You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by jl...@apache.org on 2019/07/12 15:31:48 UTC
[tomee] branch master updated: Add missing Apache headers Small
variables renaming after objects got also renamed
This is an automated email from the ASF dual-hosted git repository.
jlmonteiro pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomee.git
The following commit(s) were added to refs/heads/master by this push:
new 77bc945 Add missing Apache headers Small variables renaming after objects got also renamed
new ac895c3 Merge branch 'master' of https://gitbox.apache.org/repos/asf/tomee
77bc945 is described below
commit 77bc9450c70326194437a83e10f526c14ed3fa75
Author: Jean-Louis Monteiro <je...@gmail.com>
AuthorDate: Fri Jul 12 17:31:09 2019 +0200
Add missing Apache headers
Small variables renaming after objects got also renamed
---
.../rest/MoviesMPJWTConfigurationProvider.java | 2 +-
.../tomee/microprofile/jwt/ConstraintAdapter.java | 16 +++++++++++++
.../microprofile/jwt/JsonWebTokenValidator.java | 16 ++++++-------
.../apache/tomee/microprofile/jwt/MPJWTFilter.java | 17 ++++++++------
.../tomee/microprofile/jwt/MPJWTInitializer.java | 2 +-
.../jwt/config/JWTAuthConfiguration.java | 26 ++++++++++++++++++++--
.../jwt/config/JWTAuthConfigurationProperties.java | 12 +++++-----
.../jwt/JsonWebTokenValidatorTest.java | 16 +++++++++++++
.../jwt/bval/ValidationConstraintsTest.java | 16 +++++++++++++
.../jwt/bval/ValidationGeneratorTest.java | 16 +++++++++++++
.../tck/jwt/JWTAuthContextInfoProvider.java | 2 +-
.../tck/jwt/jwk/PublicKeyAsJWKSTest.java | 2 +-
12 files changed, 116 insertions(+), 27 deletions(-)
diff --git a/examples/mp-rest-jwt/src/main/java/org/superbiz/moviefun/rest/MoviesMPJWTConfigurationProvider.java b/examples/mp-rest-jwt/src/main/java/org/superbiz/moviefun/rest/MoviesMPJWTConfigurationProvider.java
index d9f64f5..afd3bd7 100644
--- a/examples/mp-rest-jwt/src/main/java/org/superbiz/moviefun/rest/MoviesMPJWTConfigurationProvider.java
+++ b/examples/mp-rest-jwt/src/main/java/org/superbiz/moviefun/rest/MoviesMPJWTConfigurationProvider.java
@@ -46,7 +46,7 @@ public class MoviesMPJWTConfigurationProvider {
final KeyFactory kf = KeyFactory.getInstance("RSA");
final RSAPublicKey pk = (RSAPublicKey) kf.generatePublic(spec);
- return Optional.of(JWTAuthConfiguration.authContextInfo(pk, "https://server.example.com"));
+ return Optional.of(JWTAuthConfiguration.authConfiguration(pk, "https://server.example.com"));
}
@Produces
diff --git a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/ConstraintAdapter.java b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/ConstraintAdapter.java
index 1506c9f..d5903c1 100644
--- a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/ConstraintAdapter.java
+++ b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/ConstraintAdapter.java
@@ -1,3 +1,19 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
package org.apache.tomee.microprofile.jwt;
import javax.validation.ConstraintValidator;
diff --git a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/JsonWebTokenValidator.java b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/JsonWebTokenValidator.java
index 91bcd51..6133e48 100644
--- a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/JsonWebTokenValidator.java
+++ b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/JsonWebTokenValidator.java
@@ -56,7 +56,7 @@ public class JsonWebTokenValidator {
}
public JsonWebToken validate(final String token) throws ParseException {
- final JWTAuthConfiguration authContextInfo = verificationKey == null ? JWTAuthConfiguration.authContextInfo(verificationKey, issuer) : JWTAuthConfiguration.authContextInfo(verificationKeys, issuer);
+ final JWTAuthConfiguration authConfiguration = verificationKey == null ? JWTAuthConfiguration.authConfiguration(verificationKey, issuer) : JWTAuthConfiguration.authConfiguration(verificationKeys, issuer);
JWTCallerPrincipal principal;
try {
@@ -72,19 +72,19 @@ public class JsonWebTokenValidator {
AlgorithmIdentifiers.RSA_USING_SHA512
));
- if (authContextInfo.getIssuer() != null) {
- builder.setExpectedIssuer(authContextInfo.getIssuer());
+ if (authConfiguration.getIssuer() != null) {
+ builder.setExpectedIssuer(authConfiguration.getIssuer());
}
- if (authContextInfo.getExpGracePeriodSecs() > 0) {
- builder.setAllowedClockSkewInSeconds(authContextInfo.getExpGracePeriodSecs());
+ if (authConfiguration.getExpGracePeriodSecs() > 0) {
+ builder.setAllowedClockSkewInSeconds(authConfiguration.getExpGracePeriodSecs());
} else {
builder.setEvaluationTime(NumericDate.fromSeconds(0));
}
- if (authContextInfo.isSingleKey()) {
- builder.setVerificationKey(authContextInfo.getPublicKey());
+ if (authConfiguration.isSingleKey()) {
+ builder.setVerificationKey(authConfiguration.getPublicKey());
} else {
- builder.setVerificationKeyResolver(new JwksVerificationKeyResolver(authContextInfo.getPublicKeys()));
+ builder.setVerificationKeyResolver(new JwksVerificationKeyResolver(authConfiguration.getPublicKeys()));
}
final JwtConsumer jwtConsumer = builder.build();
diff --git a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java
index 815659b..85cdbb9 100644
--- a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java
+++ b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java
@@ -16,6 +16,7 @@
*/
package org.apache.tomee.microprofile.jwt;
+import org.apache.commons.lang3.Validate;
import org.apache.openejb.loader.SystemInstance;
import org.apache.openejb.spi.SecurityService;
import org.apache.openejb.util.Logger;
@@ -127,7 +128,7 @@ public class MPJWTFilter implements Filter {
return Optional.of(authContextInfo.get());
}
- return jwtAuthConfigurationProperties.getJWTAuthContextInfo();
+ return jwtAuthConfigurationProperties.getJWTAuthConfiguration();
}
private static Function<HttpServletRequest, JsonWebToken> token(final HttpServletRequest httpServletRequest, final JWTAuthConfiguration authContextInfo) {
@@ -269,12 +270,12 @@ public class MPJWTFilter implements Filter {
public static class ValidateJSonWebToken {
private final HttpServletRequest httpServletRequest;
- private final JWTAuthConfiguration authContextInfo;
+ private final JWTAuthConfiguration jwtAuthConfiguration;
private JsonWebToken jsonWebToken;
public ValidateJSonWebToken(final HttpServletRequest httpServletRequest, final JWTAuthConfiguration authContextInfo) {
this.httpServletRequest = httpServletRequest;
- this.authContextInfo = authContextInfo;
+ this.jwtAuthConfiguration = authContextInfo;
}
@@ -286,18 +287,20 @@ public class MPJWTFilter implements Filter {
return jsonWebToken;
}
- final String authorizationHeader = httpServletRequest.getHeader("Authorization");
+ final String headerName = jwtAuthConfiguration.getHeaderName();
+ final String authorizationHeader = httpServletRequest.getHeader(headerName);
if (authorizationHeader == null || authorizationHeader.isEmpty()) {
throw new MissingAuthorizationHeaderException();
}
- if (!authorizationHeader.toLowerCase(Locale.ENGLISH).startsWith("bearer ")) {
+ final String headerScheme = jwtAuthConfiguration.getHeaderScheme() + " ";
+ if (headerScheme.trim().length() > 0 && !authorizationHeader.toLowerCase(Locale.ENGLISH).startsWith(headerScheme)) {
throw new BadAuthorizationPrefixException(authorizationHeader);
}
- final String token = authorizationHeader.substring("bearer ".length());
+ final String token = authorizationHeader.substring(headerScheme.length());
try {
- jsonWebToken = parse(token, authContextInfo);
+ jsonWebToken = parse(token, jwtAuthConfiguration);
} catch (final ParseException e) {
throw new InvalidTokenException(token, e);
diff --git a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTInitializer.java b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTInitializer.java
index cede7dc..0afd79a 100644
--- a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTInitializer.java
+++ b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTInitializer.java
@@ -36,7 +36,7 @@ public class MPJWTInitializer implements ServletContainerInitializer {
public void onStartup(final Set<Class<?>> classes, final ServletContext ctx) throws ServletException {
if (classes == null || classes.isEmpty()) {
- return; // no classe having @LoginConfig on it
+ return; // no class having @LoginConfig on it
}
for (Class<?> clazz : classes) {
diff --git a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/JWTAuthConfiguration.java b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/JWTAuthConfiguration.java
index 3a81c09..9ee1bc2 100644
--- a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/JWTAuthConfiguration.java
+++ b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/JWTAuthConfiguration.java
@@ -36,6 +36,8 @@ public class JWTAuthConfiguration {
private Map<String, Key> publicKeys;
private String issuer;
private int expGracePeriodSecs = 60;
+ private String headerName = "Authorization";
+ private String headerScheme = "Bearer";
private JWTAuthConfiguration(final Key publicKey, final String issuer) {
this.publicKeys = Collections.singletonMap(DEFAULT_KEY, publicKey);
@@ -52,11 +54,11 @@ public class JWTAuthConfiguration {
this.issuer = issuer;
}
- public static JWTAuthConfiguration authContextInfo(final Key publicKey, final String issuer) {
+ public static JWTAuthConfiguration authConfiguration(final Key publicKey, final String issuer) {
return new JWTAuthConfiguration(publicKey, issuer);
}
- public static JWTAuthConfiguration authContextInfo(final Map<String, Key> publicKeys, final String issuer) {
+ public static JWTAuthConfiguration authConfiguration(final Map<String, Key> publicKeys, final String issuer) {
return new JWTAuthConfiguration(publicKeys, issuer);
}
@@ -88,4 +90,24 @@ public class JWTAuthConfiguration {
public int getExpGracePeriodSecs() {
return expGracePeriodSecs;
}
+
+ public void setExpGracePeriodSecs(final int expGracePeriodSecs) {
+ this.expGracePeriodSecs = expGracePeriodSecs;
+ }
+
+ public String getHeaderName() {
+ return headerName;
+ }
+
+ public void setHeaderName(final String headerName) {
+ this.headerName = headerName;
+ }
+
+ public String getHeaderScheme() {
+ return headerScheme;
+ }
+
+ public void setHeaderScheme(final String headerScheme) {
+ this.headerScheme = headerScheme;
+ }
}
diff --git a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/JWTAuthConfigurationProperties.java b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/JWTAuthConfigurationProperties.java
index 46be286..cf3199a 100644
--- a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/JWTAuthConfigurationProperties.java
+++ b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/JWTAuthConfigurationProperties.java
@@ -25,7 +25,7 @@ import javax.enterprise.event.Observes;
import javax.enterprise.inject.spi.DeploymentException;
import javax.servlet.ServletContext;
import java.security.Key;
-import java.util.Arrays;
+import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.Optional;
@@ -44,7 +44,7 @@ import static org.eclipse.microprofile.jwt.config.Names.VERIFIER_PUBLIC_KEY_LOCA
*/
@ApplicationScoped
public class JWTAuthConfigurationProperties {
- public static final List<String> JWK_SUPPORTED_KEY_TYPES = Arrays.asList("RSA");
+ public static final List<String> JWK_SUPPORTED_KEY_TYPES = Collections.singletonList("RSA");
public static final String PUBLIC_KEY_ERROR = "Could not read MicroProfile Public Key";
public static final String PUBLIC_KEY_ERROR_LOCATION = PUBLIC_KEY_ERROR + " from Location: ";
@@ -53,10 +53,10 @@ public class JWTAuthConfigurationProperties {
public void init(@Observes @Initialized(ApplicationScoped.class) ServletContext context) {
this.config = ConfigProvider.getConfig();
- this.jwtAuthConfiguration = createJWTAuthContextInfo();
+ this.jwtAuthConfiguration = createJWTAuthConfiguration();
}
- public Optional<JWTAuthConfiguration> getJWTAuthContextInfo() {
+ public Optional<JWTAuthConfiguration> getJWTAuthConfiguration() {
return Optional.ofNullable(jwtAuthConfiguration);
}
@@ -72,7 +72,7 @@ public class JWTAuthConfigurationProperties {
return config.getOptionalValue(ISSUER, String.class);
}
- private JWTAuthConfiguration createJWTAuthContextInfo() {
+ private JWTAuthConfiguration createJWTAuthConfiguration() {
if (getVerifierPublicKey().isPresent() && getPublicKeyLocation().isPresent()) {
throw new DeploymentException("Both " +
VERIFIER_PUBLIC_KEY +
@@ -87,7 +87,7 @@ public class JWTAuthConfigurationProperties {
final Optional<Map<String, Key>> first = new PublicKeyResolver().resolve(publicKeyContents, publicKeyLocation);
return first
- .map(keys -> JWTAuthConfiguration.authContextInfo(keys, getIssuer().orElse(null)))
+ .map(keys -> JWTAuthConfiguration.authConfiguration(keys, getIssuer().orElse(null)))
.orElse(null);
}
diff --git a/mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/JsonWebTokenValidatorTest.java b/mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/JsonWebTokenValidatorTest.java
index 3e6c23f..1be4da0 100644
--- a/mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/JsonWebTokenValidatorTest.java
+++ b/mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/JsonWebTokenValidatorTest.java
@@ -1,3 +1,19 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
package org.apache.tomee.microprofile.jwt;
import org.eclipse.microprofile.jwt.JsonWebToken;
diff --git a/mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/bval/ValidationConstraintsTest.java b/mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/bval/ValidationConstraintsTest.java
index 56eb5f7..ad7e716 100644
--- a/mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/bval/ValidationConstraintsTest.java
+++ b/mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/bval/ValidationConstraintsTest.java
@@ -1,3 +1,19 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
package org.apache.tomee.microprofile.jwt.bval;
import org.apache.tomee.microprofile.jwt.JsonWebTokenValidator;
diff --git a/mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/bval/ValidationGeneratorTest.java b/mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/bval/ValidationGeneratorTest.java
index 596ed5f..4fef0b8 100644
--- a/mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/bval/ValidationGeneratorTest.java
+++ b/mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/bval/ValidationGeneratorTest.java
@@ -1,3 +1,19 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
package org.apache.tomee.microprofile.jwt.bval;
import org.apache.openejb.util.proxy.ProxyGenerationException;
diff --git a/tck/microprofile-tck/jwt/src/test/java/org/apache/tomee/microprofile/tck/jwt/JWTAuthContextInfoProvider.java b/tck/microprofile-tck/jwt/src/test/java/org/apache/tomee/microprofile/tck/jwt/JWTAuthContextInfoProvider.java
index 58727cc..6c24573 100644
--- a/tck/microprofile-tck/jwt/src/test/java/org/apache/tomee/microprofile/tck/jwt/JWTAuthContextInfoProvider.java
+++ b/tck/microprofile-tck/jwt/src/test/java/org/apache/tomee/microprofile/tck/jwt/JWTAuthContextInfoProvider.java
@@ -46,7 +46,7 @@ public class JWTAuthContextInfoProvider {
final KeyFactory kf = KeyFactory.getInstance("RSA");
final RSAPublicKey pk = (RSAPublicKey) kf.generatePublic(spec);
- return Optional.of(JWTAuthConfiguration.authContextInfo(pk, "https://server.example.com"));
+ return Optional.of(JWTAuthConfiguration.authConfiguration(pk, "https://server.example.com"));
}
@Produces
diff --git a/tck/microprofile-tck/jwt/src/test/java/org/apache/tomee/microprofile/tck/jwt/jwk/PublicKeyAsJWKSTest.java b/tck/microprofile-tck/jwt/src/test/java/org/apache/tomee/microprofile/tck/jwt/jwk/PublicKeyAsJWKSTest.java
index 4f2db6a..b97ff43 100644
--- a/tck/microprofile-tck/jwt/src/test/java/org/apache/tomee/microprofile/tck/jwt/jwk/PublicKeyAsJWKSTest.java
+++ b/tck/microprofile-tck/jwt/src/test/java/org/apache/tomee/microprofile/tck/jwt/jwk/PublicKeyAsJWKSTest.java
@@ -55,7 +55,7 @@ public class PublicKeyAsJWKSTest {
JWTAuthConfigurationProperties.init(null);
final JWTAuthConfiguration jwtAuthConfiguration =
- JWTAuthConfigurationProperties.getJWTAuthContextInfo().orElseThrow(IllegalArgumentException::new);
+ JWTAuthConfigurationProperties.getJWTAuthConfiguration().orElseThrow(IllegalArgumentException::new);
final JwtConsumerBuilder jwtConsumerBuilder = new JwtConsumerBuilder()
.setRequireExpirationTime()