diff --git a/server/src/main/java/org/cloudfoundry/identity/uaa/oauth/jwk/JsonWebKey.java b/model/src/main/java/org/cloudfoundry/identity/uaa/oauth/jwk/JsonWebKey.java similarity index 77% rename from server/src/main/java/org/cloudfoundry/identity/uaa/oauth/jwk/JsonWebKey.java rename to model/src/main/java/org/cloudfoundry/identity/uaa/oauth/jwk/JsonWebKey.java index efdf9352f7..b01737530c 100644 --- a/server/src/main/java/org/cloudfoundry/identity/uaa/oauth/jwk/JsonWebKey.java +++ b/model/src/main/java/org/cloudfoundry/identity/uaa/oauth/jwk/JsonWebKey.java @@ -15,24 +15,32 @@ package org.cloudfoundry.identity.uaa.oauth.jwk; +import com.fasterxml.jackson.databind.annotation.JsonDeserialize; +import com.fasterxml.jackson.databind.annotation.JsonSerialize; -import java.security.PublicKey; import java.util.Collections; import java.util.HashMap; import java.util.Map; -public abstract class JsonWebKey { +/** + * See https://tools.ietf.org/html/rfc7517 + */ + +@JsonDeserialize(using = JsonWebKeyDeserializer.class) +@JsonSerialize(using = JsonWebKeySerializer.class) +public class JsonWebKey { - enum KeyUse { + public enum KeyUse { sig, enc } - enum KeyType { - RSA + public enum KeyType { + RSA, + MAC } - enum KeyOperation { + public enum KeyOperation { sign, verify, encrypt, @@ -45,7 +53,7 @@ enum KeyOperation { private final Map json; - protected JsonWebKey(Map json) { + public JsonWebKey(Map json) { if (json.get("kty")==null) { throw new IllegalArgumentException("kty field is required"); } @@ -91,6 +99,12 @@ public int hashCode() { } } - abstract PublicKey getPublicKey(); + //helper methods + public String getAlgorithm() { + return (String) getKeyProperties().get("alg"); + } + public String getValue() { + return (String) getKeyProperties().get("value"); + } } diff --git a/server/src/main/java/org/cloudfoundry/identity/uaa/oauth/jwk/KeySetDeserializer.java b/model/src/main/java/org/cloudfoundry/identity/uaa/oauth/jwk/JsonWebKeyDeserializer.java similarity index 59% rename from server/src/main/java/org/cloudfoundry/identity/uaa/oauth/jwk/KeySetDeserializer.java rename to model/src/main/java/org/cloudfoundry/identity/uaa/oauth/jwk/JsonWebKeyDeserializer.java index 2462860e7c..f95c6bea4d 100644 --- a/server/src/main/java/org/cloudfoundry/identity/uaa/oauth/jwk/KeySetDeserializer.java +++ b/model/src/main/java/org/cloudfoundry/identity/uaa/oauth/jwk/JsonWebKeyDeserializer.java @@ -21,31 +21,22 @@ import com.fasterxml.jackson.databind.DeserializationContext; import com.fasterxml.jackson.databind.JsonDeserializer; import com.fasterxml.jackson.databind.JsonNode; -import com.fasterxml.jackson.databind.node.ArrayNode; import org.cloudfoundry.identity.uaa.util.JsonUtils; import java.io.IOException; -import java.util.LinkedHashSet; import java.util.Map; -import java.util.stream.Collectors; - -public class KeySetDeserializer extends JsonDeserializer { +/** + * See https://tools.ietf.org/html/rfc7517 + */ +public class JsonWebKeyDeserializer extends JsonDeserializer { @Override - public KeySet deserialize(JsonParser p, DeserializationContext ctxt) throws IOException, JsonProcessingException { + public JsonWebKey deserialize(JsonParser p, DeserializationContext ctxt) throws IOException, JsonProcessingException { JsonNode node = JsonUtils.readTree(p); - ArrayNode keys = (ArrayNode) node.get("keys"); - if (keys==null) { - throw new JsonParseException(p, "keys attribute cannot be null"); + Map map = JsonUtils.getNodeAsMap(node); + if (map.get("kty")==null) { + throw new JsonParseException(p, "kty is a required attribute on a JsonWebKey"); } - LinkedHashSet result = new LinkedHashSet<>(); - for (int i=0; i map = JsonUtils.getNodeAsMap(keys.get(i)); - RsaJsonWebKey key = new RsaJsonWebKey(map); - result.remove(key); - result.add(key); - } - return new KeySet(result.stream().collect(Collectors.toList())); + return new JsonWebKey(map); } - } diff --git a/server/src/main/java/org/cloudfoundry/identity/uaa/oauth/jwk/KeySetSerializer.java b/model/src/main/java/org/cloudfoundry/identity/uaa/oauth/jwk/JsonWebKeySerializer.java similarity index 70% rename from server/src/main/java/org/cloudfoundry/identity/uaa/oauth/jwk/KeySetSerializer.java rename to model/src/main/java/org/cloudfoundry/identity/uaa/oauth/jwk/JsonWebKeySerializer.java index e4127fe74c..3d8368011e 100644 --- a/server/src/main/java/org/cloudfoundry/identity/uaa/oauth/jwk/KeySetSerializer.java +++ b/model/src/main/java/org/cloudfoundry/identity/uaa/oauth/jwk/JsonWebKeySerializer.java @@ -21,16 +21,20 @@ import com.fasterxml.jackson.databind.SerializerProvider; import java.io.IOException; +import java.util.Map; -public class KeySetSerializer extends JsonSerializer { +/** + * See https://tools.ietf.org/html/rfc7517 + */ + +public class JsonWebKeySerializer extends JsonSerializer { @Override - public void serialize(KeySet value, JsonGenerator gen, SerializerProvider serializers) throws IOException, JsonProcessingException { + public void serialize(JsonWebKey value, JsonGenerator gen, SerializerProvider serializers) throws IOException, JsonProcessingException { gen.writeStartObject(); - gen.writeArrayFieldStart("keys"); - for (JsonWebKey key : value.getKeys()) { - gen.writeObject(key.getKeyProperties()); + for (Map.Entry entry : value.getKeyProperties().entrySet()) { + gen.writeFieldName(entry.getKey()); + gen.writeObject(entry.getValue()); } - gen.writeEndArray(); gen.writeEndObject(); } } diff --git a/server/src/main/java/org/cloudfoundry/identity/uaa/oauth/jwk/KeySet.java b/model/src/main/java/org/cloudfoundry/identity/uaa/oauth/jwk/JsonWebKeySet.java similarity index 56% rename from server/src/main/java/org/cloudfoundry/identity/uaa/oauth/jwk/KeySet.java rename to model/src/main/java/org/cloudfoundry/identity/uaa/oauth/jwk/JsonWebKeySet.java index 5f1376db1f..b612edc666 100644 --- a/server/src/main/java/org/cloudfoundry/identity/uaa/oauth/jwk/KeySet.java +++ b/model/src/main/java/org/cloudfoundry/identity/uaa/oauth/jwk/JsonWebKeySet.java @@ -15,23 +15,32 @@ package org.cloudfoundry.identity.uaa.oauth.jwk; -import com.fasterxml.jackson.databind.annotation.JsonDeserialize; -import com.fasterxml.jackson.databind.annotation.JsonSerialize; +import com.fasterxml.jackson.annotation.JsonProperty; import java.util.Collections; +import java.util.LinkedHashSet; +import java.util.LinkedList; import java.util.List; +import java.util.Set; -@JsonDeserialize(using = KeySetDeserializer.class) -@JsonSerialize(using = KeySetSerializer.class) -public class KeySet { +/** + * See https://tools.ietf.org/html/rfc7517 + */ +public class JsonWebKeySet { - private final List keys; + private final List keys; - public KeySet(List keys) { - this.keys = Collections.unmodifiableList(keys); + public JsonWebKeySet(@JsonProperty("keys") List keys) { + Set set = new LinkedHashSet<>(); + //rules for how to override duplicates + for (T t : keys) { + set.remove(t); + set.add(t); + } + this.keys = new LinkedList(set); } - public List getKeys() { - return keys; + public List getKeys() { + return Collections.unmodifiableList(keys); } } diff --git a/model/src/main/java/org/cloudfoundry/identity/uaa/oauth/token/VerificationKeyResponse.java b/model/src/main/java/org/cloudfoundry/identity/uaa/oauth/token/VerificationKeyResponse.java index ef4ccce32d..a5af59b822 100644 --- a/model/src/main/java/org/cloudfoundry/identity/uaa/oauth/token/VerificationKeyResponse.java +++ b/model/src/main/java/org/cloudfoundry/identity/uaa/oauth/token/VerificationKeyResponse.java @@ -14,95 +14,55 @@ package org.cloudfoundry.identity.uaa.oauth.token; -import com.fasterxml.jackson.annotation.JsonAutoDetect; -import com.fasterxml.jackson.annotation.JsonInclude; -import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.annotation.JsonAutoDetect.Visibility; +import com.fasterxml.jackson.annotation.JsonIgnore; +import org.cloudfoundry.identity.uaa.oauth.jwk.JsonWebKey; +import java.util.Map; + +@Deprecated /** - * Created by pivotal on 11/18/15. + * Use {@link JsonWebKey} */ -@JsonAutoDetect(fieldVisibility = Visibility.ANY, getterVisibility = Visibility.NONE, setterVisibility = Visibility.NONE) -public class VerificationKeyResponse { - - @JsonProperty("kid") - @JsonInclude(JsonInclude.Include.NON_NULL) - private String kid; - - @JsonProperty("alg") - private String algorithm; - - @JsonProperty("value") - private String key; - - @JsonProperty("kty") - private String type; - - @JsonProperty("use") - private String use; +public class VerificationKeyResponse extends JsonWebKey{ - @JsonProperty("n") - @JsonInclude(JsonInclude.Include.NON_NULL) - private String modulus; - @JsonProperty("e") - @JsonInclude(JsonInclude.Include.NON_NULL) - private String exponent; - - public String getId() { - return kid; + public VerificationKeyResponse(Map json) { + super(json); } - public void setId(String kid) { - this.kid = kid; - } - - public void setAlgorithm(String algorithm) { - this.algorithm = algorithm; + @JsonIgnore + public String getId() { + return getKid(); } + @JsonIgnore public String getAlgorithm() { - return algorithm; - } - - public void setKey(String key) { - this.key = key; + return (String) getKeyProperties().get("alg"); } + @JsonIgnore public String getKey() { - return key; - } - - public void setType(String type) { - this.type = type; + return (String) getKeyProperties().get("value"); } + @JsonIgnore public String getType() { - return type; - } - - public void setUse(String use) { - this.use = use; - } - - public String getUse() { - return use; + return getKty().name(); } - public void setModulus(String modulus) { - this.modulus = modulus; + @JsonIgnore + public String getKeyUse() { + return getUse().name(); } + @JsonIgnore public String getModulus() { - return modulus; - } - - public void setExponent(String exponent) { - this.exponent = exponent; + return (String) getKeyProperties().get("n"); } + @JsonIgnore public String getExponent() { - return exponent; + return (String) getKeyProperties().get("e"); } } diff --git a/model/src/main/java/org/cloudfoundry/identity/uaa/oauth/token/VerificationKeysListResponse.java b/model/src/main/java/org/cloudfoundry/identity/uaa/oauth/token/VerificationKeysListResponse.java index 15ac2e31ab..2f00e155fa 100644 --- a/model/src/main/java/org/cloudfoundry/identity/uaa/oauth/token/VerificationKeysListResponse.java +++ b/model/src/main/java/org/cloudfoundry/identity/uaa/oauth/token/VerificationKeysListResponse.java @@ -1,35 +1,30 @@ /* - * ****************************************************************************** - * Cloud Foundry Copyright (c) [2009-2015] Pivotal Software, Inc. All Rights Reserved. + * **************************************************************************** + * Cloud Foundry + * Copyright (c) [2009-2016] Pivotal Software, Inc. All Rights Reserved. * - * This product is licensed to you under the Apache License, Version 2.0 (the "License"). - * You may not use this product except in compliance with the License. + * This product is licensed to you under the Apache License, Version 2.0 (the "License"). + * You may not use this product except in compliance with the License. * - * This product includes a number of subcomponents with - * separate copyright notices and license terms. Your use of these - * subcomponents is subject to the terms and conditions of the - * subcomponent's license, as noted in the LICENSE file. - * ****************************************************************************** + * This product includes a number of subcomponents with + * separate copyright notices and license terms. Your use of these + * subcomponents is subject to the terms and conditions of the + * subcomponent's license, as noted in the LICENSE file. + * **************************************************************************** */ package org.cloudfoundry.identity.uaa.oauth.token; -import com.fasterxml.jackson.annotation.JsonAutoDetect; +import org.cloudfoundry.identity.uaa.oauth.jwk.JsonWebKeySet; import java.util.List; +@Deprecated /** - * Created by pivotal on 11/18/15. + * Use {@link JsonWebKeySet} */ -@JsonAutoDetect(fieldVisibility = JsonAutoDetect.Visibility.ANY, getterVisibility = JsonAutoDetect.Visibility.NONE, setterVisibility = JsonAutoDetect.Visibility.NONE) -public class VerificationKeysListResponse { - private List keys; - - public List getKeys() { - return keys; - } - - public void setKeys(List keys) { - this.keys = keys; +public class VerificationKeysListResponse extends JsonWebKeySet { + public VerificationKeysListResponse(List keys) { + super(keys); } } diff --git a/server/src/main/java/org/cloudfoundry/identity/uaa/oauth/TokenKeyEndpoint.java b/server/src/main/java/org/cloudfoundry/identity/uaa/oauth/TokenKeyEndpoint.java index 11c6e804af..be8958fa19 100644 --- a/server/src/main/java/org/cloudfoundry/identity/uaa/oauth/TokenKeyEndpoint.java +++ b/server/src/main/java/org/cloudfoundry/identity/uaa/oauth/TokenKeyEndpoint.java @@ -28,16 +28,16 @@ import java.security.Principal; import java.security.interfaces.RSAPublicKey; +import java.util.HashMap; import java.util.List; import java.util.Map; import java.util.stream.Collectors; +import static org.cloudfoundry.identity.uaa.oauth.jwk.JsonWebKey.KeyUse.sig; + /** * OAuth2 token services that produces JWT encoded token values. * - * @author Dave Syer - * @author Luke Taylor - * @author Joel D'sa */ @Controller public class TokenKeyEndpoint { @@ -63,23 +63,25 @@ public VerificationKeyResponse getKey(Principal principal) { } public static VerificationKeyResponse getVerificationKeyResponse(KeyInfo key) { - VerificationKeyResponse result = new VerificationKeyResponse(); - result.setAlgorithm(key.getSigner().algorithm()); - result.setKey(key.getVerifierKey()); + Map result = new HashMap<>(); + result.put("alg", key.getSigner().algorithm()); + result.put("value", key.getVerifierKey()); //new values per OpenID and JWK spec - result.setType(key.getType()); - result.setUse("sig"); - result.setId(key.getKeyId()); + result.put("use", sig.name()); + result.put("kid",key.getKeyId()); + result.put("kty", key.getType()); + if (key.isAssymetricKey() && "RSA".equals(key.getType())) { - RSAPublicKey rsaKey = key.getRsaPublicKey(); - if (rsaKey != null) { - String n = Base64Utils.encodeToUrlSafeString(rsaKey.getModulus().toByteArray()); - String e = Base64Utils.encodeToUrlSafeString(rsaKey.getPublicExponent().toByteArray()); - result.setModulus(n); - result.setExponent(e); + + RSAPublicKey rsaKey = key.getRsaPublicKey(); + if (rsaKey != null) { + String n = Base64Utils.encodeToUrlSafeString(rsaKey.getModulus().toByteArray()); + String e = Base64Utils.encodeToUrlSafeString(rsaKey.getPublicExponent().toByteArray()); + result.put("n", n); + result.put("e", e); } } - return result; + return new VerificationKeyResponse(result); } /** @@ -95,15 +97,12 @@ public static VerificationKeyResponse getVerificationKeyResponse(KeyInfo key) { @ResponseBody public VerificationKeysListResponse getKeys(Principal principal) { boolean includeSymmetric = includeSymmetricalKeys(principal); - - VerificationKeysListResponse result = new VerificationKeysListResponse(); Map keys = KeyInfo.getKeys(); List keyResponses = keys.values().stream() .filter(k -> includeSymmetric || k.isAssymetricKey()) .map(TokenKeyEndpoint::getVerificationKeyResponse) .collect(Collectors.toList()); - result.setKeys(keyResponses); - return result; + return new VerificationKeysListResponse(keyResponses); } protected boolean includeSymmetricalKeys(Principal principal) { diff --git a/server/src/main/java/org/cloudfoundry/identity/uaa/oauth/jwk/RsaJsonWebKey.java b/server/src/main/java/org/cloudfoundry/identity/uaa/oauth/jwk/JsonWebKeyHelper.java similarity index 84% rename from server/src/main/java/org/cloudfoundry/identity/uaa/oauth/jwk/RsaJsonWebKey.java rename to server/src/main/java/org/cloudfoundry/identity/uaa/oauth/jwk/JsonWebKeyHelper.java index 323f9f099e..23c1a0d077 100644 --- a/server/src/main/java/org/cloudfoundry/identity/uaa/oauth/jwk/RsaJsonWebKey.java +++ b/server/src/main/java/org/cloudfoundry/identity/uaa/oauth/jwk/JsonWebKeyHelper.java @@ -33,11 +33,11 @@ import static org.cloudfoundry.identity.uaa.oauth.jwk.JsonWebKey.KeyUse.sig; -public class RsaJsonWebKey extends JsonWebKey { +public class JsonWebKeyHelper { private static Base64 base64 = new Base64(true); - public static RsaJsonWebKey fromPEMPrivateKey(String key) { + public static JsonWebKey fromPEMPrivateKey(String key) { KeyPair pair = KeyInfo.parseKeyPair(key); RSAPublicKey rsaKey = (RSAPublicKey) pair.getPublic(); BigInteger modulus = rsaKey.getModulus(); @@ -47,22 +47,17 @@ public static RsaJsonWebKey fromPEMPrivateKey(String key) { properties.put("e", base64.encodeAsString(exponent.toByteArray())); properties.put("kty", "RSA"); properties.put("use", sig.name()); - return new RsaJsonWebKey(properties); + return new JsonWebKey(properties); } - public static RsaJsonWebKey fromPEMPublicKey(String key) { + public static JsonWebKeyHelper fromPEMPublicKey(String key) { return null; } - public RsaJsonWebKey(Map json) { - super(json); - } - - @Override - public PublicKey getPublicKey() { + public static PublicKey getPublicKey(JsonWebKey key) { final Base64 decoder = new Base64(true); - String e = (String) getKeyProperties().get("e"); - String n = (String) getKeyProperties().get("n"); + String e = (String) key.getKeyProperties().get("e"); + String n = (String) key.getKeyProperties().get("n"); BigInteger modulus = new BigInteger(1, decoder.decode(n.getBytes(StandardCharsets.UTF_8))); BigInteger exponent = new BigInteger(1, decoder.decode(e.getBytes(StandardCharsets.UTF_8))); try { diff --git a/server/src/test/java/org/cloudfoundry/identity/uaa/oauth/jwk/JsonWebKeyTests.java b/server/src/test/java/org/cloudfoundry/identity/uaa/oauth/jwk/RsaJsonWebKeyTests.java similarity index 88% rename from server/src/test/java/org/cloudfoundry/identity/uaa/oauth/jwk/JsonWebKeyTests.java rename to server/src/test/java/org/cloudfoundry/identity/uaa/oauth/jwk/RsaJsonWebKeyTests.java index 0f9729fc86..c5dd0acae0 100644 --- a/server/src/test/java/org/cloudfoundry/identity/uaa/oauth/jwk/JsonWebKeyTests.java +++ b/server/src/test/java/org/cloudfoundry/identity/uaa/oauth/jwk/RsaJsonWebKeyTests.java @@ -15,9 +15,11 @@ package org.cloudfoundry.identity.uaa.oauth.jwk; +import com.fasterxml.jackson.core.type.TypeReference; import org.apache.commons.codec.binary.Base64; import org.apache.commons.collections.map.HashedMap; import org.cloudfoundry.identity.uaa.oauth.KeyInfo; +import org.cloudfoundry.identity.uaa.oauth.token.VerificationKeyResponse; import org.cloudfoundry.identity.uaa.util.JsonUtils; import org.junit.Test; @@ -36,7 +38,7 @@ import static org.junit.Assert.assertNotNull; import static org.junit.Assert.fail; -public class JsonWebKeyTests { +public class RsaJsonWebKeyTests { public static final String ISSUER = "http://localhost:8080/issuer"; @@ -50,7 +52,7 @@ public void create_key_from_rsa_string() { assertNotNull(keyInfo.getVerifier()); PublicKey pk = keyInfo.getRsaPublicKey(); JsonWebKey key = - RsaJsonWebKey.fromPEMPrivateKey(keyInfo.getVerifierKey()) + JsonWebKeyHelper.fromPEMPrivateKey(keyInfo.getVerifierKey()) .setKid("id"); assertEquals(RSA, key.getKty()); assertEquals("RSA", key.getKeyProperties().get("kty")); @@ -70,27 +72,27 @@ public void deserialize_azure_keys() { @Test public void ensure_that_duplicates_are_removed() { - KeySet keys = JsonUtils.readValue(sampleRsaKeys, KeySet.class); + JsonWebKeySet keys = JsonUtils.readValue(sampleRsaKeys, new TypeReference>() {}); List list = new ArrayList<>(keys.getKeys()); list.addAll(keys.getKeys()); assertEquals(6, list.size()); - keys = new KeySet(list); + keys = new JsonWebKeySet<>(list); deserialize_azure_keys(JsonUtils.writeValueAsString(keys)); } @Test public void ensure_that_duplicates_get_the_last_object() { - KeySet keys = JsonUtils.readValue(sampleRsaKeys, KeySet.class); + JsonWebKeySet keys = JsonUtils.readValue(sampleRsaKeys, new TypeReference>() {}); List list = new ArrayList<>(keys.getKeys()); list.addAll(keys.getKeys()); assertEquals(6, list.size()); Map p = new HashedMap(list.get(5).getKeyProperties()); p.put("issuer", ISSUER); - list.add(new RsaJsonWebKey(p)); + list.add(new VerificationKeyResponse(p)); assertEquals(7, list.size()); - keys = new KeySet(list); + keys = new JsonWebKeySet<>(list); keys = deserialize_azure_keys(JsonUtils.writeValueAsString(keys)); assertEquals(ISSUER, keys.getKeys().get(2).getKeyProperties().get("issuer")); @@ -103,7 +105,7 @@ public void test_required_properties() { map.put("kty", "invalid"); test_create_with_error(map); map.put("kty", "RSA"); - new RsaJsonWebKey(map); + new VerificationKeyResponse(map); } @Test @@ -111,37 +113,37 @@ public void test_equals() { Map p1 = new HashMap<>(); p1.put("kty", "RSA"); Map p2 = new HashMap<>(p1); - assertEquals(new RsaJsonWebKey(p1), new RsaJsonWebKey(p2)); + assertEquals(new VerificationKeyResponse(p1), new VerificationKeyResponse(p2)); p1.put("kid","id"); - assertNotEquals(new RsaJsonWebKey(p1), new RsaJsonWebKey(p2)); + assertNotEquals(new VerificationKeyResponse(p1), new VerificationKeyResponse(p2)); p2.put("kid","id"); - assertEquals(new RsaJsonWebKey(p1), new RsaJsonWebKey(p2)); + assertEquals(new VerificationKeyResponse(p1), new VerificationKeyResponse(p2)); p1.put("issuer", "issuer1"); p2.put("issuer", "issuer2"); - assertEquals(new RsaJsonWebKey(p1), new RsaJsonWebKey(p2)); + assertEquals(new VerificationKeyResponse(p1), new VerificationKeyResponse(p2)); p1.remove("kid"); p2.remove("kid"); - assertNotEquals(new RsaJsonWebKey(p1), new RsaJsonWebKey(p2)); + assertNotEquals(new VerificationKeyResponse(p1), new VerificationKeyResponse(p2)); p2.put("issuer", "issuer1"); - assertEquals(new RsaJsonWebKey(p1), new RsaJsonWebKey(p2)); + assertEquals(new VerificationKeyResponse(p1), new VerificationKeyResponse(p2)); } public void test_create_with_error(Map p) { try { - new RsaJsonWebKey(p); + new VerificationKeyResponse(p); fail("Creation of key with properties:"+p+" should fail."); } catch (IllegalArgumentException x) {} } - public KeySet deserialize_azure_keys(String json) { - KeySet keys = JsonUtils.readValue(json, KeySet.class); + public JsonWebKeySet deserialize_azure_keys(String json) { + JsonWebKeySet keys = JsonUtils.readValue(json, new TypeReference>() {}); assertNotNull(keys); assertNotNull(keys.getKeys()); assertEquals(3, keys.getKeys().size()); for (JsonWebKey key : keys.getKeys()) { assertNotNull(key); - assertNotNull(key.getPublicKey()); + assertNotNull(JsonWebKeyHelper.getPublicKey(key)); } return keys; diff --git a/server/src/test/java/org/cloudfoundry/identity/uaa/oauth/token/TokenKeyEndpointTests.java b/server/src/test/java/org/cloudfoundry/identity/uaa/oauth/token/TokenKeyEndpointTests.java index bb62830473..8c8bee0eb2 100644 --- a/server/src/test/java/org/cloudfoundry/identity/uaa/oauth/token/TokenKeyEndpointTests.java +++ b/server/src/test/java/org/cloudfoundry/identity/uaa/oauth/token/TokenKeyEndpointTests.java @@ -70,7 +70,7 @@ public void sharedSecretIsReturnedFromTokenKeyEndpoint() throws Exception { assertEquals("someKey", response.getKey()); assertEquals("someKeyId", response.getId()); assertEquals("MAC", response.getType()); - assertEquals("sig", response.getUse()); + assertEquals("sig", response.getUse().name()); } private void configureKeysForDefaultZone(Map keys) { @@ -137,7 +137,7 @@ public void keyIsReturnedForZone() { assertEquals("SHA256withRSA", response.getAlgorithm()); assertEquals("key1", response.getId()); assertEquals("RSA", response.getType()); - assertEquals("sig", response.getUse()); + assertEquals("sig", response.getUse().name()); } @Test @@ -152,7 +152,7 @@ public void defaultZonekeyIsReturned_ForZoneWithNoKeys() { assertEquals("someKey", response.getKey()); assertEquals("someKeyId", response.getId()); assertEquals("MAC", response.getType()); - assertEquals("sig", response.getUse()); + assertEquals("sig", response.getUse().name()); } @Test