StephanRichter
/
LightOidc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
44 Commits
3 Branches
0 Tags
2.7 MiB
 
 
 
 
 
 
Tree: e49dc560dc
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e49dc560dc'
${ noResults }
LightOidc/de.srsoftware.oidc.backend/src/main/java/de/srsoftware/oidc/backend/RotatingKeyManager.java

39 lines
1.2 KiB
Raw Blame History

/* © SRSoftware 2024 */
package de.srsoftware.oidc.backend;
import static de.srsoftware.utils.Strings.uuid;
import static org.jose4j.jws.AlgorithmIdentifiers.RSA_USING_SHA256;
import de.srsoftware.oidc.api.KeyManager;
import de.srsoftware.oidc.api.KeyStorage;
import java.io.IOException;
import org.jose4j.jwk.PublicJsonWebKey;
import org.jose4j.jwk.RsaJwkGenerator;
import org.jose4j.lang.JoseException;
public class RotatingKeyManager implements KeyManager {
private static final System.Logger LOG = System.getLogger(RotatingKeyManager.class.getSimpleName());
private final KeyStorage store;
public RotatingKeyManager(KeyStorage keyStore) {
store = keyStore;
}
@Override
public PublicJsonWebKey getKey() throws KeyCreationException, IOException {
var list = store.listKeys();
return list.isEmpty() ? createNewKey() : store.load(list.get(0));
}
private PublicJsonWebKey createNewKey() throws KeyCreationException, IOException {
try {
var key = RsaJwkGenerator.generateJwk(2048);
key.setAlgorithm(RSA_USING_SHA256);
key.setKeyId(uuid());
store.store(key);
return key;
} catch (JoseException e) {
throw new KeyCreationException(e);
}
}
}