diff options
| author | Thomas <> | 2022-01-19 19:05:58 +0100 |
|---|---|---|
| committer | Thomas <> | 2022-01-19 19:05:58 +0100 |
| commit | e123bad9e4c49102ef7a4d98396c0e252e2b4759 (patch) | |
| tree | d4719e5c9139b3bd20e7487f1996debbae5f0b87 /eaaf_core_utils/src/main | |
| parent | caeea7aceea23e5ac74c74b55ffe416814e3a778 (diff) | |
| download | EAAF-Components-e123bad9e4c49102ef7a4d98396c0e252e2b4759.tar.gz EAAF-Components-e123bad9e4c49102ef7a4d98396c0e252e2b4759.tar.bz2 EAAF-Components-e123bad9e4c49102ef7a4d98396c0e252e2b4759.zip | |
test(core): add extension of 'AuthenticatedEncryptionPendingRequestIdGenerationStrategy' that allows generation of already expired tokens
Diffstat (limited to 'eaaf_core_utils/src/main')
| -rw-r--r-- | eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java | 47 |
1 files changed, 25 insertions, 22 deletions
diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java index ca1db67d..cbf2be5a 100644 --- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java +++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java @@ -80,31 +80,13 @@ public class AuthenticatedEncryptionPendingRequestIdGenerationStrategy @Override public String generateExternalPendingRequestId() throws EaafException { try { - final String toSign = buildInternalToken(Random.nextLongRandom(), DateTime.now()); - JsonWebEncryption encToken = new JsonWebEncryption(); - encToken.setAlgorithmHeaderValue(selectKeyWrappingAlgorithm(key.getFirst())); - encToken.setEncryptionMethodHeaderParameter(ContentEncryptionAlgorithmIdentifiers.AES_128_GCM); - encToken.setKey(key.getFirst()); - encToken.setPayload(toSign); - - - - if (key.getSecond() != null) { - final ProviderContext providerCtx = new ProviderContext(); - providerCtx.getSuppliedKeyProviderContext().setSignatureProvider( - key.getSecond().getName()); - encToken.setProviderContext(providerCtx); - - } - - return Base64.getUrlEncoder() - .encodeToString(encToken.getCompactSerialization().getBytes(StandardCharsets.UTF_8)); - + final String toSign = buildInternalToken(Random.nextLongRandom(), DateTime.now()); + return encryptAndEncodeToken(toSign); + } catch (final JoseException e) { throw new EaafException("internal.pendingreqid.02", new Object[] { e.getMessage() }, e); } - } @Override @@ -272,9 +254,30 @@ public class AuthenticatedEncryptionPendingRequestIdGenerationStrategy } - private String buildInternalToken(final String internalPendingReqId, final DateTime now) { + protected String buildInternalToken(final String internalPendingReqId, final DateTime now) { return new StringBuilder().append(TOKEN_TEXTUAL_DATE_FORMAT.print(now)).append(TOKEN_SEPARATOR) .append(internalPendingReqId).toString(); + + } + + protected String encryptAndEncodeToken(String token) throws JoseException { + JsonWebEncryption encToken = new JsonWebEncryption(); + encToken.setAlgorithmHeaderValue(selectKeyWrappingAlgorithm(key.getFirst())); + encToken.setEncryptionMethodHeaderParameter(ContentEncryptionAlgorithmIdentifiers.AES_128_GCM); + encToken.setKey(key.getFirst()); + encToken.setPayload(token); + + if (key.getSecond() != null) { + final ProviderContext providerCtx = new ProviderContext(); + providerCtx.getSuppliedKeyProviderContext().setSignatureProvider( + key.getSecond().getName()); + encToken.setProviderContext(providerCtx); + + } + + return Base64.getUrlEncoder() + .encodeToString(encToken.getCompactSerialization().getBytes(StandardCharsets.UTF_8)); + } } |