Skip to content
Browse files

Merge branch 'develop'

  • Loading branch information...
2 parents d31bda3 + a918321 commit 1081b11d26cd1a4afdc375f6aa0c84661dab74e2 @joeldsa joeldsa committed
View
16 common/src/main/java/org/cloudfoundry/identity/uaa/oauth/token/SignerProvider.java
@@ -28,6 +28,7 @@
* A class that knows how to provide the signing and verification keys
*
* @author Joel D'sa
+ * @author Luke Taylor
*
*/
public class SignerProvider implements InitializingBean {
@@ -45,8 +46,7 @@ public void afterPropertiesSet() throws Exception {
verifier = new RsaVerifier(verifierKey);
}
catch (Exception e) {
- logger.warn("Unable to create an RSA verifier from verifierKey");
- return;
+ throw new RuntimeException("Unable to create an RSA verifier from verifierKey", e);
}
byte[] test = "test".getBytes();
@@ -55,15 +55,13 @@ public void afterPropertiesSet() throws Exception {
logger.info("Signing and verification RSA keys match");
}
catch (InvalidSignatureException e) {
- logger.error("Signing and verification RSA keys do not match");
+ throw new RuntimeException("Signing and verification RSA keys do not match", e);
}
}
else {
- // Avoid a race condition where
Assert.state(this.signingKey == this.verifierKey,
"For MAC signing you do not need to specify the verifier key separately, and if you do it must match the signing key");
}
-
}
public Signer getSigner() {
@@ -71,7 +69,7 @@ public Signer getSigner() {
}
public SignatureVerifier getVerifier() {
- if (isPublic(signingKey)) {
+ if (isAssymetricKey(signingKey)) {
return new RsaVerifier(verifierKey);
}
else {
@@ -91,7 +89,7 @@ public void setSigningKey(String key) {
this.signingKey = key;
- if (isPublic(key)) {
+ if (isAssymetricKey(key)) {
signer = new RsaSigner(key);
logger.info("Configured with RSA signing key");
}
@@ -105,7 +103,7 @@ public void setSigningKey(String key) {
/**
* @return true if the key has a public verifier
*/
- private boolean isPublic(String key) {
+ private boolean isAssymetricKey(String key) {
return key.startsWith("-----BEGIN");
}
@@ -116,7 +114,7 @@ private boolean isPublic(String key) {
* For an HMAC key it will be the same value as the signing key and does not need to be set. For and RSA key, it
* should be set to the String representation of the public key, in a standard format (e.g. OpenSSH keys)
*
- * @param key the signature verification key (typically an RSA public key)
+ * @param verifierKey the signature verification key (typically an RSA public key)
*/
public void setVerifierKey(String verifierKey) {
this.verifierKey = verifierKey;
View
52 common/src/test/java/org/cloudfoundry/identity/uaa/oauth/token/SignerProviderTests.java
@@ -37,39 +37,29 @@ public void testSignedProviderSymmetricKeys() {
}
@Test
- public void testSignedProviderAsymmetricKeys() {
+ public void testSignedProviderAsymmetricKeys() throws Exception {
SignerProvider signerProvider = new SignerProvider();
signerProvider.setSigningKey("-----BEGIN RSA PRIVATE KEY-----\n" +
- "MIICXgIBAAKBgQDAcxw6ilnDn4FPkl21wA0H3vNyJLtsbwUTvB8Ka61wCVpnoNdI\n" +
- "HQOjuCptz32VSCcjYj4djWlMBPTq0Z9svcWi3hnegk/57FFqE3crdTfu9lPZlHyx\n" +
- "k3r2aKvnm/dWfpqFXyYsrK8y00bNC8UFY5D/bsl/AvekXizi/hpTLGrp9QIDAQAB\n" +
- "AoGABN2kNBK1bE3HHjTsK6E8cxt++j7VgktYTIRwIHpSe0exQnd9mfQp2GTapcYe\n" +
- "Pb0CSFG+kk61/9cMPjeomT4/FfDFnQd4AqNYOJUlh0r+AOeSZTLf3ZAYC1osi4o6\n" +
- "UH4zrNZenO5ZfxRvxIxR8oDBwjMlbtCDLQwp1BIWhjoGce0CQQD+VGHqef9+hET8\n" +
- "MNmFEKz6Qrf0gQX75o+CNsar9qPyeL1/whuhd1wxuXPNeeGViwRXOpmQDL93JySW\n" +
- "pzLDHOHDAkEAwbavkGn4Dn/A67CLo6HKAbyoTcgAQyGK3TQhSBaGSCCxdro6m+o3\n" +
- "DAYDLOnVrOu5Iwwy3CF/zz/MUliovxnR5wJBAK/oi2UThqzqLZDE9N59fzcFiJi7\n" +
- "2Pi3KtFks5tjV1gxPNit2FCg7wqRe9BGGcpGQfVXWblxp8hxMXRmJs0fH+MCQQCw\n" +
- "wZmBFLCbykamyPkh3kcNPq/0CULz/m9PWHnl5Wex+OL1iwhfrF9+QR40pUmr94t/\n" +
- "R2pBIvAUlApEOVIAzfaRAkEA6mq3t/N5DNIfhYD87+mtwMy5KvWut799bCMpzoWP\n" +
- "q5vpbVbOxo/LoUPzeSThspSF/NlVlx6T+HCq+nVcPV3VfA==\n" +
- "-----END RSA PRIVATE KEY-----");
- signerProvider.setVerifierKey("-----BEGIN RSA PRIVATE KEY-----\n" +
- "MIICXgIBAAKBgQDAcxw6ilnDn4FPkl21wA0H3vNyJLtsbwUTvB8Ka61wCVpnoNdI\n" +
- "HQOjuCptz32VSCcjYj4djWlMBPTq0Z9svcWi3hnegk/57FFqE3crdTfu9lPZlHyx\n" +
- "k3r2aKvnm/dWfpqFXyYsrK8y00bNC8UFY5D/bsl/AvekXizi/hpTLGrp9QIDAQAB\n" +
- "AoGABN2kNBK1bE3HHjTsK6E8cxt++j7VgktYTIRwIHpSe0exQnd9mfQp2GTapcYe\n" +
- "Pb0CSFG+kk61/9cMPjeomT4/FfDFnQd4AqNYOJUlh0r+AOeSZTLf3ZAYC1osi4o6\n" +
- "UH4zrNZenO5ZfxRvxIxR8oDBwjMlbtCDLQwp1BIWhjoGce0CQQD+VGHqef9+hET8\n" +
- "MNmFEKz6Qrf0gQX75o+CNsar9qPyeL1/whuhd1wxuXPNeeGViwRXOpmQDL93JySW\n" +
- "pzLDHOHDAkEAwbavkGn4Dn/A67CLo6HKAbyoTcgAQyGK3TQhSBaGSCCxdro6m+o3\n" +
- "DAYDLOnVrOu5Iwwy3CF/zz/MUliovxnR5wJBAK/oi2UThqzqLZDE9N59fzcFiJi7\n" +
- "2Pi3KtFks5tjV1gxPNit2FCg7wqRe9BGGcpGQfVXWblxp8hxMXRmJs0fH+MCQQCw\n" +
- "wZmBFLCbykamyPkh3kcNPq/0CULz/m9PWHnl5Wex+OL1iwhfrF9+QR40pUmr94t/\n" +
- "R2pBIvAUlApEOVIAzfaRAkEA6mq3t/N5DNIfhYD87+mtwMy5KvWut799bCMpzoWP\n" +
- "q5vpbVbOxo/LoUPzeSThspSF/NlVlx6T+HCq+nVcPV3VfA==\n" +
- "-----END RSA PRIVATE KEY-----");
-
+ "MIICXAIBAAKBgQDErZsZY70QAa7WdDD6eOv3RLBA4I5J0zZOiXMzoFB5yh64q0sm\n" +
+ "ESNtV4payOYE5TnHxWjMo0y7gDsGjI1omAG6wgfyp63I9WcLX7FDLyee43fG5+b9\n" +
+ "roofosL+OzJSXESSulsT9Y1XxSFFM5RMu4Ie9uM4/izKLCsAKiggMhnAmQIDAQAB\n" +
+ "AoGAAs2OllALk7zSZxAE2qz6f+2krWgF3xt5fKkM0UGJpBKzWWJnkcVQwfArcpvG\n" +
+ "W2+A4U347mGtaEatkKxUH5d6/s37jfRI7++HFXcLf6QJPmuE3+FtB2mX0lVJoaJb\n" +
+ "RLh+tOtt4ZJRAt/u6RjUCVNpDnJB6NZ032bpL3DijfNkRuECQQDkJR+JJPUpQGoI\n" +
+ "voPqcLl0i1tLX93XE7nu1YuwdQ5SmRaS0IJMozoBLBfFNmCWlSHaQpBORc38+eGC\n" +
+ "J9xsOrBNAkEA3LD1JoNI+wPSo/o71TED7BoVdwCXLKPqm0TnTr2EybCUPLNoff8r\n" +
+ "Ngm51jXc8mNvUkBtYiPfMKzpdqqFBWXXfQJAQ7D0E2gAybWQAHouf7/kdrzmYI3Y\n" +
+ "L3lt4HxBzyBcGIvNk9AD6SNBEZn4j44byHIFMlIvqNmzTY0CqPCUyRP8vQJBALXm\n" +
+ "ANmygferKfXP7XsFwGbdBO4mBXRc0qURwNkMqiMXMMdrVGftZq9Oiua9VJRQUtPn\n" +
+ "mIC4cmCLVI5jc+qEC30CQE+eOXomzxNNPxVnIp5k5f+savOWBBu83J2IoT2znnGb\n" +
+ "wTKZHjWybPHsW2q8Z6Moz5dvE+XMd11c5NtIG2/L97I=\n" +
+ "-----END RSA PRIVATE KEY-----");
+ signerProvider.setVerifierKey("-----BEGIN RSA PUBLIC KEY-----\n" +
+ "MIGJAoGBAMStmxljvRABrtZ0MPp46/dEsEDgjknTNk6JczOgUHnKHrirSyYRI21X\n" +
+ "ilrI5gTlOcfFaMyjTLuAOwaMjWiYAbrCB/Knrcj1ZwtfsUMvJ57jd8bn5v2uih+i\n" +
+ "wv47MlJcRJK6WxP1jVfFIUUzlEy7gh724zj+LMosKwAqKCAyGcCZAgMBAAE=\n" +
+ "-----END RSA PUBLIC KEY-----");
+ signerProvider.afterPropertiesSet();
assertNotNull(signerProvider.getSigner());
assertNotNull(signerProvider.getVerifier());
View
4 pom.xml
@@ -17,7 +17,7 @@
<spring.version>3.1.2.RELEASE</spring.version>
<spring.security.version>3.1.3.RELEASE</spring.security.version>
<spring.security.oauth.version>1.0.2.RELEASE</spring.security.oauth.version>
- <spring.security.jwt.version>1.0.0.RELEASE</spring.security.jwt.version>
+ <spring.security.jwt.version>1.0.1.RELEASE</spring.security.jwt.version>
<aspectj.version>1.6.9</aspectj.version>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
@@ -291,7 +291,7 @@
<groupId>org.aspectj</groupId>
<artifactId>aspectjweaver</artifactId>
<version>${aspectj.version}</version>
- </dependency>
+ </dependency>
<dependency>
<groupId>org.aspectj</groupId>
<artifactId>aspectjrt</artifactId>

0 comments on commit 1081b11

Please sign in to comment.
Something went wrong with that request. Please try again.