diff options
-rw-r--r-- | src/main/java/com/juick/SignatureManager.java | 9 | ||||
-rw-r--r-- | src/test/java/com/juick/server/tests/ServerTests.java | 14 |
2 files changed, 12 insertions, 11 deletions
diff --git a/src/main/java/com/juick/SignatureManager.java b/src/main/java/com/juick/SignatureManager.java index 959242f5..037f9e30 100644 --- a/src/main/java/com/juick/SignatureManager.java +++ b/src/main/java/com/juick/SignatureManager.java @@ -34,8 +34,10 @@ import org.springframework.http.HttpMethod; import org.springframework.http.ResponseEntity; import org.springframework.web.client.RestTemplate; import org.springframework.web.util.UriComponentsBuilder; +import org.tomitribe.auth.signatures.Algorithm; import org.tomitribe.auth.signatures.Signature; import org.tomitribe.auth.signatures.Signer; +import org.tomitribe.auth.signatures.SigningAlgorithm; import org.tomitribe.auth.signatures.Verifier; import rocks.xmpp.addr.Jid; @@ -46,6 +48,7 @@ import java.security.Key; import java.security.NoSuchAlgorithmException; import java.security.SignatureException; import java.time.Instant; +import java.util.Arrays; import java.util.HashMap; import java.util.Map; import java.util.Optional; @@ -87,8 +90,8 @@ public class SignatureManager { } public String addSignature(Person from, String host, String method, String path, String dateString, KeystoreManager keystoreManager) throws IOException { - Signature templateSignature = new Signature(from.getPublicKey().getId(), "rsa-sha256", null, - "(request-target)", "host", "date"); + Signature templateSignature = new Signature(from.getPublicKey().getId(), SigningAlgorithm.HS2019.getAlgorithmName(), Algorithm.RSA_SHA256.getJvmName(), null, + Arrays.asList("(request-target)", "host", "date")); Map<String, String> headers = new HashMap<>(); headers.put("host", host); headers.put("date", dateString); @@ -101,7 +104,7 @@ public class SignatureManager { public User verifySignature(String method, String path, Map<String, String> headers) { String signatureString = headers.get("signature"); logger.info("Signature: {}", signatureString); - Signature signature = Signature.fromString(signatureString); + Signature signature = Signature.fromString(signatureString, null); Optional<Context> context = getContext(UriComponentsBuilder.fromUriString(signature.getKeyId()) .fragment(null).build().toUri()); if (context.isPresent() && context.get() instanceof Person) { diff --git a/src/test/java/com/juick/server/tests/ServerTests.java b/src/test/java/com/juick/server/tests/ServerTests.java index aad85884..43a0dc7b 100644 --- a/src/test/java/com/juick/server/tests/ServerTests.java +++ b/src/test/java/com/juick/server/tests/ServerTests.java @@ -429,8 +429,6 @@ public class ServerTests { messagesService.deleteMessage(user.getUid(), mid4); } - public ExpectedException exception = ExpectedException.none(); - @Test public void likeTypeStatsTests() { User dsdss = userService.createUser("dsdss", "secret").orElseThrow(IllegalStateException::new); @@ -1929,7 +1927,7 @@ public class ServerTests { restServiceServer.expect(times(3), requestTo(testuserkeyUri)) .andRespond(withSuccess(testuserResponseString, MediaType.APPLICATION_JSON)); Person testuser = (Person) signatureManager.getContext(testuserUri).get(); - Assert.assertThat(testuser.getPublicKey().getPublicKeyPem(), is(testKeystoreManager.getPublicKeyPem())); + assertThat(testuser.getPublicKey().getPublicKeyPem(), is(testKeystoreManager.getPublicKeyPem())); Instant now2 = Instant.now(); String testRequestDate = DateFormattersHolder.getHttpDateFormatter().format(now2); String inboxUri = "/api/inbox"; @@ -2390,12 +2388,12 @@ public class ServerTests { Jws<Claims> jwt = Jwts.parserBuilder() .setSigningKey(publicKeyGenerated).build() .parseClaimsJws(secret); - Assert.assertThat(jwt.getHeader().get("kid"), is("keyid")); - Assert.assertThat(jwt.getHeader().get("alg"), is("ES256")); + assertThat(jwt.getHeader().get("kid"), is("keyid")); + assertThat(jwt.getHeader().get("alg"), is("ES256")); Claims claims = jwt.getBody(); - Assert.assertThat(claims.get("iss"), is("teamid")); - Assert.assertThat(claims.get("sub"), is("com.example.app")); - Assert.assertThat(claims.get("aud"), is("https://appleid.apple.com")); + assertThat(claims.get("iss"), is("teamid")); + assertThat(claims.get("sub"), is("com.example.app")); + assertThat(claims.get("aud"), is("https://appleid.apple.com")); } @Test |