cert normalization

2026-06-30 18:11:16 +02:00 · 2026-06-30 18:11:16 +02:00 · fe53545eee
commit fe53545eee
parent 54afbba444
1 changed files with 5 additions and 10 deletions
--- a/src/main/java/cz/trask/adfs/service/AdfsTokenService.java
+++ b/src/main/java/cz/trask/adfs/service/AdfsTokenService.java
@ -28,6 +28,7 @@ import java.util.UUID;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;

+import com.fasterxml.jackson.core.type.TypeReference;
 import com.fasterxml.jackson.databind.ObjectMapper;

 import cz.trask.adfs.config.AdfsConfig;
@ -169,16 +170,10 @@ public class AdfsTokenService {
    }

    private String generateJwtAssertion(String clientId) throws Exception {
-        String certPem = new String(Base64.getDecoder().decode(config.getCertificate().replaceAll("\\s+", "")), StandardCharsets.UTF_8)
-                .replace("-----BEGIN CERTIFICATE-----", "")
-                .replace("-----END CERTIFICATE-----", "")
-                .replaceAll("\\s+", "");
+        String certPem = new String(Base64.getDecoder().decode(config.getCertificate().replaceAll("\\s+", "")), StandardCharsets.UTF_8);
        X509Certificate cert = getCertificate(certPem);
-        
-        String keyPem = new String(Base64.getDecoder().decode(config.getPrivateKey().replaceAll("\\s+", "")), StandardCharsets.UTF_8)
-                .replace("-----BEGIN PRIVATE KEY-----", "")
-                .replace("-----END PRIVATE KEY-----", "")
-                .replaceAll("\\s+", "");
+
+        String keyPem = new String(Base64.getDecoder().decode(config.getPrivateKey().replaceAll("\\s+", "")), StandardCharsets.UTF_8);
        PrivateKey privateKey = getPrivateKey(keyPem);

        MessageDigest sha1 = MessageDigest.getInstance("SHA-1");
@ -221,7 +216,7 @@ public class AdfsTokenService {
        }

        byte[] decodedBytes = Base64.getUrlDecoder().decode(parts[1]);
-        Map<String, Object> claims = objectMapper.readValue(decodedBytes, Map.class);
+        Map<String, Object> claims = objectMapper.readValue(decodedBytes, new TypeReference<Map<String, Object>>() {});
        Number exp = (Number) claims.get("exp");
        if (exp == null) {
            throw new IllegalArgumentException("JWT does not contain 'exp' claim");