JWT 서명 알고리즘 RS256 → PS256 교체 — AuthorizationServerConfig

PssJwtAccessTokenConverter 적용

- jwtAccessTokenConverter()에서 PssJwtAccessTokenConverter 사용으로 변경
- 기존 JwtAccessTokenConverter + setKeyPair() → new
PssJwtAccessTokenConverter(privateKey, publicKey)
- PEM 도출·setVerifierKey() 호출은 생성자 내부로 이전
- elink-online-common 서브모듈 업데이트 (RsaPssSigner, RsaPssVerifier,
PssJwtAccessTokenConverter 추가)
This commit is contained in:
curry772
2026-05-28 13:28:41 +09:00
parent c74d1777df
commit 698b3ca7b6
2 changed files with 8 additions and 4 deletions
@@ -1,6 +1,8 @@
package com.eactive.eai.authserver.config;
import java.security.KeyPair;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.time.LocalDateTime;
import java.util.Arrays;
@@ -35,6 +37,7 @@ import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
import org.springframework.security.oauth2.provider.token.store.KeyStoreKeyFactory;
import com.eactive.eai.authserver.dao.TokenIssuanceLogDAO;
import com.eactive.eai.authserver.jwt.PssJwtAccessTokenConverter;
import com.eactive.eai.authserver.service.OAuth2Manager;
import com.eactive.eai.authserver.vo.ClientVO;
import com.eactive.eai.common.dao.DAOException;
@@ -139,9 +142,10 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
Resource keystore = new ClassPathResource(keystorePath);
KeyStoreKeyFactory keyStoreKeyFactory = new KeyStoreKeyFactory(keystore, keystorePassword.toCharArray());
KeyPair keyPair = keyStoreKeyFactory.getKeyPair(keyAlias, keyPassword.toCharArray());
JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
converter.setKeyPair(keyPair);
return converter;
RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
return new PssJwtAccessTokenConverter(privateKey, publicKey);
}