From 72f3289f339ef3b8fe37be3740ff390d970f8e0e Mon Sep 17 00:00:00 2001 From: Vitaly Takmazov Date: Thu, 12 May 2022 23:17:43 +0300 Subject: Use Churchkey library to read PEM files and keys --- .../scribejava/apis/AppleClientSecretGenerator.java | 20 +++++--------------- 1 file changed, 5 insertions(+), 15 deletions(-) (limited to 'src/main/java') diff --git a/src/main/java/com/github/scribejava/apis/AppleClientSecretGenerator.java b/src/main/java/com/github/scribejava/apis/AppleClientSecretGenerator.java index 10ac4c5a..2de9ea4a 100644 --- a/src/main/java/com/github/scribejava/apis/AppleClientSecretGenerator.java +++ b/src/main/java/com/github/scribejava/apis/AppleClientSecretGenerator.java @@ -20,19 +20,16 @@ package com.github.scribejava.apis; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.SignatureAlgorithm; -import java.nio.charset.StandardCharsets; -import java.security.Key; -import java.security.KeyFactory; import java.security.NoSuchAlgorithmException; -import java.security.spec.EncodedKeySpec; import java.security.spec.InvalidKeySpecException; -import java.security.spec.PKCS8EncodedKeySpec; import java.time.Instant; import java.time.ZoneId; import java.time.ZonedDateTime; -import java.util.Base64; import java.util.Date; +import org.tomitribe.churchkey.Key; +import org.tomitribe.churchkey.Keys; + public class AppleClientSecretGenerator { private final String subject; private final String teamId; @@ -49,14 +46,7 @@ public class AppleClientSecretGenerator { this.teamId = teamId; this.pemData = pemData; - String p8encodedData = new String(getPemData(), StandardCharsets.UTF_8) - .replace( - "-----BEGIN PRIVATE KEY-----\n", "") - .replace("\n", "") - .replace("-----END PRIVATE KEY-----", ""); - KeyFactory kf = KeyFactory.getInstance("EC"); - EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(Base64.getDecoder().decode(p8encodedData)); - signingKey = kf.generatePrivate(keySpec); + this.signingKey = Keys.decode(pemData); } public String getClientSecret() { @@ -68,7 +58,7 @@ public class AppleClientSecretGenerator { .setIssuedAt(Date.from(now)) .setSubject(subject) .setExpiration(Date.from(ZonedDateTime.ofInstant(now, ZoneId.of("UTC")).plusMonths(1).toInstant())) - .signWith(signingKey, SignatureAlgorithm.ES256) + .signWith(signingKey.getKey(), SignatureAlgorithm.ES256) .compact(); } -- cgit v1.2.3