cert normalization

This commit is contained in:
Radek Davidek 2026-06-30 18:11:16 +02:00
parent 54afbba444
commit fe53545eee

View File

@ -28,6 +28,7 @@ import java.util.UUID;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.ObjectMapper;
import cz.trask.adfs.config.AdfsConfig;
@ -169,16 +170,10 @@ public class AdfsTokenService {
}
private String generateJwtAssertion(String clientId) throws Exception {
String certPem = new String(Base64.getDecoder().decode(config.getCertificate().replaceAll("\\s+", "")), StandardCharsets.UTF_8)
.replace("-----BEGIN CERTIFICATE-----", "")
.replace("-----END CERTIFICATE-----", "")
.replaceAll("\\s+", "");
String certPem = new String(Base64.getDecoder().decode(config.getCertificate().replaceAll("\\s+", "")), StandardCharsets.UTF_8);
X509Certificate cert = getCertificate(certPem);
String keyPem = new String(Base64.getDecoder().decode(config.getPrivateKey().replaceAll("\\s+", "")), StandardCharsets.UTF_8)
.replace("-----BEGIN PRIVATE KEY-----", "")
.replace("-----END PRIVATE KEY-----", "")
.replaceAll("\\s+", "");
String keyPem = new String(Base64.getDecoder().decode(config.getPrivateKey().replaceAll("\\s+", "")), StandardCharsets.UTF_8);
PrivateKey privateKey = getPrivateKey(keyPem);
MessageDigest sha1 = MessageDigest.getInstance("SHA-1");
@ -221,7 +216,7 @@ public class AdfsTokenService {
}
byte[] decodedBytes = Base64.getUrlDecoder().decode(parts[1]);
Map<String, Object> claims = objectMapper.readValue(decodedBytes, Map.class);
Map<String, Object> claims = objectMapper.readValue(decodedBytes, new TypeReference<Map<String, Object>>() {});
Number exp = (Number) claims.get("exp");
if (exp == null) {
throw new IllegalArgumentException("JWT does not contain 'exp' claim");