From e123bad9e4c49102ef7a4d98396c0e252e2b4759 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Wed, 19 Jan 2022 19:05:58 +0100 Subject: test(core): add extension of 'AuthenticatedEncryptionPendingRequestIdGenerationStrategy' that allows generation of already expired tokens --- ...cryptionPendingRequestIdGenerationStrategy.java | 47 ++++++++++++---------- 1 file changed, 25 insertions(+), 22 deletions(-) (limited to 'eaaf_core_utils/src/main') diff --git a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java index ca1db67d..cbf2be5a 100644 --- a/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java +++ b/eaaf_core_utils/src/main/java/at/gv/egiz/eaaf/core/impl/utils/AuthenticatedEncryptionPendingRequestIdGenerationStrategy.java @@ -80,31 +80,13 @@ public class AuthenticatedEncryptionPendingRequestIdGenerationStrategy @Override public String generateExternalPendingRequestId() throws EaafException { try { - final String toSign = buildInternalToken(Random.nextLongRandom(), DateTime.now()); - JsonWebEncryption encToken = new JsonWebEncryption(); - encToken.setAlgorithmHeaderValue(selectKeyWrappingAlgorithm(key.getFirst())); - encToken.setEncryptionMethodHeaderParameter(ContentEncryptionAlgorithmIdentifiers.AES_128_GCM); - encToken.setKey(key.getFirst()); - encToken.setPayload(toSign); - - - - if (key.getSecond() != null) { - final ProviderContext providerCtx = new ProviderContext(); - providerCtx.getSuppliedKeyProviderContext().setSignatureProvider( - key.getSecond().getName()); - encToken.setProviderContext(providerCtx); - - } - - return Base64.getUrlEncoder() - .encodeToString(encToken.getCompactSerialization().getBytes(StandardCharsets.UTF_8)); - + final String toSign = buildInternalToken(Random.nextLongRandom(), DateTime.now()); + return encryptAndEncodeToken(toSign); + } catch (final JoseException e) { throw new EaafException("internal.pendingreqid.02", new Object[] { e.getMessage() }, e); } - } @Override @@ -272,9 +254,30 @@ public class AuthenticatedEncryptionPendingRequestIdGenerationStrategy } - private String buildInternalToken(final String internalPendingReqId, final DateTime now) { + protected String buildInternalToken(final String internalPendingReqId, final DateTime now) { return new StringBuilder().append(TOKEN_TEXTUAL_DATE_FORMAT.print(now)).append(TOKEN_SEPARATOR) .append(internalPendingReqId).toString(); + + } + + protected String encryptAndEncodeToken(String token) throws JoseException { + JsonWebEncryption encToken = new JsonWebEncryption(); + encToken.setAlgorithmHeaderValue(selectKeyWrappingAlgorithm(key.getFirst())); + encToken.setEncryptionMethodHeaderParameter(ContentEncryptionAlgorithmIdentifiers.AES_128_GCM); + encToken.setKey(key.getFirst()); + encToken.setPayload(token); + + if (key.getSecond() != null) { + final ProviderContext providerCtx = new ProviderContext(); + providerCtx.getSuppliedKeyProviderContext().setSignatureProvider( + key.getSecond().getName()); + encToken.setProviderContext(providerCtx); + + } + + return Base64.getUrlEncoder() + .encodeToString(encToken.getCompactSerialization().getBytes(StandardCharsets.UTF_8)); + } } -- cgit v1.2.3