Better injection support
Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/2b9950f6 Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/2b9950f6 Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/2b9950f6 Branch: refs/heads/master Commit: 2b9950f66edc5ffb845b1400155c0aa2be0e858f Parents: 1ad96bb Author: Jean-Louis Monteiro <jeano...@gmail.com> Authored: Tue Feb 27 14:20:49 2018 +0100 Committer: Jean-Louis Monteiro <jeano...@gmail.com> Committed: Tue Feb 27 14:20:49 2018 +0100 ---------------------------------------------------------------------- .../tomee/microprofile/jwt/MPJWTFilter.java | 12 ++++++++++ .../jwt/cdi/ClaimValueProducer.java | 11 ++++++--- .../microprofile/jwt/cdi/JsonValueProducer.java | 1 + .../jwt/cdi/RawClaimTypeProducer.java | 24 ++++++++++++++++---- .../principal/DefaultJWTCallerPrincipal.java | 2 +- 5 files changed, 41 insertions(+), 9 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/tomee/blob/2b9950f6/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java ---------------------------------------------------------------------- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java index 752bcda..ebed96d 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java @@ -32,8 +32,10 @@ import javax.servlet.ServletResponse; import javax.servlet.annotation.WebFilter; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequestWrapper; +import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.security.Principal; +import java.util.Locale; import java.util.Map; import java.util.Optional; @@ -66,6 +68,16 @@ public class MPJWTFilter implements Filter { // todo not sure what to do with the realm final String authorizationHeader = ((HttpServletRequest) request).getHeader("Authorization"); + if (authorizationHeader == null || authorizationHeader.isEmpty()) { + HttpServletResponse.class.cast(response).sendError(HttpServletResponse.SC_UNAUTHORIZED); + return; + } + + if (!authorizationHeader.toLowerCase(Locale.ENGLISH).startsWith("bearer ")) { + HttpServletResponse.class.cast(response).sendError(HttpServletResponse.SC_UNAUTHORIZED); + return; + } + final String token = authorizationHeader.substring("bearer ".length()); final JsonWebToken jsonWebToken; try { http://git-wip-us.apache.org/repos/asf/tomee/blob/2b9950f6/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueProducer.java ---------------------------------------------------------------------- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueProducer.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueProducer.java index aeed7c8..b0e2e7b 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueProducer.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueProducer.java @@ -47,9 +47,14 @@ public class ClaimValueProducer<T> { boolean isOptional = false; if (matchType instanceof ParameterizedType) { actualType = ((ParameterizedType) matchType).getActualTypeArguments()[0]; - isOptional = matchType.getTypeName().equals(Optional.class.getTypeName()); + + if (actualType instanceof ParameterizedType) { + isOptional = ParameterizedType.class.cast(actualType).getRawType().getTypeName() + .startsWith(Optional.class.getTypeName()); + } + if (isOptional) { - actualType = ((ParameterizedType) matchType).getActualTypeArguments()[0]; + actualType = ((ParameterizedType) actualType).getActualTypeArguments()[0]; } } @@ -62,7 +67,7 @@ public class ClaimValueProducer<T> { return returnValue; } - String getName(final InjectionPoint ip) { + private String getName(final InjectionPoint ip) { String name = null; for (Annotation ann : ip.getQualifiers()) { if (ann instanceof Claim) { http://git-wip-us.apache.org/repos/asf/tomee/blob/2b9950f6/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/JsonValueProducer.java ---------------------------------------------------------------------- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/JsonValueProducer.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/JsonValueProducer.java index af15b89..645b41b 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/JsonValueProducer.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/JsonValueProducer.java @@ -29,6 +29,7 @@ import javax.json.JsonString; import javax.json.JsonValue; import java.lang.annotation.Annotation; import java.util.Optional; +import java.util.Set; public class JsonValueProducer { http://git-wip-us.apache.org/repos/asf/tomee/blob/2b9950f6/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/RawClaimTypeProducer.java ---------------------------------------------------------------------- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/RawClaimTypeProducer.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/RawClaimTypeProducer.java index 55b6324..fbc037b 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/RawClaimTypeProducer.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/RawClaimTypeProducer.java @@ -25,7 +25,9 @@ import javax.enterprise.inject.spi.InjectionPoint; import javax.inject.Inject; import javax.inject.Named; import java.lang.annotation.Annotation; +import java.util.HashSet; import java.util.Optional; +import java.util.Set; public class RawClaimTypeProducer { @@ -34,13 +36,26 @@ public class RawClaimTypeProducer { @Produces @Claim("") + public Set<String> getSetOfString(final InjectionPoint ip) { + final String name = getName(ip); + ClaimValue<Optional<String>> cv = producer.generalClaimValueProducer(name); + Optional<String> value = cv.getValue(); + if (value.isPresent()) { + return new HashSet<String>() {{ + add(value.get()); + }}; + } + return null; + } + + @Produces + @Claim("") @Named("RawClaimTypeProducer#getValue") public Object getValue(final InjectionPoint ip) { String name = getName(ip); ClaimValue<Optional<Object>> cv = producer.generalClaimValueProducer(name); Optional<Object> value = cv.getValue(); - Object returnValue = value.orElse(null); - return returnValue; + return value.orElse(null); } @Produces @@ -49,11 +64,10 @@ public class RawClaimTypeProducer { public Optional getOptionalValue(final InjectionPoint ip) { String name = getName(ip); ClaimValue<Optional<Object>> cv = producer.generalClaimValueProducer(name); - Optional<Object> value = cv.getValue(); - return value; + return cv.getValue(); } - String getName(final InjectionPoint ip) { + private String getName(final InjectionPoint ip) { String name = null; for (Annotation ann : ip.getQualifiers()) { if (ann instanceof Claim) { http://git-wip-us.apache.org/repos/asf/tomee/blob/2b9950f6/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/principal/DefaultJWTCallerPrincipal.java ---------------------------------------------------------------------- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/principal/DefaultJWTCallerPrincipal.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/principal/DefaultJWTCallerPrincipal.java index 47c6ad3..e077ca4 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/principal/DefaultJWTCallerPrincipal.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/principal/DefaultJWTCallerPrincipal.java @@ -76,7 +76,7 @@ public class DefaultJWTCallerPrincipal extends JWTCallerPrincipal { } catch (MalformedClaimException e1) { } } - return audSet; + return audSet.isEmpty() ? null : audSet; } @Override