diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/OAuth20Util.java')
| -rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/OAuth20Util.java | 73 |
1 files changed, 14 insertions, 59 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/OAuth20Util.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/OAuth20Util.java index 4d3030a0f..11b798d00 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/OAuth20Util.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/OAuth20Util.java @@ -1,33 +1,23 @@ package at.gv.egovernment.moa.id.protocols.oauth20; import java.io.UnsupportedEncodingException; -import java.security.KeyStore; -import java.security.PrivateKey; -import java.security.cert.X509Certificate; -import java.security.interfaces.RSAPrivateKey; import java.util.Map; import java.util.regex.Matcher; import java.util.regex.Pattern; -import net.oauth.jsontoken.crypto.RsaSHA256Signer; -import net.oauth.jsontoken.crypto.Signer; - -import org.opensaml.xml.security.x509.BasicX509Credential; - -import at.gv.egovernment.moa.id.commons.db.dao.config.OAOAUTH20; -import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20CertificateErrorException; -import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20Exception; -import at.gv.egovernment.moa.logging.Logger; -import at.gv.egovernment.moa.util.KeyStoreUtils; -import at.gv.egovernment.moa.util.StringUtils; +import org.apache.commons.lang.StringUtils; import com.google.gson.JsonObject; -public class OAuth20Util { +public final class OAuth20Util { public static final String REGEX_HTTPS = "^(https?)://[-a-zA-Z0-9+&@#/%?=~_|!:,.;]*[-a-zA-Z0-9+&@#/%=~_|]"; public static final String REGEX_FILE = "^(file):/.[-a-zA-Z0-9+&@#/%?=~_|!:,.;]*[-a-zA-Z0-9+&@#/%=~_|]"; + private OAuth20Util() { + throw new InstantiationError(); + } + /** * Simple helper function to add parameter to a url * @@ -59,9 +49,16 @@ public class OAuth20Util { return matcher.find(); } + public static boolean isValidStateValue(String state) { + Pattern urlPattern = Pattern.compile("javascript|<|>|&|;", Pattern.CASE_INSENSITIVE); + Matcher matcher = urlPattern.matcher(state); + return !matcher.find(); + } + public static void addProperytiesToJsonObject(JsonObject jsonObject, Map<String, Object> params) { for (Map.Entry<String, Object> param : params.entrySet()) { - if (param.getKey() != null && !"".equals(param.getKey()) && param.getValue() != null && !"".equals(param.getValue())) { + + if (!StringUtils.isEmpty(param.getKey()) && param.getValue() != null) { // check for integer try { @@ -89,46 +86,4 @@ public class OAuth20Util { } } - public static Signer loadSigner(String issuer) throws OAuth20Exception { - OAuth20Configuration globalConfig = OAuth20Configuration.getInstance(); - - if (StringUtils.isEmpty(globalConfig.getJWTKeyStore())) { - throw new OAuth20CertificateErrorException("keystore"); - } - - if (StringUtils.isEmpty(globalConfig.getJWTKeyName())) { - throw new OAuth20CertificateErrorException("key name"); - } - - try { - KeyStore ks = KeyStoreUtils.loadKeyStore(globalConfig.getJWTKeyStore(), globalConfig.getJWTKeyStorePassword()); - - X509Certificate certificate = (X509Certificate) ks.getCertificate(globalConfig.getJWTKeyName()); - - PrivateKey privateKey = (PrivateKey) ks.getKey(globalConfig.getJWTKeyName(), globalConfig.getJWTKeyPassword() - .toCharArray()); - BasicX509Credential credential = new BasicX509Credential(); - credential.setEntityCertificate(certificate); - credential.setPrivateKey(privateKey); - - //Logger.debug("Going to use X509Certificate:"); - Logger.debug(certificate); - //Logger.debug("Going to use private key:"); - Logger.debug(privateKey); - - return new RsaSHA256Signer(issuer, globalConfig.getJWTKeyName(), (RSAPrivateKey) credential.getPrivateKey()); - - } - catch (Exception e) { - throw new OAuth20CertificateErrorException("keystore"); - } - - } - - public static boolean isValidStateValue(String state) { - Pattern urlPattern = Pattern.compile("javascript|<|>|&|;", Pattern.CASE_INSENSITIVE); - Matcher matcher = urlPattern.matcher(state); - return !matcher.find(); - } - } |