Skip to content

Commit 8fefc7b

Browse files
diegomarquezpdiegomarquezp
committed
fix: use GoogleAuthException
1 parent 5f59678 commit 8fefc7b

1 file changed

Lines changed: 22 additions & 18 deletions

File tree

oauth2_http/java/com/google/auth/oauth2/GdchCredentials.java

Lines changed: 22 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -691,24 +691,28 @@ static String signUsingEsSha256(
691691
JsonWebToken.Payload payload)
692692
throws GeneralSecurityException, GoogleAuthException {
693693

694-
// 1. Construct the JWS Signing Input: Base64URL(UTF8(Header)) + '.' + Base64URL(UTF8(Payload))
695-
String content =
696-
Base64.getUrlEncoder().withoutPadding().encodeToString(jsonFactory.toByteArray(header))
697-
+ "."
698-
+ Base64.getUrlEncoder()
699-
.withoutPadding()
700-
.encodeToString(jsonFactory.toByteArray(payload));
701-
byte[] contentBytes = StringUtils.getBytesUtf8(content);
702-
703-
// 2. Create the digital signature using SHA256withECDSA.
704-
byte[] signature =
705-
SecurityUtils.sign(SecurityUtils.getEs256SignatureAlgorithm(), privateKey, contentBytes);
706-
707-
// 3. Transcode the signature from DER to Concatenated R|S.
708-
byte[] jwsSignature = transcodeDerToConcat(signature, 64);
709-
710-
// 4. Return final JWS: [Signing Input] + '.' + Base64URL(Signature)
711-
return content + "." + Base64.getUrlEncoder().withoutPadding().encodeToString(jwsSignature);
694+
try {
695+
// 1. Construct the JWS Signing Input: Base64URL(UTF8(Header)) + '.' + Base64URL(UTF8(Payload))
696+
String content =
697+
Base64.getUrlEncoder().withoutPadding().encodeToString(jsonFactory.toByteArray(header))
698+
+ "."
699+
+ Base64.getUrlEncoder()
700+
.withoutPadding()
701+
.encodeToString(jsonFactory.toByteArray(payload));
702+
byte[] contentBytes = StringUtils.getBytesUtf8(content);
703+
704+
// 2. Create the digital signature using SHA256withECDSA.
705+
byte[] signature =
706+
SecurityUtils.sign(SecurityUtils.getEs256SignatureAlgorithm(), privateKey, contentBytes);
707+
708+
// 3. Transcode the signature from DER to Concatenated R|S.
709+
byte[] jwsSignature = transcodeDerToConcat(signature, 64);
710+
711+
// 4. Return final JWS: [Signing Input] + '.' + Base64URL(Signature)
712+
return content + "." + Base64.getUrlEncoder().withoutPadding().encodeToString(jwsSignature);
713+
} catch (IOException e) {
714+
throw new GoogleAuthException(false, 0, "Error serializing or transcoding JWT.", e);
715+
}
712716
}
713717

714718
/**

0 commit comments

Comments
 (0)