@Override public String verifyLogoutParameter(String parameter) { String[] parts = parameter.split("\\."); if (parts.length != 2) { throw new IllegalArgumentException(parameter); } try { String localSessionId = ByteIterator.ofBytes(parts[0].getBytes(StandardCharsets.UTF_8)).asUtf8String().drainToString(); Signature signature = Signature.getInstance(DEFAULT_SIGNATURE_ALGORITHM); signature.initVerify(this.keyPair.getPublic()); signature.update(localSessionId.getBytes(StandardCharsets.UTF_8)); Base64.Decoder urlDecoder = Base64.getUrlDecoder(); if (!ByteIterator.ofBytes(urlDecoder.decode(parts[1].getBytes(StandardCharsets.UTF_8))).verify(signature)) { throw log.httpMechSsoInvalidLogoutMessage(localSessionId); } return localSessionId; } catch (NoSuchAlgorithmException | InvalidKeyException e) { throw new IllegalStateException(e); } catch (SignatureException e) { throw new IllegalArgumentException(parameter, e); } }
private boolean verifySignature(String encodedHeader, String encodedClaims, String encodedSignature) throws RealmUnavailableException { if (defaultPublicKey == null && jwkManager == null && namedKeys.isEmpty()) { return true; } try { Base64.Decoder urlDecoder = Base64.getUrlDecoder(); byte[] decodedSignature = urlDecoder.decode(encodedSignature); Signature signature = createSignature(encodedHeader, encodedClaims); boolean verify = signature != null ? ByteIterator.ofBytes(decodedSignature).verify(signature) : false; if (!verify) { log.debug("Signature verification failed"); } return verify; } catch (Exception cause) { throw log.tokenRealmJwtSignatureCheckFailed(cause); } }
@Override public String verifyLogoutParameter(String parameter) { String[] parts = parameter.split("\\."); if (parts.length != 2) { throw new IllegalArgumentException(parameter); } try { String localSessionId = ByteIterator.ofBytes(parts[0].getBytes(StandardCharsets.UTF_8)).asUtf8String().drainToString(); Signature signature = Signature.getInstance(DEFAULT_SIGNATURE_ALGORITHM); signature.initVerify(this.keyPair.getPublic()); signature.update(localSessionId.getBytes(StandardCharsets.UTF_8)); Base64.Decoder urlDecoder = Base64.getUrlDecoder(); if (!ByteIterator.ofBytes(urlDecoder.decode(parts[1].getBytes(StandardCharsets.UTF_8))).verify(signature)) { throw log.httpMechSsoInvalidLogoutMessage(localSessionId); } return localSessionId; } catch (NoSuchAlgorithmException | InvalidKeyException e) { throw new IllegalStateException(e); } catch (SignatureException e) { throw new IllegalArgumentException(parameter, e); } }
@Override public String verifyLogoutParameter(String parameter) { String[] parts = parameter.split("\\."); if (parts.length != 2) { throw new IllegalArgumentException(parameter); } try { String localSessionId = ByteIterator.ofBytes(parts[0].getBytes(StandardCharsets.UTF_8)).asUtf8String().drainToString(); Signature signature = Signature.getInstance(DEFAULT_SIGNATURE_ALGORITHM); signature.initVerify(this.keyPair.getPublic()); signature.update(localSessionId.getBytes(StandardCharsets.UTF_8)); Base64.Decoder urlDecoder = Base64.getUrlDecoder(); if (!ByteIterator.ofBytes(urlDecoder.decode(parts[1].getBytes(StandardCharsets.UTF_8))).verify(signature)) { throw log.httpMechSsoInvalidLogoutMessage(localSessionId); } return localSessionId; } catch (NoSuchAlgorithmException | InvalidKeyException e) { throw new IllegalStateException(e); } catch (SignatureException e) { throw new IllegalArgumentException(parameter, e); } }
@Override public String verifyLogoutParameter(String parameter) { String[] parts = parameter.split("\\."); if (parts.length != 2) { throw new IllegalArgumentException(parameter); } try { String localSessionId = ByteIterator.ofBytes(parts[0].getBytes(StandardCharsets.UTF_8)).asUtf8String().drainToString(); Signature signature = Signature.getInstance(DEFAULT_SIGNATURE_ALGORITHM); signature.initVerify(this.keyPair.getPublic()); signature.update(localSessionId.getBytes(StandardCharsets.UTF_8)); Base64.Decoder urlDecoder = Base64.getUrlDecoder(); if (!ByteIterator.ofBytes(urlDecoder.decode(parts[1].getBytes(StandardCharsets.UTF_8))).verify(signature)) { throw log.httpMechSsoInvalidLogoutMessage(localSessionId); } return localSessionId; } catch (NoSuchAlgorithmException | InvalidKeyException e) { throw new IllegalStateException(e); } catch (SignatureException e) { throw new IllegalArgumentException(parameter, e); } }
private boolean verifySignature(String encodedHeader, String encodedClaims, String encodedSignature) throws RealmUnavailableException { if (defaultPublicKey == null && jwkManager == null && namedKeys.isEmpty()) { return true; } try { Base64.Decoder urlDecoder = Base64.getUrlDecoder(); byte[] decodedSignature = urlDecoder.decode(encodedSignature); Signature signature = createSignature(encodedHeader, encodedClaims); boolean verify = signature != null ? ByteIterator.ofBytes(decodedSignature).verify(signature) : false; if (!verify) { log.debug("Signature verification failed"); } return verify; } catch (Exception cause) { throw log.tokenRealmJwtSignatureCheckFailed(cause); } }
private boolean verifySignature(String encodedHeader, String encodedClaims, String encodedSignature) throws RealmUnavailableException { if (defaultPublicKey == null && jwkManager == null && namedKeys.isEmpty()) { return true; } try { Base64.Decoder urlDecoder = Base64.getUrlDecoder(); byte[] decodedSignature = urlDecoder.decode(encodedSignature); Signature signature = createSignature(encodedHeader, encodedClaims); boolean verify = signature != null ? ByteIterator.ofBytes(decodedSignature).verify(signature) : false; if (!verify) { log.debug("Signature verification failed"); } return verify; } catch (Exception cause) { throw log.tokenRealmJwtSignatureCheckFailed(cause); } }
private boolean verifySignature(String encodedHeader, String encodedClaims, String encodedSignature) throws RealmUnavailableException { if (publicKey == null) { return true; } try { Base64.Decoder urlDecoder = Base64.getUrlDecoder(); byte[] decodedSignature = urlDecoder.decode(encodedSignature); boolean verify = ByteIterator.ofBytes(decodedSignature).verify(createSignature(encodedHeader, encodedClaims)); if (!verify) { log.debug("Signature verification failed"); } return verify; } catch (Exception cause) { throw log.tokenRealmJwtSignatureCheckFailed(cause); } }