diff --git a/http/oidc/src/main/java/org/wildfly/security/http/oidc/TokenValidator.java b/http/oidc/src/main/java/org/wildfly/security/http/oidc/TokenValidator.java index b1540bb1146..746318043f6 100644 --- a/http/oidc/src/main/java/org/wildfly/security/http/oidc/TokenValidator.java +++ b/http/oidc/src/main/java/org/wildfly/security/http/oidc/TokenValidator.java @@ -274,6 +274,18 @@ public ErrorCodeValidator.Error validate(JwtContext jwtContext) throws Malformed } return null; } + + private static String getAccessTokenHash(String accessTokenString, String jwsAlgorithm) throws NoSuchAlgorithmException { + byte[] inputBytes = accessTokenString.getBytes(StandardCharsets.UTF_8); + String javaAlgName = getJavaAlgorithmForHash(jwsAlgorithm); + MessageDigest md = MessageDigest.getInstance(javaAlgName); + md.update(inputBytes); + byte[] hash = md.digest(); + int hashLength = hash.length / 2; + byte[] hashInput = Arrays.copyOf(hash, hashLength); // leftmost half of the hash + return ByteIterator.ofBytes(hashInput).base64Encode(BASE64_URL, false).drainToString(); + } + } private static class TypeValidator implements ErrorCodeValidator { @@ -297,17 +309,6 @@ public ErrorCodeValidator.Error validate(JwtContext jwtContext) throws Malformed } } - private static String getAccessTokenHash(String accessTokenString, String jwsAlgorithm) throws NoSuchAlgorithmException { - byte[] inputBytes = accessTokenString.getBytes(StandardCharsets.UTF_8); - String javaAlgName = getJavaAlgorithmForHash(jwsAlgorithm); - MessageDigest md = MessageDigest.getInstance(javaAlgName); - md.update(inputBytes); - byte[] hash = md.digest(); - int hashLength = hash.length / 2; - byte[] hashInput = Arrays.copyOf(hash, hashLength); // leftmost half of the hash - return ByteIterator.ofBytes(hashInput).base64Encode(BASE64_URL, false).drainToString(); - } - public static class VerifiedTokens { private final AccessToken accessToken;