I am getting token from Keycloak
String providedCert = mc.getProperty("keycloakkey-x5c")+""; ObjectMapper mapper = new ObjectMapper(); JsonNode node = mapper.readTree(providedCert); String certstring1 = node.get(0).toString(); log.info("total "+ node.size()+ " certificate return from keycloak, taking the first cert: " + certstring1); DecodedJWT jwt = JWT.decode(providedToken); Algorithm algorithm = Algorithm.RSA256((RSAPublicKey)getPublicKey(certstring1), null);And here is the method
private static PublicKey getPublicKey(String CertString) throws NoSuchAlgorithmException, InvalidKeySpecException, Exception { log.info("CertString received in getPublicKey(): " + CertString); //sample CertString value = "MIIHFDCCBfygAwIBAgIIK2o4sL7KHQgwDQYJKoZIhvcNAQELBQAwSTELMAkGA1UEBhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRlcm5ldCBBdXRob3JpdHkgRzIwHhcNMTYxMjE1MTQwNDE1WhcNMTcwMzA5MTMzNTAwWjBmMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEVMBMGA1UEAwwMKi5nb29nbGUuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEG1y99TYpFSSiawnjJKYI8hyEzJ4M+IELfLjmSsYI7fW/V8AT61quCswtBMikJYqzYBZrV2Reu5sHlLr6936cR6OCBKwwggSoMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjCCA2sGA1UdEQSCA2IwggNeggwqLmdvb2dsZS5jb22CDSouYW5kcm9pZC5jb22CFiouYXBwZW5naW5lLmdvb2dsZS5jb22CEiouY2xvdWQuZ29vZ2xlLmNvbYIWKi5nb29nbGUtYW5hbHl0aWNzLmNvbYILKi5nb29nbGUuY2GCCyouZ29vZ2xlLmNsgg4qLmdvb2dsZS5jby5pboIOKi5nb29nbGUuY28uanCCDiouZ29vZ2xlLmNvLnVrgg8qLmdvb2dsZS5jb20uYXKCDyouZ29vZ2xlLmNvbS5hdYIPKi5nb29nbGUuY29tLmJygg8qLmdvb2dsZS5jb20uY2+CDyouZ29vZ2xlLmNvbS5teIIPKi5nb29nbGUuY29tLnRygg8qLmdvb2dsZS5jb20udm6CCyouZ29vZ2xlLmRlggsqLmdvb2dsZS5lc4ILKi5nb29nbGUuZnKCCyouZ29vZ2xlLmh1ggsqLmdvb2dsZS5pdIILKi5nb29nbGUubmyCCyouZ29vZ2xlLnBsggsqLmdvb2dsZS5wdIISKi5nb29nbGVhZGFwaXMuY29tgg8qLmdvb2dsZWFwaXMuY26CFCouZ29vZ2xlY29tbWVyY2UuY29tghEqLmdvb2dsZXZpZGVvLmNvbYIMKi5nc3RhdGljLmNugg0qLmdzdGF0aWMuY29tggoqLmd2dDEuY29tggoqLmd2dDIuY29tghQqLm1ldHJpYy5nc3RhdGljLmNvbYIMKi51cmNoaW4uY29tghAqLnVybC5nb29nbGUuY29tghYqLnlvdXR1YmUtbm9jb29raWUuY29tgg0qLnlvdXR1YmUuY29tghYqLnlvdXR1YmVlZHVjYXRpb24uY29tggsqLnl0aW1nLmNvbYIaYW5kcm9pZC5jbGllbnRzLmdvb2dsZS5jb22CC2FuZHJvaWQuY29tghtkZXZlbG9wZXIuYW5kcm9pZC5nb29nbGUuY26CBGcuY2+CBmdvby5nbIIUZ29vZ2xlLWFuYWx5dGljcy5jb22CCmdvb2dsZS5jb22CEmdvb2dsZWNvbW1lcmNlLmNvbYIKdXJjaGluLmNvbYIKd3d3Lmdvby5nbIIIeW91dHUuYmWCC3lvdXR1YmUuY29tghR5b3V0dWJlZWR1Y2F0aW9uLmNvbTALBgNVHQ8EBAMCB4AwaAYIKwYBBQUHAQEEXDBaMCsGCCsGAQUFBzAChh9odHRwOi8vcGtpLmdvb2dsZS5jb20vR0lBRzIuY3J0MCsGCCsGAQUFBzABhh9odHRwOi8vY2xpZW50czEuZ29vZ2xlLmNvbS9vY3NwMB0GA1UdDgQWBBThPf/3oDfxFM/hdOi5kLv8qrZbsjAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFErdBhYbvPZotXb1gba7Yhq6WoEvMCEGA1UdIAQaMBgwDAYKKwYBBAHWeQIFATAIBgZngQwBAgIwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29nbGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQsFAAOCAQEAWZQy0Kvn9cPnIh7Z4kfUCXX/dhdvjLJYFAn3b3d5DVs1BLYuukfIjilVdAeTUHZH7TLn/uVejg3yS0ssRg1ds1iv2O9DJbnl5FHcjNAvwfN533FulWP41OC6B6dC6BGGTXTvQobDup7/EKg1GWX9ksBtTfKLH5wrjhN955Itnd25Sjw2bSjLaWEtTrjINXmnBoc2+qHFzF/fNxK1KbmkBboUIGoaGsThe3AF0Ye+XAeaZH08+GdrorknlHDQLLtHIcJ3C6PrQ/kTpwWd/TVXW42BN+N7xZiGJbvKOg0S0rk2hzhgX4QoUKZHMqqh1sS6ypkfnWx75nh325y4Tenk+A=="; CertString= CertString.replace(""", "");//remove beginning and ending double quote //construct cert object from CertString byte encodedCert[] = Base64.getDecoder().decode(CertString); ByteArrayInputStream inputStream = new ByteArrayInputStream(encodedCert); CertificateFactory certFactory = CertificateFactory.getInstance("X.509"); X509Certificate cert = (X509Certificate)certFactory.generateCertificate(inputStream); if (cert != null) { PublicKey pubKey = cert.getPublicKey();//use cert object to extract PublicKey object log.info("PublicKey >>> " + pubKey.toString()); if (pubKey instanceof RSAPublicKey) { return pubKey; }else{ throw new Exception("Unexpetced Error, non-RSAPublicKey retrieved from keycloak certificate"); } }else{ throw new Exception("Unexpetced Error during X509Certificate parsing from keycloak certificate string, decoded cert=null"); } }Which throwing the error
com.comptel.cip.ff.accessmanagement.mediators.KeycloakTokenValidate_Mediator Exception is java.lang.IllegalArgumentException: Illegal base64 character 5b and stack trace java.lang.IllegalArgumentException: Illegal base64 character 5b at java.base/java.util.Base64$Decoder.decode0(Base64.java:746) at java.base/java.util.Base64$Decoder.decode(Base64.java:538) at java.base/java.util.Base64$Decoder.decode(Base64.java:561) at com.comptel.cip.ff.accessmanagement.mediators.KeycloakTokenValidate_Mediator.getPublicKey(KeycloakTokenValidate_Mediator.java:113) at com.comptel.cip.ff.accessmanagement.mediators.KeycloakTokenValidate_Mediator.mediate(KeycloakTokenValidate_Mediator.java:73) at org.apache.synapse.mediators.ext.ClassMediator.updateInstancePropertiesAndMediate(ClassMediator.java:178) at org.apache.synapse.mediators.ext.ClassMediator.mediate(ClassMediator.java:97) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:109) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:71) at org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:158) at org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:214) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:109) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:71) at org.apache.synapse.config.xml.AnonymousListMediator.mediate(AnonymousListMediator.java:37) at org.apache.synapse.mediators.filters.FilterMediator.mediate(FilterMediator.java:205) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:109) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:71) at org.apache.synapse.config.xml.AnonymousListMediator.mediate(AnonymousListMediator.java:37) at org.apache.synapse.mediators.filters.FilterMediator.mediate(FilterMediator.java:205) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:109) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:71) at org.apache.synapse.mediators.filters.FilterMediator.mediate(FilterMediator.java:171) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:109) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:71) at org.apache.synapse.mediators.filters.FilterMediator.mediate(FilterMediator.java:171) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:109) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:71) at org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:158) at org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:214) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:109) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:71) at org.apache.synapse.mediators.filters.FilterMediator.mediate(FilterMediator.java:171) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:109) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:71) at org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:158) at org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:214) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:109) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:71) at org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:158) at org.apache.synapse.api.Resource.process(Resource.java:355) at org.apache.synapse.api.API.process(API.java:463) at org.apache.synapse.api.AbstractApiHandler.apiProcess(AbstractApiHandler.java:93) at org.apache.synapse.api.AbstractApiHandler.dispatchToAPI(AbstractApiHandler.java:71) at org.apache.synapse.api.rest.RestRequestHandler.dispatchToAPI(RestRequestHandler.java:84) at org.apache.synapse.api.rest.RestRequestHandler.process(RestRequestHandler.java:70) at org.apache.synapse.rest.RESTRequestHandler.process(RESTRequestHandler.java:54) at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.injectMessage(Axis2SynapseEnvironment.java:344) at org.apache.synapse.core.axis2.SynapseMessageReceiver.receive(SynapseMessageReceiver.java:101) at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180) at org.apache.synapse.transport.passthru.ServerWorker.processNonEntityEnclosingRESTHandler(ServerWorker.java:375) at org.apache.synapse.transport.passthru.ServerWorker.processEntityEnclosingRequest(ServerWorker.java:434) at org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:182) at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) at java.base/java.lang.Thread.run(Thread.java:834)
[2021-06-12 07:02:17,150] ERROR {KeycloakTokenValidate_Mediator} – {api:OrdersSearch} Mediation failed in class com.comptel.cip.ff.accessmanagement.mediators.KeycloakTokenValidate_Mediator java.lang.IllegalArgumentException: Illegal base64 character 5b at java.base/java.util.Base64$Decoder.decode0(Base64.java:746) at java.base/java.util.Base64$Decoder.decode(Base64.java:538) at java.base/java.util.Base64$Decoder.decode(Base64.java:561) at com.comptel.cip.ff.accessmanagement.mediators.KeycloakTokenValidate_Mediator.getPublicKey(KeycloakTokenValidate_Mediator.java:113) at com.comptel.cip.ff.accessmanagement.mediators.KeycloakTokenValidate_Mediator.mediate(KeycloakTokenValidate_Mediator.java:73) at org.apache.synapse.mediators.ext.ClassMediator.updateInstancePropertiesAndMediate(ClassMediator.java:178) at org.apache.synapse.mediators.ext.ClassMediator.mediate(ClassMediator.java:97) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:109) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:71) at org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:158) at org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:214) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:109) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:71) at org.apache.synapse.config.xml.AnonymousListMediator.mediate(AnonymousListMediator.java:37) at org.apache.synapse.mediators.filters.FilterMediator.mediate(FilterMediator.java:205) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:109) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:71) at org.apache.synapse.config.xml.AnonymousListMediator.mediate(AnonymousListMediator.java:37) at org.apache.synapse.mediators.filters.FilterMediator.mediate(FilterMediator.java:205) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:109) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:71) at org.apache.synapse.mediators.filters.FilterMediator.mediate(FilterMediator.java:171) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:109) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:71) at org.apache.synapse.mediators.filters.FilterMediator.mediate(FilterMediator.java:171) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:109) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:71) at org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:158) at org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:214) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:109) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:71) at org.apache.synapse.mediators.filters.FilterMediator.mediate(FilterMediator.java:171) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:109) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:71) at org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:158) at org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:214) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:109) at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:71) at org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:158) at org.apache.synapse.api.Resource.process(Resource.java:355) at org.apache.synapse.api.API.process(API.java:463) at org.apache.synapse.api.AbstractApiHandler.apiProcess(AbstractApiHandler.java:93) at org.apache.synapse.api.AbstractApiHandler.dispatchToAPI(AbstractApiHandler.java:71) at org.apache.synapse.api.rest.RestRequestHandler.dispatchToAPI(RestRequestHandler.java:84) at org.apache.synapse.api.rest.RestRequestHandler.process(RestRequestHandler.java:70) at org.apache.synapse.rest.RESTRequestHandler.process(RESTRequestHandler.java:54) at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.injectMessage(Axis2SynapseEnvironment.java:344) at org.apache.synapse.core.axis2.SynapseMessageReceiver.receive(SynapseMessageReceiver.java:101) at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180) at org.apache.synapse.transport.passthru.ServerWorker.processNonEntityEnclosingRESTHandler(ServerWorker.java:375) at org.apache.synapse.transport.passthru.ServerWorker.processEntityEnclosingRequest(ServerWorker.java:434) at org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:182) at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) at java.base/java.lang.Thread.run(Thread.java:834)
Advertisement
Answer
So Same code was working fine in my local machine in Java8 and Java11 but in Docker Container it was failing so i used the little different method in place of getDecoder() i used getMimeDecoder()
So previous code was
byte encodedCert[] = Base64.getDecoder().decode(CertString);Which is now
Base64.getMimeDecoder().decode(CertString);