StephanRichter
/
LightOidc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

trying to implement using jose library. current obstacle is: I don't know how to involve client secret in key generation 

Signed-off-by: Stephan Richter <s.richter@srsoftware.de>
sqlite
Stephan Richter 4 months ago
parent
ddb30ba295
commit
252252a9d1
2 changed files with 33 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      de.srsoftware.oidc.backend/build.gradle
  2. 33
      de.srsoftware.oidc.backend/src/main/java/de/srsoftware/oidc/backend/TokenController.java

1
de.srsoftware.oidc.backend/build.gradle
Unescape View File

@ -16,6 +16,7 @@ dependencies { @@ -16,6 +16,7 @@ dependencies {
implementation project(':de.srsoftware.oidc.api')
implementation project(':de.srsoftware.logging')
implementation 'org.json:json:20240303'
implementation 'org.bitbucket.b_c:jose4j:0.9.6'
}
test {

33
de.srsoftware.oidc.backend/src/main/java/de/srsoftware/oidc/backend/TokenController.java
Unescape View File

@ -13,6 +13,12 @@ import de.srsoftware.oidc.api.PathHandler; @@ -13,6 +13,12 @@ import de.srsoftware.oidc.api.PathHandler;
import java.io.IOException;
import java.util.*;
import java.util.stream.Collectors;
import org.jose4j.jwk.RsaJsonWebKey;
import org.jose4j.jwk.RsaJwkGenerator;
import org.jose4j.jws.AlgorithmIdentifiers;
import org.jose4j.jws.JsonWebSignature;
import org.jose4j.jwt.JwtClaims;
import org.jose4j.lang.JoseException;
import org.json.JSONObject;
public class TokenController extends PathHandler {
@ -68,6 +74,31 @@ public class TokenController extends PathHandler { @@ -68,6 +74,31 @@ public class TokenController extends PathHandler {
}
private String createJWT(Client client) {
return null;
try {
RsaJsonWebKey rsaJsonWebKey = RsaJwkGenerator.generateJwk(2048);
rsaJsonWebKey.setKeyId("k1");
JwtClaims claims = new JwtClaims();
claims.setIssuer("Issuer"); // who creates the token and signs it
claims.setAudience("Audience"); // to whom the token is intended to be sent
claims.setExpirationTimeMinutesInTheFuture(10); // time when the token will expire (10 minutes from now)
claims.setGeneratedJwtId(); // a unique identifier for the token
claims.setIssuedAtToNow(); // when the token was issued/created (now)
claims.setNotBeforeMinutesInThePast(2); // time before which the token is not yet valid (2 minutes ago)
claims.setSubject("subject"); // the subject/principal is whom the token is about
claims.setClaim("email", "mail@example.com"); // additional claims/attributes about the subject can be added
List<String> groups = Arrays.asList("group-one", "other-group", "group-three");
claims.setStringListClaim("groups", groups); // multi-valued claims work too and will end up as a JSON array
// A JWT is a JWS and/or a JWE with JSON claims as the payload.
// In this example it is a JWS so we create a JsonWebSignature object.
JsonWebSignature jws = new JsonWebSignature();
jws.setPayload(claims.toJson());
jws.setKey(rsaJsonWebKey.getPrivateKey());
jws.setKeyIdHeaderValue(rsaJsonWebKey.getKeyId());
jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.RSA_USING_SHA256);
return jws.getCompactSerialization();
} catch (JoseException e) {
throw new RuntimeException(e);
}
}
}

Write Preview
Loading…
Cancel
Save