renamed JWSUtils -> IdTokenHashUtils, renamed internal variables

Justin Richer · Justin Richer · commit 0fcecd27e566 · 2013-08-09T14:09:52.000-04:00
Conflicts:

	openid-connect-server/src/main/java/org/mitre/openid/connect/token/ConnectTokenEnhancer.java
diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/token/ConnectTokenEnhancer.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/token/ConnectTokenEnhancer.java
@@ -26,7 +26,8 @@
 import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
 import org.mitre.oauth2.service.ClientDetailsEntityService;
 import org.mitre.openid.connect.config.ConfigurationPropertiesBean;
-import org.mitre.openid.connect.util.JWSUtils;
+import org.mitre.openid.connect.service.ApprovedSiteService;
+import org.mitre.openid.connect.util.IdTokenHashUtils;
 import org.mitre.openid.connect.web.AuthenticationTimeStamper;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -147,7 +148,7 @@ public OAuth2AccessToken enhance(OAuth2AccessToken accessToken,	OAuth2Authentica
 			Set<String> responseTypes = OAuth2Utils.parseParameterList(responseType);
 			if (responseTypes.contains("token")) {
 				// calculate the token hash
-				Base64URL at_hash = JWSUtils.getAccessTokenHash(signingAlg, token);
+				Base64URL at_hash = IdTokenHashUtils.getAccessTokenHash(signingAlg, token);
 				//TODO: What should happen if the hash cannot be calculated?
 				idClaims.setClaim("at_hash", at_hash);
 			}
diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/util/IdTokenHashUtils.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/util/IdTokenHashUtils.java
@@ -1,3 +1,20 @@
+/*******************************************************************************
+ * Copyright 2013 The MITRE Corporation 
+ *   and the MIT Kerberos and Internet Trust Consortium
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ ******************************************************************************/
+
 package org.mitre.openid.connect.util;
 
 import java.security.MessageDigest;
@@ -12,14 +29,15 @@
 import com.nimbusds.jose.util.Base64URL;
 
 /**
- * Utility class for JWS processing. 
+ * Utility class for generating hashes for access tokens and authorization codes
+ * to be included in an ID Token.
  * 
  * @author Amanda Anganes
- *
+ * 
  */
-public class JWSUtils {
+public class IdTokenHashUtils {
 
-	private static Logger logger = LoggerFactory.getLogger(JWSUtils.class);
+	private static Logger logger = LoggerFactory.getLogger(IdTokenHashUtils.class);
 	
 	/**
 	 * Compute the SHA hash of an authorization code
@@ -72,11 +90,11 @@ else if (signingAlg.equals(JWSAlgorithm.ES512) || signingAlg.equals(JWSAlgorithm
 				hasher.reset();
 				hasher.update(bytes);
 				
-				byte[] atHashBytes = hasher.digest();
-				byte[] atHashBytesLeftHalf = Arrays.copyOf(atHashBytes, atHashBytes.length / 2);
-				Base64URL at_hash = Base64URL.encode(atHashBytesLeftHalf);
+				byte[] hashBytes = hasher.digest();
+				byte[] hashBytesLeftHalf = Arrays.copyOf(hashBytes, hashBytes.length / 2);
+				Base64URL encodedHash = Base64URL.encode(hashBytesLeftHalf);
 
-				return at_hash;
+				return encodedHash;
 
 			} catch (NoSuchAlgorithmException e) {
 				
diff --git a/openid-connect-server/src/test/java/org/mitre/openid/connect/util/TestIdTokenHashUtils.java b/openid-connect-server/src/test/java/org/mitre/openid/connect/util/TestIdTokenHashUtils.java
@@ -38,7 +38,7 @@
  *
  */
 @RunWith(MockitoJUnitRunner.class)
-public class TestJWSUtils {
+public class TestIdTokenHashUtils {
 	
 	@Mock
 	OAuth2AccessTokenEntity mockToken256;
@@ -83,7 +83,7 @@ public void getAccessTokenHash256() {
 		String token = mockToken256.getJwt().serialize();
 		Base64URL expectedHash = new Base64URL("EP1gXNeESRH-n57baopfTQ");
 		
-		Base64URL resultHash = JWSUtils.getAccessTokenHash(JWSAlgorithm.HS256, mockToken256);
+		Base64URL resultHash = IdTokenHashUtils.getAccessTokenHash(JWSAlgorithm.HS256, mockToken256);
 		
 		assertEquals(expectedHash, resultHash);
 	}
@@ -100,7 +100,7 @@ public void getAccessTokenHash384() {
 		String token = mockToken384.getJwt().serialize(); 
 		Base64URL expectedHash = new Base64URL("BWfFK73PQI36M1rg9R6VjMyWOE0-XvBK");
 		
-		Base64URL resultHash = JWSUtils.getAccessTokenHash(JWSAlgorithm.ES384, mockToken384);
+		Base64URL resultHash = IdTokenHashUtils.getAccessTokenHash(JWSAlgorithm.ES384, mockToken384);
 		
 		assertEquals(expectedHash, resultHash);
 	}
@@ -117,7 +117,7 @@ public void getAccessTokenHash512() {
 		String token = mockToken512.getJwt().serialize(); 
 		Base64URL expectedHash = new Base64URL("vGH3QMY-knpACkLgzdkTqu3C9jtvbf2Wk_RSu2vAx8k");
 		
-		Base64URL resultHash = JWSUtils.getAccessTokenHash(JWSAlgorithm.RS512, mockToken512);
+		Base64URL resultHash = IdTokenHashUtils.getAccessTokenHash(JWSAlgorithm.RS512, mockToken512);
 		
 		assertEquals(expectedHash, resultHash);
 	}
@@ -129,7 +129,7 @@ public void getCodeHash512() {
 		
 		Base64URL expectedHash = new Base64URL("R5DCRi5eOjlvyTAJfry2dNM9adJ2ElpDEKYYByYU920"); // independently generated
 		
-		Base64URL resultHash = JWSUtils.getCodeHash(JWSAlgorithm.ES512, testCode);
+		Base64URL resultHash = IdTokenHashUtils.getCodeHash(JWSAlgorithm.ES512, testCode);
 		
 		assertEquals(expectedHash, resultHash);
 	}
