Skip to content

Commit

Permalink
Remove Deprecated Usages of RemoteJWKSet
Browse files Browse the repository at this point in the history
  • Loading branch information
kwondh5217 committed Dec 18, 2024
1 parent 1be13b4 commit 602d28d
Showing 1 changed file with 36 additions and 8 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@

import com.nimbusds.jose.KeySourceException;
import com.nimbusds.jose.jwk.JWK;
import com.nimbusds.jose.jwk.JWKMatcher;
import com.nimbusds.jose.jwk.JWKSelector;
import com.nimbusds.jose.jwk.source.JWKSetCacheRefreshEvaluator;
import com.nimbusds.jose.jwk.source.URLBasedJWKSetSource;
Expand Down Expand Up @@ -437,20 +438,32 @@ private SpringURLBasedJWKSource(URLBasedJWKSetSource urlBasedJWKSetSource, Sprin
@Override
public List<JWK> get(JWKSelector jwkSelector, SecurityContext context) throws KeySourceException {
if (this.jwkSetCache != null) {
synchronized (this) {
JWKSet jwkSet = this.jwkSetCache.get();
if (this.jwkSetCache.requiresRefresh() || jwkSet == null) {
JWKSet jwkSet = this.jwkSetCache.get();
if (this.jwkSetCache.requiresRefresh() || jwkSet == null) {
synchronized (this) {
jwkSet = fetchJWKSet(context);
this.jwkSetCache.put(jwkSet);
}
List<JWK> jwks = jwkSelector.select(jwkSet);
if(!jwks.isEmpty()) {
return jwks;
}
}
List<JWK> matches = jwkSelector.select(jwkSet);
if(!matches.isEmpty()) {
return matches;
}
String soughtKeyID = getFirstSpecifiedKeyID(jwkSelector.getMatcher());
if (soughtKeyID == null) {
return Collections.emptyList();
}
if (jwkSet.getKeyByKeyId(soughtKeyID) != null) {
return Collections.emptyList();
}
synchronized (this) {
jwkSet = fetchJWKSet(context);
this.jwkSetCache.put(jwkSet);
return jwkSelector.select(jwkSet);
}
if(jwkSet == null) {
return Collections.emptyList();
}
return jwkSelector.select(jwkSet);
}
return jwkSelector.select(fetchJWKSet(context));
}
Expand All @@ -459,6 +472,21 @@ private JWKSet fetchJWKSet(SecurityContext context) throws KeySourceException {
return this.urlBasedJWKSetSource.getJWKSet(JWKSetCacheRefreshEvaluator.noRefresh(),
System.currentTimeMillis(), context);
}

private static String getFirstSpecifiedKeyID(JWKMatcher jwkMatcher) {
Set<String> keyIDs = jwkMatcher.getKeyIDs();

if (keyIDs == null || keyIDs.isEmpty()) {
return null;
}

for (String id: keyIDs) {
if (id != null) {
return id;
}
}
return null;
}
}

private static final class SpringJWKSetCache {
Expand Down

0 comments on commit 602d28d

Please sign in to comment.