO8Yns5jCtLCRwLHL0Pb1fEv45AuRIuUfVcPySBWYnDyGxvjYGDSM-AqWS9zIQ2ZilgT-GqUmipg0XOC0Cc20rgLe2ymLHjpHciCKVAbY5-L32-lSeZO-Os6U15_aXrk9Gw8cPUaX1_I8sLGuSiVdt3C_Fn2PZ3Z8i744FPFGGcG1qs2Wz-Q\",\n"
                    + "            \"e\": \"AQAB\"\n" + "        },\n" + "        {\n"
                    + "            \"kid\": \"key-id-3\",\n" + "            \"kty\": \"EC\",\n"
                    + "            \"alg\": \"ES256\",\n" + "            \"use\": \"sig\",\n"
                    + "            \"x\": \"IsxeG33-QlL2u-O38QKwAbw5tJTZ-jtMVSlzjNXhvys\",\n"
                    + "            \"y\": \"FPTFJF1M0sNRlOVZIH4e1DoZ_hdg1OvF6BlP2QHmSCg\",\n"
                    + "            \"crv\": \"P-256\"\n" + "        }\n" + "    ]\n" + "}\n"));
    this.source = new JwkDefinitionSource(Arrays.asList(serverUrl("/jwk1"), serverUrl("/jkw2")));

    String keyId1 = "key-id-1";
    String keyId2 = "key-id-2";
    String keyId3 = "key-id-3";
    JwkDefinition jwkDef1 = this.source.getDefinitionLoadIfNecessary(keyId1).getJwkDefinition();
    JwkDefinition jwkDef2 = this.source.getDefinitionLoadIfNecessary(keyId2).getJwkDefinition();
    JwkDefinition jwkDef3 = this.source.getDefinitionLoadIfNecessary(keyId3).getJwkDefinition();

    assertEquals(jwkDef1.getKeyId(), keyId1);
    assertEquals(jwkDef1.getAlgorithm(), JwkDefinition.CryptoAlgorithm.RS256);
    assertEquals(jwkDef1.getPublicKeyUse(), JwkDefinition.PublicKeyUse.SIG);
    assertEquals(jwkDef1.getKeyType(), JwkDefinition.KeyType.RSA);

    assertEquals(jwkDef2.getKeyId(), keyId2);
    assertEquals(jwkDef2.getAlgorithm(), JwkDefinition.CryptoAlgorithm.RS256);
    assertEquals(jwkDef2.getPublicKeyUse(), JwkDefinition.PublicKeyUse.SIG);
    assertEquals(jwkDef2.getKeyType(), JwkDefinition.KeyType.RSA);

    assertEquals(jwkDef3.getKeyId(), keyId3);
    assertEquals(jwkDef3.getAlgorithm(), JwkDefinition.CryptoAlgorithm.ES256);
    assertEquals(jwkDef3.getPublicKeyUse(), JwkDefinition.PublicKeyUse.SIG);
    assertEquals(jwkDef3.getKeyType(), JwkDefinition.KeyType.EC);
}

From source file:org.springframework.security.oauth2.provider.token.store.jwk.JwkDefinitionSourceTest.java

@Test(expected = IllegalArgumentException.class)
public void constructorWhenInvalidJwkSetUrlThenThrowIllegalArgumentException() throws Exception {
    new JwkDefinitionSource(DEFAULT_JWK_SET_URL.substring(1));
}

From source file:org.springframework.security.oauth2.provider.token.store.jwk.JwkDefinitionSourceTest.java

@Test
public void getDefinitionLoadIfNecessaryWhenKeyIdNotFoundThenLoadJwkDefinitions() throws Exception {
    JwkDefinitionSource jwkDefinitionSource = spy(new JwkDefinitionSource(DEFAULT_JWK_SET_URL));
    mockStatic(JwkDefinitionSource.class);
    when(JwkDefinitionSource.loadJwkDefinitions(any(URL.class)))
            .thenReturn(Collections.<String, JwkDefinitionSource.JwkDefinitionHolder>emptyMap());
    jwkDefinitionSource.getDefinitionLoadIfNecessary("invalid-key-id");
    verifyStatic();/* ww  w.j a v  a2 s.  co m*/
}

From source file:org.springframework.security.oauth2.provider.token.store.jwk.JwkDefinitionSourceTest.java

@Test
public void getVerifierWhenModulusMostSignificantBitIs1ThenVerifierStillVerifyContentSignature()
        throws Exception {
    String jwkSetUrl = JwkDefinitionSourceTest.class.getResource("jwk-set.json").toString();
    JwkDefinitionSource jwkDefinitionSource = new JwkDefinitionSource(jwkSetUrl);
    SignatureVerifier verifier = jwkDefinitionSource.getVerifier("_Ci3-VfV_N0YAG22NQOgOUpFBDDcDe_rJxpu5JK702o");
    String token = this.readToken("token.jwt");
    int secondPeriodIndex = token.indexOf('.', token.indexOf('.') + 1);
    String contentString = token.substring(0, secondPeriodIndex);
    byte[] content = contentString.getBytes(Charsets.UTF_8);
    String signatureString = token.substring(secondPeriodIndex + 1);
    byte[] signature = Codecs.b64UrlDecode(signatureString);
    verifier.verify(content, signature);
}