Forenkler Jwt AzureAuthMethod 😌

Trenger jo ikke å laste inn sertifikatet, tror jeg 🤔
navikt · Jan 19, 2024 · ef3c0f8 · ef3c0f8
1 parent 493dd1a
commit ef3c0f8
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 16 deletions.
diff --git a/azure-token-client-default/src/main/kotlin/com/github/navikt/tbd_libs/azure/Factory.kt b/azure-token-client-default/src/main/kotlin/com/github/navikt/tbd_libs/azure/Factory.kt
@@ -50,6 +50,7 @@ fun createAzureTokenClientFromEnvironment(env: Map<String, String> = System.gete
 fun createJwkAzureTokenClientFromEnvironment(env: Map<String, String> = System.getenv()): AzureTokenProvider {
     val objectMapper = jacksonObjectMapper().registerModule(JavaTimeModule())
     val jwk: Map<String, Any?> = objectMapper.readValue(env.getValue("AZURE_APP_JWK"))
+
     return createJwkAzureTokenClient(
         tokenEndpoint = URI(env.getValue("AZURE_OPENID_CONFIG_TOKEN_ENDPOINT")),
         clientId = env.getValue("AZURE_APP_CLIENT_ID"),

diff --git a/azure-token-client/src/main/kotlin/com/github/navikt/tbd_libs/azure/AzureAuthMethod.kt b/azure-token-client/src/main/kotlin/com/github/navikt/tbd_libs/azure/AzureAuthMethod.kt
@@ -6,7 +6,7 @@ import java.net.URI
 import java.security.KeyFactory
 import java.security.Signature
 import java.security.interfaces.RSAPrivateKey
-import java.security.spec.RSAPrivateCrtKeySpec
+import java.security.spec.RSAPrivateKeySpec
 import java.time.Clock
 import java.time.Instant
 import java.util.*
@@ -70,13 +70,7 @@ sealed interface AzureAuthMethod {
                 check(keyType.uppercase() == "RSA") { "Key type (kty) må være RSA" }
                 val modulus = hent("n", "Modulus").decodeToBigInteger
                 val privateExponent = hent("d", "Private exponent").decodeToBigInteger
-                val publicExponent = hent("e", "Public exponent").decodeToBigInteger
-                val primeP = hent("p", "Prime P").decodeToBigInteger
-                val primeQ = hent("q", "Prime Q").decodeToBigInteger
-                val primeExponentP = hent("dp", "Prime Exponent P").decodeToBigInteger
-                val primeExponentQ = hent("dq", "Prime Exponent Q").decodeToBigInteger
-                val crtCoefficient = hent("qi", "Certificate Coefficient").decodeToBigInteger
-                val keySpec = RSAPrivateCrtKeySpec(modulus, publicExponent, privateExponent, primeP, primeQ, primeExponentP, primeExponentQ, crtCoefficient)
+                val keySpec = RSAPrivateKeySpec(modulus, privateExponent)
                 val factory = KeyFactory.getInstance("RSA")
                 return (factory.generatePrivate(keySpec) as RSAPrivateKey)
             }

diff --git a/azure-token-client/src/test/kotlin/com/github/navikt/tbd_libs/azure/JwkTest.kt b/azure-token-client/src/test/kotlin/com/github/navikt/tbd_libs/azure/JwkTest.kt
@@ -2,6 +2,7 @@ package com.github.navikt.tbd_libs.azure
 
 import com.fasterxml.jackson.module.kotlin.jacksonObjectMapper
 import com.fasterxml.jackson.module.kotlin.readValue
+import org.intellij.lang.annotations.Language
 import org.junit.jupiter.api.Assertions.assertEquals
 import org.junit.jupiter.api.Assertions.assertTrue
 import org.junit.jupiter.api.Test
@@ -56,24 +57,19 @@ class JwkTest {
         private val base64Decoder = Base64.getUrlDecoder()
         private val String.decodeToBigInteger get() = BigInteger(1, base64Decoder.decode(this))
 
+        @Language("JSON")
         private const val TEST_JWK = """
         {
             "kid": "test-jwk",
             "kty": "RSA",
             "n": "pBjxqwjKaM4YG3Kf9dRugVjWGFLT6w4tdHRaQoipaTzl_891DMx6ccuUMMbjTxdxevsDbYOB0fjcKHHXQ9JW5yVaBxl2hk7FIre3uDeLOqNbbpr7mekwGzqz4YGAkTpNjDoljxS-5v3Dxo5Zr85FFXpdoed4Vs37p3U7FAlc91sZ0TJ0BV1q5k-kkG6UmsEsdp1qZxNsQ_5K1nWxREDxaBUOiIfDfPiHmmRXHEEEKY_AQ00-i97SC4vMu4cW9tCKxiBpKh743qF-GkctCePol5PCjFpy56PFC4PnZjRFgnn80kdSbFOwH8l07unzOiUzKlWkv0b5WXw8h3ydZFFexw",
-            "e": "AQAB",
-            "d": "gRm-x7iaxemevblob5c5eTnS9j_zybHVwRDpEf9CiTEIIkGs7OzSSETJybYvj0H6Xa6t-7LCp9cKHieyHAGXrTKNqZg2z2OZZL71I1FPkEqE3HfCCkyTNFjyvC-OXrNn3zK_6dmAd2qeY9AKb23wm_0xPPdGjcRwgEaSvCjBozgd8dKgrn8bnALb1V1mGPZt5X648723uW6zBqO94ue73gqp7WrE2AMTG4SaiX-CzO4dSzLI6AUZGnBfF6umyxrZBFR6g2m1zATBa5i0YXrIHXM3RREnFNmcOrcNO3borzNtZCiMW7ZrXIqO8AVnDjNmVzbg5v3f9Ol1U6t1TT0XAQ",
-            "p": "2f9NC_bpRpCvZwsZpALy2HQTYkX0b2P6N5zgQkm17PKiukc73AwHbk9YJYzPjTJY0IpRl2pivSTMOTuTuRU3sDxC_yMvuyJ3gI8rEtux_SDf2G2_OfGRtDgpUNuqzMveaoMpnCfxkO4JO5RmuvX99OW7_8wpZqQh6OQLttWJU5E",
-            "q": "wLQ4zrqas0YaTYb0SDmbDexP98CRDGj7E3n6JIx9HwsAm98BDxu9w59gSsCvzg0YnlQNYzvy10v9NxHKnvMvahfg_qmcD1o9YwcvzcljUw3dAIVIQ9rHbNZG4wfgAJt1QgkZQrz2KmGBaIdqR57IpUpfnJ5v4S7FpBZPNm7BMNc",
-            "dp": "yUTpgc5p-njDOUQKXF9Mj4Q8EVO9JssLziTM-ObNTQOIMqxqG_QPOE2ReLnVNuvxDDlos3_JwhAjbgQPk6Z_T_uTb7Sw8PoVk2CbyEGGx8p-YXiSQZFDkTz5CGqH-6WOqJCI7mACrGjZpWSSpLNR0bX6KWX6I4YOuNMz7Y6hx8E",
-            "dq": "I9ulUnqQvNlHnbOGE0Z83sthWgXAN-H1Dnu9Gz31LmiatWZ6yPftiNBIV8ChNiNjuFqFnziRiJSAStYJsSgpY4GMAXdILecp0xqMP6vAyryiqi0i9FVqlIsO58IYYaSL3jzZMXz-BYbdULkaAre-OFutjPRCd1F_v3fTR5q2YkM",
-            "qi": "JcR435ZvHWYJTj9oJedcuJjj4LRhL7bZdXU0PxwEwmMYMoF5Sc64dRs5chats1tVM35fjmEhAthxeQv19x_SV5NB0hX8sE_jqIfAKx5nsZbv-3-FQaI68GKlpxdsGqaK0CqAJYAkGtEUeeWi6HAV8Xl68GSzBYMYDtOM8PPJWO4"
+            "d": "gRm-x7iaxemevblob5c5eTnS9j_zybHVwRDpEf9CiTEIIkGs7OzSSETJybYvj0H6Xa6t-7LCp9cKHieyHAGXrTKNqZg2z2OZZL71I1FPkEqE3HfCCkyTNFjyvC-OXrNn3zK_6dmAd2qeY9AKb23wm_0xPPdGjcRwgEaSvCjBozgd8dKgrn8bnALb1V1mGPZt5X648723uW6zBqO94ue73gqp7WrE2AMTG4SaiX-CzO4dSzLI6AUZGnBfF6umyxrZBFR6g2m1zATBa5i0YXrIHXM3RREnFNmcOrcNO3borzNtZCiMW7ZrXIqO8AVnDjNmVzbg5v3f9Ol1U6t1TT0XAQ"
         }
         """
 
         private fun publicKey(jwk: Map<String, Any?>): RSAPublicKey {
             val modulus = jwk.getValue("n").toString().decodeToBigInteger
-            val exponent = jwk.getValue("e").toString().decodeToBigInteger
+            val exponent = "AQAB".decodeToBigInteger
             val spec = RSAPublicKeySpec(modulus, exponent)
             val factory = KeyFactory.getInstance("RSA")
             return factory.generatePublic(spec) as RSAPublicKey