Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Remove SingleKeyJWSKeySelector 

Closes gh-9348
This commit is contained in:
Josh Cummings 2021-01-15 22:15:35 -07:00
parent 65d3b0d71c
commit f36e2fca59
No known key found for this signature in database
GPG Key ID: 49EF60DD7FF83443
4 changed files with 6 additions and 62 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/NimbusJwtDecoder.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2002-2020 the original author or authors.
* Copyright 2002-2021 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -42,6 +42,7 @@ import com.nimbusds.jose.jwk.source.RemoteJWKSet;
import com.nimbusds.jose.proc.JWSKeySelector;
import com.nimbusds.jose.proc.JWSVerificationKeySelector;
import com.nimbusds.jose.proc.SecurityContext;
import com.nimbusds.jose.proc.SingleKeyJWSKeySelector;
import com.nimbusds.jose.util.Resource;
import com.nimbusds.jose.util.ResourceRetriever;
import com.nimbusds.jwt.JWT;

3
oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/NimbusReactiveJwtDecoder.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2002-2020 the original author or authors.
* Copyright 2002-2021 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -42,6 +42,7 @@ import com.nimbusds.jose.proc.JWKSecurityContext;
import com.nimbusds.jose.proc.JWSKeySelector;
import com.nimbusds.jose.proc.JWSVerificationKeySelector;
import com.nimbusds.jose.proc.SecurityContext;
import com.nimbusds.jose.proc.SingleKeyJWSKeySelector;
import com.nimbusds.jwt.JWT;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.jwt.JWTParser;

57
oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/SingleKeyJWSKeySelector.java
View File

@ -1,57 +0,0 @@
/*
* Copyright 2002-2020 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.oauth2.jwt;
import java.security.Key;
import java.util.Arrays;
import java.util.List;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.JWSHeader;
import com.nimbusds.jose.proc.JWSKeySelector;
import com.nimbusds.jose.proc.SecurityContext;
import org.springframework.util.Assert;
/**
* An internal implementation of {@link JWSKeySelector} that always returns the same key
*
* @author Josh Cummings
* @since 5.2
*/
final class SingleKeyJWSKeySelector<C extends SecurityContext> implements JWSKeySelector<C> {
private final List<Key> keySet;
private final JWSAlgorithm expectedJwsAlgorithm;
SingleKeyJWSKeySelector(JWSAlgorithm expectedJwsAlgorithm, Key key) {
Assert.notNull(expectedJwsAlgorithm, "expectedJwsAlgorithm cannot be null");
Assert.notNull(key, "key cannot be null");
this.keySet = Arrays.asList(key);
this.expectedJwsAlgorithm = expectedJwsAlgorithm;
}
@Override
public List<? extends Key> selectJWSKeys(JWSHeader header, C context) {
if (!this.expectedJwsAlgorithm.equals(header.getAlgorithm())) {
throw new BadJwtException("Unsupported algorithm of " + header.getAlgorithm());
}
return this.keySet;
}
}

5
oauth2/oauth2-jose/src/test/java/org/springframework/security/oauth2/jwt/NimbusJwtDecoderTests.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2002-2020 the original author or authors.
* Copyright 2002-2021 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -503,8 +503,7 @@ public class NimbusJwtDecoderTests {
.macAlgorithm(MacAlgorithm.HS512)
.build();
assertThatExceptionOfType(BadJwtException.class)
.isThrownBy(() -> decoder.decode(signedJWT.serialize()))
.withMessageContaining("Unsupported algorithm of HS256");
.isThrownBy(() -> decoder.decode(signedJWT.serialize()));
// @formatter:on
}