Merge branch '2.2.x'

Closes gh-20612
pull/17274/head
Stephane Nicoll 5 years ago
commit 3735771f9c

@ -1,5 +1,5 @@
/* /*
* Copyright 2012-2019 the original author or authors. * Copyright 2012-2020 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -78,7 +78,8 @@ class OAuth2ResourceServerJwtConfiguration {
JwtDecoder jwtDecoderByPublicKeyValue() throws Exception { JwtDecoder jwtDecoderByPublicKeyValue() throws Exception {
RSAPublicKey publicKey = (RSAPublicKey) KeyFactory.getInstance("RSA") RSAPublicKey publicKey = (RSAPublicKey) KeyFactory.getInstance("RSA")
.generatePublic(new X509EncodedKeySpec(getKeySpec(this.properties.readPublicKey()))); .generatePublic(new X509EncodedKeySpec(getKeySpec(this.properties.readPublicKey())));
return NimbusJwtDecoder.withPublicKey(publicKey).build(); return NimbusJwtDecoder.withPublicKey(publicKey)
.signatureAlgorithm(SignatureAlgorithm.from(this.properties.getJwsAlgorithm())).build();
} }
private byte[] getKeySpec(String keyValue) { private byte[] getKeySpec(String keyValue) {

@ -1,5 +1,5 @@
/* /*
* Copyright 2012-2019 the original author or authors. * Copyright 2012-2020 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -190,6 +190,16 @@ class OAuth2ResourceServerAutoConfigurationTests {
.hasMessageContaining("Public key location does not exist")); .hasMessageContaining("Public key location does not exist"));
} }
@Test
void autoConfigurationShouldFailIfAlgorithmIsInvalid() {
this.contextRunner
.withPropertyValues(
"spring.security.oauth2.resourceserver.jwt.public-key-location=classpath:public-key-location",
"spring.security.oauth2.resourceserver.jwt.jws-algorithm=NOT_VALID")
.run((context) -> assertThat(context).hasFailed().getFailure()
.hasMessageContaining("signatureAlgorithm cannot be null"));
}
@Test @Test
void autoConfigurationWhenSetUriKeyLocationAndIssuerUriPresentShouldUseSetUri() { void autoConfigurationWhenSetUriKeyLocationAndIssuerUriPresentShouldUseSetUri() {
this.contextRunner this.contextRunner

Loading…
Cancel
Save