Added Hmac Encrytion Layer

tanya732 · tanya732 · commit 02191b5283ea · 2026-03-21T01:01:30.000+05:30
diff --git a/Dockerfile b/Dockerfile
@@ -1,19 +1,16 @@
-FROM gradle:6.9.2-jdk8
+FROM tomcat:9-jdk11
 
-WORKDIR /home/gradle
-# Copy your project files
-COPY . .
+# Remove default Tomcat apps
+RUN rm -rf /usr/local/tomcat/webapps/*
 
-# Ensure the Gradle wrapper is executable
-RUN chmod +x ./gradlew
+# Change Tomcat's default port from 8080 to 3000
+RUN sed -i 's/port="8080"/port="3000"/' /usr/local/tomcat/conf/server.xml
 
-# Expose both ports for your MCD test
-EXPOSE 3000
-EXPOSE 8080
-EXPOSE 5005
+# Copy the locally-built WAR into Tomcat
+COPY build/libs/mvc-auth-commons-*.war /usr/local/tomcat/webapps/ROOT.war
 
-# Use --no-daemon to keep the container process alive
-# We use the wrapper (./gradlew) to ensure consistency
-#CMD ["./gradlew", "appRun", "--no-daemon", "-Pgretty.managed=false"]
-ENV GRADLE_OPTS="-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=5005"
-CMD ["gradle", "appRun", "--no-daemon"]
+EXPOSE 3000 5005
+
+ENV JAVA_OPTS="-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005"
+
+CMD ["catalina.sh", "run"]
diff --git a/src/main/java/com/auth0/AuthorizeUrl.java b/src/main/java/com/auth0/AuthorizeUrl.java
@@ -29,6 +29,8 @@ public class AuthorizeUrl {
     private String state;
     private final AuthAPI authAPI;
     private String cookiePath;
+    private String originDomain;
+    private String clientSecret;
 
     private boolean used;
     private Map<String, String> params;
@@ -142,6 +144,16 @@ AuthorizeUrl withCookiePath(String cookiePath) {
         return this;
     }
 
+    /**
+     * Sets the origin domain and client secret for HMAC-signed origin domain cookie storage.
+     * Called internally by RequestProcessor for MCD support.
+     */
+    AuthorizeUrl withOriginDomain(String originDomain, String clientSecret) {
+        this.originDomain = originDomain;
+        this.clientSecret = clientSecret;
+        return this;
+    }
+
     /**
      * Sets the state value.
      *
@@ -248,6 +260,12 @@ private void storeTransient() {
 
             TransientCookieStore.storeState(response, state, sameSiteValue, useLegacySameSiteCookie, setSecureCookie, cookiePath);
             TransientCookieStore.storeNonce(response, nonce, sameSiteValue, useLegacySameSiteCookie, setSecureCookie, cookiePath);
+
+            // Store HMAC-signed origin domain with the same SameSite value as state/nonce
+            if (originDomain != null && clientSecret != null) {
+                TransientCookieStore.storeSignedOriginDomain(response, originDomain,
+                        sameSiteValue, cookiePath, setSecureCookie, clientSecret);
+            }
         }
 
         // Also store in Session just in case developer uses deprecated
diff --git a/src/main/java/com/auth0/RequestProcessor.java b/src/main/java/com/auth0/RequestProcessor.java
@@ -5,15 +5,12 @@
 import com.auth0.exception.Auth0Exception;
 import com.auth0.json.auth.TokenHolder;
 import com.auth0.net.Telemetry;
-import com.fasterxml.jackson.core.type.TypeReference;
-import com.fasterxml.jackson.databind.ObjectMapper;
 import com.google.common.annotations.VisibleForTesting;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.util.Arrays;
 import java.util.List;
-import java.util.Map;
 
 import static com.auth0.InvalidRequestException.*;
 
@@ -183,7 +180,6 @@ AuthAPI createClientForDomain(String domain) {
             setupTelemetry(client);
         }
 
-        System.out.println("Created dynamic AuthAPI for domain: " + domain + " " + clientId);
         return client;
     }
 
@@ -231,24 +227,12 @@ AuthorizeUrl buildAuthorizeUrl(HttpServletRequest request, HttpServletResponse r
         }
 
         // null response means state and nonce will be stored in session, so legacy
-        // cookie flag does not apply
+        // cookie flag does not apply and origin domain cookie cannot be set
         if (response != null) {
             creator.withLegacySameSiteCookie(useLegacySameSiteCookie);
+            creator.withOriginDomain(originDomain, clientSecret);
         }
 
-        boolean isSecure = request.isSecure();
-
-        TransientCookieStore.storeOriginData(
-                response,
-                originDomain,
-                SameSite.LAX,
-                constructIssuer(originDomain),
-                cookiePath,
-                isSecure);
-
-        TransientCookieStore.storeOriginData(response, originDomain, SameSite.LAX, constructIssuer(originDomain), cookiePath,
-                isSecure);
-
         return getAuthorizeUrl(nonce, creator);
     }
 
@@ -269,19 +253,21 @@ Tokens process(HttpServletRequest request, HttpServletResponse response) throws
         assertNoError(request);
         assertValidState(request, response);
 
-        // Retrieve stored origin domain and issuer from the authorization flow
-        String originDomain = TransientCookieStore.getOriginDomain(request, response);
-        String originIssuer = TransientCookieStore.getOriginIssuer(request, response);
+        // Extract origin_domain from the HMAC-signed transaction state cookie.
+        // If the cookie was tampered with, getSignedOriginDomain returns null.
+        String originDomain = null;
+        if (response != null) {
+            originDomain = TransientCookieStore.getSignedOriginDomain(request, response, clientSecret);
+        }
 
+        // Fallback for session-based (deprecated) flow or if cookie was not set
         if (originDomain == null) {
             originDomain = domainProvider.getDomain(request);
         }
 
-        if (originIssuer == null) {
-            originIssuer = constructIssuer(originDomain);
-        }
+        // Always derive the issuer from the verified domain — never from a cookie
+        String originIssuer = constructIssuer(originDomain);
 
-        // Each request will create its own verification options with the correct issuer
         Tokens frontChannelTokens = getFrontChannelTokens(request, originDomain, originIssuer);
         List<String> responseTypeList = getResponseType();
 
@@ -322,18 +308,24 @@ private Tokens getVerifiedTokens(HttpServletRequest request, HttpServletResponse
         Tokens codeExchangeTokens = null;
 
         // Get nonce for this specific request
-        String nonce = response != null
-                ? (TransientCookieStore.getNonce(request, response) != null
-                        ? TransientCookieStore.getNonce(request, response)
-                        : RandomStorage.removeSessionNonce(request))
-                : RandomStorage.removeSessionNonce(request);
+        String nonce;
+        if (response != null) {
+            nonce = TransientCookieStore.getNonce(request, response);
+            // Fallback to session if cookie was not set (deprecated API path)
+            if (nonce == null) {
+                nonce = RandomStorage.removeSessionNonce(request);
+            }
+        } else {
+            nonce = RandomStorage.removeSessionNonce(request);
+        }
 
         IdTokenVerifier.Options requestVerifyOptions = createRequestVerifyOptions(originIssuer, nonce);
 
         try {
             if (responseTypeList.contains(KEY_ID_TOKEN)) {
-                // Implicit/Hybrid flow: must verify front-channel ID Token first
-                validateIdTokenIssuer(frontChannelTokens.getIdToken(), originIssuer);
+                // Implicit/Hybrid flow: must verify front-channel ID Token first.
+                // The issuer is derived from the HMAC-verified domain, so this check
+                // validates the token's iss against a trusted value.
                 tokenVerifier.verify(frontChannelTokens.getIdToken(), requestVerifyOptions);
             }
             if (responseTypeList.contains(KEY_CODE)) {
@@ -344,7 +336,6 @@ private Tokens getVerifiedTokens(HttpServletRequest request, HttpServletResponse
                     // If we already verified the front-channel token, don't verify it again.
                     String idTokenFromCodeExchange = codeExchangeTokens.getIdToken();
                     if (idTokenFromCodeExchange != null) {
-                        validateIdTokenIssuer(idTokenFromCodeExchange, originIssuer);
                         tokenVerifier.verify(idTokenFromCodeExchange, requestVerifyOptions);
                     }
                 }
@@ -384,66 +375,6 @@ private IdTokenVerifier.Options createRequestVerifyOptions(String issuer, String
         return requestOptions;
     }
 
-    /**
-     * Validates that the ID Token's issuer matches the expected origin issuer.
-     *
-     * @param idToken        the ID Token to validate
-     * @param expectedIssuer the expected issuer from the authorization flow
-     * @throws IdentityVerificationException if the issuer doesn't match
-     */
-    private void validateIdTokenIssuer(String idToken, String expectedIssuer) throws IdentityVerificationException {
-        if (idToken == null || expectedIssuer == null) {
-            return;
-        }
-
-        try {
-            String[] parts = idToken.split("\\.");
-            if (parts.length != 3) {
-                throw new IdentityVerificationException(JWT_VERIFICATION_ERROR, "Invalid ID Token format", null);
-            }
-
-            String payload = new String(java.util.Base64.getUrlDecoder().decode(parts[1]));
-            String tokenIssuer = extractIssuerFromPayload(payload);
-
-            if (!tokenIssuer.equals(expectedIssuer)) {
-                throw new IdentityVerificationException(JWT_VERIFICATION_ERROR,
-                        String.format("Token issuer '%s' does not match expected issuer '%s'",
-                                tokenIssuer, expectedIssuer),
-                        null);
-            }
-        } catch (Exception e) {
-            if (e instanceof IdentityVerificationException) {
-                throw e;
-            }
-            throw new IdentityVerificationException(JWT_VERIFICATION_ERROR,
-                    "Failed to validate token issuer: " + e.getMessage(), e);
-        }
-    }
-
-    /**
-     * Extracts the issuer (iss) claim from the ID Token payload.
-     *
-     * @param payload the decoded payload of the ID Token
-     * @return the issuer claim value
-     * @throws IdentityVerificationException if the issuer claim is missing
-     */
-    private String extractIssuerFromPayload(String payload) throws IdentityVerificationException {
-        try {
-            Map<String, Object> payloadMap = new ObjectMapper().readValue(payload,
-                    new TypeReference<Map<String, Object>>() {
-                    });
-            if (payloadMap.containsKey("iss")) {
-                return payloadMap.get("iss").toString();
-            } else {
-                throw new IdentityVerificationException(JWT_VERIFICATION_ERROR,
-                        "Issuer claim (iss) is missing in the ID Token payload.", null);
-            }
-        } catch (Exception e) {
-            throw new IdentityVerificationException(JWT_VERIFICATION_ERROR,
-                    "Failed to parse ID Token payload: " + e.getMessage(), e);
-        }
-    }
-
     List<String> getResponseType() {
         return Arrays.asList(responseType.split(" "));
     }
diff --git a/src/main/java/com/auth0/SignedCookieUtils.java b/src/main/java/com/auth0/SignedCookieUtils.java
@@ -0,0 +1,94 @@
+package com.auth0;
+
+import javax.crypto.Mac;
+import javax.crypto.spec.SecretKeySpec;
+import java.nio.charset.StandardCharsets;
+import java.security.InvalidKeyException;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+
+/**
+ * Utility class for HMAC-signing cookie values to prevent tampering.
+ * <p>
+ * Values are stored as {@code value|signature} where the signature is an
+ * HMAC-SHA256 hex digest computed using the application's client secret.
+ * On read, the signature is verified before the value is trusted.
+ */
+class SignedCookieUtils {
+
+    private static final String HMAC_ALGORITHM = "HmacSHA256";
+    private static final String SEPARATOR = "|";
+
+    private SignedCookieUtils() {}
+
+    /**
+     * Signs a value using HMAC-SHA256 with the provided secret.
+     *
+     * @param value  the value to sign
+     * @param secret the secret key for HMAC
+     * @return the signed value in the format {@code value|signature}
+     * @throws IllegalArgumentException if value or secret is null
+     */
+    static String sign(String value, String secret) {
+        if (value == null || secret == null) {
+            throw new IllegalArgumentException("Value and secret must not be null");
+        }
+        String signature = computeHmac(value, secret);
+        return value + SEPARATOR + signature;
+    }
+
+    /**
+     * Verifies the HMAC signature and extracts the original value.
+     *
+     * @param signedValue the signed value in the format {@code value|signature}
+     * @param secret      the secret key used to verify the HMAC
+     * @return the original value if the signature is valid, or {@code null} if
+     *         the signature is invalid or the format is unexpected
+     */
+    static String verifyAndExtract(String signedValue, String secret) {
+        System.out.println("Verifying signed value: " + signedValue);
+        if (signedValue == null || secret == null) {
+            return null;
+        }
+
+        int separatorIndex = signedValue.lastIndexOf(SEPARATOR);
+        if (separatorIndex <= 0 || separatorIndex >= signedValue.length() - 1) {
+            return null;
+        }
+
+        String value = signedValue.substring(0, separatorIndex);
+        String signature = signedValue.substring(separatorIndex + 1);
+
+        String expectedSignature = computeHmac(value, secret);
+
+        // Constant-time comparison to prevent timing attacks
+        if (MessageDigest.isEqual(
+                expectedSignature.getBytes(StandardCharsets.UTF_8),
+                signature.getBytes(StandardCharsets.UTF_8))) {
+            return value;
+        }
+
+        return null;
+    }
+
+    private static String computeHmac(String value, String secret) {
+        try {
+            Mac mac = Mac.getInstance(HMAC_ALGORITHM);
+            SecretKeySpec keySpec = new SecretKeySpec(
+                    secret.getBytes(StandardCharsets.UTF_8), HMAC_ALGORITHM);
+            mac.init(keySpec);
+            byte[] hmacBytes = mac.doFinal(value.getBytes(StandardCharsets.UTF_8));
+            return bytesToHex(hmacBytes);
+        } catch (NoSuchAlgorithmException | InvalidKeyException e) {
+            throw new RuntimeException("Failed to compute HMAC-SHA256", e);
+        }
+    }
+
+    private static String bytesToHex(byte[] bytes) {
+        StringBuilder sb = new StringBuilder(bytes.length * 2);
+        for (byte b : bytes) {
+            sb.append(String.format("%02x", b));
+        }
+        return sb.toString();
+    }
+}
diff --git a/src/main/java/com/auth0/StorageUtils.java b/src/main/java/com/auth0/StorageUtils.java
@@ -11,7 +11,6 @@ private StorageUtils() {}
     static final String STATE_KEY = "com.auth0.state";
     static final String NONCE_KEY = "com.auth0.nonce";
     static final String ORIGIN_DOMAIN_KEY = "com.auth0.origin_domain";
-    static final String ORIGIN_ISSUER_KEY = "com.auth0.origin_issuer";
 
     /**
      * Generates a new random string using {@link SecureRandom}.
diff --git a/src/main/java/com/auth0/TransientCookieStore.java b/src/main/java/com/auth0/TransientCookieStore.java
