You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by jl...@apache.org on 2018/04/16 22:45:29 UTC
[25/38] tomee git commit: Handling most of the injections. Missing
Provider and Instance for now and then a couple of failures with
@RolesAllowed and JACC
Handling most of the injections. Missing Provider and Instance for now and then a couple of failures with @RolesAllowed and JACC
Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/b05e5643
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/b05e5643
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/b05e5643
Branch: refs/heads/master
Commit: b05e5643dd976ecbc7509ac634f4a35f7f9b95f0
Parents: 92846ae
Author: Jean-Louis Monteiro <je...@gmail.com>
Authored: Fri Mar 2 15:04:59 2018 +0100
Committer: Jean-Louis Monteiro <je...@gmail.com>
Committed: Fri Mar 2 15:04:59 2018 +0100
----------------------------------------------------------------------
.../tomee/microprofile/jwt/MPJWTFilter.java | 6 +-
.../tomee/microprofile/jwt/cdi/ClaimBean.java | 159 +++++++++++++++++--
tck/mp-jwt-embedded/src/test/resources/dev.xml | 10 +-
3 files changed, 152 insertions(+), 23 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/tomee/blob/b05e5643/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java
----------------------------------------------------------------------
diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java
index ebed96d..36e53cf 100644
--- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java
+++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java
@@ -84,9 +84,9 @@ public class MPJWTFilter implements Filter {
jsonWebToken = validate(token);
} catch (final ParseException e) {
- // todo properly handle the exception as required per spec
- e.printStackTrace();
- throw new RuntimeException(e);
+ // todo is this enough?
+ HttpServletResponse.class.cast(response).sendError(HttpServletResponse.SC_UNAUTHORIZED);
+ return;
}
// associate with the producer. Should not be needed.
http://git-wip-us.apache.org/repos/asf/tomee/blob/b05e5643/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
----------------------------------------------------------------------
diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
index 10abedf..0e87404 100644
--- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
+++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
@@ -23,18 +23,28 @@ import org.eclipse.microprofile.jwt.JsonWebToken;
import javax.enterprise.context.Dependent;
import javax.enterprise.context.spi.CreationalContext;
+import javax.enterprise.inject.Instance;
import javax.enterprise.inject.spi.Annotated;
import javax.enterprise.inject.spi.Bean;
import javax.enterprise.inject.spi.BeanManager;
import javax.enterprise.inject.spi.InjectionPoint;
import javax.enterprise.inject.spi.PassivationCapable;
+import javax.enterprise.util.AnnotationLiteral;
+import javax.inject.Inject;
import javax.inject.Provider;
+import javax.json.Json;
+import javax.json.JsonArrayBuilder;
+import javax.json.JsonObject;
+import javax.json.JsonValue;
+import javax.json.bind.Jsonb;
import java.lang.annotation.Annotation;
import java.lang.reflect.ParameterizedType;
import java.lang.reflect.Type;
+import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
+import java.util.Map;
import java.util.Optional;
import java.util.Set;
import java.util.logging.Logger;
@@ -45,6 +55,13 @@ public class ClaimBean<T> implements Bean<T>, PassivationCapable {
private final static Set<Annotation> QUALIFIERS = new HashSet<>();
+ static {
+ QUALIFIERS.add(new ClaimLiteral());
+ }
+
+ @Inject
+ private Jsonb jsonb;
+
private final BeanManager bm;
private final Class rawType;
private final Set<Type> types;
@@ -140,7 +157,7 @@ public class ClaimBean<T> implements Bean<T>, PassivationCapable {
final String key = getClaimKey(claim);
System.out.println(String.format("Found Claim injection with name=%s and for InjectionPoint=%s", key, ip.toString()));
- logger.finest(String.format("Found Claim injection with name=%s and for InjectionPoint=%s", key, ip.toString()));
+ logger.finest(String.format("Found Claim injection with name=%s and for %s", key, ip.toString()));
if (annotated.getBaseType() instanceof ParameterizedType) {
final ParameterizedType paramType = (ParameterizedType) annotated.getBaseType();
@@ -151,39 +168,65 @@ public class ClaimBean<T> implements Bean<T>, PassivationCapable {
// handle Provider<T>
if (rawTypeClass.isAssignableFrom(Provider.class)) {
- final Class clazz = (Class) paramType.getActualTypeArguments()[0]; //X TODO check type again, etc
- return (T) getClaimValue(key, clazz);
+ return getClaimValue(key);
+ }
+
+ // handle Instance<T>
+ if (rawTypeClass.isAssignableFrom(Instance.class)) {
+ return getClaimValue(key);
}
// handle ClaimValue<T>
if (rawTypeClass.isAssignableFrom(ClaimValue.class)) {
- final Class clazz = (Class) paramType.getActualTypeArguments()[0]; //X TODO check type again, etc
- return (T) getClaimValue(key, clazz);
+ final Type claimValueType = paramType.getActualTypeArguments()[0];
+
+ final ClaimValueWrapper claimValueWrapper = new ClaimValueWrapper(key);
+ if (claimValueType instanceof ParameterizedType && isOptional((ParameterizedType) claimValueType)) {
+ final T claimValue = getClaimValue(key);
+ claimValueWrapper.setValue(Optional.ofNullable(claimValue));
+
+ } else if (claimValueType instanceof ParameterizedType && isSet((ParameterizedType) claimValueType)) {
+ final T claimValue = getClaimValue(key);
+ claimValueWrapper.setValue(claimValue); // todo convert to set
+
+ } else if (claimValueType instanceof ParameterizedType && isList((ParameterizedType) claimValueType)) {
+ final T claimValue = getClaimValue(key);
+ claimValueWrapper.setValue(claimValue); // // todo convert to list
+
+ } else if (claimValueType instanceof Class) {
+ final T claimValue = getClaimValue(key);
+ claimValueWrapper.setValue(claimValue);
+
+ } else {
+ throw new IllegalArgumentException("Unsupported ClaimValue type " + claimValueType.toString());
+ }
+
+ return (T) claimValueWrapper;
}
// handle Optional<T>
if (rawTypeClass.isAssignableFrom(Optional.class)) {
- final Class clazz = (Class) paramType.getActualTypeArguments()[0]; //X TODO check type again, etc
- return (T) getClaimValue(key, clazz);
+ return getClaimValue(key);
}
// handle Set<T>
if (rawTypeClass.isAssignableFrom(Set.class)) {
- Class clazz = (Class) paramType.getActualTypeArguments()[0]; //X TODO check type again, etc
- return getClaimValue(key, clazz);
+ return getClaimValue(key);
}
// handle List<T>
if (rawTypeClass.isAssignableFrom(List.class)) {
- final Class clazz = (Class) paramType.getActualTypeArguments()[0]; //X TODO check type again, etc
- return getClaimValue(key, clazz);
+ return getClaimValue(key);
}
}
+ } else if (annotated.getBaseType().getTypeName().startsWith("javax.json.Json")) {
+ // handle JsonValue<T> (number, string, etc)
+ return (T) toJson(key);
+
} else {
// handle Raw types
- final Class clazz = (Class) annotated.getBaseType();
- return getClaimValue(key, clazz);
+ return getClaimValue(key);
}
throw new IllegalStateException("Unhandled ClaimValue type");
@@ -193,7 +236,7 @@ public class ClaimBean<T> implements Bean<T>, PassivationCapable {
return claim.standard() == Claims.UNKNOWN ? claim.value() : claim.standard().name();
}
- private T getClaimValue(final String name, final Class clazz) {
+ private T getClaimValue(final String name) {
final JsonWebToken jwt = MPJWTProducer.getJWTPrincipal();
if (jwt == null) {
logger.warning(String.format("Can't retrieve claim %s. No active principal.", name));
@@ -202,7 +245,93 @@ public class ClaimBean<T> implements Bean<T>, PassivationCapable {
final Optional<T> claimValue = jwt.claim(name);
logger.finest(String.format("Found ClaimValue=%s for name=%s", claimValue, name));
- return claimValue.orElse(null); // todo more to do?
+ return claimValue.orElse(null);
+ }
+
+ private JsonValue toJson(final String name) {
+ final T claimValue = getClaimValue(name);
+ return wrapValue(claimValue);
+ }
+
+ private static final String TMP = "tmp"; // todo kill this if possible
+
+ private JsonValue wrapValue(Object value) {
+ JsonValue jsonValue = null;
+
+ if (value instanceof JsonValue) {
+ // This may already be a JsonValue
+ jsonValue = (JsonValue) value;
+
+ } else if (value instanceof String) {
+ jsonValue = Json.createObjectBuilder()
+ .add(TMP, value.toString())
+ .build()
+ .getJsonString(TMP);
+
+ } else if (value instanceof Number) {
+ final Number number = (Number) value;
+ if ((number instanceof Long) || (number instanceof Integer)) {
+ jsonValue = Json.createObjectBuilder()
+ .add(TMP, number.longValue())
+ .build()
+ .getJsonNumber(TMP);
+
+ } else {
+ jsonValue = Json.createObjectBuilder()
+ .add(TMP, number.doubleValue())
+ .build()
+ .getJsonNumber(TMP);
+ }
+
+ } else if (value instanceof Boolean) {
+ final Boolean flag = (Boolean) value;
+ jsonValue = flag ? JsonValue.TRUE : JsonValue.FALSE;
+
+ } else if (value instanceof Collection) {
+ final JsonArrayBuilder arrayBuilder = Json.createArrayBuilder();
+ final Collection list = (Collection) value;
+
+ for (Object element : list) {
+ if (element instanceof String) {
+ arrayBuilder.add(element.toString());
+
+ } else {
+ final JsonValue jvalue = wrapValue(element);
+ arrayBuilder.add(jvalue);
+ }
+ }
+ jsonValue = arrayBuilder.build();
+
+ } else if (value instanceof Map) {
+ jsonValue = jsonb.fromJson(jsonb.toJson(value), JsonObject.class);
+
+ }
+ return jsonValue;
+ }
+
+ private boolean isOptional(final ParameterizedType type) {
+ return ((Class) type.getRawType()).isAssignableFrom(Optional.class);
+ }
+
+ private boolean isSet(final ParameterizedType type) {
+ return ((Class) type.getRawType()).isAssignableFrom(Set.class);
+ }
+
+ private boolean isList(final ParameterizedType type) {
+ return ((Class) type.getRawType()).isAssignableFrom(List.class);
+ }
+
+ private static class ClaimLiteral extends AnnotationLiteral<Claim> implements Claim {
+
+ @Override
+ public String value() {
+ return "";
+ }
+
+ @Override
+ public Claims standard() {
+ return Claims.UNKNOWN;
+ }
}
}
http://git-wip-us.apache.org/repos/asf/tomee/blob/b05e5643/tck/mp-jwt-embedded/src/test/resources/dev.xml
----------------------------------------------------------------------
diff --git a/tck/mp-jwt-embedded/src/test/resources/dev.xml b/tck/mp-jwt-embedded/src/test/resources/dev.xml
index b347b26..27205d2 100644
--- a/tck/mp-jwt-embedded/src/test/resources/dev.xml
+++ b/tck/mp-jwt-embedded/src/test/resources/dev.xml
@@ -42,24 +42,24 @@
</groups>
<classes>
<!-- OK
+ -->
<class name="org.eclipse.microprofile.jwt.tck.parsing.TokenValidationTest" />
<class name="org.eclipse.microprofile.jwt.tck.util.TokenUtilsTest" />
<class name="org.eclipse.microprofile.jwt.tck.parsing.TestTokenClaimTypesTest" />
<class name="org.eclipse.microprofile.jwt.tck.container.jaxrs.UnsecuredPingTest" />
<class name="org.eclipse.microprofile.jwt.tck.container.jaxrs.RequiredClaimsTest" />
- -->
<class name="org.eclipse.microprofile.jwt.tck.container.jaxrs.PrimitiveInjectionTest" />
<class name="org.eclipse.microprofile.jwt.tck.container.jaxrs.ClaimValueInjectionTest" />
<class name="org.eclipse.microprofile.jwt.tck.container.jaxrs.JsonValueInjectionTest" />
- <class name="org.eclipse.microprofile.jwt.tck.container.jaxrs.ProviderInjectionTest" />
- <!-- KO
<class name="org.eclipse.microprofile.jwt.tck.container.jaxrs.RolesAllowedTest" />
<class name="org.eclipse.microprofile.jwt.tck.container.jaxrs.InvalidTokenTest" />
+ <!-- KO
+ <class name="org.eclipse.microprofile.jwt.tck.container.jaxrs.ProviderInjectionTest" />
-->
</classes>
</test>
- <!--
+
<test name="extended-tests" verbose="10">
<groups>
<define name="extended-groups">
@@ -83,5 +83,5 @@
<class name="org.eclipse.microprofile.jwt.tck.container.jacc.SubjectTest" />
</classes>
</test>
- -->
+
</suite>