[nifi] branch main updated (9bcbf83 -> a652280)

thenatog Thu, 19 Aug 2021 09:27:41 -0700

This is an automated email from the ASF dual-hosted git repository.

thenatog pushed a change to branch main
in repository https://gitbox.apache.org/repos/asf/nifi.git.



    from 9bcbf83  NIFI-8752: Automatic diagnostic at NiFi restart/stop
     add a652280  NIFI-8766 Implemented RS512 Algorithm for JWT Signing

No new revisions were added by this update.

Summary of changes:
 nifi-assembly/NOTICE                               |   6 +-
 .../java/org/apache/nifi/util/NiFiProperties.java  |   7 +
 .../src/main/asciidoc/administration-guide.adoc    |  22 +
 .../nifi/admin/IdpDataSourceFactoryBean.java       |   2 +-
 .../nifi/admin/KeyDataSourceFactoryBean.java       | 147 -----
 .../java/org/apache/nifi/admin/dao/DAOFactory.java |   2 -
 .../apache/nifi/admin/dao/impl/DAOFactoryImpl.java |   7 -
 .../apache/nifi/admin/dao/impl/StandardKeyDAO.java | 175 ------
 .../nifi/admin/service/action/DeleteKeyAction.java |  44 --
 .../admin/service/impl/StandardKeyService.java     | 165 -----
 .../src/main/java/org/apache/nifi/key/Key.java     |  78 ---
 .../main/resources/nifi-administration-context.xml |  16 -
 .../replication/ThreadPoolRequestReplicator.java   |   7 +-
 .../nifi-framework/nifi-resources/pom.xml          |   1 +
 .../src/main/resources/conf/nifi.properties        |   1 +
 .../apache/nifi/web/CsrfCookieRequestMatcher.java  |   6 +-
 .../apache/nifi/web/NiFiWebApiConfiguration.java   |   7 +-
 .../nifi/web/NiFiWebApiSecurityConfiguration.java  |  48 +-
 .../org/apache/nifi/web/api/AccessResource.java    |  90 ++-
 .../apache/nifi/web/api/ApplicationResource.java   |   4 +-
 .../apache/nifi/web/api/OIDCAccessResource.java    |  18 +-
 .../src/main/resources/nifi-web-api-context.xml    |   6 +-
 .../accesscontrol/ITAccessTokenEndpoint.java       | 422 -------------
 .../nifi-web/nifi-web-security/pom.xml             |  21 +-
 .../web/security/NiFiAuthenticationFilter.java     |  34 +-
 .../AuthenticationSecurityConfiguration.java       |  82 +++
 .../JwtAuthenticationSecurityConfiguration.java    | 208 +++++++
 ...erberosAuthenticationSecurityConfiguration.java |  46 ++
 .../KnoxAuthenticationSecurityConfiguration.java   |  57 ++
 .../OidcAuthenticationSecurityConfiguration.java   |  49 ++
 .../SamlAuthenticationSecurityConfiguration.java   |  72 +++
 .../X509AuthenticationSecurityConfiguration.java   |  84 +++
 .../web/security/http/SecurityCookieName.java}     |  24 +-
 .../nifi/web/security/http/SecurityHeader.java}    |  24 +-
 .../web/security/jwt/JwtAuthenticationFilter.java  |  50 --
 .../security/jwt/JwtAuthenticationProvider.java    |  83 ---
 .../jwt/JwtAuthenticationRequestToken.java         |  59 --
 .../apache/nifi/web/security/jwt/JwtService.java   | 208 -------
 .../web/security/jwt/NiFiBearerTokenResolver.java  |  70 ---
 .../StandardJwtAuthenticationConverter.java        |  80 +++
 .../web/security/jwt/jws/JwsSignerContainer.java   |  51 ++
 .../JwsSignerProvider.java}                        |  20 +-
 .../SignerListener.java}                           |  19 +-
 .../web/security/jwt/jws/SigningKeyListener.java}  |  24 +-
 .../security/jwt/jws/StandardJWSKeySelector.java   |  54 ++
 .../jwt/jws/StandardJwsSignerProvider.java         |  67 ++
 .../jwt/key/StandardVerificationKeySelector.java   |  85 +++
 .../security/jwt/key/VerificationKeyListener.java} |  24 +-
 .../VerificationKeySelector.java}                  |  21 +-
 .../jwt/key/command/KeyExpirationCommand.java      |  45 ++
 .../jwt/key/command/KeyGenerationCommand.java      |  78 +++
 .../service/StandardVerificationKeyService.java    | 187 ++++++
 .../security/jwt/key/service/VerificationKey.java  |  64 ++
 .../jwt/key/service/VerificationKeyService.java}   |  42 +-
 .../BearerTokenProvider.java}                      |  20 +-
 .../jwt/provider/StandardBearerTokenProvider.java  | 110 ++++
 .../web/security/jwt/provider/SupportedClaim.java} |  48 +-
 .../jwt/resolver/StandardBearerTokenResolver.java  |  61 ++
 .../jwt/revocation/JwtLogoutListener.java}         |  21 +-
 .../jwt/revocation/JwtRevocationService.java}      |  32 +-
 .../jwt/revocation/JwtRevocationValidator.java     |  52 ++
 .../jwt/revocation/StandardJwtLogoutListener.java  |  50 ++
 .../revocation/StandardJwtRevocationService.java   | 110 ++++
 .../command/RevocationExpirationCommand.java       |  45 ++
 .../web/security/knox/KnoxServiceFactoryBean.java  |   2 +-
 .../oidc/StandardOidcIdentityProvider.java         |  17 +-
 .../saml/impl/StandardSAMLStateManager.java        |  22 +-
 .../spring/LoginIdentityProviderFactoryBean.java   |   3 -
 .../main/resources/nifi-web-security-context.xml   | 119 ----
 .../web/security/oidc/OidcServiceGroovyTest.groovy |  41 +-
 .../StandardOidcIdentityProviderGroovyTest.groovy  |  51 +-
 .../jwt/JwtAuthenticationProviderTest.java         | 282 ---------
 .../nifi/web/security/jwt/JwtServiceTest.java      | 682 ---------------------
 .../security/jwt/NiFiBearerTokenResolverTest.java  | 124 ----
 .../nifi/web/security/jwt/TestKeyService.java      |  71 ---
 .../StandardJwtAuthenticationConverterTest.java    | 121 ++++
 .../jwt/jws/StandardJwsSignerProviderTest.java     |  70 +++
 .../jwt/key/command/KeyGenerationCommandTest.java  |  76 +++
 .../StandardVerificationKeyServiceTest.java        | 133 ++++
 .../provider/StandardBearerTokenProviderTest.java  | 109 ++++
 .../resolver/StandardBearerTokenResolverTest.java  |  77 +++
 .../jwt/revocation/JwtRevocationValidatorTest.java |  70 +++
 .../revocation/StandardJwtLogoutListenerTest.java  |  78 +++
 .../StandardJwtRevocationServiceTest.java          | 108 ++++
 .../saml/impl/TestStandardSAMLStateManager.java    |  10 +-
 nifi-nar-bundles/nifi-framework-bundle/pom.xml     |  35 +-
 86 files changed, 2939 insertions(+), 3224 deletions(-)
 delete mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/admin/KeyDataSourceFactoryBean.java
 delete mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/admin/dao/impl/StandardKeyDAO.java
 delete mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/admin/service/action/DeleteKeyAction.java
 delete mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/admin/service/impl/StandardKeyService.java
 delete mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-administration/src/main/java/org/apache/nifi/key/Key.java
 delete mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/test/java/org/apache/nifi/integration/accesscontrol/ITAccessTokenEndpoint.java
 create mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/configuration/AuthenticationSecurityConfiguration.java
 create mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/configuration/JwtAuthenticationSecurityConfiguration.java
 create mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/configuration/KerberosAuthenticationSecurityConfiguration.java
 create mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/configuration/KnoxAuthenticationSecurityConfiguration.java
 create mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/configuration/OidcAuthenticationSecurityConfiguration.java
 create mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/configuration/SamlAuthenticationSecurityConfiguration.java
 create mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/configuration/X509AuthenticationSecurityConfiguration.java
 rename 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/{nifi-administration/src/main/java/org/apache/nifi/admin/service/action/GetKeyByIdAction.java
 => 
nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/http/SecurityCookieName.java}
 (61%)
 rename 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/{nifi-administration/src/main/java/org/apache/nifi/admin/service/action/GetKeyByIdentityAction.java
 => 
nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/http/SecurityHeader.java}
 (58%)
 delete mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/jwt/JwtAuthenticationFilter.java
 delete mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/jwt/JwtAuthenticationProvider.java
 delete mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/jwt/JwtAuthenticationRequestToken.java
 delete mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/jwt/JwtService.java
 delete mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/jwt/NiFiBearerTokenResolver.java
 create mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/jwt/converter/StandardJwtAuthenticationConverter.java
 create mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/jwt/jws/JwsSignerContainer.java
 copy 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/jwt/{BearerTokenResolver.java
 => jws/JwsSignerProvider.java} (63%)
 copy 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/jwt/{BearerTokenResolver.java
 => jws/SignerListener.java} (65%)
 copy 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/{nifi-administration/src/main/java/org/apache/nifi/admin/dao/DAOFactory.java
 => 
nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/jwt/jws/SigningKeyListener.java}
 (69%)
 create mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/jwt/jws/StandardJWSKeySelector.java
 create mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/jwt/jws/StandardJwsSignerProvider.java
 create mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/jwt/key/StandardVerificationKeySelector.java
 copy 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/{nifi-administration/src/main/java/org/apache/nifi/admin/dao/DAOFactory.java
 => 
nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/jwt/key/VerificationKeyListener.java}
 (68%)
 copy 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/jwt/{BearerTokenResolver.java
 => key/VerificationKeySelector.java} (63%)
 create mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/jwt/key/command/KeyExpirationCommand.java
 create mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/jwt/key/command/KeyGenerationCommand.java
 create mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/jwt/key/service/StandardVerificationKeyService.java
 create mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/jwt/key/service/VerificationKey.java
 rename 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/{nifi-administration/src/main/java/org/apache/nifi/admin/dao/KeyDAO.java
 => 
nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/jwt/key/service/VerificationKeyService.java}
 (53%)
 rename 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/jwt/{BearerTokenResolver.java
 => provider/BearerTokenProvider.java} (64%)
 create mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/jwt/provider/StandardBearerTokenProvider.java
 rename 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/{nifi-administration/src/main/java/org/apache/nifi/admin/service/action/GetOrCreateKeyAction.java
 => 
nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/jwt/provider/SupportedClaim.java}
 (51%)
 create mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/jwt/resolver/StandardBearerTokenResolver.java
 copy 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/{nifi-administration/src/main/java/org/apache/nifi/admin/dao/DAOFactory.java
 => 
nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/jwt/revocation/JwtLogoutListener.java}
 (76%)
 rename 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/{nifi-administration/src/main/java/org/apache/nifi/admin/service/KeyService.java
 => 
nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/jwt/revocation/JwtRevocationService.java}
 (55%)
 create mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/jwt/revocation/JwtRevocationValidator.java
 create mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/jwt/revocation/StandardJwtLogoutListener.java
 create mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/jwt/revocation/StandardJwtRevocationService.java
 create mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/jwt/revocation/command/RevocationExpirationCommand.java
 delete mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/resources/nifi-web-security-context.xml
 delete mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/test/java/org/apache/nifi/web/security/jwt/JwtAuthenticationProviderTest.java
 delete mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/test/java/org/apache/nifi/web/security/jwt/JwtServiceTest.java
 delete mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/test/java/org/apache/nifi/web/security/jwt/NiFiBearerTokenResolverTest.java
 delete mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/test/java/org/apache/nifi/web/security/jwt/TestKeyService.java
 create mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/test/java/org/apache/nifi/web/security/jwt/converter/StandardJwtAuthenticationConverterTest.java
 create mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/test/java/org/apache/nifi/web/security/jwt/jws/StandardJwsSignerProviderTest.java
 create mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/test/java/org/apache/nifi/web/security/jwt/key/command/KeyGenerationCommandTest.java
 create mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/test/java/org/apache/nifi/web/security/jwt/key/service/StandardVerificationKeyServiceTest.java
 create mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/test/java/org/apache/nifi/web/security/jwt/provider/StandardBearerTokenProviderTest.java
 create mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/test/java/org/apache/nifi/web/security/jwt/resolver/StandardBearerTokenResolverTest.java
 create mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/test/java/org/apache/nifi/web/security/jwt/revocation/JwtRevocationValidatorTest.java
 create mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/test/java/org/apache/nifi/web/security/jwt/revocation/StandardJwtLogoutListenerTest.java
 create mode 100644 
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/test/java/org/apache/nifi/web/security/jwt/revocation/StandardJwtRevocationServiceTest.java

[nifi] branch main updated (9bcbf83 -> a652280)

Reply via email to