Java Code Examples for org.apache.cxf.rs.security.jose.jwe.JweUtils#loadDecryptionProvider()
The following examples show how to use
org.apache.cxf.rs.security.jose.jwe.JweUtils#loadDecryptionProvider() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: DefaultJoseImpl.java From thorntail with Apache License 2.0 | 6 votes |
|
private JweDecryptionProvider getDecryptionProvider(Properties props, JweHeaders headers) {
if (config.acceptEncryptionAlias()) {
props.setProperty(JoseConstants.RSSEC_KEY_STORE_ALIAS, headers.getKeyId());
}
if (isInlinedJwkSetAvailable()) {
if (KeyAlgorithm.DIRECT == KeyAlgorithm.getAlgorithm(config.keyEncryptionAlgorithm())) {
return JweUtils.getDirectKeyJweDecryption(loadJsonWebKey(encryptionKeyAlias()));
} else {
return JweUtils.createJweDecryptionProvider(loadJsonWebKey(encryptionKeyAlias()),
ContentAlgorithm.getAlgorithm(config.contentEncryptionAlgorithm()));
}
} else {
return JweUtils.loadDecryptionProvider(props, headers);
}
}
Example 2
| Source File: JWTTokenProviderTest.java From cxf with Apache License 2.0 | 4 votes |
|
@org.junit.Test
public void testCreateUnsignedEncryptedJWT() throws Exception {
TokenProvider jwtTokenProvider = new JWTTokenProvider();
((JWTTokenProvider)jwtTokenProvider).setSignToken(false);
TokenProviderParameters providerParameters = createProviderParameters();
providerParameters.setEncryptToken(true);
assertTrue(jwtTokenProvider.canHandleToken(JWTTokenProvider.JWT_TOKEN_TYPE));
TokenProviderResponse providerResponse = jwtTokenProvider.createToken(providerParameters);
assertNotNull(providerResponse);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
String token = (String)providerResponse.getToken();
assertNotNull(token);
assertTrue(token.split("\\.").length == 5);
if (unrestrictedPoliciesInstalled) {
// Validate the token
JweJwtCompactConsumer jwtConsumer = new JweJwtCompactConsumer(token);
Properties decProperties = new Properties();
Crypto decryptionCrypto = CryptoFactory.getInstance(getDecryptionProperties());
KeyStore keystore = ((Merlin)decryptionCrypto).getKeyStore();
decProperties.put(JoseConstants.RSSEC_KEY_STORE, keystore);
decProperties.put(JoseConstants.RSSEC_KEY_STORE_ALIAS, "myservicekey");
decProperties.put(JoseConstants.RSSEC_KEY_PSWD, "skpass");
JweDecryptionProvider decProvider =
JweUtils.loadDecryptionProvider(decProperties, jwtConsumer.getHeaders());
JweDecryptionOutput decOutput = decProvider.decrypt(token);
String decToken = decOutput.getContentText();
JwsJwtCompactConsumer jwtJwsConsumer = new JwsJwtCompactConsumer(decToken);
JwtToken jwt = jwtJwsConsumer.getJwtToken();
Assert.assertEquals("alice", jwt.getClaim(JwtConstants.CLAIM_SUBJECT));
Assert.assertEquals(providerResponse.getTokenId(), jwt.getClaim(JwtConstants.CLAIM_JWT_ID));
Assert.assertEquals(providerResponse.getCreated().getEpochSecond(),
jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT));
Assert.assertEquals(providerResponse.getExpires().getEpochSecond(),
jwt.getClaim(JwtConstants.CLAIM_EXPIRY));
}
}
Example 3
| Source File: JWTTokenProviderTest.java From cxf with Apache License 2.0 | 4 votes |
|
@org.junit.Test
public void testCreateUnsignedEncryptedCBCJWT() throws Exception {
try {
Security.addProvider(new BouncyCastleProvider());
TokenProvider jwtTokenProvider = new JWTTokenProvider();
((JWTTokenProvider)jwtTokenProvider).setSignToken(false);
TokenProviderParameters providerParameters = createProviderParameters();
providerParameters.setEncryptToken(true);
providerParameters.getEncryptionProperties().setEncryptionAlgorithm(
ContentAlgorithm.A128CBC_HS256.name()
);
assertTrue(jwtTokenProvider.canHandleToken(JWTTokenProvider.JWT_TOKEN_TYPE));
TokenProviderResponse providerResponse = jwtTokenProvider.createToken(providerParameters);
assertNotNull(providerResponse);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
String token = (String)providerResponse.getToken();
assertNotNull(token);
assertTrue(token.split("\\.").length == 5);
if (unrestrictedPoliciesInstalled) {
// Validate the token
JweJwtCompactConsumer jwtConsumer = new JweJwtCompactConsumer(token);
Properties decProperties = new Properties();
Crypto decryptionCrypto = CryptoFactory.getInstance(getDecryptionProperties());
KeyStore keystore = ((Merlin)decryptionCrypto).getKeyStore();
decProperties.put(JoseConstants.RSSEC_KEY_STORE, keystore);
decProperties.put(JoseConstants.RSSEC_KEY_STORE_ALIAS, "myservicekey");
decProperties.put(JoseConstants.RSSEC_KEY_PSWD, "skpass");
decProperties.put(JoseConstants.RSSEC_ENCRYPTION_CONTENT_ALGORITHM,
ContentAlgorithm.A128CBC_HS256.name());
JweDecryptionProvider decProvider =
JweUtils.loadDecryptionProvider(decProperties, jwtConsumer.getHeaders());
JweDecryptionOutput decOutput = decProvider.decrypt(token);
String decToken = decOutput.getContentText();
JwsJwtCompactConsumer jwtJwsConsumer = new JwsJwtCompactConsumer(decToken);
JwtToken jwt = jwtJwsConsumer.getJwtToken();
Assert.assertEquals("alice", jwt.getClaim(JwtConstants.CLAIM_SUBJECT));
Assert.assertEquals(providerResponse.getTokenId(), jwt.getClaim(JwtConstants.CLAIM_JWT_ID));
Assert.assertEquals(providerResponse.getCreated().getEpochSecond(),
jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT));
Assert.assertEquals(providerResponse.getExpires().getEpochSecond(),
jwt.getClaim(JwtConstants.CLAIM_EXPIRY));
}
} finally {
Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME);
}
}
Example 4
| Source File: JWTTokenProviderTest.java From cxf with Apache License 2.0 | 4 votes |
|
@org.junit.Test
public void testCreateSignedEncryptedJWT() throws Exception {
TokenProvider jwtTokenProvider = new JWTTokenProvider();
TokenProviderParameters providerParameters = createProviderParameters();
providerParameters.setEncryptToken(true);
assertTrue(jwtTokenProvider.canHandleToken(JWTTokenProvider.JWT_TOKEN_TYPE));
TokenProviderResponse providerResponse = jwtTokenProvider.createToken(providerParameters);
assertNotNull(providerResponse);
assertTrue(providerResponse.getToken() != null && providerResponse.getTokenId() != null);
String token = (String)providerResponse.getToken();
assertNotNull(token);
assertTrue(token.split("\\.").length == 5);
if (unrestrictedPoliciesInstalled) {
// Validate the token
JweJwtCompactConsumer jwtConsumer = new JweJwtCompactConsumer(token);
Properties decProperties = new Properties();
Crypto decryptionCrypto = CryptoFactory.getInstance(getDecryptionProperties());
KeyStore keystore = ((Merlin)decryptionCrypto).getKeyStore();
decProperties.put(JoseConstants.RSSEC_KEY_STORE, keystore);
decProperties.put(JoseConstants.RSSEC_KEY_STORE_ALIAS, "myservicekey");
decProperties.put(JoseConstants.RSSEC_KEY_PSWD, "skpass");
JweDecryptionProvider decProvider =
JweUtils.loadDecryptionProvider(decProperties, jwtConsumer.getHeaders());
JweDecryptionOutput decOutput = decProvider.decrypt(token);
String decToken = decOutput.getContentText();
JwsJwtCompactConsumer jwtJwsConsumer = new JwsJwtCompactConsumer(decToken);
JwtToken jwt = jwtJwsConsumer.getJwtToken();
Assert.assertEquals("alice", jwt.getClaim(JwtConstants.CLAIM_SUBJECT));
Assert.assertEquals(providerResponse.getTokenId(), jwt.getClaim(JwtConstants.CLAIM_JWT_ID));
Assert.assertEquals(providerResponse.getCreated().getEpochSecond(),
jwt.getClaim(JwtConstants.CLAIM_ISSUED_AT));
Assert.assertEquals(providerResponse.getExpires().getEpochSecond(),
jwt.getClaim(JwtConstants.CLAIM_EXPIRY));
}
}
Example 5
| Source File: JoseClientCodeStateManager.java From cxf with Apache License 2.0 | 4 votes |
|
protected JweDecryptionProvider getInitializedDecryptionProvider() {
if (decryptionProvider != null) {
return decryptionProvider;
}
return JweUtils.loadDecryptionProvider(false);
}
Example 6
| Source File: JoseSessionTokenProvider.java From cxf with Apache License 2.0 | 4 votes |
|
protected JweDecryptionProvider getInitializedDecryptionProvider() {
if (jweDecryptor != null) {
return jweDecryptor;
}
return JweUtils.loadDecryptionProvider(jweRequired);
}
Example 7
| Source File: AbstractJweJsonDecryptingFilter.java From cxf with Apache License 2.0 | 4 votes |
|
protected JweDecryptionProvider getInitializedDecryptionProvider(JweHeaders headers) {
if (decryption != null) {
return decryption;
}
return JweUtils.loadDecryptionProvider(headers, true);
}
Example 8
| Source File: AbstractJweDecryptingFilter.java From cxf with Apache License 2.0 | 4 votes |
|
protected JweDecryptionProvider getInitializedDecryptionProvider(JweHeaders headers) {
if (decryption != null) {
return decryption;
}
return JweUtils.loadDecryptionProvider(headers, true);
}
Example 9
| Source File: AbstractJoseConsumer.java From cxf with Apache License 2.0 | 4 votes |
|
protected JweDecryptionProvider getInitializedDecryptionProvider(JweHeaders jweHeaders) {
if (jweDecryptor != null) {
return jweDecryptor;
}
return JweUtils.loadDecryptionProvider(jweHeaders, false);
}
