Incorporate feedback and cleanup
Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/0340cef2 Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/0340cef2 Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/0340cef2 Branch: refs/heads/master Commit: 0340cef2d96a83349c2ad44eae86da27ada23746 Parents: 898c821 Author: Jean-Louis Monteiro <jeano...@gmail.com> Authored: Wed Mar 7 11:26:30 2018 +0100 Committer: Jean-Louis Monteiro <jeano...@gmail.com> Committed: Wed Mar 7 11:26:30 2018 +0100 ---------------------------------------------------------------------- .../tomee/microprofile/jwt/MPJWTFilter.java | 19 +++---- .../microprofile/jwt/MPJWTInitializer.java | 5 +- .../tomee/microprofile/jwt/cdi/ClaimBean.java | 54 ++++++++++---------- .../jwt/cdi/ClaimInjectionPoint.java | 5 +- .../microprofile/jwt/cdi/ClaimValueWrapper.java | 2 +- .../microprofile/jwt/cdi/DefaultLiteral.java | 2 +- .../microprofile/jwt/cdi/JsonbProducer.java | 2 +- .../microprofile/jwt/cdi/MPJWTCDIExtension.java | 16 ++---- .../microprofile/jwt/cdi/MPJWTProducer.java | 4 +- .../jwt/config/JWTAuthContextInfo.java | 8 +-- .../jwt/jaxrs/MPJWPProviderRegistration.java | 4 +- .../MPJWTSecurityAnnotationsInterceptor.java | 4 +- ...TSecurityAnnotationsInterceptorsFeature.java | 12 ++--- .../principal/DefaultJWTCallerPrincipal.java | 4 ++ .../DefaultJWTCallerPrincipalFactory.java | 18 ++++--- .../jwt/principal/JWTCallerPrincipal.java | 4 +- .../principal/JWTCallerPrincipalFactory.java | 8 +-- 17 files changed, 87 insertions(+), 84 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/tomee/blob/0340cef2/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java ---------------------------------------------------------------------- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java index 87ab714..25bf828 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java @@ -54,7 +54,7 @@ public class MPJWTFilter implements Filter { @Override public void init(final FilterConfig filterConfig) throws ServletException { - // get configuration + // nothing so far } @@ -86,7 +86,7 @@ public class MPJWTFilter implements Filter { @Override public void destroy() { - + // nothing to do } private static Function<HttpServletRequest, JsonWebToken> token(final HttpServletRequest httpServletRequest, final JWTAuthContextInfo authContextInfo) { @@ -152,15 +152,12 @@ public class MPJWTFilter implements Filter { // this is so that the MPJWTProducer can find the function and apply it if necessary request.setAttribute(JsonWebToken.class.getName(), tokenFunction); - request.setAttribute("javax.security.auth.subject.callable", new Callable<Subject>() { - @Override - public Subject call() throws Exception { - final Set<Principal> principals = new LinkedHashSet<Principal>(); - final JsonWebToken namePrincipal = tokenFunction.apply(request); - principals.add(namePrincipal); - principals.addAll(namePrincipal.getGroups().stream().map(role -> (Principal) () -> role).collect(Collectors.toList())); - return new Subject(true, principals, Collections.emptySet(), Collections.emptySet()); - } + request.setAttribute("javax.security.auth.subject.callable", (Callable<Subject>) () -> { + final Set<Principal> principals = new LinkedHashSet<>(); + final JsonWebToken namePrincipal = tokenFunction.apply(request); + principals.add(namePrincipal); + principals.addAll(namePrincipal.getGroups().stream().map(role -> (Principal) () -> role).collect(Collectors.toList())); + return new Subject(true, principals, Collections.emptySet(), Collections.emptySet()); }); } http://git-wip-us.apache.org/repos/asf/tomee/blob/0340cef2/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTInitializer.java ---------------------------------------------------------------------- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTInitializer.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTInitializer.java index fb954a5..cede7dc 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTInitializer.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTInitializer.java @@ -36,7 +36,7 @@ public class MPJWTInitializer implements ServletContainerInitializer { public void onStartup(final Set<Class<?>> classes, final ServletContext ctx) throws ServletException { if (classes == null || classes.isEmpty()) { - return; // to classes having @LoginConfig on it + return; // no classe having @LoginConfig on it } for (Class<?> clazz : classes) { @@ -47,7 +47,8 @@ public class MPJWTInitializer implements ServletContainerInitializer { } if (!Application.class.isAssignableFrom(clazz)) { - continue; // do we really want Application? + continue; + // do we really want Application? // See https://github.com/eclipse/microprofile-jwt-auth/issues/70 to clarify this point } http://git-wip-us.apache.org/repos/asf/tomee/blob/0340cef2/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java ---------------------------------------------------------------------- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java index 5f7852f..6c7a00d 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java @@ -81,12 +81,12 @@ public class ClaimBean<T> implements Bean<T>, PassivationCapable { } private Class getRawType(final Type type) { - if (type instanceof Class) { - return (Class) type; + if (Class.class.isInstance(type)) { + return Class.class.cast(type); - } else if (type instanceof ParameterizedType) { - final ParameterizedType paramType = (ParameterizedType) type; - return (Class) paramType.getRawType(); + } else if (ParameterizedType.class.isInstance(type)) { + final ParameterizedType paramType = ParameterizedType.class.cast(type); + return Class.class.cast(paramType.getRawType()); } throw new UnsupportedOperationException("Unsupported type " + type); @@ -162,17 +162,17 @@ public class ClaimBean<T> implements Bean<T>, PassivationCapable { logger.finest(String.format("Found Claim injection with name=%s and for %s", key, ip.toString())); - if (annotated.getBaseType() instanceof ParameterizedType) { - final ParameterizedType paramType = (ParameterizedType) annotated.getBaseType(); + if (ParameterizedType.class.isInstance(annotated.getBaseType())) { + final ParameterizedType paramType = ParameterizedType.class.cast(annotated.getBaseType()); final Type rawType = paramType.getRawType(); - if (rawType instanceof Class && paramType.getActualTypeArguments().length == 1) { + if (Class.class.isInstance(rawType) && paramType.getActualTypeArguments().length == 1) { final Class<?> rawTypeClass = ((Class<?>) rawType); // handle Provider<T> if (rawTypeClass.isAssignableFrom(Provider.class)) { final Type providerType = paramType.getActualTypeArguments()[0]; - if (providerType instanceof ParameterizedType && isOptional((ParameterizedType) providerType)) { + if (ParameterizedType.class.isInstance(providerType) && isOptional(ParameterizedType.class.cast(providerType))) { return (T) Optional.ofNullable(getClaimValue(key)); } return getClaimValue(key); @@ -181,7 +181,7 @@ public class ClaimBean<T> implements Bean<T>, PassivationCapable { // handle Instance<T> if (rawTypeClass.isAssignableFrom(Instance.class)) { final Type instanceType = paramType.getActualTypeArguments()[0]; - if (instanceType instanceof ParameterizedType && isOptional((ParameterizedType) instanceType)) { + if (ParameterizedType.class.isInstance(instanceType) && isOptional(ParameterizedType.class.cast(instanceType))) { return (T) Optional.ofNullable(getClaimValue(key)); } return getClaimValue(key); @@ -192,25 +192,25 @@ public class ClaimBean<T> implements Bean<T>, PassivationCapable { final Type claimValueType = paramType.getActualTypeArguments()[0]; final ClaimValueWrapper claimValueWrapper = new ClaimValueWrapper(key); - if (claimValueType instanceof ParameterizedType && isOptional((ParameterizedType) claimValueType)) { + if (ParameterizedType.class.isInstance(claimValueType) && isOptional(ParameterizedType.class.cast(claimValueType))) { claimValueWrapper.setValue(() -> { final T claimValue = getClaimValue(key); return Optional.ofNullable(claimValue); }); - } else if (claimValueType instanceof ParameterizedType && isSet((ParameterizedType) claimValueType)) { + } else if (ParameterizedType.class.isInstance(claimValueType) && isSet(ParameterizedType.class.cast(claimValueType))) { claimValueWrapper.setValue(() -> { final T claimValue = getClaimValue(key); return claimValue; }); - } else if (claimValueType instanceof ParameterizedType && isList((ParameterizedType) claimValueType)) { + } else if (ParameterizedType.class.isInstance(claimValueType) && isList(ParameterizedType.class.cast(claimValueType))) { claimValueWrapper.setValue(() -> { final T claimValue = getClaimValue(key); return claimValue; }); - } else if (claimValueType instanceof Class) { + } else if (Class.class.isInstance(claimValueType)) { claimValueWrapper.setValue(() -> { final T claimValue = getClaimValue(key); return claimValue; @@ -278,22 +278,22 @@ public class ClaimBean<T> implements Bean<T>, PassivationCapable { private static final String TMP = "tmp"; - private JsonValue wrapValue(Object value) { + private JsonValue wrapValue(final Object value) { JsonValue jsonValue = null; - if (value instanceof JsonValue) { + if (JsonValue.class.isInstance(value)) { // This may already be a JsonValue - jsonValue = (JsonValue) value; + jsonValue = JsonValue.class.cast(value); - } else if (value instanceof String) { + } else if (String.class.isInstance(value)) { jsonValue = Json.createObjectBuilder() .add(TMP, value.toString()) .build() .getJsonString(TMP); - } else if (value instanceof Number) { - final Number number = (Number) value; - if ((number instanceof Long) || (number instanceof Integer)) { + } else if (Number.class.isInstance(value)) { + final Number number = Number.class.cast(value); + if ((Long.class.isInstance(number)) || (Integer.class.isInstance(number))) { jsonValue = Json.createObjectBuilder() .add(TMP, number.longValue()) .build() @@ -306,16 +306,16 @@ public class ClaimBean<T> implements Bean<T>, PassivationCapable { .getJsonNumber(TMP); } - } else if (value instanceof Boolean) { - final Boolean flag = (Boolean) value; + } else if (Boolean.class.isInstance(value)) { + final Boolean flag = Boolean.class.cast(value); jsonValue = flag ? JsonValue.TRUE : JsonValue.FALSE; - } else if (value instanceof Collection) { + } else if (Collection.class.isInstance(value)) { final JsonArrayBuilder arrayBuilder = Json.createArrayBuilder(); - final Collection list = (Collection) value; + final Collection list = Collection.class.cast(value); for (Object element : list) { - if (element instanceof String) { + if (String.class.isInstance(element)) { arrayBuilder.add(element.toString()); } else { @@ -325,7 +325,7 @@ public class ClaimBean<T> implements Bean<T>, PassivationCapable { } jsonValue = arrayBuilder.build(); - } else if (value instanceof Map) { + } else if (Map.class.isInstance(value)) { jsonValue = jsonb.fromJson(jsonb.toJson(value), JsonObject.class); } http://git-wip-us.apache.org/repos/asf/tomee/blob/0340cef2/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimInjectionPoint.java ---------------------------------------------------------------------- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimInjectionPoint.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimInjectionPoint.java index 949e36c..17be756 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimInjectionPoint.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimInjectionPoint.java @@ -25,10 +25,11 @@ import java.lang.reflect.Type; import java.util.Collections; import java.util.Set; -class ClaimInjectionPoint implements InjectionPoint { +public class ClaimInjectionPoint implements InjectionPoint { + private final Bean bean; - ClaimInjectionPoint(Bean bean) { + public ClaimInjectionPoint(final Bean bean) { this.bean = bean; } http://git-wip-us.apache.org/repos/asf/tomee/blob/0340cef2/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueWrapper.java ---------------------------------------------------------------------- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueWrapper.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueWrapper.java index a5a4bb5..2836abd 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueWrapper.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueWrapper.java @@ -47,7 +47,7 @@ public class ClaimValueWrapper<T> implements ClaimValue<T> { public String toString() { return "ClaimValueWrapper{" + "name='" + name + '\'' + - ", value=" + value + + ", value=" + value.get() + '}'; } } \ No newline at end of file http://git-wip-us.apache.org/repos/asf/tomee/blob/0340cef2/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/DefaultLiteral.java ---------------------------------------------------------------------- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/DefaultLiteral.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/DefaultLiteral.java index a084ea3..273ff96 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/DefaultLiteral.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/DefaultLiteral.java @@ -19,6 +19,6 @@ package org.apache.tomee.microprofile.jwt.cdi; import javax.enterprise.inject.Default; import javax.enterprise.util.AnnotationLiteral; -class DefaultLiteral extends AnnotationLiteral<Default> implements Default { +public class DefaultLiteral extends AnnotationLiteral<Default> implements Default { public static final Default INSTANCE = new DefaultLiteral(); } \ No newline at end of file http://git-wip-us.apache.org/repos/asf/tomee/blob/0340cef2/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/JsonbProducer.java ---------------------------------------------------------------------- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/JsonbProducer.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/JsonbProducer.java index a0434ef..59f42c5 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/JsonbProducer.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/JsonbProducer.java @@ -28,7 +28,7 @@ import java.util.logging.Logger; // todo add a qualifier here so we isolate our instance from what applications would do public class JsonbProducer { - private static Logger log = Logger.getLogger(MPJWTCDIExtension.class.getName()); + private static final Logger log = Logger.getLogger(MPJWTCDIExtension.class.getName()); @Produces public Jsonb create() { http://git-wip-us.apache.org/repos/asf/tomee/blob/0340cef2/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/MPJWTCDIExtension.java ---------------------------------------------------------------------- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/MPJWTCDIExtension.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/MPJWTCDIExtension.java index 05b08de..d1019ee 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/MPJWTCDIExtension.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/MPJWTCDIExtension.java @@ -25,7 +25,6 @@ import org.eclipse.microprofile.jwt.Claim; import javax.enterprise.event.Observes; import javax.enterprise.inject.Instance; import javax.enterprise.inject.spi.AfterBeanDiscovery; -import javax.enterprise.inject.spi.AfterDeploymentValidation; import javax.enterprise.inject.spi.BeanManager; import javax.enterprise.inject.spi.BeforeBeanDiscovery; import javax.enterprise.inject.spi.Extension; @@ -39,15 +38,12 @@ import java.util.HashSet; import java.util.Map; import java.util.Set; import java.util.function.Predicate; -import java.util.logging.Logger; import java.util.stream.Collectors; public class MPJWTCDIExtension implements Extension { - private static Logger logger = Logger.getLogger(MPJWTCDIExtension.class.getName()); - - private static final Predicate<InjectionPoint> NOT_PROVIDERS = ip -> (ip.getType() instanceof Class) || (ip.getType() instanceof ParameterizedType && ((ParameterizedType)ip.getType()).getRawType() != Provider.class); - private static final Predicate<InjectionPoint> NOT_INSTANCES = ip -> (ip.getType() instanceof Class) || (ip.getType() instanceof ParameterizedType && ((ParameterizedType)ip.getType()).getRawType() != Instance.class); + private static final Predicate<InjectionPoint> NOT_PROVIDERS = ip -> (Class.class.isInstance(ip.getType())) || (ParameterizedType.class.isInstance(ip.getType()) && ((ParameterizedType) ip.getType()).getRawType() != Provider.class); + private static final Predicate<InjectionPoint> NOT_INSTANCES = ip -> (Class.class.isInstance(ip.getType())) || (ParameterizedType.class.isInstance(ip.getType()) && ((ParameterizedType) ip.getType()).getRawType() != Instance.class); private static final Map<Type, Type> REPLACED_TYPES = new HashMap<>(); static { @@ -76,12 +72,12 @@ public class MPJWTCDIExtension implements Extension { final Set<Type> providerTypes = injectionPoints.stream() .filter(NOT_PROVIDERS.negate()) - .map(ip -> ((ParameterizedType)ip.getType()).getActualTypeArguments()[0]) + .map(ip -> ((ParameterizedType) ip.getType()).getActualTypeArguments()[0]) .collect(Collectors.toSet()); final Set<Type> instanceTypes = injectionPoints.stream() .filter(NOT_INSTANCES.negate()) - .map(ip -> ((ParameterizedType)ip.getType()).getActualTypeArguments()[0]) + .map(ip -> ((ParameterizedType) ip.getType()).getActualTypeArguments()[0]) .collect(Collectors.toSet()); types.addAll(providerTypes); @@ -92,10 +88,6 @@ public class MPJWTCDIExtension implements Extension { .forEach(abd::addBean); } - public void validate(@Observes final AfterDeploymentValidation add) { - // not sure yet if we can eagerly check - } - public void observeBeforeBeanDiscovery(@Observes final BeforeBeanDiscovery bbd, final BeanManager beanManager) { bbd.addAnnotatedType(beanManager.createAnnotatedType(TCKTokenParser.class)); bbd.addAnnotatedType(beanManager.createAnnotatedType(JsonbProducer.class)); http://git-wip-us.apache.org/repos/asf/tomee/blob/0340cef2/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/MPJWTProducer.java ---------------------------------------------------------------------- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/MPJWTProducer.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/MPJWTProducer.java index 453dcff..42034b9 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/MPJWTProducer.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/MPJWTProducer.java @@ -37,10 +37,10 @@ public class MPJWTProducer { public JsonWebToken currentPrincipal() { Objects.requireNonNull(httpServletRequest, "HTTP Servlet Request is required to produce a JSonWebToken principal."); - // not very beatiful, but avoids having the MPJWTFilter setting the request or the principal in a thread local + // not very beautiful, but avoids having the MPJWTFilter setting the request or the principal in a thread local // CDI integration already has one - dunno which approach is the best for now final Object tokenAttribute = httpServletRequest.getAttribute(JsonWebToken.class.getName()); - if (tokenAttribute != null && Function.class.isInstance(tokenAttribute)) { + if (Function.class.isInstance(tokenAttribute)) { return (JsonWebToken) Function.class.cast(tokenAttribute).apply(httpServletRequest); } http://git-wip-us.apache.org/repos/asf/tomee/blob/0340cef2/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/config/JWTAuthContextInfo.java ---------------------------------------------------------------------- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/config/JWTAuthContextInfo.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/config/JWTAuthContextInfo.java index dad5f4d..a969515 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/config/JWTAuthContextInfo.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/config/JWTAuthContextInfo.java @@ -35,7 +35,7 @@ public class JWTAuthContextInfo { this.issuedBy = issuedBy; } - public JWTAuthContextInfo(JWTAuthContextInfo orig) { + public JWTAuthContextInfo(final JWTAuthContextInfo orig) { this.signerKey = orig.signerKey; this.issuedBy = orig.issuedBy; this.expGracePeriodSecs = orig.expGracePeriodSecs; @@ -45,7 +45,7 @@ public class JWTAuthContextInfo { return signerKey; } - public void setSignerKey(RSAPublicKey signerKey) { + public void setSignerKey(final RSAPublicKey signerKey) { this.signerKey = signerKey; } @@ -53,7 +53,7 @@ public class JWTAuthContextInfo { return issuedBy; } - public void setIssuedBy(String issuedBy) { + public void setIssuedBy(final String issuedBy) { this.issuedBy = issuedBy; } @@ -61,7 +61,7 @@ public class JWTAuthContextInfo { return expGracePeriodSecs; } - public void setExpGracePeriodSecs(int expGracePeriodSecs) { + public void setExpGracePeriodSecs(final int expGracePeriodSecs) { this.expGracePeriodSecs = expGracePeriodSecs; } } \ No newline at end of file http://git-wip-us.apache.org/repos/asf/tomee/blob/0340cef2/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWPProviderRegistration.java ---------------------------------------------------------------------- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWPProviderRegistration.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWPProviderRegistration.java index 2102c89..34f152f 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWPProviderRegistration.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWPProviderRegistration.java @@ -24,11 +24,11 @@ import org.apache.tomee.microprofile.jwt.MPJWTFilter; * OpenEJB/TomEE hack to register a new provider on the fly * Could be package in tomee only or done in another way * - * As soon as Roberto is done with the packaging, we can remove all this + * As soon as Roberto is done with the packaging, we can remove all this and providers are going to be scanned automatically */ public class MPJWPProviderRegistration { - public void registerProvider(@Observes final ExtensionProviderRegistration event) { // openejb hack to register the provider + public void registerProvider(@Observes final ExtensionProviderRegistration event) { event.getProviders().add(new MPJWTFilter.MPJWTExceptionMapper()); event.getProviders().add(new MPJWTSecurityAnnotationsInterceptorsFeature()); } http://git-wip-us.apache.org/repos/asf/tomee/blob/0340cef2/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWTSecurityAnnotationsInterceptor.java ---------------------------------------------------------------------- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWTSecurityAnnotationsInterceptor.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWTSecurityAnnotationsInterceptor.java index e6ccd5a..f604e6b 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWTSecurityAnnotationsInterceptor.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWTSecurityAnnotationsInterceptor.java @@ -18,7 +18,9 @@ public class MPJWTSecurityAnnotationsInterceptor implements ContainerRequestFilt private final Set<Method> permitAll; public MPJWTSecurityAnnotationsInterceptor(final javax.ws.rs.container.ResourceInfo resourceInfo, - final ConcurrentMap<Method, Set<String>> rolesAllowed, final Set<Method> denyAll, final Set<Method> permitAll) { + final ConcurrentMap<Method, Set<String>> rolesAllowed, + final Set<Method> denyAll, + final Set<Method> permitAll) { this.resourceInfo = resourceInfo; this.rolesAllowed = rolesAllowed; this.denyAll = denyAll; http://git-wip-us.apache.org/repos/asf/tomee/blob/0340cef2/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWTSecurityAnnotationsInterceptorsFeature.java ---------------------------------------------------------------------- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWTSecurityAnnotationsInterceptorsFeature.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWTSecurityAnnotationsInterceptorsFeature.java index 5a0a00a..58b3203 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWTSecurityAnnotationsInterceptorsFeature.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWTSecurityAnnotationsInterceptorsFeature.java @@ -45,7 +45,7 @@ public class MPJWTSecurityAnnotationsInterceptorsFeature implements DynamicFeatu final boolean hasSecurity = processSecurityAnnotations(resourceInfo.getResourceClass(), resourceInfo.getResourceMethod()); - if (hasSecurity) { + if (hasSecurity) { // no need to add interceptor on the resources that don(t have any security requirements to enforce context.register(new MPJWTSecurityAnnotationsInterceptor(resourceInfo, rolesAllowed, denyAll, permitAll)); } @@ -67,11 +67,11 @@ public class MPJWTSecurityAnnotationsInterceptorsFeature implements DynamicFeatu * Process annotations at the class level */ if (classSecurityAnnotations.size() > 1) { - // todo error to properly handle + throw new IllegalStateException(clazz.getName() + " has more than one security annotation (RolesAllowed, PermitAll, DenyAll)."); } if (methodSecurityAnnotations.size() > 1) { - // todo proper error handling + throw new IllegalStateException(method.toString() + " has more than one security annotation (RolesAllowed, PermitAll, DenyAll)."); } if (methodSecurityAnnotations.size() == 0) { // no need to deal with class level annotations if the method has some @@ -97,9 +97,9 @@ public class MPJWTSecurityAnnotationsInterceptorsFeature implements DynamicFeatu } } - final RolesAllowed mthdRolesAllowed = (RolesAllowed) method.getAnnotation(RolesAllowed.class); - final PermitAll mthdPermitAll = (PermitAll) method.getAnnotation(PermitAll.class); - final DenyAll mthdDenyAll = (DenyAll) method.getAnnotation(DenyAll.class); + final RolesAllowed mthdRolesAllowed = method.getAnnotation(RolesAllowed.class); + final PermitAll mthdPermitAll = method.getAnnotation(PermitAll.class); + final DenyAll mthdDenyAll = method.getAnnotation(DenyAll.class); if (mthdRolesAllowed != null) { Set<String> roles = new HashSet<String>(); http://git-wip-us.apache.org/repos/asf/tomee/blob/0340cef2/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/principal/DefaultJWTCallerPrincipal.java ---------------------------------------------------------------------- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/principal/DefaultJWTCallerPrincipal.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/principal/DefaultJWTCallerPrincipal.java index b0d6a42..661fbde 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/principal/DefaultJWTCallerPrincipal.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/principal/DefaultJWTCallerPrincipal.java @@ -102,6 +102,10 @@ public class DefaultJWTCallerPrincipal extends JWTCallerPrincipal { return new HashSet<>(claimsSet.getClaimNames()); } + public String getRawToken() { + return jwt; + } + @Override public Object getClaim(final String claimName) { Claims claimType = Claims.UNKNOWN; http://git-wip-us.apache.org/repos/asf/tomee/blob/0340cef2/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/principal/DefaultJWTCallerPrincipalFactory.java ---------------------------------------------------------------------- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/principal/DefaultJWTCallerPrincipalFactory.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/principal/DefaultJWTCallerPrincipalFactory.java index 5bcaeed..feb2008 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/principal/DefaultJWTCallerPrincipalFactory.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/principal/DefaultJWTCallerPrincipalFactory.java @@ -42,10 +42,10 @@ public class DefaultJWTCallerPrincipalFactory extends JWTCallerPrincipalFactory @Override public JWTCallerPrincipal parse(final String token, final JWTAuthContextInfo authContextInfo) throws ParseException { - JWTCallerPrincipal principal = null; + JWTCallerPrincipal principal; try { - JwtConsumerBuilder builder = new JwtConsumerBuilder() + final JwtConsumerBuilder builder = new JwtConsumerBuilder() .setRequireExpirationTime() .setRequireSubject() .setSkipDefaultAudienceValidation() @@ -54,15 +54,17 @@ public class DefaultJWTCallerPrincipalFactory extends JWTCallerPrincipalFactory .setJwsAlgorithmConstraints( new AlgorithmConstraints(AlgorithmConstraints.ConstraintType.WHITELIST, AlgorithmIdentifiers.RSA_USING_SHA256)); + if (authContextInfo.getExpGracePeriodSecs() > 0) { builder.setAllowedClockSkewInSeconds(authContextInfo.getExpGracePeriodSecs()); + } else { builder.setEvaluationTime(NumericDate.fromSeconds(0)); } - JwtConsumer jwtConsumer = builder.build(); - JwtContext jwtContext = jwtConsumer.process(token); - String type = jwtContext.getJoseObjects().get(0).getHeader("typ"); + final JwtConsumer jwtConsumer = builder.build(); + final JwtContext jwtContext = jwtConsumer.process(token); + final String type = jwtContext.getJoseObjects().get(0).getHeader("typ"); // Validate the JWT and process it to the Claims jwtConsumer.processContext(jwtContext); JwtClaims claimsSet = jwtContext.getJwtClaims(); @@ -77,9 +79,11 @@ public class DefaultJWTCallerPrincipalFactory extends JWTCallerPrincipalFactory } claimsSet.setClaim(Claims.raw_token.name(), token); principal = new DefaultJWTCallerPrincipal(token, type, claimsSet, principalName); - } catch (InvalidJwtException e) { + + } catch (final InvalidJwtException e) { throw new ParseException("Failed to verify token", e); - } catch (MalformedClaimException e) { + + } catch (final MalformedClaimException e) { throw new ParseException("Failed to verify token claims", e); } http://git-wip-us.apache.org/repos/asf/tomee/blob/0340cef2/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/principal/JWTCallerPrincipal.java ---------------------------------------------------------------------- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/principal/JWTCallerPrincipal.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/principal/JWTCallerPrincipal.java index 26d9406..d8e3c4c 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/principal/JWTCallerPrincipal.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/principal/JWTCallerPrincipal.java @@ -34,7 +34,7 @@ public abstract class JWTCallerPrincipal implements JsonWebToken { * * @param name - caller's name */ - public JWTCallerPrincipal(String name) { + public JWTCallerPrincipal(final String name) { this.name = name; } @@ -50,7 +50,7 @@ public abstract class JWTCallerPrincipal implements JsonWebToken { * JsonWebToken interface be displayed. * @return human readable presentation of the caller principal and associated JWT. */ - public abstract String toString(boolean showAll); + public abstract String toString(final boolean showAll); public <T> Optional<T> claim(final String claimName) { final T claim = (T) getClaim(claimName); http://git-wip-us.apache.org/repos/asf/tomee/blob/0340cef2/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/principal/JWTCallerPrincipalFactory.java ---------------------------------------------------------------------- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/principal/JWTCallerPrincipalFactory.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/principal/JWTCallerPrincipalFactory.java index 51ca256..e7ebcd6 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/principal/JWTCallerPrincipalFactory.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/principal/JWTCallerPrincipalFactory.java @@ -28,6 +28,7 @@ import java.util.ServiceLoader; * The factory class that provides the token string to JWTCallerPrincipal parsing for a given implementation. */ public abstract class JWTCallerPrincipalFactory { + private static JWTCallerPrincipalFactory instance; /** @@ -100,7 +101,8 @@ public abstract class JWTCallerPrincipalFactory { instance = spi; } } - } catch (Throwable e) { + + } catch (final Throwable e) { System.err.printf("Warning: %s\n", e.getMessage()); } } @@ -112,7 +114,7 @@ public abstract class JWTCallerPrincipalFactory { * * @param resolver the instance to use. */ - public static void setInstance(JWTCallerPrincipalFactory resolver) { + public static void setInstance(final JWTCallerPrincipalFactory resolver) { instance = resolver; } @@ -123,5 +125,5 @@ public abstract class JWTCallerPrincipalFactory { * @return A JWTCallerPrincipal representation for the token. * @throws ParseException on parse or verification failure. */ - public abstract JWTCallerPrincipal parse(String token, JWTAuthContextInfo authContextInfo) throws ParseException; + public abstract JWTCallerPrincipal parse(final String token, final JWTAuthContextInfo authContextInfo) throws ParseException; } \ No newline at end of file