TOMEE-2247 - Read key from http. Test not passing yet due to hardcoded urls.
Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/72725a59 Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/72725a59 Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/72725a59 Branch: refs/heads/master Commit: 72725a593868f68b3216795b6cc2ebeedf08aa0d Parents: bb3984b Author: Roberto Cortez <[email protected]> Authored: Thu Sep 13 01:08:06 2018 +0100 Committer: Roberto Cortez <[email protected]> Committed: Fri Dec 7 18:08:36 2018 +0000 ---------------------------------------------------------------------- .../arquillian/common/TomEEContainer.java | 4 ++ .../config/ConfigurableJWTAuthContextInfo.java | 44 ++++++++++++++---- .../jwt/AppDeploymentExtension.java | 49 ++++++++++++++++++-- .../jwt/src/test/resources/arquillian.xml | 2 +- 4 files changed, 85 insertions(+), 14 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/tomee/blob/72725a59/arquillian/arquillian-tomee-common/src/main/java/org/apache/openejb/arquillian/common/TomEEContainer.java ---------------------------------------------------------------------- diff --git a/arquillian/arquillian-tomee-common/src/main/java/org/apache/openejb/arquillian/common/TomEEContainer.java b/arquillian/arquillian-tomee-common/src/main/java/org/apache/openejb/arquillian/common/TomEEContainer.java index 4e2517b..1964ac9 100644 --- a/arquillian/arquillian-tomee-common/src/main/java/org/apache/openejb/arquillian/common/TomEEContainer.java +++ b/arquillian/arquillian-tomee-common/src/main/java/org/apache/openejb/arquillian/common/TomEEContainer.java @@ -79,6 +79,10 @@ public abstract class TomEEContainer<Configuration extends TomEEConfiguration> i this.options = new Options(System.getProperties()); } + public Configuration getConfiguration() { + return configuration; + } + protected void resetSerialization() { if (this.configuration.isUnsafeEjbd() && "-".equals(System.getProperty("tomee.serialization.class.blacklist"))) { System.clearProperty("tomee.serialization.class.blacklist"); http://git-wip-us.apache.org/repos/asf/tomee/blob/72725a59/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/ConfigurableJWTAuthContextInfo.java ---------------------------------------------------------------------- diff --git a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/ConfigurableJWTAuthContextInfo.java b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/ConfigurableJWTAuthContextInfo.java index cd7f2ec..4532336 100644 --- a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/ConfigurableJWTAuthContextInfo.java +++ b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/ConfigurableJWTAuthContextInfo.java @@ -26,6 +26,7 @@ import java.io.IOException; import java.io.InputStream; import java.io.InputStreamReader; import java.io.StringWriter; +import java.net.URL; import java.security.KeyFactory; import java.security.NoSuchAlgorithmException; import java.security.interfaces.RSAPublicKey; @@ -33,12 +34,14 @@ import java.security.spec.InvalidKeySpecException; import java.security.spec.X509EncodedKeySpec; import java.util.Base64; import java.util.Optional; +import java.util.function.Supplier; import java.util.stream.Stream; import static org.eclipse.microprofile.jwt.config.Names.ISSUER; import static org.eclipse.microprofile.jwt.config.Names.VERIFIER_PUBLIC_KEY; import static org.eclipse.microprofile.jwt.config.Names.VERIFIER_PUBLIC_KEY_LOCATION; +// TODO - This cannot be a CDI Bean, because the keys needs to be validated at deployment time. @RequestScoped public class ConfigurableJWTAuthContextInfo { @Inject @@ -71,13 +74,14 @@ public class ConfigurableJWTAuthContextInfo { } private String readPublicKeyFromLocation(final String publicKeyLocation) { - final Stream<Optional<String>> possiblePublicKeysLocations = - Stream.of(readPublicKeyFromClasspath(publicKeyLocation), - readPublicKeyFromFile(publicKeyLocation), - readPublicKeyFromHttp(publicKeyLocation), - readPublicKeyFromUrl(publicKeyLocation)); + final Stream<Supplier<Optional<String>>> possiblePublicKeysLocations = + Stream.of(() -> readPublicKeyFromClasspath(publicKeyLocation), + () -> readPublicKeyFromFile(publicKeyLocation), + () -> readPublicKeyFromHttp(publicKeyLocation), + () -> readPublicKeyFromUrl(publicKeyLocation)); return possiblePublicKeysLocations + .map(Supplier::get) .filter(Optional::isPresent) .map(Optional::get) .findFirst() @@ -93,16 +97,16 @@ public class ConfigurableJWTAuthContextInfo { return Optional.empty(); } - final StringWriter sw = new StringWriter(); + final StringWriter content = new StringWriter(); try (final BufferedReader br = new BufferedReader(new InputStreamReader(is))) { String line = br.readLine(); while (line != null) { - sw.write(line); - sw.write('\n'); + content.write(line); + content.write('\n'); line = br.readLine(); } } - return Optional.of(sw.toString()); + return Optional.of(content.toString()); } catch (final IOException e) { throw new DeploymentException( "Could not read MicroProfile Public Key from Location: " + publicKeyLocation, e); @@ -114,7 +118,27 @@ public class ConfigurableJWTAuthContextInfo { } private Optional<String> readPublicKeyFromHttp(final String publicKeyLocation) { - return Optional.empty(); + if (!publicKeyLocation.startsWith("http")) { + return Optional.empty(); + } + + try { + final URL locationURL = new URL(publicKeyLocation); + + final StringWriter content = new StringWriter(); + try (final BufferedReader reader = new BufferedReader(new InputStreamReader(locationURL.openStream()))) { + String line = reader.readLine(); + while (line != null) { + content.write(line); + content.write('\n'); + line = reader.readLine(); + } + } + return Optional.of(content.toString()); + } catch (final IOException e) { + throw new DeploymentException( + "Could not read MicroProfile Public Key from Location: " + publicKeyLocation, e); + } } private Optional<String> readPublicKeyFromUrl(final String publicKeyLocation) { http://git-wip-us.apache.org/repos/asf/tomee/blob/72725a59/tck/microprofile-tck/jwt/src/test/java/org/apache/tomee/microprofile/jwt/AppDeploymentExtension.java ---------------------------------------------------------------------- diff --git a/tck/microprofile-tck/jwt/src/test/java/org/apache/tomee/microprofile/jwt/AppDeploymentExtension.java b/tck/microprofile-tck/jwt/src/test/java/org/apache/tomee/microprofile/jwt/AppDeploymentExtension.java index dd22223..93c6fa6 100644 --- a/tck/microprofile-tck/jwt/src/test/java/org/apache/tomee/microprofile/jwt/AppDeploymentExtension.java +++ b/tck/microprofile-tck/jwt/src/test/java/org/apache/tomee/microprofile/jwt/AppDeploymentExtension.java @@ -2,27 +2,44 @@ package org.apache.tomee.microprofile.jwt; import com.nimbusds.jose.JWSSigner; import org.apache.openejb.loader.JarLocation; +import org.apache.tomee.arquillian.remote.RemoteTomEEConfiguration; +import org.apache.tomee.arquillian.remote.RemoteTomEEContainer; import org.eclipse.microprofile.jwt.tck.TCKConstants; import org.eclipse.microprofile.jwt.tck.config.IssValidationTest; import org.eclipse.microprofile.jwt.tck.config.PublicKeyAsPEMLocationTest; import org.eclipse.microprofile.jwt.tck.config.PublicKeyAsPEMTest; import org.eclipse.microprofile.jwt.tck.util.TokenUtils; +import org.jboss.arquillian.container.spi.Container; +import org.jboss.arquillian.container.spi.ContainerRegistry; +import org.jboss.arquillian.container.spi.client.container.ContainerConfiguration; +import org.jboss.arquillian.container.spi.client.container.DeployableContainer; import org.jboss.arquillian.container.spi.client.deployment.DeploymentDescription; +import org.jboss.arquillian.container.spi.client.deployment.TargetDescription; import org.jboss.arquillian.container.test.impl.client.deployment.AnnotationDeploymentScenarioGenerator; import org.jboss.arquillian.container.test.spi.client.deployment.ApplicationArchiveProcessor; import org.jboss.arquillian.container.test.spi.client.deployment.DeploymentScenarioGenerator; +import org.jboss.arquillian.core.api.Instance; +import org.jboss.arquillian.core.api.annotation.Inject; import org.jboss.arquillian.core.spi.LoadableExtension; import org.jboss.arquillian.test.spi.TestClass; import org.jboss.shrinkwrap.api.Archive; import org.jboss.shrinkwrap.api.ArchivePath; import org.jboss.shrinkwrap.api.Node; import org.jboss.shrinkwrap.api.ShrinkWrap; +import org.jboss.shrinkwrap.api.asset.Asset; import org.jboss.shrinkwrap.api.asset.EmptyAsset; +import org.jboss.shrinkwrap.api.asset.StringAsset; import org.jboss.shrinkwrap.api.spec.WebArchive; +import org.jboss.shrinkwrap.impl.base.NodeImpl; +import java.io.IOException; +import java.io.StringWriter; import java.util.Collections; import java.util.List; import java.util.Map; +import java.util.Properties; +import java.util.function.BiConsumer; +import java.util.function.BiFunction; import java.util.logging.Logger; import java.util.stream.Stream; @@ -68,6 +85,9 @@ public class AppDeploymentExtension implements LoadableExtension { public static class MPJWTTCKArchiveProcess implements ApplicationArchiveProcessor { private static Logger log = Logger.getLogger(MPJWTTCKArchiveProcess.class.getName()); + @Inject + private Instance<ContainerRegistry> containerRegistry; + @Override public void process(final Archive<?> appArchive, final TestClass testClass) { if (!(appArchive instanceof WebArchive)) { @@ -77,9 +97,7 @@ public class AppDeploymentExtension implements LoadableExtension { war.addClass(JWTAuthContextInfoProvider.class); // MP Config in wrong place - See https://github.com/eclipse/microprofile/issues/46. - final Map<ArchivePath, Node> content = - war.getContent( - object -> object.get().matches(".*META-INF/.*")); + final Map<ArchivePath, Node> content = war.getContent(object -> object.get().matches(".*META-INF/.*")); content.forEach((archivePath, node) -> war.addAsResource(node.getAsset(), node.getPath())); // Spec says that vendor specific ways to load the keys take precedence, so we need to remove it in test @@ -92,6 +110,31 @@ public class AppDeploymentExtension implements LoadableExtension { .findAny() .ifPresent(c -> war.deleteClass(JWTAuthContextInfoProvider.class)); + // Rewrite the correct server port in configuration + final Container container = containerRegistry.get().getContainer(TargetDescription.DEFAULT); + if (container.getDeployableContainer() instanceof RemoteTomEEContainer) { + final RemoteTomEEContainer remoteTomEEContainer = + (RemoteTomEEContainer) container.getDeployableContainer(); + final RemoteTomEEConfiguration configuration = remoteTomEEContainer.getConfiguration(); + final String httpPort = configuration.getHttpPort() + ""; + + final Map<ArchivePath, Node> microprofileProperties = + war.getContent(object -> object.get().matches(".*META-INF/microprofile-config\\.properties")); + microprofileProperties.forEach((archivePath, node) -> { + try { + final Properties properties = new Properties(); + properties.load(node.getAsset().openStream()); + properties.replaceAll((key, value) -> ((String) value).replaceAll("8080", httpPort)); + final StringWriter stringWriter = new StringWriter(); + properties.store(stringWriter, null); + war.delete(archivePath); + war.add(new StringAsset(stringWriter.toString()), node.getPath()); + } catch (final IOException e) { + e.printStackTrace(); + } + }); + } + log.info("Augmented war: \n"+war.toString(true)); } } http://git-wip-us.apache.org/repos/asf/tomee/blob/72725a59/tck/microprofile-tck/jwt/src/test/resources/arquillian.xml ---------------------------------------------------------------------- diff --git a/tck/microprofile-tck/jwt/src/test/resources/arquillian.xml b/tck/microprofile-tck/jwt/src/test/resources/arquillian.xml index e14a14b..7009d05 100644 --- a/tck/microprofile-tck/jwt/src/test/resources/arquillian.xml +++ b/tck/microprofile-tck/jwt/src/test/resources/arquillian.xml @@ -24,7 +24,7 @@ <container qualifier="tomee-remote" default="true"> <configuration> <property name="debug">false</property> - <property name="httpPort">-1</property> + <property name="httpPort">8080</property> <property name="ajpPort">-1</property> <property name="stopPort">-1</property> <property name="classifier">microprofile</property>
