README and CHANGES

FusionAuth · May 27, 2020 · a2a0899 · a2a0899
1 parent 5669554
commit a2a0899
Show file tree

Hide file tree

Showing 7 changed files with 40 additions and 7 deletions.
diff --git a/CHANGES b/CHANGES
@@ -1,5 +1,9 @@
 FusionAuth JWT Changes
 
+Changes in 3.3.1
+
+ * Add static method on JSONWebKey to use new JSONWebKeyParser class.
+
 Changes in 3.3.0
 
  * Add JSONWebKeyParser to extract public keys from a JSON Web key. This allows you to build JWT verifiers from publicly available JWKS endpoints.

diff --git a/README.md b/README.md
@@ -10,7 +10,7 @@ We are very interested in compensating anyone that can identify a security relat
 ## Features
  - JWT signing using HMAC, RSA and Elliptic Curve support
    - `HS256`, `HS384`, `HS512`, `RS256`, `RS384`, `RS512`, `ES256`, `ES384`, `ES512`
- - Modular crypto provider so you can drop in support for BC FIPS or other Java JCE security providers.   
+ - Modular crypto provider so you can drop in support for BC FIPS or other JCE security providers.   
  - PEM decoding / encoding
    - Decode PEM files to PrivateKey or PublicKey
      - Decode private EC keys un-encapsulated in PKCS#8, returned PEM will be in PKCS#8 form.
@@ -198,6 +198,24 @@ String json = jwk.toJSON();
 }
 ```
 
+### Extract the Public Key from a JWK
+
+```json
+{
+  "e": "AQAB",
+  "kty": "RSA",
+  "n": "Auchby3lZKHbiAZrTkJh79hJvgC3W7STSS4y6UZEhhxx3m3W2hD8qCyw6BEyrciPpwou-vmeDN7qBSk2QKqTTjlg5Pkf8O4z8d9HAlBTUDg4p98qLFOF2EFWWTiFbQwAP2qODOIv9WCAM2rkXEPwGiF962XAoOwiSmldeDu7Uo5A-bnTi0z3oNu4qm_48kv90o9CMiELszE9jsfoH32WE71HDqhsRjVNddDJ81e5zxBN8UEmaR-gmWqa63laON2KANPugJP7PrYJ_PC9ilQfV3F1rDpqbvlFQkshohJ39VrVpEtSRmJ12nqTFuspXLApekOyic3J9jo6ZI7o3IdQmy3bpnJIT_U",
+  "use": "sig"
+}
+```
+
+```java
+String json = { ... example above ... }
+byte[] bytes = json.getBytes(StandardCharsets.UTF_8);
+JSONWebKey jwk = Mapper.deserialize(bytes, JSONWebKey.class);
+Publickey publicKey = JSONWebKey.parse(jwk);
+```
+
 ### Convert a Private Key to JWK
 
 ```java

diff --git a/build.savant b/build.savant
@@ -17,7 +17,7 @@
 savantVersion = "1.0.0"
 jacksonVersion = "2.10.3"
 
-project(group: "io.fusionauth", name: "fusionauth-jwt", version: "3.3.0", licenses: ["ApacheV2_0"]) {
+project(group: "io.fusionauth", name: "fusionauth-jwt", version: "3.3.1", licenses: ["ApacheV2_0"]) {
 
   workflow {
     standard()

diff --git a/pom.xml b/pom.xml
@@ -6,7 +6,7 @@
 
   <groupId>io.fusionauth</groupId>
   <artifactId>fusionauth-jwt</artifactId>
-  <version>3.3.0</version>
+  <version>3.3.1</version>
   <packaging>jar</packaging>
 
   <name>FusionAuth JWT</name>

diff --git a/src/main/java/io/fusionauth/jwks/JSONWebKeyParser.java b/src/main/java/io/fusionauth/jwks/JSONWebKeyParser.java
@@ -43,7 +43,7 @@ public class JSONWebKeyParser {
    * @param key the JSON web key
    * @return the public key
    */
-  public static PublicKey parse(JSONWebKey key) {
+  public PublicKey parse(JSONWebKey key) {
     Objects.requireNonNull(key);
 
     try {

diff --git a/src/main/java/io/fusionauth/jwks/domain/JSONWebKey.java b/src/main/java/io/fusionauth/jwks/domain/JSONWebKey.java
@@ -22,6 +22,7 @@
 import com.fasterxml.jackson.annotation.JsonProperty;
 import io.fusionauth.jwks.JSONWebKeyBuilder;
 import io.fusionauth.jwks.JSONWebKeyBuilderException;
+import io.fusionauth.jwks.JSONWebKeyParser;
 import io.fusionauth.jwt.domain.Algorithm;
 import io.fusionauth.jwt.domain.Buildable;
 import io.fusionauth.jwt.domain.KeyType;
@@ -173,6 +174,16 @@ public static JSONWebKey build(String encodedPEM) {
     return new JSONWebKeyBuilder().build(encodedPEM);
   }
 
+  /**
+   * Build a public key from a JSON Web Key containing a public RSA or EC key.
+   *
+   * @param key a JSON web key containing a public key
+   * @return a public key
+   */
+  public static PublicKey parse(JSONWebKey key) {
+    return new JSONWebKeyParser().parse(key);
+  }
+
   /**
    * Build a JSON Web Key from a certificate
    *

diff --git a/src/test/java/io/fusionauth/jwks/JSONWebKeyParserTest.java b/src/test/java/io/fusionauth/jwks/JSONWebKeyParserTest.java
@@ -74,7 +74,7 @@ public void parse_ec_keys(Algorithm algorithm, String curve, String x, String y)
     expected.x = x;
     expected.y = y;
 
-    PublicKey publicKey = JSONWebKeyParser.parse(expected);
+    PublicKey publicKey = JSONWebKey.parse(expected);
     assertNotNull(publicKey);
 
     // Compare to the original expected key
@@ -96,7 +96,7 @@ public void parse_well_known(Algorithm algorithm, String exponent, String modulu
     expected.e = exponent;
     expected.n = modulus;
 
-    PublicKey publicKey = JSONWebKeyParser.parse(expected);
+    PublicKey publicKey = JSONWebKey.parse(expected);
     assertNotNull(publicKey);
 
     // Compare to the original expected key
@@ -144,7 +144,7 @@ public void parse_rsa() {
     JSONWebKey expected = JSONWebKey.build(keyPair.publicKey);
     expected.alg = RS256;
 
-    PublicKey publicKey = JSONWebKeyParser.parse(expected);
+    PublicKey publicKey = JSONWebKey.parse(expected);
     assertNotNull(publicKey);
 
     // Compare to the original expected key