Details
-
Type:
Bug
-
Status: Closed
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 3.1.7
-
Component/s: JAX-RS Security
-
Labels:None
-
Estimated Complexity:Unknown
Description
The following code:
import test.CryptoUtils; // loads an RSA private key from file import org.apache.cxf.rs.security.jose.jwk.JsonWebKey; import org.apache.cxf.rs.security.jose.jwk.JsonWebKeys; import org.apache.cxf.rs.security.jose.jwk.JwkUtils; import java.io.FileOutputStream; import java.io.IOException; import java.nio.file.Paths; import java.security.interfaces.RSAPrivateKey; import java.time.LocalDateTime; public class TestCase { public static void main(String[] args) throws IOException { final RSAPrivateKey privateKey = CryptoUtils.loadRsaPrivateKey(Paths.get("a-private-key.der")); final JsonWebKey jwk = JwkUtils.fromRSAPrivateKey(privateKey, "RSA-OAEP-256"); jwk.setKeyId("test"); jwk.setKeyProperty("created-at", LocalDateTime.now()); final JsonWebKeys webKeys = new JsonWebKeys(jwk); JwkUtils.jwkSetToJson(webKeys, new FileOutputStream("test.jwk.json")); } }
Produces the following malformed JSON:
{
"keys": [
{
"kty": "RSA",
"alg": "RSA-OAEP-256",
"n": "...",
"d": "...",
"p": "...",
"q": "...",
"dp": "...",
"dq": "...",
"qi": "...",
"kid": "test",
"created-at": 2016
-0
8
-10
T11: 0
1: 51.036
}
]
}
Basically the `LocalDateTime` is not converted to `String` before getting serialized to JSON.