Skip to content

Commit cf70a83

Browse files
jdahmubedjdahmubed
committed
Cleanup
1 parent a1b36a1 commit cf70a83

4 files changed

Lines changed: 6 additions & 188 deletions

File tree

lib/src/main/java/com/auth0/jwt/algorithms/ECDSAAlgorithm.java

Lines changed: 1 addition & 39 deletions
Original file line numberDiff line numberDiff line change
@@ -100,48 +100,10 @@ public void verify(DecodedJWT jwt, EncodeType encodeType) throws Exception {
100100
}
101101

102102
try {
103-
104-
//create a http request that gets back a response for the jwks uri and then once you get back the response,
105-
//parse it to get back the x509 DER string and get the public key from that string
106-
//from the public key of that string, pass it into verifySignatureFor()
107-
PublicKey publicKey = null;
108-
String kid = jwt.getKeyId();
109-
String algorithm = jwt.getAlgorithm();
110-
if(kid == null) {
111-
publicKey = keyProvider.getPublicKeyById(kid);
112-
} else if(algorithm.equals("RSA")){
113-
//JwkProvider provider = new UrlJwkProvider("https://sandrino.auth0.com/.well-known/jwks.json");
114-
JwkProvider provider = new UrlJwkProvider(new File("/Users/jdahmubed/documents/jwksRSA.json").toURI().toURL());//"file:///);
115-
Jwk jwk = provider.get(kid);
116-
publicKey = jwk.getPublicKey();
117-
} /*else if(algorithm.contains("ES")) {
118-
// JSONParser parser = new JSONParser();
119-
// JSONArray a = (JSONArray) parser.parse(new FileReader("/Users/jdahmubed/documents/jwks.json"));
120-
121-
JsonObject gsonObject = new JsonObject();
122-
123-
124-
JsonParser parser = new JsonParser();
125-
JsonElement jsonElement = parser.parse(new FileReader("/Users/jdahmubed/documents/jwks.json"));
126-
gsonObject = jsonElement.getAsJsonObject();
127-
128-
JSONObject jsonObject = new JSONObject();
129-
for(String key : gsonObject.keySet()) {
130-
jsonObject.put(key, gsonObject.get(key));
131-
}
132-
jsonObject.put("alg", "ES256");
133-
JWSHeader jwsHeader = JWSHeader.parse(jsonObject);
134-
135-
JWSHeader header = new JWSHeader(JWSAlgorithm.ES256);
136-
header.setJWKURL(new File("/Users/jdahmubed/documents/jwks.json").toURI().toURL());
137-
List<com.nimbusds.jose.util.Base64> list = header.getX509CertChain();
138-
System.out.print(list);
139-
}*/
140-
103+
ECPublicKey publicKey = keyProvider.getPublicKeyById(jwt.getKeyId());
141104
if (publicKey == null) {
142105
throw new IllegalStateException("The given Public Key is null.");
143106
}
144-
//pass in publicKey from x509 or the current key (look up)
145107
boolean valid = crypto.verifySignatureFor(getDescription(), publicKey, contentBytes, JOSEToDER(signatureBytes));
146108

147109
if (!valid) {

lib/src/main/java/com/auth0/jwt/algorithms/HMACAlgorithm.java

Lines changed: 0 additions & 34 deletions
Original file line numberDiff line numberDiff line change
@@ -19,9 +19,6 @@
1919

2020
package com.auth0.jwt.algorithms;
2121

22-
import com.auth0.jwk.Jwk;
23-
import com.auth0.jwk.JwkProvider;
24-
import com.auth0.jwk.UrlJwkProvider;
2522
import com.auth0.jwt.creators.EncodeType;
2623
import com.auth0.jwt.creators.JWTCreator;
2724
import com.auth0.jwt.exceptions.SignatureGenerationException;
@@ -39,9 +36,6 @@
3936
import java.nio.charset.StandardCharsets;
4037
import java.security.InvalidKeyException;
4138
import java.security.NoSuchAlgorithmException;
42-
import java.security.PublicKey;
43-
import java.security.cert.CertificateFactory;
44-
import java.security.cert.X509Certificate;
4539

4640
class HMACAlgorithm extends Algorithm {
4741

@@ -96,34 +90,6 @@ public void verify(DecodedJWT jwt, EncodeType encodeType) throws Exception {
9690
}
9791

9892
try {
99-
//String kid = jwt.getKeyId();
100-
String kid = "RkI5MjI5OUY5ODc1N0Q4QzM0OUYzNkVGMTJDOUEzQkFCOTU3NjE2Rg";
101-
JwkProvider provider = new UrlJwkProvider(new File("jwksRSA.json").toURI().toURL());
102-
Jwk jwk = provider.get(kid);
103-
//String cert = jwk.getCertificateChain().get(0);
104-
try (Writer writer = new BufferedWriter(new OutputStreamWriter(
105-
new FileOutputStream("jwks.cert"), "utf-8"))) {
106-
writer.write("-----BEGIN CERTIFICATE-----");
107-
writer.append("\n"+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGbXWiK3dQTyCbX5xdE4\n" +
108-
"yCuYp0AF2d15Qq1JSXT/lx8CEcXb9RbDddl8jGDv+spi5qPa8qEHiK7FwV2KpRE9\n" +
109-
"83wGPnYsAm9BxLFb4YrLYcDFOIGULuk2FtrPS512Qea1bXASuvYXEpQNpGbnTGVs\n" +
110-
"WXI9C+yjHztqyL2h8P6mlThPY9E9ue2fCqdgixfTFIF9Dm4SLHbphUS2iw7w1JgT\n" +
111-
"69s7of9+I9l5lsJ9cozf1rxrXX4V1u/SotUuNB3Fp8oB4C1fLBEhSlMcUJirz1E8\n" +
112-
"AziMCxS+VrRPDM+zfvpIJg3JljAh3PJHDiLu902v9w+Iplu1WyoB2aPfitxEhRN0\n" +
113-
"YwIDAQAB" + "\n");
114-
writer.append("-----END CERTIFICATE-----");
115-
}
116-
CertificateFactory fact = CertificateFactory.getInstance("X.509");
117-
FileInputStream is = new FileInputStream ("jwks.cert");
118-
X509Certificate cer = (X509Certificate) fact.generateCertificate(is);
119-
PublicKey publicKey = cer.getPublicKey();
120-
121-
if (publicKey == null) {
122-
throw new IllegalStateException("The given Public Key is null.");
123-
}
124-
125-
//need to add fucntionality to pass in secret or pass in x509 public key
126-
//jwks uri
12793
boolean valid = crypto.verifySignatureFor(getDescription(), secret, contentBytes, signatureBytes);
12894
if (!valid) {
12995
throw new SignatureVerificationException(this);

lib/src/main/java/com/auth0/jwt/algorithms/RSAAlgorithm.java

Lines changed: 0 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -156,31 +156,13 @@ public void verify(DecodedJWT jwt, EncodeType encodeType) throws Exception {
156156
writer.append("\n"+ cert + "\n");
157157
writer.append("-----END CERTIFICATE-----");
158158
}
159-
/*CertificateFactory fact = CertificateFactory.getInstance("X.509");
160-
FileInputStream is = new FileInputStream ("./src/main/java/com/auth0/jwt/algorithms/jwks.pem");
161-
X509Certificate cer = (X509Certificate) fact.generateCertificate(is);*/
162159

163160
FileReader file = new FileReader("./src/main/java/com/auth0/jwt/algorithms/jwks.pem");
164161
PemReader reader = new PemReader(file);
165162
X509EncodedKeySpec caKeySpec = new X509EncodedKeySpec(reader.readPemObject().getContent());
166163
KeyFactory kf = KeyFactory.getInstance("RSA");
167164
PublicKey publicKey = kf.generatePublic(caKeySpec);
168165

169-
170-
171-
172-
/*final String PUBLIC_KEY_FILE_RSA = "src/test/resources/rsa-public-from-Roland.pem";
173-
RSAPublicKey publicKey = (RSAPublicKey) PemUtils.readPublicKeyFromFile(PUBLIC_KEY_FILE_RSA, "RSA");*/
174-
175-
176-
//PublicKey publicKey = cer.getPublicKey();
177-
178-
/*
179-
FileInputStream fin = new FileInputStream("/Users/jdahmubed/documents/jwksRSA.json");
180-
CertificateFactory f = CertificateFactory.getInstance("X.509");
181-
X509Certificate certificate = (X509Certificate)f.generateCertificate(fin);
182-
PublicKey publicKey = certificate.getPublicKey();*/
183-
184166
if (publicKey == null) {
185167
throw new IllegalStateException("The given Public Key is null.");
186168
}

lib/src/test/java/com/auth0/jwt/creators/JWTCreatorTest.java

Lines changed: 5 additions & 97 deletions
Original file line numberDiff line numberDiff line change
@@ -23,20 +23,16 @@
2323
import com.auth0.jwt.PemUtils;
2424
import com.auth0.jwt.TokenUtils;
2525
import com.auth0.jwt.algorithms.Algorithm;
26-
import com.auth0.jwt.creators.JWTCreator;
2726
import com.auth0.jwt.interfaces.DecodedJWT;
2827
import com.auth0.jwt.interfaces.ECDSAKeyProvider;
2928
import com.auth0.jwt.interfaces.RSAKeyProvider;
3029
import com.auth0.jwt.jwts.JWT;
3130
import org.apache.commons.codec.binary.Base64;
32-
import org.bouncycastle.asn1.eac.RSAPublicKey;
3331
import org.junit.Rule;
3432
import org.junit.Test;
3533
import org.junit.rules.ExpectedException;
3634

3735
import java.nio.charset.StandardCharsets;
38-
import java.security.*;
39-
import java.security.SecureRandom;
4036
import java.security.interfaces.ECPrivateKey;
4137
import java.security.interfaces.RSAPrivateKey;
4238
import java.util.Date;
@@ -46,17 +42,15 @@
4642
import static org.hamcrest.Matchers.is;
4743
import static org.hamcrest.Matchers.notNullValue;
4844
import static org.junit.Assert.assertThat;
49-
import org.mockito.Mockito;
5045
import static org.mockito.Mockito.mock;
5146
import static org.mockito.Mockito.when;
5247

53-
import javax.crypto.Cipher;
5448

5549
public class JWTCreatorTest {
50+
5651
private static final String PRIVATE_KEY_FILE_RSA = "src/test/resources/rsa-private-from-Roland.pem";
5752
private static final String PRIVATE_KEY_FILE_EC_256 = "src/test/resources/ec256-key-private.pem";
5853

59-
6054
@Rule
6155
public ExpectedException exception = ExpectedException.none();
6256

@@ -112,7 +106,7 @@ public void shouldAddKeyIdIfAvailableFromRSAAlgorithms() throws Exception {
112106
}
113107

114108
@Test
115-
public void shouldAddKeyIdIfAvailableFromRSAAlgorithmsDELETEEEEE16() throws Exception {
109+
public void shouldAddKeyIdIfAvailableFromRSAAlgorithmsForBase16() throws Exception {
116110
RSAPrivateKey privateKey = (RSAPrivateKey) PemUtils.readPrivateKeyFromFile(PRIVATE_KEY_FILE_RSA, "RSA");
117111
RSAKeyProvider provider = mock(RSAKeyProvider.class);
118112
when(provider.getPrivateKeyId()).thenReturn("8RGoVdVjD8fItyR3FFo0hVNaZYtPGwoP6xKi9e_V7bI");
@@ -127,38 +121,10 @@ public void shouldAddKeyIdIfAvailableFromRSAAlgorithmsDELETEEEEE16() throws Exce
127121
JWT jwt = JWT.require(Algorithm.RSA256(provider)).withIssuer("auth0").build();
128122
DecodedJWT decoded = jwt.decode16Bytes(signed);
129123
algorithm.verify(decoded, EncodeType.Base16);
130-
131-
/*assertThat(signed, is(notNullValue()));
132-
String[] parts = signed.split("\\.");
133-
String headerJson = new String(Base64.decodeBase64(parts[0]), StandardCharsets.UTF_8);
134-
assertThat(headerJson, JsonMatcher.hasEntry("kid", "my-key-id"));*/
135-
}
136-
137-
@Test
138-
public void shouldAddKeyIdIfAvailableFromRSAAlgorithmsDELETEEEEE32() throws Exception {
139-
RSAPrivateKey privateKey = (RSAPrivateKey) PemUtils.readPrivateKeyFromFile(PRIVATE_KEY_FILE_RSA, "RSA");
140-
RSAKeyProvider provider = mock(RSAKeyProvider.class);
141-
when(provider.getPrivateKeyId()).thenReturn("RkI5MjI5OUY5ODc1N0Q4QzM0OUYzNkVGMTJDOUEzQkFCOTU3NjE2Rg");
142-
when(provider.getPrivateKey()).thenReturn(privateKey);
143-
Algorithm algorithm = Algorithm.RSA256(provider);
144-
145-
String signed = JWTCreator.init()
146-
.withKeyId("RkI5MjI5OUY5ODc1N0Q4QzM0OUYzNkVGMTJDOUEzQkFCOTU3NjE2Rg")
147-
.withIssuer("auth0")
148-
.sign(algorithm, EncodeType.Base32);
149-
150-
JWT jwt = JWT.require(Algorithm.RSA256(provider)).withIssuer("auth0").build();
151-
DecodedJWT decoded = jwt.decode32Bytes(signed);
152-
algorithm.verify(decoded, EncodeType.Base32);
153-
154-
/*assertThat(signed, is(notNullValue()));
155-
String[] parts = signed.split("\\.");
156-
String headerJson = new String(Base64.decodeBase64(parts[0]), StandardCharsets.UTF_8);
157-
assertThat(headerJson, JsonMatcher.hasEntry("kid", "my-key-id"));*/
158124
}
159125

160126
@Test
161-
public void shouldAddKeyIdIfAvailableFromRSAAlgorithmsDELETEEEEE32Roland() throws Exception {
127+
public void shouldAddKeyIdIfAvailableFromRSAAlgorithmsForBase32() throws Exception {
162128
RSAPrivateKey privateKey = (RSAPrivateKey) PemUtils.readPrivateKeyFromFile(PRIVATE_KEY_FILE_RSA, "RSA");
163129
RSAKeyProvider provider = mock(RSAKeyProvider.class);
164130
when(provider.getPrivateKeyId()).thenReturn("8RGoVdVjD8fItyR3FFo0hVNaZYtPGwoP6xKi9e_V7bI");
@@ -173,60 +139,24 @@ public void shouldAddKeyIdIfAvailableFromRSAAlgorithmsDELETEEEEE32Roland() throw
173139
JWT jwt = JWT.require(Algorithm.RSA256(provider)).withIssuer("auth0").build();
174140
DecodedJWT decoded = jwt.decode32Bytes(signed);
175141
algorithm.verify(decoded, EncodeType.Base32);
176-
177-
/*assertThat(signed, is(notNullValue()));
178-
String[] parts = signed.split("\\.");
179-
String headerJson = new String(Base64.decodeBase64(parts[0]), StandardCharsets.UTF_8);
180-
assertThat(headerJson, JsonMatcher.hasEntry("kid", "my-key-id"));*/
181142
}
182143

183144
@Test
184-
public void shouldAddKeyIdIfAvailableFromRSAAlgorithmsDELETEEEEE() throws Exception {
185-
RSAPrivateKey privateKey = (RSAPrivateKey) PemUtils.readPrivateKeyFromFile(PRIVATE_KEY_FILE_RSA, "RSA");
186-
RSAKeyProvider provider = mock(RSAKeyProvider.class);
187-
when(provider.getPrivateKeyId()).thenReturn("RkI5MjI5OUY5ODc1N0Q4QzM0OUYzNkVGMTJDOUEzQkFCOTU3NjE2Rg");
188-
when(provider.getPrivateKey()).thenReturn(privateKey);
189-
Algorithm algorithm = Algorithm.RSA256(provider);
190-
191-
String signed = JWTCreator.init()
192-
.withKeyId("RkI5MjI5OUY5ODc1N0Q4QzM0OUYzNkVGMTJDOUEzQkFCOTU3NjE2Rg")
193-
.withIssuer("auth0")
194-
.sign(algorithm);
195-
196-
JWT jwt = JWT.require(Algorithm.RSA256(provider)).withIssuer("auth0").build();
197-
DecodedJWT decoded = jwt.decode(signed);
198-
algorithm.verify(decoded, EncodeType.Base64);
199-
200-
/*assertThat(signed, is(notNullValue()));
201-
String[] parts = signed.split("\\.");
202-
String headerJson = new String(Base64.decodeBase64(parts[0]), StandardCharsets.UTF_8);
203-
assertThat(headerJson, JsonMatcher.hasEntry("kid", "my-key-id"));*/
204-
}
205-
206-
@Test
207-
public void shouldAddKeyIdIfAvailableFromRSAAlgorithmsDELETEEEEERoland() throws Exception {
145+
public void shouldAddKeyIdIfAvailableFromRSAAlgorithmsForBase64() throws Exception {
208146
RSAPrivateKey privateKey = (RSAPrivateKey) PemUtils.readPrivateKeyFromFile(PRIVATE_KEY_FILE_RSA, "RSA");
209147
RSAKeyProvider provider = mock(RSAKeyProvider.class);
210148
when(provider.getPrivateKeyId()).thenReturn("8RGoVdVjD8fItyR3FFo0hVNaZYtPGwoP6xKi9e_V7bI");
211149
when(provider.getPrivateKey()).thenReturn(privateKey);
212150
Algorithm algorithm = Algorithm.RSA256(provider);
213151

214-
String signed = /*JWTCreator.init()
215-
.withKeyId("RkI5MjI5OUY5ODc1N0Q4QzM0OUYzNkVGMTJDOUEzQkFCOTU3NjE2Rg")
216-
.withIssuer("auth0")
217-
.sign(algorithm);*/
152+
String signed =
218153
"eyJhbGciOiJSUzI1NiIsImtpZCI6IjhSR29WZFZqRDhmSXR5UjNGRm8waFZOYVpZdFBHd29QNnhLaTllX1Y3YkkifQ.eyJpc3MiOiAiaHR0cHM6Ly9hZ2F0b24tc2F4LmNvbS8iLCAiaWF0IjogMTUxMzYyODc3OSwgImV4cCI6IDE1MTM3MTUxNzksICJraWQiOiAiOFJHb1ZkVmpEOGZJdHlSM0ZGbzBoVk5hWll0UEd3b1A2eEtpOWVfVjdiSSIsICJmb28iOiAiYmFyIiwgImtpdCI6ICJrYXQifQ.OMSHRJRW3J2MHFvPZhRaxxJhHJ5WFBaRzdPb3KpxWsF1Y3Or4BH-2pL8HE1CAoUTTqGYvNSShi2O-NFupGmaY5SRehOma_6XHcL2OrKKwFkG21M57T13_qagG7VUF7n7yhaLXMKWNli9JZ9iwHqLfA__j2X4XqxqPRxr5LxLXz-eynRp1jax2-eqiAMVYdSnH02e_bmnO89nIys6VUPoOAQFJjoPNtUo0urG8vTsiFPHFCgWUljDUFIu-TiRVTu5gJea-cigUJeG7i_4cp0qkWHo7POrS4Dq-gyzUSbkqBNdg-4LAAU40staTA236MPekQkzeTQlHa9418davEvfboYnCYeAhhX9Pnn7YotZSsD6S9HnTh5OjJ5E3O_Y-5MSK-eIYHV79FLQbaG1Xmcuv7WsRyhPadAwmNYLuWBtgaQDVV58ZmZPB9EaBDczqJDymjLkz2NpfLVI1kKFFDdLDC6ZBnKSsksDKvyrCS3JT3nHLR9LTIBN6mPii5xKy9Ysa1AQ1lK9ytcHCbG2iJJMZ57zpcjEevncvfGkB8RALe6GAthrNclA3mosB9b_z1TBPAzUZVh7VZLCsST7RIO1olDKEtZDvG-qGBEdjNS885nxoYe6ASCcEiUZ16Rixo8xw6lBb9l6qUkw3KST29W7_tcSGC3GnWQCN6q_SS-SD90";
219154

220155
JWT jwt = JWT.require(Algorithm.RSA256(provider)).withIssuer("https://agaton-sax.com/")
221156
.withNonStandardClaim("foo","bar")
222157
.withNonStandardClaim("kit", "kat").build();
223158
DecodedJWT decoded = jwt.decode(signed);
224159
algorithm.verify(decoded, EncodeType.Base64);
225-
226-
/*assertThat(signed, is(notNullValue()));
227-
String[] parts = signed.split("\\.");
228-
String headerJson = new String(Base64.decodeBase64(parts[0]), StandardCharsets.UTF_8);
229-
assertThat(headerJson, JsonMatcher.hasEntry("kid", "my-key-id"));*/
230160
}
231161

232162
@Test
@@ -262,28 +192,6 @@ public void shouldAddKeyIdIfAvailableFromECDSAAlgorithms() throws Exception {
262192
assertThat(headerJson, JsonMatcher.hasEntry("kid", "my-key-id"));
263193
}
264194

265-
@Test
266-
public void shouldAddKeyIdIfAvailableFromECDSAAlgorithmsDELETEEEEEE() throws Exception {
267-
ECPrivateKey privateKey = (ECPrivateKey) PemUtils.readPrivateKeyFromFile(PRIVATE_KEY_FILE_EC_256, "EC");
268-
ECDSAKeyProvider provider = mock(ECDSAKeyProvider.class);
269-
when(provider.getPrivateKeyId()).thenReturn("RkI5MjI5OUY5ODc1N0Q4QzM0OUYzNkVGMTJDOUEzQkFCOTU3NjE2Rg");
270-
when(provider.getPrivateKey()).thenReturn(privateKey);
271-
272-
String signed = JWTCreator.init()
273-
.withKeyId("RkI5MjI5OUY5ODc1N0Q4QzM0OUYzNkVGMTJDOUEzQkFCOTU3NjE2Rg")
274-
.withIssuer("auth0")
275-
.sign(Algorithm.ECDSA256(provider));
276-
277-
JWT jwt = JWT.require(Algorithm.ECDSA256(provider)).withIssuer("auth0").build();
278-
DecodedJWT decoded = jwt.decode(signed);
279-
Algorithm.ECDSA256(provider).verify(decoded, EncodeType.Base64);
280-
281-
assertThat(signed, is(notNullValue()));
282-
String[] parts = signed.split("\\.");
283-
String headerJson = new String(Base64.decodeBase64(parts[0]), StandardCharsets.UTF_8);
284-
//assertThat(headerJson, JsonMatcher.hasEntry("kid", "my-key-id"));
285-
}
286-
287195
@Test
288196
public void shouldNotOverwriteKeyIdIfAddedFromECDSAAlgorithms() throws Exception {
289197
ECPrivateKey privateKey = (ECPrivateKey) PemUtils.readPrivateKeyFromFile(PRIVATE_KEY_FILE_EC_256, "EC");

0 commit comments

Comments
 (0)