diff options
author | auto-revert-processor <dev-prod-dag@mongodb.com> | 2022-12-06 08:04:53 +0000 |
---|---|---|
committer | Evergreen Agent <no-reply@evergreen.mongodb.com> | 2022-12-06 08:38:52 +0000 |
commit | b4a99f8e20ecd06893d838fdbc9984322b66e0dd (patch) | |
tree | f141461b06157132f0d10e772106717e02276167 /src/mongo/crypto/jwk_manager.cpp | |
parent | 88aedb81e1c37710b9015a7383762395524df438 (diff) | |
download | mongo-b4a99f8e20ecd06893d838fdbc9984322b66e0dd.tar.gz |
Revert "SERVER-70954 Implement JWSValidator"
This reverts commit c1c6eb34227164196393826a81db4268aecaef64.
Diffstat (limited to 'src/mongo/crypto/jwk_manager.cpp')
-rw-r--r-- | src/mongo/crypto/jwk_manager.cpp | 49 |
1 files changed, 10 insertions, 39 deletions
diff --git a/src/mongo/crypto/jwk_manager.cpp b/src/mongo/crypto/jwk_manager.cpp index 71e2619f33e..5d5937c93b6 100644 --- a/src/mongo/crypto/jwk_manager.cpp +++ b/src/mongo/crypto/jwk_manager.cpp @@ -30,7 +30,6 @@ #include "mongo/crypto/jwk_manager.h" #include "mongo/bson/json.h" -#include "mongo/crypto/jws_validator.h" #include "mongo/crypto/jwt_types_gen.h" #include "mongo/logv2/log.h" #include "mongo/util/base64.h" @@ -41,8 +40,6 @@ namespace mongo::crypto { namespace { constexpr auto kMinKeySizeBytes = 2048 >> 3; -using SharedValidator = std::shared_ptr<JWSValidator>; -using SharedMap = std::map<std::string, SharedValidator>; // Strip insignificant leading zeroes to determine the key's true size. StringData reduceInt(StringData value) { @@ -66,37 +63,9 @@ JWKManager::JWKManager(StringData source) : _keyURI(source) { cdr.readInto<StringData>(&str); BSONObj data = fromjson(str); - _setAndValidateKeys(data); -} - -JWKManager::JWKManager(BSONObj keys) { - _setAndValidateKeys(keys); -} - -const BSONObj& JWKManager::getKey(StringData keyId) const { - auto it = _keyMaterial.find(keyId.toString()); - uassert(ErrorCodes::NoSuchKey, - str::stream() << "Unknown key '" << keyId << "'", - it != _keyMaterial.end()); - return it->second; -} - -SharedValidator JWKManager::getValidator(StringData keyId) const { - auto it = _validators->find(keyId.toString()); - - // TODO: SERVER-71195, refresh keys from the endpoint and try to get the validator again. - // If still no key is found throw a uassert. - uassert(ErrorCodes::NoSuchKey, - str::stream() << "Unknown key '" << keyId << "'", - it != _validators->end()); - return it->second; -} - -void JWKManager::_setAndValidateKeys(const BSONObj& keys) { - _validators = std::make_shared<SharedMap>(); - auto keysParsed = JWKSet::parse(IDLParserContext("JWKSet"), keys); - for (const auto& key : keysParsed.getKeys()) { + auto keys = JWKSet::parse(IDLParserContext("JWKSet"), data); + for (const auto& key : keys.getKeys()) { auto JWK = JWK::parse(IDLParserContext("JWK"), key); uassert(ErrorCodes::BadValue, str::stream() << "Only RSA key types are accepted at this time", @@ -126,13 +95,15 @@ void JWKManager::_setAndValidateKeys(const BSONObj& keys) { LOGV2_DEBUG(6766000, 5, "Loaded JWK Key", "kid"_attr = RSAKey.getKeyId()); _keyMaterial.insert({keyId, key.copy()}); - - auto swValidator = JWSValidator::create(JWK.getType(), key); - uassertStatusOK(swValidator.getStatus()); - SharedValidator shValidator = std::move(swValidator.getValue()); - - _validators->insert({keyId, shValidator}); } } +const BSONObj& JWKManager::getKey(StringData keyId) const { + auto it = _keyMaterial.find(keyId.toString()); + uassert(ErrorCodes::NoSuchKey, + str::stream() << "Unknown key '" << keyId << "'", + it != _keyMaterial.end()); + return it->second; +} + } // namespace mongo::crypto |