in src/main/java/org/apache/geronimo/microprofile/impl/jwtauth/jwt/SignatureValidator.java [108:140]
private PublicKey toPublicKey(final String key, final String algo) {
PublicKey publicKey = useCache ? publicKeyCache.get(key) : null;
if (publicKey == null) {
final byte[] decoded = Base64.getDecoder().decode(key
.replace("-----BEGIN RSA KEY-----", "")
.replace("-----END RSA KEY-----", "")
.replace("-----BEGIN PUBLIC KEY-----", "")
.replace("-----END PUBLIC KEY-----", "")
.replace("-----BEGIN RSA PUBLIC KEY-----", "")
.replace("-----END RSA PUBLIC KEY-----", "")
.replace("\n", "")
.trim());
try {
switch (algo) {
case "RSA": {
final X509EncodedKeySpec keySpec = new X509EncodedKeySpec(decoded);
final KeyFactory keyFactory = KeyFactory.getInstance(algo);
publicKey = keyFactory.generatePublic(keySpec);
if (useCache) {
publicKeyCache.putIfAbsent(key, publicKey);
}
break;
}
case "EC": // TODO
default:
throw new JwtException("Invalid signing", HttpURLConnection.HTTP_UNAUTHORIZED);
}
} catch (final Exception e) {
throw new JwtException("Invalid signing", HttpURLConnection.HTTP_UNAUTHORIZED);
}
}
return publicKey;
}