From 0fe7dd57099354d65d0804ac3020d701a6baeb32 Mon Sep 17 00:00:00 2001 From: Ryan Esch Date: Thu, 18 Oct 2018 14:19:13 -0500 Subject: [PATCH] send game-service JWTs signed with the same private key --- .../libertybikes/auth/service/JwtAuth.java | 2 +- .../auth/service/google/GoogleCallback.java | 2 +- .../org/libertybikes/game/core/GameRound.java | 2 +- .../resources/security/validationKeystore.jks | Bin 4052 -> 7045 bytes .../src/main/liberty/config/server.xml | 8 ++++---- .../src/main/liberty/config/server.xml | 4 ++-- 6 files changed, 9 insertions(+), 9 deletions(-) diff --git a/auth-service/src/main/java/org/libertybikes/auth/service/JwtAuth.java b/auth-service/src/main/java/org/libertybikes/auth/service/JwtAuth.java index e087329..eb9d820 100644 --- a/auth-service/src/main/java/org/libertybikes/auth/service/JwtAuth.java +++ b/auth-service/src/main/java/org/libertybikes/auth/service/JwtAuth.java @@ -78,7 +78,7 @@ public abstract class JwtAuth { // We'll use this claim to know this is a user token onwardsClaims.setAudience("client"); - onwardsClaims.setIssuer("https://auth-service-libertybikes.mybluemix.net"); + onwardsClaims.setIssuer("https://libertybikes.mybluemix.net"); // we set creation time to 24hrs ago, to avoid timezone issues in the // browser verification of the jwt. Calendar calendar1 = Calendar.getInstance(); diff --git a/auth-service/src/main/java/org/libertybikes/auth/service/google/GoogleCallback.java b/auth-service/src/main/java/org/libertybikes/auth/service/google/GoogleCallback.java index 93ae5bb..abda6d4 100644 --- a/auth-service/src/main/java/org/libertybikes/auth/service/google/GoogleCallback.java +++ b/auth-service/src/main/java/org/libertybikes/auth/service/google/GoogleCallback.java @@ -66,7 +66,7 @@ public class GoogleCallback extends JwtAuth { infoRequest.getHeaders().setContentType(MediaType.APPLICATION_JSON); String jsonIdentity = infoRequest.execute().parseAsString(); GoogleUser user = jsonb.fromJson(jsonIdentity, GoogleUser.class); - System.out.println("Created user json: " + jsonb.toJson(user)); + System.out.println("User logged in: " + jsonb.toJson(user)); Objects.requireNonNull(user.name, "User name was null"); Objects.requireNonNull(user.email, "User email was null"); diff --git a/game-service/src/main/java/org/libertybikes/game/core/GameRound.java b/game-service/src/main/java/org/libertybikes/game/core/GameRound.java index fb6349f..9709644 100644 --- a/game-service/src/main/java/org/libertybikes/game/core/GameRound.java +++ b/game-service/src/main/java/org/libertybikes/game/core/GameRound.java @@ -324,7 +324,7 @@ public class GameRound implements Runnable { // We'll use this claim to know this is a user token onwardsClaims.setAudience("client"); - onwardsClaims.setIssuer("https://game-service-libertybikes.mybluemix.net"); + onwardsClaims.setIssuer("https://libertybikes.mybluemix.net"); // we set creation time to 24hrs ago, to avoid timezone issues in the // browser verification of the jwt. Calendar calendar1 = Calendar.getInstance(); diff --git a/game-service/src/main/liberty/config/resources/security/validationKeystore.jks b/game-service/src/main/liberty/config/resources/security/validationKeystore.jks index 42582fbaa965c2493735e23399930a78a516a9f0..70b7fafc4af11839c6e6c2649e03645b640188a7 100644 GIT binary patch literal 7045 zcmcgx2{=_>*FSe~iDbCOOjk*UaITq3rjRlZ88TelxEU_@UX{!eDG3!BGbI!b2qY54UONUdV>U@d=tV3rBM@|S z0BDG30ykk$7HA9>X<>$E1-HNgBbI)@k1y#c;Ur!Pl!P@*SdpI^oEg#CmqNs85h*m% zQIa!(M#O3O(%i@t63q`3_v4#TnDKL32)hZaL^ zQ{DE;W}`=pqNP@hw<|6k9qWwAQQ-xut{_$7n6|7aOFtE$Oa5x0MrNTGDBdM_(NSgO zhoTu)rPp3m^2Odfj(XV-JSZ_!w9n{GxxH_cYv~okol^ZKxxgT&tuDV@_ zTD(c;vY9QgAdpzy(Pap-z|B|$ViipXqM*mx{t#e+6=-NvVL(;bKnN`d;z5}VsSL>o zaW@*xTUAEJnc^YsN+i?ZA643!>`cb z9^_(=05PSZ43Fm+T3daBj?Oes_wE*2ottYje5R#*y9Ny8d17%o>sY5ETk5#p(QMD) zYHY9W%6Xe3)TN>UK3QJnn~Cxq1qt0BviUg}4pi2T#?78q{2*XS?ij42I>){X_E+21 zxtD(0L7A5N7G-RhS$uVd@F{#BJ9It~0NRPfQq@(Y`m zZjf5+y-Ov{4TW06Hh<7RKL70P#iWRlp|Y)|IWKK;UCAo9=LV+Kk6ww3=XsCiyb$e> z645XHu|1~mxQdjxahBN|{^mCiUdwL(_%Zr+%9de2b)9iNbHnk`__HhII~q$J2+=)3 zU#YJxFZSNJlGoz1z?F}8dMacXTkYZTNElxp#a~n6k*d%;jtQktY80#|p0G$@-c?_m zVRC2ngF>WaURrg!+k(E>+uaq}rE#yKRF!M(g=lYG<`Ip4Jd2TEZR9y_NZn0PjoF=_ zZEV%oGG$d2DY58fqMMwo>NFb0I3}^rm+xIjL-LShRxFFu>Lw>Tay^%BeN$U8!|=dn zcKu0p=ErI00__z=!WLwUV&;vGoYY;YC_CaJ!#YB`H_BR9Qs#o>7yjm3!_QSapYg4= zct1;Zvgv(=WEs2D{Tf5Miadmr=foGABnG*YbH;n+M+Gge=PxnA$mTXf5k!4G%6GdbPQi@DnyRMU^|9mb7g6&&p^z2uHJ z^phukI)kv}rhRm0Fut&CejDvzr>#>dOVT{2O{08&UMFGrQc^W-EanhH6#oRZtZ8Re zIsL7WfXOM&Cqes{mQ2ozPd-S$oRC%F#Id@P#*Oqn^)jNq{}J=qR~5A36t@glJ zKCqKQ4kl)d%@;=%6`E+gm~lLG5J1$2o5}s0oHs2^ol_|;(W&hoq)r8@brcLs`5{7`#i~3qdpA_Grznf zUUc20o00I~@C8mzmI1@&><}Ntf!Jd%oTpcHHJCn573IsWOe(p|Ck{xmX|wNnDn_AN zPq^N2G9}WY%99f(kqjOYKtszZ%l8xgyOP1=-Ts!;PMb#h)V_-MFFKPgy0!}&+$0Uh zgL|r0goP`g+z#o8qHZf23$$?I5Dn0uvN9!%MZAEB~ zr(t%>R;!A;w%i*^)ojneoNtr77mKn`ODuapfz|-r}N^d2+gUm)g@7$_Cg)(lmU=MakKgK?o@r7-2 z$BzgB-W}~?0#*}ExTMOW;^2oh2dkMA6TSLtZw(~xy;$Ug{v=>7^Z9b?!h%Cc0XmTG z_0pAV%XhkEWu7UiW;S|$D%IBhu-(`Es^p3NnJGdA*ts=S{LNC_A(r9_u@s|qmV%Zx zeiywF%9$X*bonc7V1e2pdcc6iP-zq*k@l;V9*Zg`s)`S)q)ZhHoC%C=u`H$Jp^$?1Q5v;QmB-&VmqIZ2wv8>^s)YsUB@fUR}TBE zSgz&DUbL#7s-5hV7arhuX}DThR8?1!Ruv=kAXu^Ev2t)yj?N4!yS0D$?)k>NCu&NsI>dR$o0!ql?K-^Vitiou;q9F{u#F46}*}e!LQSB&B~u@9ub?QGN@# zwR9W%y?r&u*c&s_kthfB$fkq=Uy5ytxocQ4!Q#bRp#Cd$qzdWQlBXlIaIUet905+u zok)yOh$`aZij*H+kc!;?AaCzxb^Co-qj@1O|6R5pYxD9?2S1HI`}ugE<(_?|AKR5$ zdQ^q7#|y?m>1Xd99@l?F$!wrwy1R zU>L><45L$DKai}94r~S}TkbgS?%7^c^uFC27Z%PTJboR&^&El|#KMP@5xZHN?HTZ#?)q_1 zE4sb6`Z|HXRJ~G+eYobE!%9zS`|RFw!Gi((hmsW2_kNhV;bt!|?CNE|xPDB-kUt=3 z|N6JIAp%;x2hbuz8b|dc#`So&dEtL+{>@h5%W>?;E|sk~Y-G6}o=;hDR|5 zWY+FxYd*XH7w8Gk0=74W?jF!ANsvERNH&H%!*hb?tpRB$P&*Ougf1^givv!q&E6Th zvi zpZfK0l?K`2-*GKNWB@TxUWh~hp!~0uME%CokpFi*Y|NfZ)b5c` z-x_rhy;nuIG9YK2T_o>qh(N}Z)TkHYi>w#ZM-jN*A-^QO(+htC%C!h2IC5Pt-Q$Is zGRti4R*739D6Q$_I<**IzPV-TZPvH2O@xv6KPHkMMsD&o7i-jUeA!^KEB-TITmYWI zdqk<`u5Dg@HWRS8m2(+YXm#vezx4fP`)*`5r6kvNqEGQR7An>IZMnV z)rl=di8Qb}AYJzvUdZUh7DL<+{g7dafGH9vAM)9Dv( z5buq#=X|EA|6Z1yQ{rxN+NxonXY1l1O1SeF7q21XTw!>J-Q_Zy;|qkf2(;-}1cCw* zRJ3Yy|N1-npevy4xCEkvNk5|x`px^Cmq$K*_H2^WthVF4wsBEmYWV*ieeiO4P~MoJVvxjMt7{=DVMZb}V4gH(sZRT0K+N%Q9hyIbjm@)Fx$=9GkmOFbyOp4!SA zmV1W9UfW7S>Eg1&M<#}yvNrRz=hJiQO`hx=d9_K$mfHu*FBpb)>`kpD|?JGhQ*+Mwn?BHO=>OM78wIJ6>6gMJpyBtWrWbA$?K z{2L2rE*rR(jFz$42GlZfTa7J7();e|8X&qjWwBRVQ+EHQX82E0Z$k|kI)Q7j#&hmU z6l%Jx4|EpK?c$}e8LODg2pTnz4w zU(O0j7dts0(P8Zq_ywKd-eYaGccllv;|Py(c=p(}u;pmmt9ZkQC)2kspXoeM@M-7y zB+8OnL7xWGV4q@UBfppKfnfUqy#Um}^7#W9S4B0|KRkAhK~{ z8rE83-Jx#_zE1h?K2fRe6hf!5A2G{~Q5$NKOL6TXNK+!;k(Stj!|HE}-LTZ6Q&i$=d84b=d_*&T=mWvxRR6B@Dx5G)a*W6T@T4Cc~@@HkKq1^^~3_j<+K zjO6O|i~QoGaHg_&EXW31Fk%`1So~6=HY(S+vLapk0i?FRAxc(i|&xaK|< z+0r0Q7E9W%*>Y1&*gS=)Cpg^u2YXp(W2D1_;E0}5@W`{}!jJwhN545HY>H={e_}SY z=pRHqd&~5!zkY7Vfn58%8__mwb*I8UG(=C7-AdR&pQxWCK`&D-c%tzfO9e83FQNK= zjq0wtXY4f}tOG}$U?Lps4;-sdu|F$6Rd;eT!_{z)yoU$NGXgjJ8O&8nbqaU%dDsTN z$q*0E{N8i_sN}%lGL~dX?(ZZI>%pUe36MgZ?Je>?2Op) zhbT$AuKlZo3T+%|FCtBb0#PC z4Og9i(iFnWzrRT;di z*34>q`sv_<7+3Pc?yk<>^uo0mw>zX6q;N-X9!0cgXdI)O{kU#i?zMwu@et3KWz&He zQpq?Q%h1{WMS%kg1w&UJ<4!g^vcK4&9(`;nNK;weg?%AC^vxw{>$h1m1~*eG-M(|W N612^|G_tFy{{^4PWU&AM literal 4052 zcmeI#c{G&k9{})~F^1ueZR|=BQKA`3_9aF|cG(-UOcAmT%Fr-bi^e*(hHTT|TEkS< zvQrdcNW^V~A2DUE)KA^({5tpCbM9Zi``7*BJ@5HG-}9dL`#$gUd7tn5b@}Tu0002( z9xOl3kU)%^mp29g0J=@D7e)YB?G;oI>bqHQ1cBuef&enV%K`#|Kwt%nw}}WC1bQ^~ zOzb8M2;^i1AUu$q2q=Wb1`L6NY^;&oyZPOK9S#Y?24XPSy(}9XWNL=wMR0%5a=_X3 zcW-Fm7wEq?#QFPBkd;l)-Vh6%J@A_AmG7k?#D!o;HH0!!NfCimM=CiA!4#1QB}KJA z!hfg=0#Nej#|N?kSO`FF0D=JI01<#dK<>*vq^#V^L_}fjO>bS(7(b7R26R=;LNof? z7H(LuXNO0Y;>LnjsleW;TlsWcwi>pou176}(O%x>tp*m?94VnZCkFQk#Cb&qMA)%* zTmZ3mYSqk9a%s<1Nfw_ao|LV{9K*x%blCU$n`Qa`eP&IsvvRZx!%?8H)$^ujfhorqnly zwt~~bRU+5UO2Q^0cT9cSt{(@n00F=v3B&=!{@vHSp9?Gq<~P!B$?-bs;V^|eBgd<0 zp21NOaR28?++9PvlL!RF2}V|^=6-crCuJhiPo^=OP0)R>^bq6p8i^mKqoP zl_kdad9-9TRMMJi$h6xBy6`9Z2G#J{#i!o06m`>gu4-QM46v>Hqze!3(R&Z$$>uO^ zw%_orO|0^BThHh9c3Uo)v8KO)#lZ2faZ;$SsKW*gL>+~=FQfjIv`?UH8e9;C81JKFix4V zDIa&Ji>m#Lp0h68eEq-`+%YF+BenDf{zYQ^$B+?QE!|pXuWHAzx&>JWsXk-n-UWZ! zGFNjCxq3>2UQng(Fk`A@O?WpXLzZxhL&+hku}C|G|zA z!SkIR8ysro=kAFK!eRpVko^tCKdxkfL-!~u{%lcEMe%2gKf-^olE3pv>@4>Ym|d-q zSzP2RY*&FObS*&|gc5qWIV9vi$JG$WCV{csr~T*5emU1D@t9vD*_?v*!QbIO^Ng71 z0g_JMXiW*J%<nj4L9c0+YeS1Aoz zOpZ%ZL!JU*jWhT!ech&{+Fg4##zS^i9X?_J#PHiBFFlvfJRVG+(aU&J>i@*y+atSy zbeZi7H|$uwz0j*y-^Y6zL&Ey*Jn)!a@A(yE{!xs*XLhl1_FZ%t{I5KU0PO`WM^mS? zzL9aNeKoiE$1gDcw3dE&bW2-vmwbM9Fv9p%m{H9~i|n0|LZ=6n(Q>L`>a|uVsYUg* zt&>BN7>$I4>dWrLHOvp9Yov6FhJtKf;k0~97OQv+pvxZe-#5m#Dv<>MfE9=!fOimF5DqyA5DYvD;sx$*0$>7o zf&cJ3{`qwuVPQ5p3Y3%+PdC$iO4JWkab~jn;N~v{9hHUQ3UZ#0?N7f4K-SV5ghS(biO|^I0sA^>a63gbKknQw?-Px# zeq;URVR=lQa6T zPQgu_@TGhNH%U};4vik5$&Al)+%QvSLS0+Y|VrjiGVgI2i-sRx2XlUZjQ4WnL z)8IOT&a4JsYp)e?nNe=j2=1V{c<>QWX0LTf#goFK$$dbkBJC_(G&c zNkX~zOP$Mrm27y{3iKt;)$zkZo^k6s0MlEtPF36A= zUq_ZVNt#o&+P2h=dRhztvwYp=p^1R-yQiEzqWTU`s@8qC@jeJ(D_ z%c?-A;UTmvOpAev2)NuTA61tUb=r-1c;w8H$j%S(wQG+;ExM%B%V(~{q3oaLg`nCR z3-uo-c3{Nd*w~YY?;>%=usj>gG#1?UL=kSe;1fCw7ba>qL|jFa?|>qGWc0u-JtOvxSH0 zY&G#^Z<2#=3zh7Jz z4G0tgWZ@ju%xMYr2!D2op)c{S4;zWdilcna&XKLqQqI-i1}c=~{mW=8T;T_e$;qCR z$Q*&<*2hmj2~K6Vz2dVuor|b9J`C~SzxYNK-9SmUhp!(ILr58*rxszu(+=GMAZosC}3UED~*U z)f#lamnnFx%Of-nTYpQm_x#1~fSQl&I=ychD1YbSua(}(ic*=|W8W$&MedhAcnB+N z%C(R#x?Q+spsOc^C7veDvL?;k17PLvpFwZf^sOD`n@GozwQF z%^DJ{+tSa|jJepnS&s=_2=CJnNl)khHLYb)2UeWAmK(47jk869pWWgMJ@2%lpB6Pe zH1=gYh5x9KMe?Ceg$665zE9MGFvE~m?=YsEzPNPBeFQ)|%2`_!>ZY1d3H#OCS@}8aO@?*?gj~l=#+s>ONSw z_GH}MsLOsJ2v1#5u}l-)F`42E{}L0;td&~kB0;Rm(P!jN1d_&{ZJR>ceayPD9PSZI zdR!8vHXBWe?vt*+e;4=u5dQ5 - - + + @@ -31,11 +31,11 @@ keyStoreRef="validationKeystore" trustStoreRef="validationKeystore" /> - +