JWT 서명 알고리즘 RS256 → PS256 교체 — AuthorizationServerConfig
PssJwtAccessTokenConverter 적용 - jwtAccessTokenConverter()에서 PssJwtAccessTokenConverter 사용으로 변경 - 기존 JwtAccessTokenConverter + setKeyPair() → new PssJwtAccessTokenConverter(privateKey, publicKey) - PEM 도출·setVerifierKey() 호출은 생성자 내부로 이전 - elink-online-common 서브모듈 업데이트 (RsaPssSigner, RsaPssVerifier, PssJwtAccessTokenConverter 추가)
This commit is contained in:
+1
-1
Submodule elink-online-common updated: 6809bf66b8...f3c2e64191
@@ -1,6 +1,8 @@
|
||||
package com.eactive.eai.authserver.config;
|
||||
|
||||
import java.security.KeyPair;
|
||||
import java.security.interfaces.RSAPrivateKey;
|
||||
import java.security.interfaces.RSAPublicKey;
|
||||
import java.time.LocalDateTime;
|
||||
import java.util.Arrays;
|
||||
|
||||
@@ -35,6 +37,7 @@ import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
|
||||
import org.springframework.security.oauth2.provider.token.store.KeyStoreKeyFactory;
|
||||
|
||||
import com.eactive.eai.authserver.dao.TokenIssuanceLogDAO;
|
||||
import com.eactive.eai.authserver.jwt.PssJwtAccessTokenConverter;
|
||||
import com.eactive.eai.authserver.service.OAuth2Manager;
|
||||
import com.eactive.eai.authserver.vo.ClientVO;
|
||||
import com.eactive.eai.common.dao.DAOException;
|
||||
@@ -139,9 +142,10 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
|
||||
Resource keystore = new ClassPathResource(keystorePath);
|
||||
KeyStoreKeyFactory keyStoreKeyFactory = new KeyStoreKeyFactory(keystore, keystorePassword.toCharArray());
|
||||
KeyPair keyPair = keyStoreKeyFactory.getKeyPair(keyAlias, keyPassword.toCharArray());
|
||||
JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
|
||||
converter.setKeyPair(keyPair);
|
||||
return converter;
|
||||
RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
|
||||
RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
|
||||
|
||||
return new PssJwtAccessTokenConverter(privateKey, publicKey);
|
||||
}
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user