From f70b207ecff565ff53e3efb13d897937d9aeaee0 Mon Sep 17 00:00:00 2001 From: Milton Ch <86965029+Milton-Ch@users.noreply.github.com> Date: Mon, 12 Dec 2022 09:30:06 -0400 Subject: [PATCH] feat(jans-auth-server): remove ox properties name (#3285) --- .../assertbuilders/JwtAssertBuilder.java | 12 ++-- .../ApplicationTypeRestrictionHttpTest.java | 4 +- .../ws/rs/AuthorizationCodeFlowHttpTest.java | 14 ++-- .../rs/AuthorizeRestWebServiceHttpTest.java | 14 ++-- .../ws/rs/ClientLanguageMetadataTest.java | 2 +- .../client/ws/rs/ClientSecretBasicTest.java | 2 +- ...nableClientToRestrictJavascriptOrigin.java | 2 +- .../ws/rs/TokenEncryptionHttpDeprecated.java | 10 +-- .../as/client/ws/rs/TokenRevocationTest.java | 8 +-- .../ws/rs/ValidateIdTokenHashesTest.java | 4 +- .../deviceauthz/DeviceAuthzFlowHttpTest.java | 4 +- .../jans/as/client/ws/rs/par/ParHttpTest.java | 2 +- .../client/ws/rs/token/NativeSsoHttpTest.java | 2 +- .../model/configuration/AppConfiguration.java | 70 +++++++++---------- .../model/crypto/CryptoProviderFactory.java | 10 +-- .../io/jans/as/model/jwt/JwtClaimName.java | 2 +- jans-auth-server/server/conf/jans-config.json | 14 ++-- .../as/server/model/token/IdTokenFactory.java | 2 +- .../templates/jans-auth/jans-auth-config.json | 12 ++-- .../templates/jans-auth/jans-auth-config.json | 12 ++-- 20 files changed, 101 insertions(+), 101 deletions(-) diff --git a/jans-auth-server/client/src/test/java/io/jans/as/client/client/assertbuilders/JwtAssertBuilder.java b/jans-auth-server/client/src/test/java/io/jans/as/client/client/assertbuilders/JwtAssertBuilder.java index c22fa2d1c75..694ccf2abc7 100644 --- a/jans-auth-server/client/src/test/java/io/jans/as/client/client/assertbuilders/JwtAssertBuilder.java +++ b/jans-auth-server/client/src/test/java/io/jans/as/client/client/assertbuilders/JwtAssertBuilder.java @@ -24,7 +24,7 @@ public class JwtAssertBuilder extends BaseAssertBuilder { private Jwt jwt; private boolean notNullAccesTokenHash; private boolean notNullAuthenticationTime; - private boolean notNullOxOpenIDConnectVersion; + private boolean notNullJansOpenIDConnectVersion; private boolean notNullAuthenticationContextClassReference; private boolean notNullAuthenticationMethodReferences; private boolean notNullClaimsAddressdata; @@ -42,7 +42,7 @@ public JwtAssertBuilder(Jwt jwt) { this.jwt = jwt; this.notNullAccesTokenHash = false; this.notNullAuthenticationTime = false; - this.notNullOxOpenIDConnectVersion = false; + this.notNullJansOpenIDConnectVersion = false; this.notNullAuthenticationContextClassReference = false; this.notNullAuthenticationMethodReferences = false; this.claimsPresence = null; @@ -65,8 +65,8 @@ public JwtAssertBuilder notNullAuthenticationTime() { return this; } - public JwtAssertBuilder notNullOxOpenIDConnectVersion() { - this.notNullOxOpenIDConnectVersion = true; + public JwtAssertBuilder notNullJansOpenIDConnectVersion() { + this.notNullJansOpenIDConnectVersion = true; return this; } @@ -177,8 +177,8 @@ public void check() { assertNotNullClaim(JwtClaimName.AUTHENTICATION_TIME); if (notNullAccesTokenHash) assertNotNullClaim(JwtClaimName.ACCESS_TOKEN_HASH); - if (notNullOxOpenIDConnectVersion) - assertNotNullClaim(JwtClaimName.OX_OPENID_CONNECT_VERSION); + if (notNullJansOpenIDConnectVersion) + assertNotNullClaim(JwtClaimName.JANS_OPENID_CONNECT_VERSION); if (notNullAuthenticationContextClassReference) assertNotNullClaim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE); if (notNullAuthenticationMethodReferences) diff --git a/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/ApplicationTypeRestrictionHttpTest.java b/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/ApplicationTypeRestrictionHttpTest.java index 65be9a9d38c..5ae4d1d2237 100644 --- a/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/ApplicationTypeRestrictionHttpTest.java +++ b/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/ApplicationTypeRestrictionHttpTest.java @@ -239,7 +239,7 @@ public void applicationTypeNativeSubjectTypePublic( // 5. Validate id_token
 AssertBuilder.jwtParse(idToken) .validateSignatureRSA(jwksUri, SignatureAlgorithm.RS256) - .notNullOxOpenIDConnectVersion() + .notNullJansOpenIDConnectVersion() .notNullAuthenticationTime() .claimsPresence(JwtClaimName.CODE_HASH) .check(); @@ -361,7 +361,7 @@ public void applicationTypeNativeSubjectTypePairwise( // 5. Validate id_token
 AssertBuilder.jwtParse(idToken) .validateSignatureRSA(jwksUri, SignatureAlgorithm.RS256) - .notNullOxOpenIDConnectVersion() + .notNullJansOpenIDConnectVersion() .notNullAuthenticationTime() .claimsPresence(JwtClaimName.CODE_HASH) .check(); diff --git a/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/AuthorizationCodeFlowHttpTest.java b/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/AuthorizationCodeFlowHttpTest.java index de8ac334f17..f1cd19f04a6 100644 --- a/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/AuthorizationCodeFlowHttpTest.java +++ b/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/AuthorizationCodeFlowHttpTest.java @@ -106,7 +106,7 @@ public void authorizationCodeFlow( .validateSignatureRSAClientEngine(jwksUri, SignatureAlgorithm.RS256) .claimsPresence(JwtClaimName.CODE_HASH) .notNullAuthenticationTime() - .notNullOxOpenIDConnectVersion() + .notNullJansOpenIDConnectVersion() .notNullAuthenticationContextClassReference() .notNullAuthenticationMethodReferences() .check(); @@ -200,7 +200,7 @@ public void authorizationCodeFlowNegativeTest( AssertBuilder.jwtParse(idToken) .validateSignatureRSAClientEngine(jwksUri, SignatureAlgorithm.RS256) .notNullAuthenticationTime() - .notNullOxOpenIDConnectVersion() + .notNullJansOpenIDConnectVersion() .claimsPresence(JwtClaimName.CODE_HASH) .check(); @@ -265,7 +265,7 @@ public void authorizationCodeWithNotAllowedScopeFlow( AssertBuilder.jwt(jwt) .claimsPresence(JwtClaimName.CODE_HASH) .notNullAuthenticationTime() - .notNullOxOpenIDConnectVersion() + .notNullJansOpenIDConnectVersion() .notNullAuthenticationContextClassReference() .notNullAuthenticationMethodReferences() .check(); @@ -329,7 +329,7 @@ public void authorizationCodeDynamicScopeFlow( // 3. Validate id_token AssertBuilder.jwtParse(idToken) .notNullAuthenticationTime() - .notNullOxOpenIDConnectVersion() + .notNullJansOpenIDConnectVersion() .claimsPresence(JwtClaimName.CODE_HASH) .check(); @@ -433,7 +433,7 @@ public void authorizationCodeFlowWithOptionalNonce( AssertBuilder.jwt(jwt) .validateSignatureRSAClientEngine(jwksUri, SignatureAlgorithm.RS256) .notNullAuthenticationTime() - .notNullOxOpenIDConnectVersion() + .notNullJansOpenIDConnectVersion() .claimsPresence(JwtClaimName.NONCE, JwtClaimName.CODE_HASH) .check(); assertEquals(jwt.getClaims().getClaimAsString(JwtClaimName.NONCE), nonce); @@ -619,7 +619,7 @@ public void authorizationCodeFlowLoginHint( AssertBuilder.jwtParse(idToken) .validateSignatureRSAClientEngine(jwksUri, SignatureAlgorithm.RS256) .notNullAuthenticationTime() - .notNullOxOpenIDConnectVersion() + .notNullJansOpenIDConnectVersion() .claimsPresence(JwtClaimName.CODE_HASH) .check(); @@ -708,7 +708,7 @@ public void retainClaimAuthorizationCodeFlow(final String userId, final String u AssertBuilder.jwt(jwt) .claimsPresence(JwtClaimName.CODE_HASH) .notNullAuthenticationTime() - .notNullOxOpenIDConnectVersion() + .notNullJansOpenIDConnectVersion() .notNullAuthenticationContextClassReference() .notNullAuthenticationMethodReferences() .check(); diff --git a/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/AuthorizeRestWebServiceHttpTest.java b/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/AuthorizeRestWebServiceHttpTest.java index 2f2a57e1b8a..681447b8fda 100644 --- a/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/AuthorizeRestWebServiceHttpTest.java +++ b/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/AuthorizeRestWebServiceHttpTest.java @@ -623,7 +623,7 @@ public void requestAuthorizationTokenIdToken( .accessToken(accessToken) .claimsPresence(JwtClaimName.ACCESS_TOKEN_HASH) .notNullAuthenticationTime() - .notNullOxOpenIDConnectVersion() + .notNullJansOpenIDConnectVersion() .notNullAuthenticationContextClassReference() .notNullAuthenticationMethodReferences() .check(); @@ -692,7 +692,7 @@ public void requestAuthorizationTokenIdTokenUserBasicAuth( .accessToken(accessToken) .claimsPresence(JwtClaimName.ACCESS_TOKEN_HASH) .notNullAuthenticationTime() - .notNullOxOpenIDConnectVersion() + .notNullJansOpenIDConnectVersion() .notNullAuthenticationContextClassReference() .notNullAuthenticationMethodReferences() .check(); @@ -764,7 +764,7 @@ public void requestAuthorizationCodeIdToken( .authorizationCode(code) .claimsPresence(JwtClaimName.CODE_HASH) .notNullAuthenticationTime() - .notNullOxOpenIDConnectVersion() + .notNullJansOpenIDConnectVersion() .notNullAuthenticationContextClassReference() .notNullAuthenticationMethodReferences() .check(); @@ -836,7 +836,7 @@ public void requestAuthorizationCodeIdTokenUserBasicAuth( .authorizationCode(code) .claimsPresence(JwtClaimName.CODE_HASH) .notNullAuthenticationTime() - .notNullOxOpenIDConnectVersion() + .notNullJansOpenIDConnectVersion() .notNullAuthenticationContextClassReference() .notNullAuthenticationMethodReferences() .check(); @@ -1028,7 +1028,7 @@ public void requestAuthorizationTokenCodeIdToken( .accessToken(accessToken) .claimsPresence(JwtClaimName.CODE_HASH, JwtClaimName.ACCESS_TOKEN_HASH) .notNullAuthenticationTime() - .notNullOxOpenIDConnectVersion() + .notNullJansOpenIDConnectVersion() .notNullAuthenticationContextClassReference() .notNullAuthenticationMethodReferences() .check(); @@ -1105,7 +1105,7 @@ public void requestAuthorizationTokenCodeIdTokenUserBasicAuth( .accessToken(accessToken) .claimsPresence(JwtClaimName.CODE_HASH, JwtClaimName.ACCESS_TOKEN_HASH) .notNullAuthenticationTime() - .notNullOxOpenIDConnectVersion() + .notNullJansOpenIDConnectVersion() .notNullAuthenticationContextClassReference() .notNullAuthenticationMethodReferences() .check(); @@ -2459,7 +2459,7 @@ public void requestAuthorizationAccessTokenSubjectTypePublic( .validateSignatureRSA(jwksUri, SignatureAlgorithm.RS256) .claimsPresence(JwtClaimName.ACCESS_TOKEN_HASH) .notNullAuthenticationTime() - .notNullOxOpenIDConnectVersion() + .notNullJansOpenIDConnectVersion() .notNullAuthenticationContextClassReference() .notNullAuthenticationMethodReferences() .check(); diff --git a/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/ClientLanguageMetadataTest.java b/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/ClientLanguageMetadataTest.java index 1d3ce8ea3e6..664f73bb97e 100644 --- a/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/ClientLanguageMetadataTest.java +++ b/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/ClientLanguageMetadataTest.java @@ -126,7 +126,7 @@ public void authorizationCodeFlow( .validateSignatureRSAClientEngine(jwksUri, SignatureAlgorithm.RS256) .claimsPresence(JwtClaimName.CODE_HASH) .notNullAuthenticationTime() - .notNullOxOpenIDConnectVersion() + .notNullJansOpenIDConnectVersion() .notNullAuthenticationContextClassReference() .notNullAuthenticationMethodReferences() .check(); diff --git a/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/ClientSecretBasicTest.java b/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/ClientSecretBasicTest.java index 5d7f6167c68..19f88101c93 100644 --- a/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/ClientSecretBasicTest.java +++ b/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/ClientSecretBasicTest.java @@ -167,7 +167,7 @@ public void authorizationCodeFlow( AssertBuilder.jwtParse(idToken) .validateSignatureRSA(jwksUri, SignatureAlgorithm.RS256) .notNullAuthenticationTime() - .notNullOxOpenIDConnectVersion() + .notNullJansOpenIDConnectVersion() .claimsPresence(JwtClaimName.CODE_HASH) .check(); diff --git a/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/EnableClientToRestrictJavascriptOrigin.java b/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/EnableClientToRestrictJavascriptOrigin.java index 45f209218aa..2bb755200a0 100644 --- a/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/EnableClientToRestrictJavascriptOrigin.java +++ b/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/EnableClientToRestrictJavascriptOrigin.java @@ -123,7 +123,7 @@ public void enableClientToRestrictJavascriptOrigin( // 4. Validate id_token AssertBuilder.jwtParse(idToken) .validateSignatureRSA(jwksUri, SignatureAlgorithm.RS256) - .notNullOxOpenIDConnectVersion() + .notNullJansOpenIDConnectVersion() .claimsPresence(JwtClaimName.CODE_HASH) .check(); diff --git a/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/TokenEncryptionHttpDeprecated.java b/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/TokenEncryptionHttpDeprecated.java index 3f54aa4b0c0..5bc717a9b80 100644 --- a/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/TokenEncryptionHttpDeprecated.java +++ b/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/TokenEncryptionHttpDeprecated.java @@ -102,7 +102,7 @@ public void requestIdTokenAlgRSAOAEPEncA256GCM( Jwe jwe = Jwe.parse(idToken, privateKey, null); AssertBuilder.jwe(jwe) - .claimsPresence(JwtClaimName.OX_OPENID_CONNECT_VERSION) + .claimsPresence(JwtClaimName.JANS_OPENID_CONNECT_VERSION) .check(); } catch (Exception ex) { fail(ex.getMessage(), ex); @@ -170,7 +170,7 @@ public void requestIdTokenAlgRSA15EncA128CBCPLUSHS256( Jwe jwe = Jwe.parse(idToken, privateKey, null); AssertBuilder.jwe(jwe) - .claimsPresence(JwtClaimName.OX_OPENID_CONNECT_VERSION) + .claimsPresence(JwtClaimName.JANS_OPENID_CONNECT_VERSION) .check(); } catch (Exception ex) { fail(ex.getMessage(), ex); @@ -238,7 +238,7 @@ public void requestIdTokenAlgRSA15EncA256CBCPLUSHS512( Jwe jwe = Jwe.parse(idToken, privateKey, null); AssertBuilder.jwe(jwe) - .claimsPresence(JwtClaimName.OX_OPENID_CONNECT_VERSION) + .claimsPresence(JwtClaimName.JANS_OPENID_CONNECT_VERSION) .check(); } catch (Exception ex) { fail(ex.getMessage(), ex); @@ -300,7 +300,7 @@ public void requestIdTokenAlgA128KWEncA128GCM( // 3. Read Encrypted ID Token Jwe jwe = Jwe.parse(idToken, null, clientSecret.getBytes(StandardCharsets.UTF_8)); AssertBuilder.jwe(jwe) - .claimsPresence(JwtClaimName.OX_OPENID_CONNECT_VERSION) + .claimsPresence(JwtClaimName.JANS_OPENID_CONNECT_VERSION) .check(); } catch (Exception ex) { fail(ex.getMessage(), ex); @@ -362,7 +362,7 @@ public void requestIdTokenAlgA256KWEncA256GCM( // 3. Read Encrypted ID Token Jwe jwe = Jwe.parse(idToken, null, clientSecret.getBytes(StandardCharsets.UTF_8)); AssertBuilder.jwe(jwe) - .claimsPresence(JwtClaimName.OX_OPENID_CONNECT_VERSION) + .claimsPresence(JwtClaimName.JANS_OPENID_CONNECT_VERSION) .check(); } catch (Exception ex) { fail(ex.getMessage(), ex); diff --git a/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/TokenRevocationTest.java b/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/TokenRevocationTest.java index bc4c8268e48..5322f30e198 100644 --- a/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/TokenRevocationTest.java +++ b/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/TokenRevocationTest.java @@ -158,7 +158,7 @@ public void requestTokenRevocation1( AssertBuilder.jwtParse(idToken) .validateSignatureRSA(jwksUri, SignatureAlgorithm.RS256) .notNullAuthenticationTime() - .notNullOxOpenIDConnectVersion() + .notNullJansOpenIDConnectVersion() .claimsPresence(JwtClaimName.CODE_HASH) .check(); @@ -289,7 +289,7 @@ public void requestTokenRevocation2( AssertBuilder.jwtParse(idToken) .validateSignatureRSA(jwksUri, SignatureAlgorithm.RS256) .notNullAuthenticationTime() - .notNullOxOpenIDConnectVersion() + .notNullJansOpenIDConnectVersion() .claimsPresence(JwtClaimName.CODE_HASH) .check(); @@ -392,7 +392,7 @@ public void requestTokenRevocation3( AssertBuilder.jwtParse(idToken) .validateSignatureRSA(jwksUri, SignatureAlgorithm.RS256) .notNullAuthenticationTime() - .notNullOxOpenIDConnectVersion() + .notNullJansOpenIDConnectVersion() .claimsPresence(JwtClaimName.CODE_HASH) .check(); @@ -504,7 +504,7 @@ public void requestTokenRevocationOptionalTokenTypeHint( AssertBuilder.jwtParse(idToken) .validateSignatureRSA(jwksUri, SignatureAlgorithm.RS256) .notNullAuthenticationTime() - .notNullOxOpenIDConnectVersion() + .notNullJansOpenIDConnectVersion() .claimsPresence(JwtClaimName.CODE_HASH) .check(); diff --git a/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/ValidateIdTokenHashesTest.java b/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/ValidateIdTokenHashesTest.java index 1ebb85adf39..7455c3144b8 100644 --- a/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/ValidateIdTokenHashesTest.java +++ b/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/ValidateIdTokenHashesTest.java @@ -102,7 +102,7 @@ public void validateIdTokenHashes( .accessToken(accessToken) .state(state) .notNullAuthenticationTime() - .notNullOxOpenIDConnectVersion() + .notNullJansOpenIDConnectVersion() .notNullAuthenticationContextClassReference() .notNullAuthenticationMethodReferences() .check(); @@ -134,7 +134,7 @@ public void validateIdTokenHashes( .accessToken(accessToken2) .claimsNoPresence(JwtClaimName.STATE_HASH) .notNullAuthenticationTime() - .notNullOxOpenIDConnectVersion() + .notNullJansOpenIDConnectVersion() .notNullAuthenticationContextClassReference() .notNullAuthenticationMethodReferences() .check(); diff --git a/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/deviceauthz/DeviceAuthzFlowHttpTest.java b/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/deviceauthz/DeviceAuthzFlowHttpTest.java index 53e8f55a035..9d4d963b105 100644 --- a/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/deviceauthz/DeviceAuthzFlowHttpTest.java +++ b/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/deviceauthz/DeviceAuthzFlowHttpTest.java @@ -106,7 +106,7 @@ public void deviceAuthzFlow(final String userId, final String userSecret) throws // 5. Validate id_token AssertBuilder.jwtParse(idToken) .validateSignatureRSAClientEngine(jwksUri, SignatureAlgorithm.RS256) - .notNullOxOpenIDConnectVersion() + .notNullJansOpenIDConnectVersion() .check(); // 6. Request new access token using the refresh token. @@ -330,7 +330,7 @@ public void deviceAuthzFlowWithCompleteVerificationUri(final String userId, fina // 5. Validate id_token AssertBuilder.jwtParse(idToken) .validateSignatureRSAClientEngine(jwksUri, SignatureAlgorithm.RS256) - .notNullOxOpenIDConnectVersion() + .notNullJansOpenIDConnectVersion() .check(); // 6. Request new access token using the refresh token. diff --git a/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/par/ParHttpTest.java b/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/par/ParHttpTest.java index b1e1df7dcd1..34690eb309b 100644 --- a/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/par/ParHttpTest.java +++ b/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/par/ParHttpTest.java @@ -85,7 +85,7 @@ public void requestAuthorizationWithPar(final String userId, final String userSe .validateSignatureRSAClientEngine(jwksUri, SignatureAlgorithm.RS256) .claimsPresence(JwtClaimName.CODE_HASH) .notNullAuthenticationTime() - .notNullOxOpenIDConnectVersion() + .notNullJansOpenIDConnectVersion() .notNullAuthenticationContextClassReference() .notNullAuthenticationMethodReferences() .check(); diff --git a/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/token/NativeSsoHttpTest.java b/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/token/NativeSsoHttpTest.java index 6ee06b2b2c6..4616ff16180 100644 --- a/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/token/NativeSsoHttpTest.java +++ b/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/token/NativeSsoHttpTest.java @@ -91,7 +91,7 @@ private Pair app1Flow(String userId, String userSecret, String r .validateSignatureRSAClientEngine(jwksUri, SignatureAlgorithm.RS256) .claimsPresence(JwtClaimName.CODE_HASH) .notNullAuthenticationTime() - .notNullOxOpenIDConnectVersion() + .notNullJansOpenIDConnectVersion() .notNullAuthenticationContextClassReference() .notNullAuthenticationMethodReferences() .notBlankDsHash() diff --git a/jans-auth-server/model/src/main/java/io/jans/as/model/configuration/AppConfiguration.java b/jans-auth-server/model/src/main/java/io/jans/as/model/configuration/AppConfiguration.java index 96fe4db1e50..78be01e9fea 100644 --- a/jans-auth-server/model/src/main/java/io/jans/as/model/configuration/AppConfiguration.java +++ b/jans-auth-server/model/src/main/java/io/jans/as/model/configuration/AppConfiguration.java @@ -337,10 +337,10 @@ public class AppConfiguration implements Configuration { private String defaultSignatureAlgorithm; @DocProperty(description = "OpenID Connect Version") - private String oxOpenIdConnectVersion; + private String jansOpenIdConnectVersion; @DocProperty(description = "URL for the Inum generator Service") - private String oxId; + private String jansId; @DocProperty(description = "Expiration time in seconds for clients created with dynamic registration, 0 or -1 means never expire", defaultValue = "-1") private int dynamicRegistrationExpirationTime = -1; @@ -531,19 +531,19 @@ public class AppConfiguration implements Configuration { //oxEleven @DocProperty(description = "oxEleven Test Mode Token") - private String oxElevenTestModeToken; + private String jansElevenTestModeToken; @DocProperty(description = "oxEleven Generate Key endpoint URL") - private String oxElevenGenerateKeyEndpoint; + private String jansElevenGenerateKeyEndpoint; @DocProperty(description = "oxEleven Sign endpoint UR") - private String oxElevenSignEndpoint; + private String jansElevenSignEndpoint; @DocProperty(description = "oxEleven Verify Signature endpoint URL") - private String oxElevenVerifySignatureEndpoint; + private String jansElevenVerifySignatureEndpoint; @DocProperty(description = "oxEleven Delete Key endpoint URL") - private String oxElevenDeleteKeyEndpoint; + private String jansElevenDeleteKeyEndpoint; @DocProperty(description = "If True, rejects introspection requests if access_token does not have the uma_protection scope in its authorization header", defaultValue = "false") private Boolean introspectionAccessTokenMustHaveUmaProtectionScope = false; @@ -2085,20 +2085,20 @@ public void setDefaultSignatureAlgorithm(String defaultSignatureAlgorithm) { this.defaultSignatureAlgorithm = defaultSignatureAlgorithm; } - public String getOxOpenIdConnectVersion() { - return oxOpenIdConnectVersion; + public String getJansOpenIdConnectVersion() { + return jansOpenIdConnectVersion; } - public void setOxOpenIdConnectVersion(String oxOpenIdConnectVersion) { - this.oxOpenIdConnectVersion = oxOpenIdConnectVersion; + public void setJansOpenIdConnectVersion(String jansOpenIdConnectVersion) { + this.jansOpenIdConnectVersion = jansOpenIdConnectVersion; } - public String getOxId() { - return oxId; + public String getJansId() { + return jansId; } - public void setOxId(String oxId) { - this.oxId = oxId; + public void setJansId(String jansId) { + this.jansId = jansId; } public int getDynamicRegistrationExpirationTime() { @@ -2381,44 +2381,44 @@ public void setKeyStoreSecret(String keyStoreSecret) { this.keyStoreSecret = keyStoreSecret; } - public String getOxElevenTestModeToken() { - return oxElevenTestModeToken; + public String getJansElevenTestModeToken() { + return jansElevenTestModeToken; } - public void setOxElevenTestModeToken(String oxElevenTestModeToken) { - this.oxElevenTestModeToken = oxElevenTestModeToken; + public void setJansElevenTestModeToken(String jansElevenTestModeToken) { + this.jansElevenTestModeToken = jansElevenTestModeToken; } - public String getOxElevenGenerateKeyEndpoint() { - return oxElevenGenerateKeyEndpoint; + public String getJansElevenGenerateKeyEndpoint() { + return jansElevenGenerateKeyEndpoint; } - public void setOxElevenGenerateKeyEndpoint(String oxElevenGenerateKeyEndpoint) { - this.oxElevenGenerateKeyEndpoint = oxElevenGenerateKeyEndpoint; + public void setJansElevenGenerateKeyEndpoint(String jansElevenGenerateKeyEndpoint) { + this.jansElevenGenerateKeyEndpoint = jansElevenGenerateKeyEndpoint; } - public String getOxElevenSignEndpoint() { - return oxElevenSignEndpoint; + public String getJansElevenSignEndpoint() { + return jansElevenSignEndpoint; } - public void setOxElevenSignEndpoint(String oxElevenSignEndpoint) { - this.oxElevenSignEndpoint = oxElevenSignEndpoint; + public void setJansElevenSignEndpoint(String jansElevenSignEndpoint) { + this.jansElevenSignEndpoint = jansElevenSignEndpoint; } - public String getOxElevenVerifySignatureEndpoint() { - return oxElevenVerifySignatureEndpoint; + public String getJansElevenVerifySignatureEndpoint() { + return jansElevenVerifySignatureEndpoint; } - public void setOxElevenVerifySignatureEndpoint(String oxElevenVerifySignatureEndpoint) { - this.oxElevenVerifySignatureEndpoint = oxElevenVerifySignatureEndpoint; + public void setJansElevenVerifySignatureEndpoint(String jansElevenVerifySignatureEndpoint) { + this.jansElevenVerifySignatureEndpoint = jansElevenVerifySignatureEndpoint; } - public String getOxElevenDeleteKeyEndpoint() { - return oxElevenDeleteKeyEndpoint; + public String getJansElevenDeleteKeyEndpoint() { + return jansElevenDeleteKeyEndpoint; } - public void setOxElevenDeleteKeyEndpoint(String oxElevenDeleteKeyEndpoint) { - this.oxElevenDeleteKeyEndpoint = oxElevenDeleteKeyEndpoint; + public void setJansElevenDeleteKeyEndpoint(String jansElevenDeleteKeyEndpoint) { + this.jansElevenDeleteKeyEndpoint = jansElevenDeleteKeyEndpoint; } public Boolean getEndSessionWithAccessToken() { diff --git a/jans-auth-server/model/src/main/java/io/jans/as/model/crypto/CryptoProviderFactory.java b/jans-auth-server/model/src/main/java/io/jans/as/model/crypto/CryptoProviderFactory.java index 7db67e349b1..c6a69f64074 100644 --- a/jans-auth-server/model/src/main/java/io/jans/as/model/crypto/CryptoProviderFactory.java +++ b/jans-auth-server/model/src/main/java/io/jans/as/model/crypto/CryptoProviderFactory.java @@ -34,11 +34,11 @@ public static AbstractCryptoProvider getCryptoProvider(AppConfiguration configur cryptoProvider = getKeyStoreProvider(configuration); } else if (webKeyStorage == WebKeyStorage.PKCS11) { cryptoProvider = new ElevenCryptoProvider( - configuration.getOxElevenGenerateKeyEndpoint(), - configuration.getOxElevenSignEndpoint(), - configuration.getOxElevenVerifySignatureEndpoint(), - configuration.getOxElevenDeleteKeyEndpoint(), - configuration.getOxElevenTestModeToken()); + configuration.getJansElevenGenerateKeyEndpoint(), + configuration.getJansElevenSignEndpoint(), + configuration.getJansElevenVerifySignatureEndpoint(), + configuration.getJansElevenDeleteKeyEndpoint(), + configuration.getJansElevenTestModeToken()); } if (cryptoProvider != null && configuration.getKeyRegenerationEnabled()) { // set interval only if re-generation is enabled diff --git a/jans-auth-server/model/src/main/java/io/jans/as/model/jwt/JwtClaimName.java b/jans-auth-server/model/src/main/java/io/jans/as/model/jwt/JwtClaimName.java index 5f7f0eb84c9..d4fccd9f393 100644 --- a/jans-auth-server/model/src/main/java/io/jans/as/model/jwt/JwtClaimName.java +++ b/jans-auth-server/model/src/main/java/io/jans/as/model/jwt/JwtClaimName.java @@ -221,7 +221,7 @@ public final class JwtClaimName { public static final String ADDRESS_COUNTRY = "country"; // Custom attributes - public static final String OX_OPENID_CONNECT_VERSION = "oxOpenIDConnectVersion"; + public static final String JANS_OPENID_CONNECT_VERSION = "jansOpenIDConnectVersion"; // CIBA public static final String REFRESH_TOKEN_HASH = "urn:openid:params:jwt:claim:rt_hash"; diff --git a/jans-auth-server/server/conf/jans-config.json b/jans-auth-server/server/conf/jans-config.json index 4176186bd49..6939b030bba 100644 --- a/jans-auth-server/server/conf/jans-config.json +++ b/jans-auth-server/server/conf/jans-config.json @@ -19,10 +19,10 @@ "deviceAuthorizationEndpoint":"${config.oxauth.contextPath}/restv1/device_authorization", "umaConfigurationEndpoint":"${config.oxauth.contextPath}/restv1/uma2-configuration", "sectorIdentifierEndpoint":"${config.oxauth.contextPath}/sectoridentifier", - "oxElevenGenerateKeyEndpoint":"${config.oxauth.contextPath}/oxeleven/rest/oxeleven/generateKey", - "oxElevenSignEndpoint":"${config.oxauth.contextPath}/oxeleven/rest/oxeleven/sign", - "oxElevenVerifySignatureEndpoint":"${config.oxauth.contextPath}/oxeleven/rest/oxeleven/verifySignature", - "oxElevenDeleteKeyEndpoint":"${config.oxauth.contextPath}/oxeleven/rest/oxeleven/deleteKey", + "jansElevenGenerateKeyEndpoint":"${config.oxauth.contextPath}/oxeleven/rest/oxeleven/generateKey", + "jansElevenSignEndpoint":"${config.oxauth.contextPath}/oxeleven/rest/oxeleven/sign", + "jansElevenVerifySignatureEndpoint":"${config.oxauth.contextPath}/oxeleven/rest/oxeleven/verifySignature", + "jansElevenDeleteKeyEndpoint":"${config.oxauth.contextPath}/oxeleven/rest/oxeleven/deleteKey", "backchannelAuthenticationEndpoint":"${config.oxauth.contextPath}/restv1/bc-authorize", "parEndpoint":"${config.oxauth.contextPath}/restv1/par", "backchannelDeviceRegistrationEndpoint":"${config.oxauth.contextPath}/restv1/bc-deviceRegistration", @@ -283,8 +283,8 @@ "keyRegenerationEnabled":false, "keyRegenerationInterval":48, "defaultSignatureAlgorithm":"RS256", - "oxOpenIdConnectVersion":"openidconnect-1.0", - "oxId":"https://${server.name}/oxid/service/gluu/inum", + "jansOpenIdConnectVersion":"openidconnect-1.0", + "jansId":"https://${server.name}/oxid/service/gluu/inum", "dynamicRegistrationEnabled":true, "dynamicRegistrationPasswordGrantTypeEnabled":true, "dynamicRegistrationExpirationTime":${config.client.dynamic-registration-expiration-time}, @@ -338,7 +338,7 @@ "pairwiseCalculationSalt": "${config.oxauth.pairwiseCalculationSalt}", "shareSubjectIdBetweenClientsWithSameSectorId": true, "webKeysStorage": "keystore", - "oxElevenTestModeToken": "${config.oxeleven.testModeToken}", + "jansElevenTestModeToken": "${config.oxeleven.testModeToken}", "dnName": "CN=Jans Auth CA Certificates", "keyStoreFile": "./conf/keystore.p12", "keyStoreSecret": "secret", diff --git a/jans-auth-server/server/src/main/java/io/jans/as/server/model/token/IdTokenFactory.java b/jans-auth-server/server/src/main/java/io/jans/as/server/model/token/IdTokenFactory.java index fe1cd7a09bf..b7e680d37a1 100644 --- a/jans-auth-server/server/src/main/java/io/jans/as/server/model/token/IdTokenFactory.java +++ b/jans-auth-server/server/src/main/java/io/jans/as/server/model/token/IdTokenFactory.java @@ -181,7 +181,7 @@ private void fillClaims(JsonWebResponse jwr, if (authorizationGrant.getGrantType() != null) { jwr.setClaim("grant", authorizationGrant.getGrantType().getValue()); } - jwr.setClaim(JwtClaimName.OX_OPENID_CONNECT_VERSION, appConfiguration.getOxOpenIdConnectVersion()); + jwr.setClaim(JwtClaimName.JANS_OPENID_CONNECT_VERSION, appConfiguration.getJansOpenIdConnectVersion()); User user = authorizationGrant.getUser(); List dynamicScopes = new ArrayList<>(); diff --git a/jans-linux-setup/jans_setup/openbanking/templates/jans-auth/jans-auth-config.json b/jans-linux-setup/jans_setup/openbanking/templates/jans-auth/jans-auth-config.json index 5c8dfb9a394..27133f15ebf 100644 --- a/jans-linux-setup/jans_setup/openbanking/templates/jans-auth/jans-auth-config.json +++ b/jans-linux-setup/jans_setup/openbanking/templates/jans-auth/jans-auth-config.json @@ -17,10 +17,10 @@ "parEndpoint":"https://%(hostname)s/jans-auth/restv1/par", "umaConfigurationEndpoint":"https://%(hostname)s/jans-auth/restv1/uma2-configuration", "sectorIdentifierEndpoint":"https://%(hostname)s/jans-auth/sectoridentifier", - "oxElevenGenerateKeyEndpoint":"https://%(hostname)s/oxeleven/rest/oxeleven/generateKey", - "oxElevenSignEndpoint":"https://%(hostname)s/oxeleven/rest/oxeleven/sign", - "oxElevenVerifySignatureEndpoint":"https://%(hostname)s/oxeleven/rest/oxeleven/verifySignature", - "oxElevenDeleteKeyEndpoint":"https://%(hostname)s/oxeleven/rest/oxeleven/deleteKey", + "jansElevenGenerateKeyEndpoint":"https://%(hostname)s/oxeleven/rest/oxeleven/generateKey", + "jansElevenSignEndpoint":"https://%(hostname)s/oxeleven/rest/oxeleven/sign", + "jansElevenVerifySignatureEndpoint":"https://%(hostname)s/oxeleven/rest/oxeleven/verifySignature", + "jansElevenDeleteKeyEndpoint":"https://%(hostname)s/oxeleven/rest/oxeleven/deleteKey", "oxElevenJwksEndpoint":"https://%(hostname)s/oxeleven/rest/oxeleven/jwks", "backchannelAuthenticationEndpoint":"https://%(hostname)s/jans-auth/restv1/bc-authorize", "backchannelDeviceRegistrationEndpoint":"https://%(hostname)s/jans-auth/restv1/bc-deviceRegistration", @@ -237,8 +237,8 @@ "keyRegenerationEnabled":true, "keyRegenerationInterval":48, "defaultSignatureAlgorithm":"RS256", - "oxOpenIdConnectVersion":"openidconnect-1.0", - "oxId":"https://%(hostname)s/oxid/service/jans/inum", + "jansOpenIdConnectVersion":"openidconnect-1.0", + "jansId":"https://%(hostname)s/oxid/service/jans/inum", "dcrSignatureValidationEnabled": true, "dcrSignatureValidationSoftwareStatementJwksURIClaim": "jwks_uri", "dcrSignatureValidationSoftwareStatementJwksClaim": null, diff --git a/jans-linux-setup/jans_setup/templates/jans-auth/jans-auth-config.json b/jans-linux-setup/jans_setup/templates/jans-auth/jans-auth-config.json index aba9596ca9d..035932acae0 100644 --- a/jans-linux-setup/jans_setup/templates/jans-auth/jans-auth-config.json +++ b/jans-linux-setup/jans_setup/templates/jans-auth/jans-auth-config.json @@ -17,10 +17,10 @@ "parEndpoint":"https://%(hostname)s/jans-auth/restv1/par", "umaConfigurationEndpoint":"https://%(hostname)s/jans-auth/restv1/uma2-configuration", "sectorIdentifierEndpoint":"https://%(hostname)s/jans-auth/sectoridentifier", - "oxElevenGenerateKeyEndpoint":"https://%(hostname)s/oxeleven/rest/oxeleven/generateKey", - "oxElevenSignEndpoint":"https://%(hostname)s/oxeleven/rest/oxeleven/sign", - "oxElevenVerifySignatureEndpoint":"https://%(hostname)s/oxeleven/rest/oxeleven/verifySignature", - "oxElevenDeleteKeyEndpoint":"https://%(hostname)s/oxeleven/rest/oxeleven/deleteKey", + "jansElevenGenerateKeyEndpoint":"https://%(hostname)s/oxeleven/rest/oxeleven/generateKey", + "jansElevenSignEndpoint":"https://%(hostname)s/oxeleven/rest/oxeleven/sign", + "jansElevenVerifySignatureEndpoint":"https://%(hostname)s/oxeleven/rest/oxeleven/verifySignature", + "jansElevenDeleteKeyEndpoint":"https://%(hostname)s/oxeleven/rest/oxeleven/deleteKey", "oxElevenJwksEndpoint":"https://%(hostname)s/oxeleven/rest/oxeleven/jwks", "backchannelAuthenticationEndpoint":"https://%(hostname)s/jans-auth/restv1/bc-authorize", "backchannelDeviceRegistrationEndpoint":"https://%(hostname)s/jans-auth/restv1/bc-deviceRegistration", @@ -317,8 +317,8 @@ "keyRegenerationEnabled":true, "keyRegenerationInterval":48, "defaultSignatureAlgorithm":"RS256", - "oxOpenIdConnectVersion":"openidconnect-1.0", - "oxId":"https://%(hostname)s/oxid/service/jans/inum", + "jansOpenIdConnectVersion":"openidconnect-1.0", + "jansId":"https://%(hostname)s/oxid/service/jans/inum", "dynamicRegistrationExpirationTime":-1, "dynamicRegistrationPersistClientAuthorizations":true, "trustedClientEnabled":true,