diff --git a/docs-web-common/pom.xml b/docs-web-common/pom.xml
index 7eb37698..2de08cee 100644
--- a/docs-web-common/pom.xml
+++ b/docs-web-common/pom.xml
@@ -69,11 +69,6 @@
jul-to-slf4j
-
- com.google.code.gson
- gson
- 2.10.1
-
com.auth0
java-jwt
diff --git a/docs-web-common/src/main/java/com/sismics/model/KeycloakCertKey.java b/docs-web-common/src/main/java/com/sismics/model/KeycloakCertKey.java
deleted file mode 100644
index 0e6fed49..00000000
--- a/docs-web-common/src/main/java/com/sismics/model/KeycloakCertKey.java
+++ /dev/null
@@ -1,27 +0,0 @@
-package com.sismics.model;
-
-import java.util.List;
-
-public class KeycloakCertKey {
- public String kid;
- public List x5c;
-
- public KeycloakCertKey() {
- }
-
- public List getX5c() {
- return x5c;
- }
-
- public void setX5c(List x5c) {
- this.x5c = x5c;
- }
-
- public String getKid() {
- return kid;
- }
-
- public void setKid(String kid) {
- this.kid = kid;
- }
-}
diff --git a/docs-web-common/src/main/java/com/sismics/model/KeycloakCertKeys.java b/docs-web-common/src/main/java/com/sismics/model/KeycloakCertKeys.java
deleted file mode 100644
index f582cc4d..00000000
--- a/docs-web-common/src/main/java/com/sismics/model/KeycloakCertKeys.java
+++ /dev/null
@@ -1,18 +0,0 @@
-package com.sismics.model;
-
-import java.util.List;
-
-public class KeycloakCertKeys {
- public List keys;
-
- public KeycloakCertKeys() {
- }
-
- public List getKeys() {
- return keys;
- }
-
- public void setKeys(List keys) {
- this.keys = keys;
- }
-}
diff --git a/docs-web-common/src/main/java/com/sismics/util/filter/JwtBasedSecurityFilter.java b/docs-web-common/src/main/java/com/sismics/util/filter/JwtBasedSecurityFilter.java
index 5e996d32..78f13eb1 100644
--- a/docs-web-common/src/main/java/com/sismics/util/filter/JwtBasedSecurityFilter.java
+++ b/docs-web-common/src/main/java/com/sismics/util/filter/JwtBasedSecurityFilter.java
@@ -10,11 +10,13 @@ import java.io.IOException;
import java.io.Reader;
import java.util.Base64;
-import com.google.gson.Gson;
import com.sismics.docs.core.constant.Constants;
import com.sismics.docs.core.dao.UserDao;
import com.sismics.docs.core.model.jpa.User;
-import com.sismics.model.KeycloakCertKeys;
+import jakarta.json.Json;
+import jakarta.json.JsonArray;
+import jakarta.json.JsonObject;
+import jakarta.json.JsonReader;
import jakarta.servlet.http.HttpServletRequest;
import okhttp3.Request;
import okhttp3.Response;
@@ -115,17 +117,21 @@ public class JwtBasedSecurityFilter extends SecurityFilter {
assert response.body() != null;
if (response.isSuccessful()) {
try (Reader reader = response.body().charStream()) {
- Gson gson = new Gson();
- KeycloakCertKeys keys = gson.fromJson(reader, KeycloakCertKeys.class);
- publicKey = keys.getKeys().stream().filter(k -> Objects.equals(k.getKid(), jwt.getKeyId()))
- .findFirst()
- .map(k -> k.getX5c().get(0))
- .orElse("");
- log.info("Decoded public key - " + publicKey);
- var decode = Base64.getDecoder().decode(publicKey);
- var certificate = CertificateFactory.getInstance("X.509")
- .generateCertificate(new ByteArrayInputStream(decode));
- rsaPublicKey = (RSAPublicKey)certificate.getPublicKey();
+ try (JsonReader jsonReader = Json.createReader(reader)) {
+ JsonObject jwks = jsonReader.readObject();
+ JsonArray keys = jwks.getJsonArray("keys");
+ publicKey = keys.stream().filter(key -> Objects.equals(key.asJsonObject().getString("kid"),
+ jwt.getKeyId()))
+ .findFirst()
+ .map(k -> k.asJsonObject().getJsonArray("x5c").getString(0))
+ .orElse("");
+ log.info("X5c is " + publicKey);
+ var decode = Base64.getDecoder().decode(publicKey);
+ log.info("Decoded public key - " + publicKey);
+ var certificate = CertificateFactory.getInstance("X.509")
+ .generateCertificate(new ByteArrayInputStream(decode));
+ rsaPublicKey = (RSAPublicKey) certificate.getPublicKey();
+ }
}
}
} catch (IOException e) {