Skip to content

Commit 5da472f

Browse files
tiborkochjzheaux
tiborkoch
authored and
jzheaux
committed
Fix ClassCastException
Closes gh-9651
1 parent 53e94bc commit 5da472f

File tree

2 files changed

+15
-1
lines changed

2 files changed

+15
-1
lines changed

oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/JwtDecoderProviderConfigurationUtils.java

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -90,7 +90,8 @@ static Set<SignatureAlgorithm> getSignatureAlgorithms(JWKSource<SecurityContext>
9090
List<? extends JWK> jwks = jwkSource.get(new JWKSelector(jwkMatcher), null);
9191
for (JWK jwk : jwks) {
9292
if (jwk.getAlgorithm() != null) {
93-
jwsAlgorithms.add((JWSAlgorithm) jwk.getAlgorithm());
93+
JWSAlgorithm jwsAlgorithm = JWSAlgorithm.parse(jwk.getAlgorithm().getName());
94+
jwsAlgorithms.add(jwsAlgorithm);
9495
}
9596
else {
9697
if (jwk.getKeyType() == KeyType.RSA) {

oauth2/oauth2-jose/src/test/java/org/springframework/security/oauth2/jwt/JwtDecoderProviderConfigurationUtilsTests.java

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,7 @@
2020
import java.util.Collections;
2121
import java.util.Set;
2222

23+
import com.nimbusds.jose.Algorithm;
2324
import com.nimbusds.jose.JWSAlgorithm;
2425
import com.nimbusds.jose.jwk.Curve;
2526
import com.nimbusds.jose.jwk.ECKey;
@@ -32,6 +33,7 @@
3233
import org.junit.Test;
3334

3435
import org.springframework.security.oauth2.jose.TestKeys;
36+
import org.springframework.security.oauth2.jose.jws.JwsAlgorithms;
3537
import org.springframework.security.oauth2.jose.jws.SignatureAlgorithm;
3638

3739
import static org.assertj.core.api.Assertions.assertThat;
@@ -73,4 +75,15 @@ public void getSignatureAlgorithmsWhenJwkSetSpecifiesFamilyThenUses() throws Exc
7375
assertThat(algorithms).contains(SignatureAlgorithm.ES256, SignatureAlgorithm.ES384, SignatureAlgorithm.ES512);
7476
}
7577

78+
// gh-9651
79+
@Test
80+
public void getSignatureAlgorithmsWhenAlgorithmThenParses() throws Exception {
81+
JWKSource<SecurityContext> jwkSource = mock(JWKSource.class);
82+
RSAKey key = new RSAKey.Builder(TestKeys.DEFAULT_PUBLIC_KEY).keyUse(KeyUse.SIGNATURE)
83+
.algorithm(new Algorithm(JwsAlgorithms.RS256)).build();
84+
given(jwkSource.get(any(JWKSelector.class), isNull())).willReturn(Collections.singletonList(key));
85+
Set<SignatureAlgorithm> algorithms = JwtDecoderProviderConfigurationUtils.getSignatureAlgorithms(jwkSource);
86+
assertThat(algorithms).containsOnly(SignatureAlgorithm.RS256);
87+
}
88+
7689
}

0 commit comments

Comments
 (0)