You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by jl...@apache.org on 2018/12/10 14:47:11 UTC
[08/38] tomee git commit: TOMEE-2247 - Removed CDI RequestScope from
ConfigurableJWTAuthContextInfo.
TOMEE-2247 - Removed CDI RequestScope from ConfigurableJWTAuthContextInfo.
Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/92994d4a
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/92994d4a
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/92994d4a
Branch: refs/heads/master
Commit: 92994d4af4f4e6834d2c20065ee7d87e686d28c9
Parents: ac382e9
Author: Roberto Cortez <ra...@yahoo.com>
Authored: Fri Sep 14 15:59:15 2018 +0100
Committer: Roberto Cortez <ra...@yahoo.com>
Committed: Fri Dec 7 18:10:46 2018 +0000
----------------------------------------------------------------------
.../tomee/microprofile/jwt/MPJWTFilter.java | 5 +-
.../config/ConfigurableJWTAuthContextInfo.java | 76 +++++++++++++-------
.../META-INF/org.apache.openejb.extension | 0
3 files changed, 51 insertions(+), 30 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/tomee/blob/92994d4a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java
----------------------------------------------------------------------
diff --git a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java
index ee3be1b..6590e69 100644
--- a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java
+++ b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java
@@ -16,6 +16,7 @@
*/
package org.apache.tomee.microprofile.jwt;
+import org.apache.openejb.loader.SystemInstance;
import org.apache.tomee.microprofile.jwt.config.ConfigurableJWTAuthContextInfo;
import org.apache.tomee.microprofile.jwt.config.JWTAuthContextInfo;
import org.apache.tomee.microprofile.jwt.principal.JWTCallerPrincipalFactory;
@@ -92,15 +93,13 @@ public class MPJWTFilter implements Filter {
@Inject
private Instance<JWTAuthContextInfo> authContextInfo;
- @Inject
- private ConfigurableJWTAuthContextInfo configurableJWTAuthContextInfo;
private Optional<JWTAuthContextInfo> getAuthContextInfo() {
if (!authContextInfo.isUnsatisfied()) {
return Optional.of(authContextInfo.get());
}
- return configurableJWTAuthContextInfo.getJWTAuthContextInfo();
+ return SystemInstance.get().getComponent(ConfigurableJWTAuthContextInfo.class).getJWTAuthContextInfo();
}
private static Function<HttpServletRequest, JsonWebToken> token(final HttpServletRequest httpServletRequest, final JWTAuthContextInfo authContextInfo) {
http://git-wip-us.apache.org/repos/asf/tomee/blob/92994d4a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/ConfigurableJWTAuthContextInfo.java
----------------------------------------------------------------------
diff --git a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/ConfigurableJWTAuthContextInfo.java b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/ConfigurableJWTAuthContextInfo.java
index 4532336..b258088 100644
--- a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/ConfigurableJWTAuthContextInfo.java
+++ b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/ConfigurableJWTAuthContextInfo.java
@@ -16,11 +16,13 @@
*/
package org.apache.tomee.microprofile.jwt.config;
+import org.apache.openejb.loader.SystemInstance;
+import org.apache.openejb.observer.Observes;
+import org.apache.openejb.server.cxf.rs.event.ServerCreated;
import org.eclipse.microprofile.config.Config;
+import org.eclipse.microprofile.config.ConfigProvider;
-import javax.enterprise.context.RequestScoped;
import javax.enterprise.inject.spi.DeploymentException;
-import javax.inject.Inject;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
@@ -35,45 +37,64 @@ import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
import java.util.Optional;
import java.util.function.Supplier;
+import java.util.logging.Logger;
import java.util.stream.Stream;
import static org.eclipse.microprofile.jwt.config.Names.ISSUER;
import static org.eclipse.microprofile.jwt.config.Names.VERIFIER_PUBLIC_KEY;
import static org.eclipse.microprofile.jwt.config.Names.VERIFIER_PUBLIC_KEY_LOCATION;
-// TODO - This cannot be a CDI Bean, because the keys needs to be validated at deployment time.
-@RequestScoped
public class ConfigurableJWTAuthContextInfo {
- @Inject
+ private static final Logger log = Logger.getLogger(ConfigurableJWTAuthContextInfo.class.getName());
+
private Config config;
+ private JWTAuthContextInfo jwtAuthContextInfo;
+
+ public ConfigurableJWTAuthContextInfo() {
+ config = ConfigProvider.getConfig();
+
+ SystemInstance.get().setComponent(ConfigurableJWTAuthContextInfo.class, this);
+ }
+
+ public void initMPJWTConfig(@Observes final ServerCreated serverCreated) {
+ this.jwtAuthContextInfo = createJWTAuthContextInfo();
+ }
public Optional<JWTAuthContextInfo> getJWTAuthContextInfo() {
- final Optional<String> publicKey = config.getOptionalValue(VERIFIER_PUBLIC_KEY, String.class);
- final Optional<String> publicKeyLocation = config.getOptionalValue(VERIFIER_PUBLIC_KEY_LOCATION, String.class);
- final Optional<String> issuer = config.getOptionalValue(ISSUER, String.class);
-
- if (publicKey.isPresent()) {
- final Optional<RSAPublicKey> rsaPublicKey = readPublicKey(publicKey.get());
- if (rsaPublicKey.isPresent()) {
- return Optional.of(new JWTAuthContextInfo(rsaPublicKey.get(), issuer.orElse("")));
- }
- }
+ return Optional.ofNullable(jwtAuthContextInfo);
+ }
- if (publicKeyLocation.isPresent()) {
- final Optional<RSAPublicKey> rsaPublicKey = readPublicKey(readPublicKeyFromLocation(publicKeyLocation.get()));
- if (rsaPublicKey.isPresent()) {
- return Optional.of(new JWTAuthContextInfo(rsaPublicKey.get(), issuer.orElse("")));
- }
- }
+ private Optional<String> getVerifierPublicKey() {
+ return config.getOptionalValue(VERIFIER_PUBLIC_KEY, String.class);
+ }
- return Optional.empty();
+ private Optional<String> getPublicKeyLocation() {
+ return config.getOptionalValue(VERIFIER_PUBLIC_KEY_LOCATION, String.class);
+ }
+
+ private Optional<String> getIssuer() {
+ return config.getOptionalValue(ISSUER, String.class);
}
- private Optional<RSAPublicKey> readPublicKey(final String publicKey) {
+ private JWTAuthContextInfo createJWTAuthContextInfo() {
+ final Stream<Supplier<Optional<RSAPublicKey>>> possiblePublicKeys =
+ Stream.of(() -> getVerifierPublicKey().map(this::readPublicKey),
+ () -> getPublicKeyLocation().map(this::readPublicKeyFromLocation));
+
+ return possiblePublicKeys
+ .map(Supplier::get)
+ .filter(Optional::isPresent)
+ .map(Optional::get)
+ .findFirst()
+ .map(key -> new JWTAuthContextInfo(key, getIssuer().orElse(null)))
+ .orElse(null);
+ }
+
+ private RSAPublicKey readPublicKey(final String publicKey) {
return parsePCKS8(publicKey);
}
- private String readPublicKeyFromLocation(final String publicKeyLocation) {
+ private RSAPublicKey readPublicKeyFromLocation(final String publicKeyLocation) {
final Stream<Supplier<Optional<String>>> possiblePublicKeysLocations =
Stream.of(() -> readPublicKeyFromClasspath(publicKeyLocation),
() -> readPublicKeyFromFile(publicKeyLocation),
@@ -85,6 +106,7 @@ public class ConfigurableJWTAuthContextInfo {
.filter(Optional::isPresent)
.map(Optional::get)
.findFirst()
+ .map(this::readPublicKey)
.orElseThrow(() -> new DeploymentException("Could not read MicroProfile Public Key from Location: " +
publicKeyLocation));
}
@@ -145,14 +167,14 @@ public class ConfigurableJWTAuthContextInfo {
return Optional.empty();
}
- private Optional<RSAPublicKey> parsePCKS8(final String publicKey) {
+ private RSAPublicKey parsePCKS8(final String publicKey) {
isPrivatePCKS8(publicKey);
try {
final X509EncodedKeySpec spec = new X509EncodedKeySpec(normalizeAndDecodePCKS8(publicKey));
final KeyFactory kf = KeyFactory.getInstance("RSA");
- return Optional.of((RSAPublicKey) kf.generatePublic(spec));
+ return (RSAPublicKey) kf.generatePublic(spec);
} catch (final NoSuchAlgorithmException | InvalidKeySpecException e) {
- return Optional.empty();
+ throw new DeploymentException("Could not read MicroProfile Public Key: " + publicKey, e);
}
}
http://git-wip-us.apache.org/repos/asf/tomee/blob/92994d4a/mp-jwt/src/main/resources/META-INF/org.apache.openejb.extension
----------------------------------------------------------------------
diff --git a/mp-jwt/src/main/resources/META-INF/org.apache.openejb.extension b/mp-jwt/src/main/resources/META-INF/org.apache.openejb.extension
new file mode 100644
index 0000000..e69de29