You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@james.apache.org by bt...@apache.org on 2021/09/06 02:17:01 UTC

[james-project] branch master updated: JAMES-3641 No longer ship a default JWT public key in the default configurations (#627)

This is an automated email from the ASF dual-hosted git repository.

btellier pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/james-project.git


The following commit(s) were added to refs/heads/master by this push:
     new 2f8351c  JAMES-3641 No longer ship a default JWT public key in the default configurations (#627)
2f8351c is described below

commit 2f8351cfbd3067f8d64e599d70498d1bbd56321b
Author: Benoit TELLIER <bt...@linagora.com>
AuthorDate: Mon Sep 6 09:16:57 2021 +0700

    JAMES-3641 No longer ship a default JWT public key in the default configurations (#627)
---
 .../cassandra-app/sample-configuration/jmap.properties |  2 +-
 .../cassandra-app/sample-configuration/jwt_publickey   |  9 ---------
 .../sample-configuration/jmap.properties               |  2 +-
 .../distributed-app/sample-configuration/jwt_publickey |  9 ---------
 .../memory-app/sample-configuration/jmap.properties    |  2 +-
 .../apps/memory-app/sample-configuration/jwt_publickey |  9 ---------
 .../james/jmap/draft/JMAPDraftConfiguration.java       |  1 -
 .../james/jmap/draft/JMAPDraftConfigurationTest.java   | 18 ++++++++++--------
 8 files changed, 13 insertions(+), 39 deletions(-)

diff --git a/server/apps/cassandra-app/sample-configuration/jmap.properties b/server/apps/cassandra-app/sample-configuration/jmap.properties
index 71d28c6..333d298 100644
--- a/server/apps/cassandra-app/sample-configuration/jmap.properties
+++ b/server/apps/cassandra-app/sample-configuration/jmap.properties
@@ -11,7 +11,7 @@ tls.secret=james72laBalle
 # The following entry specify the link to the URL of the public key file,
 # which should be a PEM format file.
 #
-jwt.publickeypem.url=file://conf/jwt_publickey
+# jwt.publickeypem.url=file://conf/jwt_publickey
 
 # Should simple Email/query be resolved against a Cassandra projection, or should we resolve them against ElasticSearch?
 # This enables a higher resilience, but the projection needs to be correctly populated. False by default.
diff --git a/server/apps/cassandra-app/sample-configuration/jwt_publickey b/server/apps/cassandra-app/sample-configuration/jwt_publickey
deleted file mode 100644
index 53914e0..0000000
--- a/server/apps/cassandra-app/sample-configuration/jwt_publickey
+++ /dev/null
@@ -1,9 +0,0 @@
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlChO/nlVP27MpdkG0Bh
-16XrMRf6M4NeyGa7j5+1UKm42IKUf3lM28oe82MqIIRyvskPc11NuzSor8HmvH8H
-lhDs5DyJtx2qp35AT0zCqfwlaDnlDc/QDlZv1CoRZGpQk1Inyh6SbZwYpxxwh0fi
-+d/4RpE3LBVo8wgOaXPylOlHxsDizfkL8QwXItyakBfMO6jWQRrj7/9WDhGf4Hi+
-GQur1tPGZDl9mvCoRHjFrD5M/yypIPlfMGWFVEvV5jClNMLAQ9bYFuOc7H1fEWw6
-U1LZUUbJW9/CH45YXz82CYqkrfbnQxqRb2iVbVjs/sHopHd1NTiCfUtwvcYJiBVj
-kwIDAQAB
------END PUBLIC KEY-----
diff --git a/server/apps/distributed-app/sample-configuration/jmap.properties b/server/apps/distributed-app/sample-configuration/jmap.properties
index 1980cfa..fb072e9 100644
--- a/server/apps/distributed-app/sample-configuration/jmap.properties
+++ b/server/apps/distributed-app/sample-configuration/jmap.properties
@@ -11,7 +11,7 @@ tls.secret=james72laBalle
 # The following entry specify the link to the URL of the public key file,
 # which should be a PEM format file.
 #
-jwt.publickeypem.url=file://conf/jwt_publickey
+# jwt.publickeypem.url=file://conf/jwt_publickey
 
 # Should simple Email/query be resolved against a Cassandra projection, or should we resolve them against ElasticSearch?
 # This enables a higher resilience, but the projection needs to be correctly populated. False by default.
diff --git a/server/apps/distributed-app/sample-configuration/jwt_publickey b/server/apps/distributed-app/sample-configuration/jwt_publickey
deleted file mode 100644
index 53914e0..0000000
--- a/server/apps/distributed-app/sample-configuration/jwt_publickey
+++ /dev/null
@@ -1,9 +0,0 @@
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlChO/nlVP27MpdkG0Bh
-16XrMRf6M4NeyGa7j5+1UKm42IKUf3lM28oe82MqIIRyvskPc11NuzSor8HmvH8H
-lhDs5DyJtx2qp35AT0zCqfwlaDnlDc/QDlZv1CoRZGpQk1Inyh6SbZwYpxxwh0fi
-+d/4RpE3LBVo8wgOaXPylOlHxsDizfkL8QwXItyakBfMO6jWQRrj7/9WDhGf4Hi+
-GQur1tPGZDl9mvCoRHjFrD5M/yypIPlfMGWFVEvV5jClNMLAQ9bYFuOc7H1fEWw6
-U1LZUUbJW9/CH45YXz82CYqkrfbnQxqRb2iVbVjs/sHopHd1NTiCfUtwvcYJiBVj
-kwIDAQAB
------END PUBLIC KEY-----
diff --git a/server/apps/memory-app/sample-configuration/jmap.properties b/server/apps/memory-app/sample-configuration/jmap.properties
index 1980cfa..cf39a04 100644
--- a/server/apps/memory-app/sample-configuration/jmap.properties
+++ b/server/apps/memory-app/sample-configuration/jmap.properties
@@ -11,7 +11,7 @@ tls.secret=james72laBalle
 # The following entry specify the link to the URL of the public key file,
 # which should be a PEM format file.
 #
-jwt.publickeypem.url=file://conf/jwt_publickey
+#jwt.publickeypem.url=file://conf/jwt_publickey
 
 # Should simple Email/query be resolved against a Cassandra projection, or should we resolve them against ElasticSearch?
 # This enables a higher resilience, but the projection needs to be correctly populated. False by default.
diff --git a/server/apps/memory-app/sample-configuration/jwt_publickey b/server/apps/memory-app/sample-configuration/jwt_publickey
deleted file mode 100644
index 53914e0..0000000
--- a/server/apps/memory-app/sample-configuration/jwt_publickey
+++ /dev/null
@@ -1,9 +0,0 @@
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlChO/nlVP27MpdkG0Bh
-16XrMRf6M4NeyGa7j5+1UKm42IKUf3lM28oe82MqIIRyvskPc11NuzSor8HmvH8H
-lhDs5DyJtx2qp35AT0zCqfwlaDnlDc/QDlZv1CoRZGpQk1Inyh6SbZwYpxxwh0fi
-+d/4RpE3LBVo8wgOaXPylOlHxsDizfkL8QwXItyakBfMO6jWQRrj7/9WDhGf4Hi+
-GQur1tPGZDl9mvCoRHjFrD5M/yypIPlfMGWFVEvV5jClNMLAQ9bYFuOc7H1fEWw6
-U1LZUUbJW9/CH45YXz82CYqkrfbnQxqRb2iVbVjs/sHopHd1NTiCfUtwvcYJiBVj
-kwIDAQAB
------END PUBLIC KEY-----
diff --git a/server/protocols/jmap-draft/src/main/java/org/apache/james/jmap/draft/JMAPDraftConfiguration.java b/server/protocols/jmap-draft/src/main/java/org/apache/james/jmap/draft/JMAPDraftConfiguration.java
index a390ddd..54c6343 100644
--- a/server/protocols/jmap-draft/src/main/java/org/apache/james/jmap/draft/JMAPDraftConfiguration.java
+++ b/server/protocols/jmap-draft/src/main/java/org/apache/james/jmap/draft/JMAPDraftConfiguration.java
@@ -73,7 +73,6 @@ public class JMAPDraftConfiguration {
             Preconditions.checkState(enabled.isPresent(), "You should specify if JMAP server should be started");
             Preconditions.checkState(!enabled.get() || !Strings.isNullOrEmpty(keystore), "'keystore' is mandatory");
             Preconditions.checkState(!enabled.get() || !Strings.isNullOrEmpty(secret), "'secret' is mandatory");
-            Preconditions.checkState(!enabled.get() || jwtPublicKeyPem.isPresent(), "'publicKey' is mandatory");
             return new JMAPDraftConfiguration(enabled.get(), keystore, secret, jwtPublicKeyPem);
         }
 
diff --git a/server/protocols/jmap-draft/src/test/java/org/apache/james/jmap/draft/JMAPDraftConfigurationTest.java b/server/protocols/jmap-draft/src/test/java/org/apache/james/jmap/draft/JMAPDraftConfigurationTest.java
index 21ef229..92d9f2e 100644
--- a/server/protocols/jmap-draft/src/test/java/org/apache/james/jmap/draft/JMAPDraftConfigurationTest.java
+++ b/server/protocols/jmap-draft/src/test/java/org/apache/james/jmap/draft/JMAPDraftConfigurationTest.java
@@ -20,6 +20,7 @@
 package org.apache.james.jmap.draft;
 
 import static org.assertj.core.api.Assertions.assertThat;
+import static org.assertj.core.api.Assertions.assertThatCode;
 import static org.assertj.core.api.Assertions.assertThatThrownBy;
 
 import java.util.Optional;
@@ -85,14 +86,15 @@ public class JMAPDraftConfigurationTest {
     }
 
     @Test
-    public void buildShouldThrowWhenJwtPublicKeyPemIsEmpty() {
-        assertThatThrownBy(() -> JMAPDraftConfiguration.builder()
-            .enable()
-            .keystore("keystore")
-            .secret("secret")
-            .jwtPublicKeyPem(Optional.empty())
-            .build())
-            .isInstanceOf(IllegalStateException.class);
+    public void buildShouldNotThrowWhenJwtPublicKeyPemIsEmpty() {
+        assertThatCode(
+            () -> JMAPDraftConfiguration.builder()
+                .enable()
+                .keystore("keystore")
+                .secret("secret")
+                .jwtPublicKeyPem(Optional.empty())
+                .build())
+            .doesNotThrowAnyException();
     }
 
     @Test

---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@james.apache.org
For additional commands, e-mail: notifications-help@james.apache.org