You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@solr.apache.org by ja...@apache.org on 2021/05/28 12:17:43 UTC
[solr] branch main updated: SOLR-15439 Upgrade jose4j to v0.7.7
(#154)
This is an automated email from the ASF dual-hosted git repository.
janhoy pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/solr.git
The following commit(s) were added to refs/heads/main by this push:
new f4f84d2 SOLR-15439 Upgrade jose4j to v0.7.7 (#154)
f4f84d2 is described below
commit f4f84d2b67f1e2722948df765564d645a3f218de
Author: Jan Høydahl <ja...@users.noreply.github.com>
AuthorDate: Fri May 28 14:17:36 2021 +0200
SOLR-15439 Upgrade jose4j to v0.7.7 (#154)
---
solr/CHANGES.txt | 2 ++
solr/core/src/test/org/apache/solr/security/JWTAuthPluginTest.java | 2 +-
solr/licenses/jose4j-0.6.5.jar.sha1 | 1 -
solr/licenses/jose4j-0.7.7.jar.sha1 | 1 +
versions.lock | 2 +-
versions.props | 2 +-
6 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/solr/CHANGES.txt b/solr/CHANGES.txt
index d33b280..ac810f2 100644
--- a/solr/CHANGES.txt
+++ b/solr/CHANGES.txt
@@ -301,6 +301,8 @@ Other Changes
* SOLR-15416: Remove metrics history collection (and MetricsHistoryHandler). (ab)
+* SOLR-15439: Upgrade jose4j library used for JWT authentication processing, to v0.7.7 (janhoy)
+
Bug Fixes
---------------------
* SOLR-14546: Fix for a relatively hard to hit issue in OverseerTaskProcessor that could lead to out of order execution
diff --git a/solr/core/src/test/org/apache/solr/security/JWTAuthPluginTest.java b/solr/core/src/test/org/apache/solr/security/JWTAuthPluginTest.java
index 2b1ce60..ca45080 100644
--- a/solr/core/src/test/org/apache/solr/security/JWTAuthPluginTest.java
+++ b/solr/core/src/test/org/apache/solr/security/JWTAuthPluginTest.java
@@ -320,7 +320,7 @@ public class JWTAuthPluginTest extends SolrTestCaseJ4 {
plugin.init(testConfig);
JWTAuthPlugin.JWTAuthenticationResponse resp = plugin.authenticate(testHeader);
assertEquals(JWTAuthPlugin.JWTAuthenticationResponse.AuthCode.JWT_VALIDATION_EXCEPTION, resp.getAuthCode());
- assertTrue(resp.getErrorMessage().contains("not a whitelisted"));
+ assertTrue(resp.getErrorMessage().contains("not a permitted algorithm"));
}
@Test
diff --git a/solr/licenses/jose4j-0.6.5.jar.sha1 b/solr/licenses/jose4j-0.6.5.jar.sha1
deleted file mode 100644
index b6fbefb..0000000
--- a/solr/licenses/jose4j-0.6.5.jar.sha1
+++ /dev/null
@@ -1 +0,0 @@
-524470e6ad000e3938f4c0f5e08bd423e95bd43a
diff --git a/solr/licenses/jose4j-0.7.7.jar.sha1 b/solr/licenses/jose4j-0.7.7.jar.sha1
new file mode 100644
index 0000000..c47ba06
--- /dev/null
+++ b/solr/licenses/jose4j-0.7.7.jar.sha1
@@ -0,0 +1 @@
+cf1a02839a251731e92ba0134268fec3f79d4868
diff --git a/versions.lock b/versions.lock
index 17ca56d..098a8c9 100644
--- a/versions.lock
+++ b/versions.lock
@@ -173,7 +173,7 @@ org.apache.xmlbeans:xmlbeans:3.1.0 (1 constraints: 0605fd35)
org.apache.zookeeper:zookeeper:3.7.0 (1 constraints: 0c050f36)
org.apache.zookeeper:zookeeper-jute:3.7.0 (1 constraints: 8a0d3a28)
org.aspectj:aspectjrt:1.8.0 (1 constraints: 0b050836)
-org.bitbucket.b_c:jose4j:0.6.5 (1 constraints: 0d050236)
+org.bitbucket.b_c:jose4j:0.7.7 (1 constraints: 10050736)
org.bouncycastle:bcmail-jdk15on:1.64 (1 constraints: df04ff30)
org.bouncycastle:bcpkix-jdk15on:1.64 (1 constraints: df04ff30)
org.bouncycastle:bcprov-jdk15on:1.64 (1 constraints: df04ff30)
diff --git a/versions.props b/versions.props
index aa429c0..dc5d3b9 100644
--- a/versions.props
+++ b/versions.props
@@ -96,7 +96,7 @@ org.apache.xmlbeans:xmlbeans=3.1.0
org.apache.zookeeper:*=3.7.0
org.asciidoctor:asciidoctorj=1.6.2
org.aspectj:aspectjrt=1.8.0
-org.bitbucket.b_c:jose4j=0.6.5
+org.bitbucket.b_c:jose4j=0.7.7
org.bouncycastle:*=1.64
org.brotli:dec=0.1.2
org.carrot2:carrot2-core=4.0.4