verify token signature

this just checks that the token was signed using one of the keys listed
by the key server. still need to validate the token contents.

Author: barna-isaac

pom.xml

@@ -226,6 +226,16 @@
             <version>${junit-5.version}</version>
             <scope>test</scope>
         </dependency>
+        <dependency>
+            <groupId>com.auth0</groupId>
+            <artifactId>java-jwt</artifactId>
+            <version>4.5.0</version>
+        </dependency>
+        <dependency>
+            <groupId>com.auth0</groupId>
+            <artifactId>jwks-rsa</artifactId>
+            <version>0.22.1</version>
+        </dependency>
         <dependency>
             <groupId>org.testcontainers</groupId>
             <artifactId>testcontainers</artifactId>

src/main/java/uk/ac/cam/cl/dtg/segue/api/Constants.java

@@ -303,6 +303,7 @@ public String toString() {
     public static final String MICROSOFT_SECRET = "MICROSOFT_SECRET";
     public static final String MICROSOFT_CLIENT_ID = "MICROSOFT_CLIENT_ID";
     public static final String MICROSOFT_TENANT_ID = "MICROSOFT_TENANT_ID";
+    public static final String MICROSOFT_JWKS_URL = "MICROSOFT_JWKS_URL";
 
     // Facebook properties
     public static final String FACEBOOK_SECRET = "FACEBOOK_SECRET";

src/main/java/uk/ac/cam/cl/dtg/segue/auth/MicrosoftAuthenticator.java

@@ -15,9 +15,14 @@
  */
 package uk.ac.cam.cl.dtg.segue.auth;
 
+import com.auth0.jwk.InvalidPublicKeyException;
+import com.auth0.jwk.JwkException;
+import com.auth0.jwk.JwkProvider;
+import com.auth0.jwk.UrlJwkProvider;
+import com.auth0.jwt.JWT;
+import com.auth0.jwt.algorithms.Algorithm;
+import com.auth0.jwt.interfaces.DecodedJWT;
 import com.google.api.client.auth.oauth2.AuthorizationCodeResponseUrl;
-import com.google.api.client.auth.openidconnect.IdToken;
-import com.google.api.client.json.gson.GsonFactory;
 import com.google.common.cache.Cache;
 import com.google.common.cache.CacheBuilder;
 import com.google.inject.Inject;
@@ -28,6 +33,7 @@
 import com.microsoft.aad.msal4j.ResponseMode;
 import com.microsoft.aad.msal4j.ConfidentialClientApplication;
 import com.microsoft.aad.msal4j.ClientCredentialFactory;
+
 import uk.ac.cam.cl.dtg.isaac.dos.users.UserFromAuthProvider;
 import uk.ac.cam.cl.dtg.segue.api.Constants;
 import uk.ac.cam.cl.dtg.segue.auth.exceptions.AuthenticatorSecurityException;
@@ -36,17 +42,16 @@
 import java.math.BigInteger;
 import java.net.MalformedURLException;
 import java.net.URI;
+import java.net.URL;
 import java.security.SecureRandom;
-import java.util.Collections;
-import java.util.Objects;
-import java.util.UUID;
+import java.security.interfaces.RSAPublicKey;
+import java.util.*;
 import java.util.concurrent.TimeUnit;
 
 public class MicrosoftAuthenticator implements IOAuth2Authenticator {
-    private static final int CREDENTIAL_CACHE_TTL_MINUTES = 10;
-
+    static final int CREDENTIAL_CACHE_TTL_MINUTES = 10;
     // TODO: why do we cache idTokens? Why don't we just pass them around in code?
-    private static final Cache<String, String> credentialStore = CacheBuilder
+    static Cache<String, String> credentialStore = CacheBuilder
         .newBuilder()
         .expireAfterAccess(CREDENTIAL_CACHE_TTL_MINUTES, TimeUnit.MINUTES)
         .build();
@@ -56,16 +61,19 @@ public class MicrosoftAuthenticator implements IOAuth2Authenticator {
     private final String clientId;
     private final String tenantId;
     private final String clientSecret;
+    private JwkProvider provider;
 
     @Inject
     public MicrosoftAuthenticator(
         @Named(Constants.MICROSOFT_CLIENT_ID) final String clientId,
         @Named(Constants.MICROSOFT_TENANT_ID) final String tenantId,
-        @Named(Constants.MICROSOFT_SECRET) final String clientSecret
-    )  {
+        @Named(Constants.MICROSOFT_SECRET) final String clientSecret,
+        @Named(Constants.MICROSOFT_JWKS_URL) final String jwksUrl
+    ) throws MalformedURLException {
         this.clientId = clientId;
         this.tenantId = tenantId;
         this.clientSecret = clientSecret;
+        provider = new UrlJwkProvider(new URL(jwksUrl));
     }
 
     @Override
@@ -119,20 +127,14 @@ public String exchangeCode(String authorizationCode) throws CodeExchangeExceptio
     }
 
     @Override
-    public UserFromAuthProvider getUserInfo(String internalProviderReference) {
-        String idTokenStr = Objects.requireNonNull(credentialStore.getIfPresent(internalProviderReference));
-        try {
-            var idToken = IdToken.parse(new GsonFactory(), idTokenStr);
-            verifyIdToken(idToken);
-
-            // TODO: to support sign-ups, parse more info
-            return new UserFromAuthProvider(
-                (String) idToken.getPayload().get("sub"), null, null, (String) idToken.getPayload().get("email"),
-                null, null, null, null, null, null
-            );
-        } catch (Exception e) {
-            throw new RuntimeException(e);
-        }
+    public UserFromAuthProvider getUserInfo(String internalProviderReference) throws AuthenticatorSecurityException {
+        String tokenStr = Objects.requireNonNull(credentialStore.getIfPresent(internalProviderReference));
+        var token = parseAndVerifyToken(tokenStr);
+        // TODO: to support sign-ups, parse more info
+        return new UserFromAuthProvider(
+            token.getSubject(), null, null, token.getClaim("email").asString(),
+            null, null, null, null, null, null
+        );
     }
 
     private ConfidentialClientApplication client() {
@@ -146,13 +148,25 @@ private ConfidentialClientApplication client() {
         }
     }
 
-    private void verifyIdToken(IdToken token) throws AuthenticatorSecurityException {
-        if (null == token) {
-            throw new AuthenticatorSecurityException("No ID token was found.");
+    private DecodedJWT parseAndVerifyToken (String tokenStr) throws AuthenticatorSecurityException {
+        var token = JWT.decode(tokenStr);
+        var keyId = token.getKeyId();
+        if (null == keyId) {
+            throw new AuthenticatorSecurityException("Token verification: NO_KEY_ID");
         }
-
-        // TODO: validate token signature against server's public key, as well as issuer, audience and expiration
-        // since the token came directly from the server via HTTPS, we're pretty safe even without verification
-        // (although, it's actually coming from our own cache by the time it gets here)
+        try {
+            var jwk = provider.get(keyId);
+            var algorithm = Algorithm.RSA256((RSAPublicKey) jwk.getPublicKey());
+            algorithm.verify(token);
+        }
+        catch (InvalidPublicKeyException e) {
+            throw new AuthenticatorSecurityException("Token verification: INVALID_PUBLIC_KEY");
+        }
+        catch (JwkException e) {
+            throw new AuthenticatorSecurityException(e.getMessage());
+        }
+        return token;
     }
 }
+
+

src/main/java/uk/ac/cam/cl/dtg/segue/configuration/SegueGuiceConfigurationModule.java

@@ -368,6 +368,7 @@ private void configureAuthenticationProviders() {
         this.bindConstantToProperty(Constants.MICROSOFT_SECRET, globalProperties);
         this.bindConstantToProperty(Constants.MICROSOFT_CLIENT_ID, globalProperties);
         this.bindConstantToProperty(Constants.MICROSOFT_TENANT_ID, globalProperties);
+        this.bindConstantToProperty(MICROSOFT_JWKS_URL, globalProperties);
         mapBinder.addBinding(AuthenticationProvider.MICROSOFT).to(MicrosoftAuthenticator.class);
 
         // Facebook

src/test/java/uk/ac/cam/cl/dtg/segue/auth/MicrosoftAuthenticatorTest.java

@@ -0,0 +1,177 @@
+package uk.ac.cam.cl.dtg.segue.auth;
+
+import com.auth0.jwt.JWT;
+import com.auth0.jwt.JWTCreator;
+import com.auth0.jwt.algorithms.Algorithm;
+import com.auth0.jwt.exceptions.SignatureVerificationException;
+import com.google.common.cache.Cache;
+import com.google.common.cache.CacheBuilder;
+import jakarta.servlet.http.HttpServlet;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import org.eclipse.jetty.server.Server;
+import org.eclipse.jetty.servlet.ServletHandler;
+import org.eclipse.jetty.servlet.ServletHolder;
+import org.json.JSONArray;
+import org.json.JSONObject;
+import org.junit.jupiter.api.Test;
+import uk.ac.cam.cl.dtg.isaac.dos.users.UserFromAuthProvider;
+import uk.ac.cam.cl.dtg.segue.auth.exceptions.AuthenticatorSecurityException;
+
+import java.io.IOException;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.NoSuchAlgorithmException;
+import java.security.interfaces.RSAPrivateKey;
+import java.security.interfaces.RSAPublicKey;
+import java.util.Base64;
+import java.util.concurrent.TimeUnit;
+import java.util.function.Function;
+
+import static org.junit.jupiter.api.Assertions.*;
+import static uk.ac.cam.cl.dtg.segue.auth.Helpers.*;
+
+class MicrosoftAuthenticatorTest {
+    @Test
+    void getUserInfo_validToken_returnsUserInformation() throws Exception {
+        String token = signedToken(validSigningKey, t -> t
+                        .withKeyId(validSigningKey.id())
+                        .withPayload("{\"email\": \"[email protected]\"}"));
+        var userInfo = testGetUserInfo(token);
+        assertEquals("[email protected]", userInfo.getEmail());
+    }
+
+    @Test
+    void getUserInfo_tokenSignatureNoKeyId_throwsError() {
+        String token = signedToken(validSigningKey, t -> t);
+        var error = assertThrows(AuthenticatorSecurityException.class, () -> testGetUserInfo(token));
+        assertEquals("Token verification: NO_KEY_ID", error.getMessage());
+    }
+
+    @Test
+    void getUserInfo_tokenSignatureKeyNotFound_throwsError() {
+        String token = signedToken(validSigningKey, t -> t.withKeyId("no-such-key"));
+        var error = assertThrows(AuthenticatorSecurityException.class, () -> testGetUserInfo(token));
+        assertEquals("No key found in http://localhost:8888/keys with kid no-such-key", error.getMessage());
+    }
+
+    @Test
+    void getUserInfo_tokenSignatureMismatch_throwsError() {
+        String token = signedToken(invalidSigningKey, t -> t.withKeyId(validSigningKey.id()));
+        var error = assertThrows(SignatureVerificationException.class, () -> testGetUserInfo(token));
+        assertEquals("The Token's Signature resulted invalid when verified using the Algorithm: SHA256withRSA", error.getMessage());
+    }
+}
+
+class Helpers {
+    public static UserFromAuthProvider testGetUserInfo(String token) throws Exception {
+        var keyServer = TestKeyServer.withKey(validSigningKey).start(8888);
+        Cache<String, String> store = CacheBuilder.newBuilder()
+                .expireAfterAccess(10, TimeUnit.MINUTES)
+                .build();
+        try {
+            var subject = new MicrosoftAuthenticator(
+                    "", "", "", "http://localhost:8888/keys"
+            ) {{
+                MicrosoftAuthenticator.credentialStore = store;
+            }};
+            store.put("the_internal_id", token);
+            return subject.getUserInfo("the_internal_id");
+        } finally {
+            keyServer.stop();
+        }
+    }
+
+    public static String signedToken(TestKeyPair key, Function<JWTCreator.Builder, JWTCreator.Builder> fn) {
+        var algorithm = Algorithm.RSA256(key.publicKey(), key.privateKey());
+        var token = fn.apply(JWT.create());
+        return token.sign(algorithm);
+    }
+
+    public static TestKeyPair validSigningKey = new TestKeyPair();
+    public static TestKeyPair invalidSigningKey = new TestKeyPair();
+}
+
+class TestKeyServer {
+    private Server server;
+    private TestKeyPair key;
+
+    private TestKeyServer(TestKeyPair key) {
+        this.key = key;
+    }
+
+    public static TestKeyServer withKey(TestKeyPair key) {
+        return new TestKeyServer(key);
+    }
+
+    public TestKeyServer start(int port) throws Exception {
+        server = new Server(port);
+        ServletHandler handler = new ServletHandler();
+        server.setHandler(handler);
+        handler.addServletWithMapping(new ServletHolder(new HttpServlet() {
+            @Override
+            protected void doGet(HttpServletRequest req, HttpServletResponse resp)
+                    throws IOException {
+                resp.setContentType("application/json");
+                resp.setStatus(HttpServletResponse.SC_OK);
+                resp.getWriter().println(response());
+            }
+        }), "/keys");
+        server.start();
+        return this;
+    }
+
+    public void stop() throws Exception {
+        server.stop();
+    }
+
+    private JSONObject response() {
+        return new JSONObject().put(
+            "keys", new JSONArray().put(
+                new JSONObject()
+                    .put("kty", "RSA")
+                    .put("use", "sig")
+                    .put("kid", key.id())
+                    .put("n", key.modulus())
+                    .put("e", key.exponent())
+                    .put("cloud_instance_name", "microsoftonline.com")
+// Microsoft's response also contains an X.509 certificate, which we don't test here.
+// For an example, response, see: https://login.microsoftonline.com/common/discovery/keys
+//    .put("x5t", key_id)
+//    .put("x5c", new JSONArray("some_string"))
+            )
+        );
+    }
+}
+
+class TestKeyPair {
+    private KeyPair keyPair;
+
+    public TestKeyPair() {
+        try {
+            keyPair = KeyPairGenerator.getInstance("RSA").generateKeyPair();
+        } catch (NoSuchAlgorithmException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+    public String id() {
+        return String.format("key_id_%s", keyPair.getPublic().hashCode());
+    }
+
+    public String modulus() {
+        return Base64.getUrlEncoder().withoutPadding().encodeToString(publicKey().getModulus().toByteArray());
+    }
+
+    public String exponent() {
+        return Base64.getUrlEncoder().withoutPadding().encodeToString(publicKey().getPublicExponent().toByteArray());
+    }
+
+    public RSAPublicKey publicKey() {
+        return (RSAPublicKey) keyPair.getPublic();
+    }
+
+    public RSAPrivateKey privateKey() {
+        return (RSAPrivateKey) keyPair.getPrivate();
+    }
+}