Merge pull request #149 from auth0/add-key-provider

Add Algorithm KeyProvider interface
auth0 · Mar 14, 2017 · 1f35900 · 1f35900
2 parents aa5ff04 + 18c1710
commit 1f35900
Show file tree

Hide file tree

Showing 9 changed files with 329 additions and 107 deletions.
diff --git a/lib/src/main/java/com/auth0/jwt/algorithms/Algorithm.java b/lib/src/main/java/com/auth0/jwt/algorithms/Algorithm.java
@@ -2,6 +2,8 @@
 
 import com.auth0.jwt.exceptions.SignatureGenerationException;
 import com.auth0.jwt.exceptions.SignatureVerificationException;
+import com.auth0.jwt.interfaces.ECKeyProvider;
+import com.auth0.jwt.interfaces.RSAKeyProvider;
 
 import java.io.UnsupportedEncodingException;
 import java.security.interfaces.*;
@@ -18,10 +20,33 @@ public abstract class Algorithm {
     /**
      * Creates a new Algorithm instance using SHA256withRSA. Tokens specify this as "RS256".
      *
-     * @param key the key to use in the verify or signing instance.
+     * @param keyProvider the provider of the Public Key and Private Key for the verify and signing instance.
      * @return a valid RSA256 Algorithm.
      * @throws IllegalArgumentException if the provided Key is null.
-     * @deprecated use {@link #RSA256(RSAPublicKey, RSAPrivateKey)}
+     */
+    public static Algorithm RSA256(RSAKeyProvider keyProvider) throws IllegalArgumentException {
+        return new RSAAlgorithm("RS256", "SHA256withRSA", keyProvider);
+    }
+
+    /**
+     * Creates a new Algorithm instance using SHA256withRSA. Tokens specify this as "RS256".
+     *
+     * @param publicKey  the key to use in the verify instance.
+     * @param privateKey the key to use in the signing instance.
+     * @return a valid RSA256 Algorithm.
+     * @throws IllegalArgumentException if both provided Keys are null.
+     */
+    public static Algorithm RSA256(RSAPublicKey publicKey, RSAPrivateKey privateKey) throws IllegalArgumentException {
+        return RSA256(RSAAlgorithm.providerForKeys(publicKey, privateKey));
+    }
+
+    /**
+     * Creates a new Algorithm instance using SHA256withRSA. Tokens specify this as "RS256".
+     *
+     * @param key the key to use in the verify or signing instance.
+     * @return a valid RSA256 Algorithm.
+     * @throws IllegalArgumentException if the Key Provider is null.
+     * @deprecated use {@link #RSA256(RSAPublicKey, RSAPrivateKey)} or {@link #RSA256(RSAKeyProvider)}
      */
     @Deprecated
     public static Algorithm RSA256(RSAKey key) throws IllegalArgumentException {
@@ -33,67 +58,77 @@ public static Algorithm RSA256(RSAKey key) throws IllegalArgumentException {
     /**
      * Creates a new Algorithm instance using SHA384withRSA. Tokens specify this as "RS384".
      *
-     * @param key the key to use in the verify or signing instance.
+     * @param keyProvider the provider of the Public Key and Private Key for the verify and signing instance.
      * @return a valid RSA384 Algorithm.
-     * @throws IllegalArgumentException if the provided Key is null.
-     * @deprecated use {@link #RSA384(RSAPublicKey, RSAPrivateKey)}
+     * @throws IllegalArgumentException if the Key Provider is null.
      */
-    @Deprecated
-    public static Algorithm RSA384(RSAKey key) throws IllegalArgumentException {
-        RSAPublicKey publicKey = key instanceof RSAPublicKey ? (RSAPublicKey) key : null;
-        RSAPrivateKey privateKey = key instanceof RSAPrivateKey ? (RSAPrivateKey) key : null;
-        return RSA384(publicKey, privateKey);
+    public static Algorithm RSA384(RSAKeyProvider keyProvider) throws IllegalArgumentException {
+        return new RSAAlgorithm("RS384", "SHA384withRSA", keyProvider);
     }
 
     /**
-     * Creates a new Algorithm instance using SHA512withRSA. Tokens specify this as "RS512".
+     * Creates a new Algorithm instance using SHA384withRSA. Tokens specify this as "RS384".
+     *
+     * @param publicKey  the key to use in the verify instance.
+     * @param privateKey the key to use in the signing instance.
+     * @return a valid RSA384 Algorithm.
+     * @throws IllegalArgumentException if both provided Keys are null.
+     */
+    public static Algorithm RSA384(RSAPublicKey publicKey, RSAPrivateKey privateKey) throws IllegalArgumentException {
+        return RSA384(RSAAlgorithm.providerForKeys(publicKey, privateKey));
+    }
+
+    /**
+     * Creates a new Algorithm instance using SHA384withRSA. Tokens specify this as "RS384".
      *
      * @param key the key to use in the verify or signing instance.
-     * @return a valid RSA512 Algorithm.
+     * @return a valid RSA384 Algorithm.
      * @throws IllegalArgumentException if the provided Key is null.
-     * @deprecated use {@link #RSA512(RSAPublicKey, RSAPrivateKey)}
+     * @deprecated use {@link #RSA384(RSAPublicKey, RSAPrivateKey)} or {@link #RSA384(RSAKeyProvider)}
      */
     @Deprecated
-    public static Algorithm RSA512(RSAKey key) throws IllegalArgumentException {
+    public static Algorithm RSA384(RSAKey key) throws IllegalArgumentException {
         RSAPublicKey publicKey = key instanceof RSAPublicKey ? (RSAPublicKey) key : null;
         RSAPrivateKey privateKey = key instanceof RSAPrivateKey ? (RSAPrivateKey) key : null;
-        return RSA512(publicKey, privateKey);
+        return RSA384(publicKey, privateKey);
     }
 
     /**
-     * Creates a new Algorithm instance using SHA256withRSA. Tokens specify this as "RS256".
+     * Creates a new Algorithm instance using SHA512withRSA. Tokens specify this as "RS512".
      *
-     * @param publicKey  the key to use in the verify instance.
-     * @param privateKey the key to use in the signing instance.
-     * @return a valid RSA256 Algorithm.
-     * @throws IllegalArgumentException if both provided Keys are null.
+     * @param keyProvider the provider of the Public Key and Private Key for the verify and signing instance.
+     * @return a valid RSA512 Algorithm.
+     * @throws IllegalArgumentException if the Key Provider is null.
      */
-    public static Algorithm RSA256(RSAPublicKey publicKey, RSAPrivateKey privateKey) throws IllegalArgumentException {
-        return new RSAAlgorithm("RS256", "SHA256withRSA", publicKey, privateKey);
+    public static Algorithm RSA512(RSAKeyProvider keyProvider) throws IllegalArgumentException {
+        return new RSAAlgorithm("RS512", "SHA512withRSA", keyProvider);
     }
 
     /**
-     * Creates a new Algorithm instance using SHA384withRSA. Tokens specify this as "RS384".
+     * Creates a new Algorithm instance using SHA512withRSA. Tokens specify this as "RS512".
      *
      * @param publicKey  the key to use in the verify instance.
      * @param privateKey the key to use in the signing instance.
-     * @return a valid RSA384 Algorithm.
+     * @return a valid RSA512 Algorithm.
      * @throws IllegalArgumentException if both provided Keys are null.
      */
-    public static Algorithm RSA384(RSAPublicKey publicKey, RSAPrivateKey privateKey) throws IllegalArgumentException {
-        return new RSAAlgorithm("RS384", "SHA384withRSA", publicKey, privateKey);
+    public static Algorithm RSA512(RSAPublicKey publicKey, RSAPrivateKey privateKey) throws IllegalArgumentException {
+        return RSA512(RSAAlgorithm.providerForKeys(publicKey, privateKey));
     }
 
     /**
      * Creates a new Algorithm instance using SHA512withRSA. Tokens specify this as "RS512".
      *
-     * @param publicKey  the key to use in the verify instance.
-     * @param privateKey the key to use in the signing instance.
+     * @param key the key to use in the verify or signing instance.
      * @return a valid RSA512 Algorithm.
-     * @throws IllegalArgumentException if both provided Keys are null.
+     * @throws IllegalArgumentException if the provided Key is null.
+     * @deprecated use {@link #RSA512(RSAPublicKey, RSAPrivateKey)} or {@link #RSA512(RSAKeyProvider)}
      */
-    public static Algorithm RSA512(RSAPublicKey publicKey, RSAPrivateKey privateKey) throws IllegalArgumentException {
-        return new RSAAlgorithm("RS512", "SHA512withRSA", publicKey, privateKey);
+    @Deprecated
+    public static Algorithm RSA512(RSAKey key) throws IllegalArgumentException {
+        RSAPublicKey publicKey = key instanceof RSAPublicKey ? (RSAPublicKey) key : null;
+        RSAPrivateKey privateKey = key instanceof RSAPrivateKey ? (RSAPrivateKey) key : null;
+        return RSA512(publicKey, privateKey);
     }
 
     /**
@@ -165,13 +200,36 @@ public static Algorithm HMAC512(byte[] secret) throws IllegalArgumentException {
         return new HMACAlgorithm("HS512", "HmacSHA512", secret);
     }
 
+    /**
+     * Creates a new Algorithm instance using SHA256withECDSA. Tokens specify this as "ES256".
+     *
+     * @param keyProvider the provider of the Public Key and Private Key for the verify and signing instance.
+     * @return a valid ECDSA256 Algorithm.
+     * @throws IllegalArgumentException if the Key Provider is null.
+     */
+    public static Algorithm ECDSA256(ECKeyProvider keyProvider) throws IllegalArgumentException {
+        return new ECDSAAlgorithm("ES256", "SHA256withECDSA", 32, keyProvider);
+    }
+
+    /**
+     * Creates a new Algorithm instance using SHA256withECDSA. Tokens specify this as "ES256".
+     *
+     * @param publicKey  the key to use in the verify instance.
+     * @param privateKey the key to use in the signing instance.
+     * @return a valid ECDSA256 Algorithm.
+     * @throws IllegalArgumentException if the provided Key is null.
+     */
+    public static Algorithm ECDSA256(ECPublicKey publicKey, ECPrivateKey privateKey) throws IllegalArgumentException {
+        return ECDSA256(ECDSAAlgorithm.providerForKeys(publicKey, privateKey));
+    }
+
     /**
      * Creates a new Algorithm instance using SHA256withECDSA. Tokens specify this as "ES256".
      *
      * @param key the key to use in the verify or signing instance.
      * @return a valid ECDSA256 Algorithm.
      * @throws IllegalArgumentException if the provided Key is null.
-     * @deprecated use {@link #ECDSA256(ECPublicKey, ECPrivateKey)}
+     * @deprecated use {@link #ECDSA256(ECPublicKey, ECPrivateKey)} or {@link #ECDSA256(ECKeyProvider)}
      */
     @Deprecated
     public static Algorithm ECDSA256(ECKey key) throws IllegalArgumentException {
@@ -183,69 +241,80 @@ public static Algorithm ECDSA256(ECKey key) throws IllegalArgumentException {
     /**
      * Creates a new Algorithm instance using SHA384withECDSA. Tokens specify this as "ES384".
      *
-     * @param key the key to use in the verify or signing instance.
+     * @param keyProvider the provider of the Public Key and Private Key for the verify and signing instance.
+     * @return a valid ECDSA384 Algorithm.
+     * @throws IllegalArgumentException if the Key Provider is null.
+     */
+    public static Algorithm ECDSA384(ECKeyProvider keyProvider) throws IllegalArgumentException {
+        return new ECDSAAlgorithm("ES384", "SHA384withECDSA", 48, keyProvider);
+    }
+
+    /**
+     * Creates a new Algorithm instance using SHA384withECDSA. Tokens specify this as "ES384".
+     *
+     * @param publicKey  the key to use in the verify instance.
+     * @param privateKey the key to use in the signing instance.
      * @return a valid ECDSA384 Algorithm.
      * @throws IllegalArgumentException if the provided Key is null.
-     * @deprecated use {@link #ECDSA384(ECPublicKey, ECPrivateKey)}
      */
-    @Deprecated
-    public static Algorithm ECDSA384(ECKey key) throws IllegalArgumentException {
-        ECPublicKey publicKey = key instanceof ECPublicKey ? (ECPublicKey) key : null;
-        ECPrivateKey privateKey = key instanceof ECPrivateKey ? (ECPrivateKey) key : null;
-        return ECDSA384(publicKey, privateKey);
+    public static Algorithm ECDSA384(ECPublicKey publicKey, ECPrivateKey privateKey) throws IllegalArgumentException {
+        return ECDSA384(ECDSAAlgorithm.providerForKeys(publicKey, privateKey));
     }
 
     /**
-     * Creates a new Algorithm instance using SHA512withECDSA. Tokens specify this as "ES512".
+     * Creates a new Algorithm instance using SHA384withECDSA. Tokens specify this as "ES384".
      *
      * @param key the key to use in the verify or signing instance.
-     * @return a valid ECDSA512 Algorithm.
+     * @return a valid ECDSA384 Algorithm.
      * @throws IllegalArgumentException if the provided Key is null.
-     * @deprecated use {@link #ECDSA512(ECPublicKey, ECPrivateKey)}
+     * @deprecated use {@link #ECDSA384(ECPublicKey, ECPrivateKey)} or {@link #ECDSA384(ECKeyProvider)}
      */
     @Deprecated
-    public static Algorithm ECDSA512(ECKey key) throws IllegalArgumentException {
+    public static Algorithm ECDSA384(ECKey key) throws IllegalArgumentException {
         ECPublicKey publicKey = key instanceof ECPublicKey ? (ECPublicKey) key : null;
         ECPrivateKey privateKey = key instanceof ECPrivateKey ? (ECPrivateKey) key : null;
-        return ECDSA512(publicKey, privateKey);
+        return ECDSA384(publicKey, privateKey);
     }
 
     /**
-     * Creates a new Algorithm instance using SHA256withECDSA. Tokens specify this as "ES256".
+     * Creates a new Algorithm instance using SHA512withECDSA. Tokens specify this as "ES512".
      *
-     * @param publicKey  the key to use in the verify instance.
-     * @param privateKey the key to use in the signing instance.
-     * @return a valid ECDSA256 Algorithm.
-     * @throws IllegalArgumentException if the provided Key is null.
+     * @param keyProvider the provider of the Public Key and Private Key for the verify and signing instance.
+     * @return a valid ECDSA512 Algorithm.
+     * @throws IllegalArgumentException if the Key Provider is null.
      */
-    public static Algorithm ECDSA256(ECPublicKey publicKey, ECPrivateKey privateKey) throws IllegalArgumentException {
-        return new ECDSAAlgorithm("ES256", "SHA256withECDSA", 32, publicKey, privateKey);
+    public static Algorithm ECDSA512(ECKeyProvider keyProvider) throws IllegalArgumentException {
+        return new ECDSAAlgorithm("ES512", "SHA512withECDSA", 66, keyProvider);
     }
 
     /**
-     * Creates a new Algorithm instance using SHA384withECDSA. Tokens specify this as "ES384".
+     * Creates a new Algorithm instance using SHA512withECDSA. Tokens specify this as "ES512".
      *
      * @param publicKey  the key to use in the verify instance.
      * @param privateKey the key to use in the signing instance.
-     * @return a valid ECDSA384 Algorithm.
+     * @return a valid ECDSA512 Algorithm.
      * @throws IllegalArgumentException if the provided Key is null.
      */
-    public static Algorithm ECDSA384(ECPublicKey publicKey, ECPrivateKey privateKey) throws IllegalArgumentException {
-        return new ECDSAAlgorithm("ES384", "SHA384withECDSA", 48, publicKey, privateKey);
+    public static Algorithm ECDSA512(ECPublicKey publicKey, ECPrivateKey privateKey) throws IllegalArgumentException {
+        return ECDSA512(ECDSAAlgorithm.providerForKeys(publicKey, privateKey));
     }
 
     /**
      * Creates a new Algorithm instance using SHA512withECDSA. Tokens specify this as "ES512".
      *
-     * @param publicKey  the key to use in the verify instance.
-     * @param privateKey the key to use in the signing instance.
+     * @param key the key to use in the verify or signing instance.
      * @return a valid ECDSA512 Algorithm.
      * @throws IllegalArgumentException if the provided Key is null.
+     * @deprecated use {@link #ECDSA512(ECPublicKey, ECPrivateKey)} or {@link #ECDSA512(ECKeyProvider)}
      */
-    public static Algorithm ECDSA512(ECPublicKey publicKey, ECPrivateKey privateKey) throws IllegalArgumentException {
-        return new ECDSAAlgorithm("ES512", "SHA512withECDSA", 66, publicKey, privateKey);
+    @Deprecated
+    public static Algorithm ECDSA512(ECKey key) throws IllegalArgumentException {
+        ECPublicKey publicKey = key instanceof ECPublicKey ? (ECPublicKey) key : null;
+        ECPrivateKey privateKey = key instanceof ECPrivateKey ? (ECPrivateKey) key : null;
+        return ECDSA512(publicKey, privateKey);
     }
 
+
     public static Algorithm none() {
         return new NoneAlgorithm();
     }