@Override protected ClientHttpRequest createRequest(URI url, HttpMethod method) throws IOException { ClientHttpRequest httpRequest = super.createRequest(url, method); httpRequest.getHeaders().add("Authorization", String.format("Basic %s", Base64.encode(String.format("%s:%s", clientId, clientSecret)) )); return httpRequest; } };
@Override public Resource retrieveResource(URL url) throws IOException { HttpHeaders headers = new HttpHeaders(); headers.setAccept(Collections.singletonList(MediaType.APPLICATION_JSON_UTF8)); ResponseEntity<String> response; try { RequestEntity<Void> request = new RequestEntity<>(headers, HttpMethod.GET, url.toURI()); response = this.restOperations.exchange(request, String.class); } catch (Exception ex) { throw new IOException(ex); } if (response.getStatusCodeValue() != 200) { throw new IOException(response.toString()); } return new Resource(response.getBody(), "UTF-8"); } }
@Override public JWTSigningAndValidationService load(String key) throws Exception { try { String id = "SYMMETRIC-KEY"; JWK jwk = new OctetSequenceKey.Builder(Base64URL.encode(key)) .keyUse(KeyUse.SIGNATURE) .keyID(id) .build(); Map<String, JWK> keys = ImmutableMap.of(id, jwk); JWTSigningAndValidationService service = new DefaultJWTSigningAndValidationService(keys); return service; } catch (NoSuchAlgorithmException | InvalidKeySpecException e) { logger.error("Couldn't create symmetric validator for client", e); } throw new IllegalArgumentException("Couldn't create symmetric validator for client"); }
/** * Base64URL-encodes the specified byte array. * * @param bytes The byte array to encode. Must not be {@code null}. * * @return The resulting Base64URL object. */ public static Base64URL encode(final byte[] bytes) { return new Base64URL(Base64Codec.encodeToString(bytes, true)); }
tokenValidator = new IDTokenValidator(oidcProviderMetadata.getIssuer(), clientId, preferredJwsAlgorithm, clientSecret); } else { final ResourceRetriever retriever = new DefaultResourceRetriever(oidcConnectTimeout, oidcReadTimeout); tokenValidator = new IDTokenValidator(oidcProviderMetadata.getIssuer(), clientId, preferredJwsAlgorithm, oidcProviderMetadata.getJWKSetURI().toURL(), retriever);
@Override public Resource retrieveResource(final URL url) throws IOException { final Resource ret = super.retrieveResource(url); return new Resource(ret.getContent().replace("{tenantid}", "%7Btenantid%7D"), ret.getContentType()); } }
/** * Base64URL-encodes the specified big integer, without the sign bit. * * @param bigInt The big integer to encode. Must not be {@code null}. * * @return The resulting Base64URL object. */ public static Base64URL encode(final BigInteger bigInt) { return encode(BigIntegerUtils.toBytesUnsigned(bigInt)); }
/** * Base64-encodes the specified byte array. * * @param bytes The byte array to encode. Must not be {@code null}. * * @return The resulting Base64 object. */ public static Base64 encode(final byte[] bytes) { return new Base64(Base64Codec.encodeToString(bytes, false)); }
/** * Base64-encodes the specified big integer, without the sign bit. * * @param bigInt The big integer to encode. Must not be {@code null}. * * @return The resulting Base64 object. */ public static Base64 encode(final BigInteger bigInt) { return encode(BigIntegerUtils.toBytesUnsigned(bigInt)); }
@Override public int size() { try { return ByteUtils.safeBitLength(k.decode()); } catch (IntegerOverflowException e) { throw new ArithmeticException(e.getMessage()); } }
/** * Encodes the specified data as {@code data.length || data}. * * @param data The data to encode, may be {@code null}. * * @return The encoded data. */ public static byte[] encodeDataWithLength(final byte[] data) { byte[] bytes = data != null ? data : new byte[0]; byte[] length = IntegerUtils.toBytes(bytes.length); return ByteUtils.concat(length, bytes); }
/** * Returns the specified X.509 certificate as PEM-encoded string. * * @param cert The X.509 certificate. Must not be {@code null}. * * @return The PEM-encoded X.509 certificate, {@code null} if encoding * failed. */ public static String toPEMString(final X509Certificate cert) { return toPEMString(cert, true); }
/** * Decodes this Base64 object to a byte array. * * @return The resulting byte array. */ public byte[] decode() { return Base64Codec.decode(value); }
/** * Encodes the specified integer data as a four byte array. * * @param data The integer data to encode. * * @return The encoded data. */ public static byte[] encodeIntData(final int data) { return IntegerUtils.toBytes(data); }
public static Base64URL getHash(JWSAlgorithm signingAlg, byte[] bytes) { //Switch based on the given signing algorithm - use SHA-xxx with the same 'xxx' bitnumber //as the JWSAlgorithm to hash the token. String hashAlg = null; if (signingAlg.equals(JWSAlgorithm.HS256) || signingAlg.equals(JWSAlgorithm.ES256) || signingAlg.equals(JWSAlgorithm.RS256) || signingAlg.equals(JWSAlgorithm.PS256)) { hashAlg = "SHA-256"; } else if (signingAlg.equals(JWSAlgorithm.ES384) || signingAlg.equals(JWSAlgorithm.HS384) || signingAlg.equals(JWSAlgorithm.RS384) || signingAlg.equals(JWSAlgorithm.PS384)) { hashAlg = "SHA-384"; } else if (signingAlg.equals(JWSAlgorithm.ES512) || signingAlg.equals(JWSAlgorithm.HS512) || signingAlg.equals(JWSAlgorithm.RS512) || signingAlg.equals(JWSAlgorithm.PS512)) { hashAlg = "SHA-512"; } if (hashAlg != null) { try { MessageDigest hasher = MessageDigest.getInstance(hashAlg); hasher.reset(); hasher.update(bytes); byte[] hashBytes = hasher.digest(); byte[] hashBytesLeftHalf = Arrays.copyOf(hashBytes, hashBytes.length / 2); Base64URL encodedHash = Base64URL.encode(hashBytesLeftHalf); return encodedHash; } catch (NoSuchAlgorithmException e) { logger.error("No such algorithm error: ", e); } } return null; }
@Override protected ClientHttpRequest createRequest(URI url, HttpMethod method) throws IOException { ClientHttpRequest httpRequest = super.createRequest(url, method); httpRequest.getHeaders().add("Authorization", String.format("Basic %s", Base64.encode(String.format("%s:%s", UriUtils.encodePathSegment(clientConfig.getClientId(), "UTF-8"), UriUtils.encodePathSegment(clientConfig.getClientSecret(), "UTF-8"))))); return httpRequest; } };
@Override public int size() { try { return ByteUtils.safeBitLength(n.decode()); } catch (IntegerOverflowException e) { throw new ArithmeticException(e.getMessage()); } }