Update two dependencies for our OpenID Connect realm implementation to their latest versions
This commit is contained in:
Ioannis Kakavas
GitHub
parent
08bf89b92b
commit
a0362153e2
|
|
@ -56,8 +56,8 @@ dependencies {
|
|||
compile 'com.google.guava:guava:19.0'
|
||||
|
||||
// Dependencies for oidc
|
||||
compile "com.nimbusds:oauth2-oidc-sdk:6.5"
|
||||
compile "com.nimbusds:nimbus-jose-jwt:4.41.2"
|
||||
compile "com.nimbusds:oauth2-oidc-sdk:6.16.5"
|
||||
compile "com.nimbusds:nimbus-jose-jwt:8.2"
|
||||
compile "com.nimbusds:lang-tag:1.4.4"
|
||||
compile "com.sun.mail:jakarta.mail:1.6.3"
|
||||
compile "net.jcip:jcip-annotations:1.0"
|
||||
|
|
@ -82,7 +82,7 @@ dependencies {
|
|||
testCompile('org.apache.kerby:kerb-crypto:1.1.1')
|
||||
testCompile('org.apache.kerby:kerb-util:1.1.1')
|
||||
testCompile('org.apache.kerby:token-provider:1.1.1')
|
||||
testCompile('com.nimbusds:nimbus-jose-jwt:4.41.2')
|
||||
testCompile('com.nimbusds:nimbus-jose-jwt:8.2')
|
||||
testCompile('net.jcip:jcip-annotations:1.0')
|
||||
testCompile('org.apache.kerby:kerb-admin:1.1.1')
|
||||
testCompile('org.apache.kerby:kerb-server:1.1.1')
|
||||
|
|
@ -270,7 +270,13 @@ thirdPartyAudit {
|
|||
// [missing classes] SLF4j includes an optional class that depends on an extension class (!)
|
||||
'org.slf4j.ext.EventData',
|
||||
// Optional dependency of oauth2-oidc-sdk that we don't need since we do not support AES-SIV for JWE
|
||||
'org.cryptomator.siv.SivMode'
|
||||
'org.cryptomator.siv.SivMode',
|
||||
// Optional dependency of nimbus-jose-jwt for handling Ed25519 signatures and ECDH with X25519 (RFC 8037)
|
||||
'com.google.crypto.tink.subtle.Ed25519Sign',
|
||||
'com.google.crypto.tink.subtle.Ed25519Sign$KeyPair',
|
||||
'com.google.crypto.tink.subtle.Ed25519Verify',
|
||||
'com.google.crypto.tink.subtle.X25519'
|
||||
|
||||
)
|
||||
|
||||
ignoreViolations (
|
||||
|
|
|
|||
|
|
@ -1 +0,0 @@
|
|||
3981d32ddfa2919a7af46eb5e484f8dc064da665
|
||||
|
|
@ -0,0 +1 @@
|
|||
3cc99de85969253f2f085c39d87124e21011ae74
|
||||
|
|
@ -0,0 +1 @@
|
|||
690bf0290fe0c03dabfb43566dbd334f78ddce84
|
||||
|
|
@ -1 +0,0 @@
|
|||
422759fc195f65345e8da3265c69dea3c6cf56a5
|
||||
|
|
@ -10,6 +10,7 @@ import com.nimbusds.jose.JWSHeader;
|
|||
import com.nimbusds.jose.crypto.ECDSASigner;
|
||||
import com.nimbusds.jose.crypto.MACSigner;
|
||||
import com.nimbusds.jose.crypto.RSASSASigner;
|
||||
import com.nimbusds.jose.jwk.Curve;
|
||||
import com.nimbusds.jose.jwk.ECKey;
|
||||
import com.nimbusds.jose.jwk.JWK;
|
||||
import com.nimbusds.jose.jwk.JWKSet;
|
||||
|
|
@ -971,7 +972,7 @@ public class OpenIdConnectAuthenticatorTests extends OpenIdConnectTestCase {
|
|||
|
||||
} else if (type.equals("ES")) {
|
||||
hashSize = randomFrom(256, 384, 512);
|
||||
ECKey.Curve curve = curveFromHashSize(hashSize);
|
||||
Curve curve = curveFromHashSize(hashSize);
|
||||
KeyPairGenerator gen = KeyPairGenerator.getInstance("EC");
|
||||
gen.initialize(curve.toECParameterSpec());
|
||||
KeyPair keyPair = gen.generateKeyPair();
|
||||
|
|
@ -986,13 +987,13 @@ public class OpenIdConnectAuthenticatorTests extends OpenIdConnectTestCase {
|
|||
return new Tuple(key, new JWKSet(jwk));
|
||||
}
|
||||
|
||||
private ECKey.Curve curveFromHashSize(int size) {
|
||||
private Curve curveFromHashSize(int size) {
|
||||
if (size == 256) {
|
||||
return ECKey.Curve.P_256;
|
||||
return Curve.P_256;
|
||||
} else if (size == 384) {
|
||||
return ECKey.Curve.P_384;
|
||||
return Curve.P_384;
|
||||
} else if (size == 512) {
|
||||
return ECKey.Curve.P_521;
|
||||
return Curve.P_521;
|
||||
} else {
|
||||
throw new IllegalArgumentException("Invalid hash size:" + size);
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue