mirror of https://github.com/usbharu/Hideout.git
feat: kid,issuer,audを指定するように
This commit is contained in:
parent
638915230b
commit
f153ca85f3
|
@ -5,6 +5,7 @@ package dev.usbharu.hideout.plugins
|
||||||
import com.auth0.jwk.JwkProviderBuilder
|
import com.auth0.jwk.JwkProviderBuilder
|
||||||
import com.auth0.jwt.JWT
|
import com.auth0.jwt.JWT
|
||||||
import com.auth0.jwt.algorithms.Algorithm
|
import com.auth0.jwt.algorithms.Algorithm
|
||||||
|
import dev.usbharu.hideout.config.Config
|
||||||
import dev.usbharu.hideout.domain.model.hideout.form.UserLogin
|
import dev.usbharu.hideout.domain.model.hideout.form.UserLogin
|
||||||
import dev.usbharu.hideout.property
|
import dev.usbharu.hideout.property
|
||||||
import dev.usbharu.hideout.repository.IMetaRepository
|
import dev.usbharu.hideout.repository.IMetaRepository
|
||||||
|
@ -71,8 +72,9 @@ fun Application.configureSecurity(userAuthService: IUserAuthService, metaReposit
|
||||||
val keySpecPKCS8 = PKCS8EncodedKeySpec(Base64.getDecoder().decode(privateKeyString))
|
val keySpecPKCS8 = PKCS8EncodedKeySpec(Base64.getDecoder().decode(privateKeyString))
|
||||||
val privateKey = KeyFactory.getInstance("RSA").generatePrivate(keySpecPKCS8)
|
val privateKey = KeyFactory.getInstance("RSA").generatePrivate(keySpecPKCS8)
|
||||||
val token = JWT.create()
|
val token = JWT.create()
|
||||||
// .withAudience(audience)
|
.withAudience("${Config.configData.url}/users/${user.username}")
|
||||||
// .withIssuer(issuer)
|
.withIssuer(issuer)
|
||||||
|
.withKeyId(metaRepository.get()?.jwt?.kid.toString())
|
||||||
.withClaim("username", user.username)
|
.withClaim("username", user.username)
|
||||||
.withExpiresAt(Date(System.currentTimeMillis() + 60000))
|
.withExpiresAt(Date(System.currentTimeMillis() + 60000))
|
||||||
.sign(Algorithm.RSA256(publicKey, privateKey as RSAPrivateKey))
|
.sign(Algorithm.RSA256(publicKey, privateKey as RSAPrivateKey))
|
||||||
|
@ -81,9 +83,10 @@ fun Application.configureSecurity(userAuthService: IUserAuthService, metaReposit
|
||||||
|
|
||||||
get("/.well-known/jwks.json") {
|
get("/.well-known/jwks.json") {
|
||||||
//language=JSON
|
//language=JSON
|
||||||
|
val meta = requireNotNull(metaRepository.get())
|
||||||
call.respondText(
|
call.respondText(
|
||||||
contentType = ContentType.Application.Json,
|
contentType = ContentType.Application.Json,
|
||||||
text = JsonWebKeyUtil.publicKeyToJwk(requireNotNull(metaRepository.get()).jwt.publicKey)
|
text = JsonWebKeyUtil.publicKeyToJwk(meta.jwt.publicKey,meta.jwt.kid.toString())
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -8,16 +8,16 @@ import java.util.*
|
||||||
|
|
||||||
object JsonWebKeyUtil {
|
object JsonWebKeyUtil {
|
||||||
|
|
||||||
fun publicKeyToJwk(publicKey: String): String {
|
fun publicKeyToJwk(publicKey: String,kid:String): String {
|
||||||
val x509EncodedKeySpec = X509EncodedKeySpec(Base64.getDecoder().decode(publicKey))
|
val x509EncodedKeySpec = X509EncodedKeySpec(Base64.getDecoder().decode(publicKey))
|
||||||
val generatePublic = KeyFactory.getInstance("RSA").generatePublic(x509EncodedKeySpec)
|
val generatePublic = KeyFactory.getInstance("RSA").generatePublic(x509EncodedKeySpec)
|
||||||
return publicKeyToJwk(generatePublic as RSAPublicKey)
|
return publicKeyToJwk(generatePublic as RSAPublicKey,kid)
|
||||||
}
|
}
|
||||||
|
|
||||||
fun publicKeyToJwk(publicKey: RSAPublicKey): String {
|
fun publicKeyToJwk(publicKey: RSAPublicKey,kid:String): String {
|
||||||
val e = encodeBase64UInt(publicKey.publicExponent)
|
val e = encodeBase64UInt(publicKey.publicExponent)
|
||||||
val n = encodeBase64UInt(publicKey.modulus)
|
val n = encodeBase64UInt(publicKey.modulus)
|
||||||
return """{"keys":[{"e":"$e","n":"$n","use":"sig","kty":"RSA"}]}"""
|
return """{"keys":[{"e":"$e","n":"$n","use":"sig","kid":"$kid","kty":"RSA"}]}"""
|
||||||
}
|
}
|
||||||
|
|
||||||
private fun encodeBase64UInt(bigInteger: BigInteger, minLength: Int = -1): String {
|
private fun encodeBase64UInt(bigInteger: BigInteger, minLength: Int = -1): String {
|
||||||
|
|
Loading…
Reference in New Issue