Package com.broadleafcommerce.oauth2.resource.security.util

Class KeyUtil

java.lang.Object

com.broadleafcommerce.oauth2.resource.security.util.KeyUtil

public final class KeyUtil
extends Object

Utilities related to token signing keys

Field Summary

Fields

Modifier and Type	Field	Description
static final String	PUBLIC_KEY_PROPERTY_MAIN
static final Pattern	PUBLIC_KEY_PROPERTY_PATTERN

Method Summary

Modifier and Type	Method	Description
static List<Key>	getPublicKeys(org.springframework.core.env.Environment environment)	Get all public keys declared in the spring environment.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

PUBLIC_KEY_PROPERTY_MAIN

public static final String PUBLIC_KEY_PROPERTY_MAIN

See Also:

• Constant Field Values

PUBLIC_KEY_PROPERTY_PATTERN

public static final Pattern PUBLIC_KEY_PROPERTY_PATTERN

Method Details

getPublicKeys

public static List<Key> getPublicKeys(org.springframework.core.env.Environment environment)
                               throws NoSuchAlgorithmException,
InvalidKeySpecException

Get all public keys declared in the spring environment. Having multiple public keys allows for token signing key rotation with zero downtime. Public keys are versioned using the following naming convention: broadleaf.resource.security.oauth2.encodedpublickeys.[version]. The 'version' element of the property name should be an integer. Greater version values are favored as representing the latest. All keys will be available to serve as token verifiers, thus allowing tokens emitted previous to the rotation to still be valid until the relevant property key is removed from the environment.

Parameters:

environment - The spring config environment

Returns:

All public keys found

Throws:

NoSuchAlgorithmException

InvalidKeySpecException