Skip to content
Permalink
Browse files
add more generic interface which allows to use a sharedKey/Key
Signed-off-by: David J. M. Karlsen <david@davidkarlsen.com>
  • Loading branch information
davidkarlsen committed Apr 6, 2019
1 parent 7d62e7f commit 89b734feaa1c2d35c782236d4b39ae216e742426
Showing 5 changed files with 39 additions and 7 deletions.
@@ -22,13 +22,13 @@
import java.util.Map;

import org.apache.cxf.rs.security.httpsignature.provider.AlgorithmProvider;
import org.apache.cxf.rs.security.httpsignature.provider.PublicKeyProvider;
import org.apache.cxf.rs.security.httpsignature.provider.KeyProvider;
import org.apache.cxf.rs.security.httpsignature.provider.SecurityProvider;

public interface SignatureValidator {
void validate(Map<String, List<String>> messageHeaders,
AlgorithmProvider algorithmProvider,
PublicKeyProvider publicKeyProvider,
KeyProvider keyProvider,
SecurityProvider securityProvider,
String method,
String uri);
@@ -30,7 +30,7 @@
import org.apache.cxf.rs.security.httpsignature.exception.InvalidSignatureException;
import org.apache.cxf.rs.security.httpsignature.exception.InvalidSignatureHeaderException;
import org.apache.cxf.rs.security.httpsignature.provider.AlgorithmProvider;
import org.apache.cxf.rs.security.httpsignature.provider.PublicKeyProvider;
import org.apache.cxf.rs.security.httpsignature.provider.KeyProvider;
import org.apache.cxf.rs.security.httpsignature.provider.SecurityProvider;
import org.apache.cxf.rs.security.httpsignature.utils.SignatureHeaderUtils;
import org.tomitribe.auth.signatures.Signature;
@@ -47,7 +47,7 @@ public TomitribeSignatureValidator(List<String> requiredHeaders) {
@Override
public void validate(Map<String, List<String>> messageHeaders,
AlgorithmProvider algorithmProvider,
PublicKeyProvider publicKeyProvider,
KeyProvider keyProvider,
SecurityProvider securityProvider,
String method,
String uri) {
@@ -60,7 +60,7 @@ public void validate(Map<String, List<String>> messageHeaders,
throw new DifferentAlgorithmsException("signature algorithm from header and provided are different");
}

Key key = publicKeyProvider.getKey(signature.getKeyId());
Key key = keyProvider.getKey(signature.getKeyId());

java.security.Provider provider = securityProvider.getProvider(signature.getKeyId());

@@ -0,0 +1,32 @@
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.cxf.rs.security.httpsignature.provider;

import java.security.Key;

@FunctionalInterface
public interface KeyProvider {

/**
* Resolve a Key based on the keyId
* @param keyId in question, not null or empty.
* @return a Key, never null.
*/
Key getKey(String keyId);
}
@@ -21,7 +21,7 @@
import java.security.PrivateKey;

@FunctionalInterface
public interface PrivateKeyProvider {
public interface PrivateKeyProvider extends KeyProvider {
/**
* @param keyId is used as lookup to find the correct configured private key for this keyId
* The keyId is sent in the message together with the signature
@@ -21,7 +21,7 @@
import java.security.PublicKey;

@FunctionalInterface
public interface PublicKeyProvider {
public interface PublicKeyProvider extends KeyProvider {
/**
* @param keyId is used as lookup to find the correct configured public key for this keyId
* The keyId is sent in the message together with the signature

0 comments on commit 89b734f

Please sign in to comment.