Skip to content

Commit

Permalink
refactor move jwt classes into provider package, make them package pr…
Browse files Browse the repository at this point in the history 
…ivate
  • Loading branch information
@lbalmaceda
lbalmaceda committed Nov 29, 2019
1 parent 404e512 commit 24729be
Show file tree
Hide file tree
Showing 8 changed files with 38 additions and 46 deletions.
13 changes: 0 additions & 13 deletions auth0/src/main/java/com/auth0/android/jwt/NoSignatureVerifier.java
View file

This file was deleted.

11 changes: 6 additions & 5 deletions ...auth0/android/jwt/AsymmetricVerifier.java → .../android/provider/AsymmetricVerifier.java
View file
Original file line number Diff line number Diff line change
@@ -1,21 +1,22 @@
package com.auth0.android.jwt;
package com.auth0.android.provider;

import android.util.Base64;

import com.auth0.android.jwt.JWT;

import java.nio.charset.Charset;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;

//TODO: Make pkg private
public class AsymmetricVerifier extends SignatureVerifier {
class AsymmetricVerifier extends SignatureVerifier {

private static final String EXPECTED_ALGORITHM = "RS256";
private Signature publicSignature;

public AsymmetricVerifier(PublicKey publicKey) throws InvalidKeyException {
AsymmetricVerifier(PublicKey publicKey) throws InvalidKeyException {
super(EXPECTED_ALGORITHM);
try {
publicSignature = Signature.getInstance("SHA256withRSA");
Expand All @@ -28,7 +29,7 @@ public AsymmetricVerifier(PublicKey publicKey) throws InvalidKeyException {


@Override
public void verifySignature(JWT token) throws TokenValidationException {
void verifySignature(JWT token) throws TokenValidationException {
super.verifySignature(token);
String[] parts = token.toString().split("\\.");
String content = parts[0] + "." + parts[1];
Expand Down
25 changes: 11 additions & 14 deletions ...om/auth0/android/jwt/IdTokenVerifier.java → ...th0/android/provider/IdTokenVerifier.java
View file
Original file line number Diff line number Diff line change
@@ -1,16 +1,17 @@
package com.auth0.android.jwt;
package com.auth0.android.provider;

import android.support.annotation.NonNull;
import android.support.annotation.Nullable;

import com.auth0.android.jwt.JWT;

import java.util.Calendar;
import java.util.Date;
import java.util.List;

import static android.text.TextUtils.isEmpty;

//TODO: Make pkg private
public class IdTokenVerifier {
class IdTokenVerifier {
private static final Integer DEFAULT_CLOCK_SKEW = 60; //1 min = 60 sec

private static final String NONCE_CLAIM = "nonce";
Expand All @@ -25,7 +26,7 @@ public class IdTokenVerifier {
* @param verifyOptions the verification options, like audience, issuer, algorithm.
* @throws TokenValidationException If the ID Token is null, its signing algorithm not supported, its signature invalid or one of its claim invalid.
*/
public void verify(@NonNull JWT token, @NonNull Options verifyOptions) throws TokenValidationException {
void verify(@NonNull JWT token, @NonNull Options verifyOptions) throws TokenValidationException {
verifyOptions.verifier.verifySignature(token);

if (isEmpty(token.getIssuer())) {
Expand Down Expand Up @@ -114,7 +115,7 @@ public void verify(@NonNull JWT token, @NonNull Options verifyOptions) throws To
}
}

public static class Options {
static class Options {
final String issuer;
final String audience;
final SignatureVerifier verifier;
Expand All @@ -123,30 +124,26 @@ public static class Options {
Integer clockSkew;
Date clock;

public Options(@NonNull String issuer, @NonNull String audience, @NonNull SignatureVerifier verifier) {
Options(@NonNull String issuer, @NonNull String audience, @NonNull SignatureVerifier verifier) {
this.issuer = issuer;
this.audience = audience;
this.verifier = verifier;
}

public void setNonce(@Nullable String nonce) {
void setNonce(@Nullable String nonce) {
this.nonce = nonce;
}

public void setMaxAge(@Nullable Integer maxAge) {
void setMaxAge(@Nullable Integer maxAge) {
this.maxAge = maxAge;
}

public void setClockSkew(@Nullable Integer clockSkew) {
void setClockSkew(@Nullable Integer clockSkew) {
this.clockSkew = clockSkew;
}

public void setClock(@Nullable Date now) {
void setClock(@Nullable Date now) {
this.clock = now;
}

Integer getMaxAge() {
return maxAge;
}
}
}
12 changes: 12 additions & 0 deletions auth0/src/main/java/com/auth0/android/provider/NoSignatureVerifier.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
package com.auth0.android.provider;

class NoSignatureVerifier extends SignatureVerifier {

private static final String EXPECTED_ALGORITHM = "HS256";

NoSignatureVerifier() {
super(EXPECTED_ALGORITHM);
//TODO: anything missing?
}

}
5 changes: 0 additions & 5 deletions auth0/src/main/java/com/auth0/android/provider/OAuthManager.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,13 +14,8 @@
import com.auth0.android.authentication.AuthenticationException;
import com.auth0.android.callback.AuthenticationCallback;
import com.auth0.android.callback.BaseCallback;
import com.auth0.android.jwt.AsymmetricVerifier;
import com.auth0.android.jwt.DecodeException;
import com.auth0.android.jwt.IdTokenVerifier;
import com.auth0.android.jwt.JWT;
import com.auth0.android.jwt.NoSignatureVerifier;
import com.auth0.android.jwt.SignatureVerifier;
import com.auth0.android.jwt.TokenValidationException;
import com.auth0.android.result.Credentials;

import java.security.InvalidKeyException;
Expand Down
10 changes: 6 additions & 4 deletions .../auth0/android/jwt/SignatureVerifier.java → ...0/android/provider/SignatureVerifier.java
View file
Original file line number Diff line number Diff line change
@@ -1,13 +1,15 @@
package com.auth0.android.jwt;
package com.auth0.android.provider;

import android.support.annotation.CallSuper;

import com.auth0.android.jwt.JWT;

//TODO: Make pkg private
public abstract class SignatureVerifier {
abstract class SignatureVerifier {

private final String expectedAlgorithm;

public SignatureVerifier(String expectedAlgorithm) {
SignatureVerifier(String expectedAlgorithm) {
this.expectedAlgorithm = expectedAlgorithm;
}

Expand All @@ -19,7 +21,7 @@ private final void checkAlgorithm(JWT token) throws TokenValidationException {
}

@CallSuper
public void verifySignature(JWT token) throws TokenValidationException {
void verifySignature(JWT token) throws TokenValidationException {
checkAlgorithm(token);
}

Expand Down
7 changes: 3 additions & 4 deletions ...android/jwt/TokenValidationException.java → ...id/provider/TokenValidationException.java
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,11 @@
package com.auth0.android.jwt;
package com.auth0.android.provider;

import com.auth0.android.authentication.AuthenticationException;

//TODO: Make pkg private
public class TokenValidationException extends AuthenticationException {
class TokenValidationException extends AuthenticationException {
private static final String ERROR_CODE = "a0.sdk.internal_error.id_token_validation";

public TokenValidationException(String message) {
TokenValidationException(String message) {
super(ERROR_CODE, message);
}
}
1 change: 0 additions & 1 deletion auth0/src/test/java/com/auth0/android/request/internal/UserProfileGsonTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -199,7 +199,6 @@ public void shouldReturnProfileWithExtraInfo() throws Exception {
UserProfile profile = pojoFrom(json(PROFILE_FULL), UserProfile.class);
assertThat(profile, isNormalizedProfile(ID, NAME, NICKNAME));
assertThat(profile.getExtraInfo(), hasEntry("multifactor", (Object) Collections.singletonList("google-authenticator")));
// FIXME: Weird classpath issue with hamcrest. Probably best to rewrite assets. (06/07/2016)
assertThat(profile.getExtraInfo(), not(anyOf(new Matcher[]{hasKey("user_id"), hasKey("name"), hasKey("nickname"), hasKey("picture"), hasKey("email"), hasKey("created_at")})));
assertThat(profile.getExtraInfo(), not(anyOf(new Matcher[]{hasKey("identities"), hasKey("user_metadata"), hasKey("app_metadata")})));
}
Expand Down

0 comments on commit 24729be

Please sign in to comment.