-
Notifications
You must be signed in to change notification settings - Fork 64
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: OIDC - Fetch JWK from providers (#3137)
--------- Signed-off-by: Pablo Hernán Carle <[email protected]> Signed-off-by: sj895092 <[email protected]> Co-authored-by: Pablo Hernán Carle <[email protected]> Co-authored-by: ShobhaJayanna <[email protected]> Co-authored-by: sj895092 <[email protected]>
- Loading branch information
1 parent
9c90457
commit b23bb8f
Showing
16 changed files
with
403 additions
and
128 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -76,7 +76,6 @@ public void evict() { | |
serviceCacheEvicts.forEach(x -> x.evictCacheService(serviceId)); | ||
} | ||
|
||
|
||
} | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
60 changes: 60 additions & 0 deletions
60
gateway-service/src/main/java/org/zowe/apiml/gateway/security/service/token/JwkKeys.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
/* | ||
* This program and the accompanying materials are made available under the terms of the | ||
* Eclipse Public License v2.0 which accompanies this distribution, and is available at | ||
* https://www.eclipse.org/legal/epl-v20.html | ||
* | ||
* SPDX-License-Identifier: EPL-2.0 | ||
* | ||
* Copyright Contributors to the Zowe Project. | ||
*/ | ||
|
||
package org.zowe.apiml.gateway.security.service.token; | ||
|
||
import com.fasterxml.jackson.annotation.JsonIgnoreProperties; | ||
import com.fasterxml.jackson.annotation.JsonProperty; | ||
import lombok.AllArgsConstructor; | ||
import lombok.Data; | ||
import lombok.NoArgsConstructor; | ||
|
||
import java.util.List; | ||
|
||
@Data | ||
@AllArgsConstructor | ||
@NoArgsConstructor | ||
@JsonIgnoreProperties(ignoreUnknown = true) | ||
public class JwkKeys { | ||
|
||
private List<Key> keys; | ||
|
||
@Data | ||
@AllArgsConstructor | ||
@NoArgsConstructor | ||
public static class Key { | ||
|
||
// Cryptographic algorithm family for the certificate's Key pair. i.e. RSA | ||
@JsonProperty("kty") | ||
private String kty; | ||
|
||
// The algorithm used with the Key. i.e. RS256 | ||
@JsonProperty("alg") | ||
private String alg; | ||
|
||
// The certificate's Key ID | ||
@JsonProperty("kid") | ||
private String kid; | ||
|
||
// How the Key is used. i.e. sig | ||
@JsonProperty("use") | ||
private String use; | ||
|
||
// RSA Key value (exponent) for Key blinding | ||
@JsonProperty("e") | ||
private String e; | ||
|
||
// RSA modulus value | ||
@JsonProperty("n") | ||
private String n; | ||
|
||
} | ||
|
||
} |
36 changes: 36 additions & 0 deletions
36
gateway-service/src/main/java/org/zowe/apiml/gateway/security/service/token/OIDCConfig.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
/* | ||
* This program and the accompanying materials are made available under the terms of the | ||
* Eclipse Public License v2.0 which accompanies this distribution, and is available at | ||
* https://www.eclipse.org/legal/epl-v20.html | ||
* | ||
* SPDX-License-Identifier: EPL-2.0 | ||
* | ||
* Copyright Contributors to the Zowe Project. | ||
*/ | ||
|
||
package org.zowe.apiml.gateway.security.service.token; | ||
|
||
import com.fasterxml.jackson.databind.ObjectMapper; | ||
import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule; | ||
import io.jsonwebtoken.Clock; | ||
import io.jsonwebtoken.impl.DefaultClock; | ||
import org.springframework.beans.factory.annotation.Qualifier; | ||
import org.springframework.context.annotation.Bean; | ||
import org.springframework.context.annotation.Configuration; | ||
|
||
@Configuration | ||
public class OIDCConfig { | ||
|
||
@Bean | ||
public Clock clock() { | ||
return new DefaultClock(); | ||
} | ||
|
||
@Bean | ||
@Qualifier("oidcMapper") | ||
public ObjectMapper mapper() { | ||
return new ObjectMapper() | ||
.registerModule(new JavaTimeModule()); | ||
} | ||
|
||
} |
Oops, something went wrong.