[27/38] tomee git commit: Fix Provider and Instance
Fix Provider and Instance Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/7b0c434d Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/7b0c434d Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/7b0c434d Branch: refs/heads/master Commit: 7b0c434dbe42c80d1bb276e7f24d27cee2ea6b74 Parents: cfc2ae1 Author: Jean-Louis MonteiroAuthored: Fri Mar 2 16:20:21 2018 +0100 Committer: Jean-Louis Monteiro Committed: Fri Mar 2 16:20:21 2018 +0100 -- .../org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java| 8 +++- tck/mp-jwt-embedded/src/test/resources/dev.xml | 9 ++--- 2 files changed, 9 insertions(+), 8 deletions(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/7b0c434d/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java -- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java index 0b6f3de..0d3488a 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java @@ -169,12 +169,18 @@ public class ClaimBean implements Bean, PassivationCapable { // handle Provider if (rawTypeClass.isAssignableFrom(Provider.class)) { final Type providerType = paramType.getActualTypeArguments()[0]; +if (providerType instanceof ParameterizedType && isOptional((ParameterizedType) providerType)) { +return (T) Optional.ofNullable(getClaimValue(key)); +} return getClaimValue(key); } // handle Instance if (rawTypeClass.isAssignableFrom(Instance.class)) { final Type instanceType = paramType.getActualTypeArguments()[0]; +if (instanceType instanceof ParameterizedType && isOptional((ParameterizedType) instanceType)) { +return (T) Optional.ofNullable(getClaimValue(key)); +} return getClaimValue(key); } @@ -231,7 +237,7 @@ public class ClaimBean implements Bean, PassivationCapable { return getClaimValue(key); } -throw new IllegalStateException("Unhandled ClaimValue type"); +throw new IllegalStateException("Unhandled Claim type " + annotated.getBaseType()); } public static String getClaimKey(final Claim claim) { http://git-wip-us.apache.org/repos/asf/tomee/blob/7b0c434d/tck/mp-jwt-embedded/src/test/resources/dev.xml -- diff --git a/tck/mp-jwt-embedded/src/test/resources/dev.xml b/tck/mp-jwt-embedded/src/test/resources/dev.xml index b10e250..3814456 100644 --- a/tck/mp-jwt-embedded/src/test/resources/dev.xml +++ b/tck/mp-jwt-embedded/src/test/resources/dev.xml @@ -41,7 +41,6 @@ - - - - +
[21/38] tomee git commit: Better injection support
Better injection support Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/2b9950f6 Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/2b9950f6 Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/2b9950f6 Branch: refs/heads/master Commit: 2b9950f66edc5ffb845b1400155c0aa2be0e858f Parents: 1ad96bb Author: Jean-Louis MonteiroAuthored: Tue Feb 27 14:20:49 2018 +0100 Committer: Jean-Louis Monteiro Committed: Tue Feb 27 14:20:49 2018 +0100 -- .../tomee/microprofile/jwt/MPJWTFilter.java | 12 ++ .../jwt/cdi/ClaimValueProducer.java | 11 ++--- .../microprofile/jwt/cdi/JsonValueProducer.java | 1 + .../jwt/cdi/RawClaimTypeProducer.java | 24 .../principal/DefaultJWTCallerPrincipal.java| 2 +- 5 files changed, 41 insertions(+), 9 deletions(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/2b9950f6/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java -- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java index 752bcda..ebed96d 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java @@ -32,8 +32,10 @@ import javax.servlet.ServletResponse; import javax.servlet.annotation.WebFilter; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequestWrapper; +import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.security.Principal; +import java.util.Locale; import java.util.Map; import java.util.Optional; @@ -66,6 +68,16 @@ public class MPJWTFilter implements Filter { // todo not sure what to do with the realm final String authorizationHeader = ((HttpServletRequest) request).getHeader("Authorization"); +if (authorizationHeader == null || authorizationHeader.isEmpty()) { + HttpServletResponse.class.cast(response).sendError(HttpServletResponse.SC_UNAUTHORIZED); +return; +} + +if (!authorizationHeader.toLowerCase(Locale.ENGLISH).startsWith("bearer ")) { + HttpServletResponse.class.cast(response).sendError(HttpServletResponse.SC_UNAUTHORIZED); +return; +} + final String token = authorizationHeader.substring("bearer ".length()); final JsonWebToken jsonWebToken; try { http://git-wip-us.apache.org/repos/asf/tomee/blob/2b9950f6/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueProducer.java -- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueProducer.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueProducer.java index aeed7c8..b0e2e7b 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueProducer.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueProducer.java @@ -47,9 +47,14 @@ public class ClaimValueProducer { boolean isOptional = false; if (matchType instanceof ParameterizedType) { actualType = ((ParameterizedType) matchType).getActualTypeArguments()[0]; -isOptional = matchType.getTypeName().equals(Optional.class.getTypeName()); + +if (actualType instanceof ParameterizedType) { +isOptional = ParameterizedType.class.cast(actualType).getRawType().getTypeName() +.startsWith(Optional.class.getTypeName()); +} + if (isOptional) { -actualType = ((ParameterizedType) matchType).getActualTypeArguments()[0]; +actualType = ((ParameterizedType) actualType).getActualTypeArguments()[0]; } } @@ -62,7 +67,7 @@ public class ClaimValueProducer { return returnValue; } -String getName(final InjectionPoint ip) { +private String getName(final InjectionPoint ip) { String name = null; for (Annotation ann : ip.getQualifiers()) { if (ann instanceof Claim) { http://git-wip-us.apache.org/repos/asf/tomee/blob/2b9950f6/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/JsonValueProducer.java -- diff --git
[3/4] tomee git commit: Some refactoring to remove Java 8 lambdas
Some refactoring to remove Java 8 lambdas Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/72c08321 Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/72c08321 Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/72c08321 Branch: refs/heads/master Commit: 72c0832184c4354627cb97a52f557e6d0ffb4aa2 Parents: 09ca434 Author: Jean-Louis MonteiroAuthored: Tue Apr 17 01:27:50 2018 +0200 Committer: Jean-Louis Monteiro Committed: Tue Apr 17 01:27:50 2018 +0200 -- mp-jwt/pom.xml | 93 + .../tomee/microprofile/jwt/MPJWTFilter.java | 271 ++ .../microprofile/jwt/MPJWTInitializer.java | 64 .../tomee/microprofile/jwt/ParseException.java | 32 ++ .../tomee/microprofile/jwt/cdi/ClaimBean.java | 373 +++ .../jwt/cdi/ClaimInjectionPoint.java| 70 .../microprofile/jwt/cdi/ClaimValueWrapper.java | 53 +++ .../microprofile/jwt/cdi/DefaultLiteral.java| 24 ++ .../microprofile/jwt/cdi/JsonbProducer.java | 46 +++ .../microprofile/jwt/cdi/MPJWTCDIExtension.java | 136 +++ .../microprofile/jwt/cdi/MPJWTProducer.java | 49 +++ .../jwt/config/JWTAuthContextInfo.java | 67 .../jwt/config/JWTAuthContextInfoProvider.java | 61 +++ .../jwt/jaxrs/MPJWPProviderRegistration.java| 36 ++ .../MPJWTSecurityAnnotationsInterceptor.java| 57 +++ ...TSecurityAnnotationsInterceptorsFeature.java | 144 +++ .../principal/DefaultJWTCallerPrincipal.java| 360 ++ .../DefaultJWTCallerPrincipalFactory.java | 92 + .../jwt/principal/JWTCallerPrincipal.java | 59 +++ .../principal/JWTCallerPrincipalFactory.java| 129 +++ mp-jwt/src/main/resources/META-INF/beans.xml| 1 + .../META-INF/org.apache.openejb.extension | 1 + .../javax.enterprise.inject.spi.Extension | 1 + .../javax.servlet.ServletContainerInitializer | 1 + ...file.jwt.principal.JWTCallerPrincipalFactory | 1 + pom.xml | 1 + tck/mp-jwt-embedded/pom.xml | 44 +-- .../tomee/microprofile/jwt/MPJWTFilter.java | 258 - .../microprofile/jwt/MPJWTInitializer.java | 64 .../tomee/microprofile/jwt/ParseException.java | 32 -- .../tomee/microprofile/jwt/cdi/ClaimBean.java | 360 -- .../jwt/cdi/ClaimInjectionPoint.java| 70 .../microprofile/jwt/cdi/ClaimValueWrapper.java | 53 --- .../microprofile/jwt/cdi/DefaultLiteral.java| 24 -- .../microprofile/jwt/cdi/JsonbProducer.java | 46 --- .../microprofile/jwt/cdi/MPJWTCDIExtension.java | 100 - .../microprofile/jwt/cdi/MPJWTProducer.java | 49 --- .../jwt/config/JWTAuthContextInfo.java | 67 .../jwt/config/JWTAuthContextInfoProvider.java | 61 --- .../jwt/jaxrs/MPJWPProviderRegistration.java| 36 -- .../MPJWTSecurityAnnotationsInterceptor.java| 57 --- ...TSecurityAnnotationsInterceptorsFeature.java | 144 --- .../principal/DefaultJWTCallerPrincipal.java| 360 -- .../DefaultJWTCallerPrincipalFactory.java | 92 - .../jwt/principal/JWTCallerPrincipal.java | 59 --- .../principal/JWTCallerPrincipalFactory.java| 129 --- .../src/main/resources/META-INF/beans.xml | 1 - .../META-INF/org.apache.openejb.extension | 1 - .../javax.enterprise.inject.spi.Extension | 1 - .../javax.servlet.ServletContainerInitializer | 1 - ...file.jwt.principal.JWTCallerPrincipalFactory | 1 - 51 files changed, 2225 insertions(+), 2107 deletions(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/72c08321/mp-jwt/pom.xml -- diff --git a/mp-jwt/pom.xml b/mp-jwt/pom.xml new file mode 100644 index 000..adc79c6 --- /dev/null +++ b/mp-jwt/pom.xml @@ -0,0 +1,93 @@ + + +http://maven.apache.org/POM/4.0.0; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance; + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd;> + +tomee-project +org.apache.tomee +7.0.5-SNAPSHOT + + 4.0.0 + mp-jwt + jar + OpenEJB :: Microprofile JWT + + +1.1-SNAPSHOT + + + + + ${project.groupId} + javaee-api + + + ${project.groupId} + openejb-core + ${project.version} + provided + + + ${project.groupId} + openejb-cxf-rs + ${project.version} + provided + + + org.slf4j + slf4j-jdk14 + ${slf4j.version} + test + + + + org.bitbucket.b_c + jose4j + 0.6.0 + + + + org.eclipse.microprofile.jwt +
[4/4] tomee git commit: Fix java compilation issues
Fix java compilation issues Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/387c11af Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/387c11af Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/387c11af Branch: refs/heads/master Commit: 387c11af07b3867f84c4aa65e76a8db89a4a5dc8 Parents: 72c0832 Author: Jean-Louis MonteiroAuthored: Tue Apr 17 01:52:04 2018 +0200 Committer: Jean-Louis Monteiro Committed: Tue Apr 17 01:52:04 2018 +0200 -- .../apache/tomee/microprofile/jwt/cdi/ClaimInjectionPoint.java | 2 +- .../org/apache/tomee/microprofile/jwt/cdi/JsonbProducer.java | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/387c11af/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimInjectionPoint.java -- diff --git a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimInjectionPoint.java b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimInjectionPoint.java index 17be756..2f1fd3d 100644 --- a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimInjectionPoint.java +++ b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimInjectionPoint.java @@ -50,7 +50,7 @@ public class ClaimInjectionPoint implements InjectionPoint { @Override public Set getQualifiers() { -return Collections.singleton(DefaultLiteral.INSTANCE); +return Collections.singleton(DefaultLiteral.INSTANCE); } @Override http://git-wip-us.apache.org/repos/asf/tomee/blob/387c11af/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/cdi/JsonbProducer.java -- diff --git a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/cdi/JsonbProducer.java b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/cdi/JsonbProducer.java index 59f42c5..53a9088 100644 --- a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/cdi/JsonbProducer.java +++ b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/cdi/JsonbProducer.java @@ -20,7 +20,7 @@ import javax.enterprise.context.ApplicationScoped; import javax.enterprise.inject.Disposes; import javax.enterprise.inject.Produces; import javax.json.bind.Jsonb; -import javax.json.bind.JsonbBuilder; +import javax.json.bind.spi.JsonbProvider; import java.util.logging.Level; import java.util.logging.Logger; @@ -32,7 +32,7 @@ public class JsonbProducer { @Produces public Jsonb create() { -return JsonbBuilder.create(); +return JsonbProvider.provider().create().build(); } public void close(@Disposes final Jsonb jsonb) {
[1/4] tomee git commit: Some refactoring to remove Java 8 lambdas
Repository: tomee Updated Branches: refs/heads/master 09ca434d9 -> 387c11af0 http://git-wip-us.apache.org/repos/asf/tomee/blob/72c08321/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/principal/DefaultJWTCallerPrincipal.java -- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/principal/DefaultJWTCallerPrincipal.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/principal/DefaultJWTCallerPrincipal.java deleted file mode 100644 index 661fbde..000 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/principal/DefaultJWTCallerPrincipal.java +++ /dev/null @@ -1,360 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - *http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.tomee.microprofile.jwt.principal; - -import org.eclipse.microprofile.jwt.Claims; -import org.jose4j.jwt.JwtClaims; -import org.jose4j.jwt.MalformedClaimException; - -import javax.json.Json; -import javax.json.JsonArray; -import javax.json.JsonArrayBuilder; -import javax.json.JsonNumber; -import javax.json.JsonObject; -import javax.json.JsonObjectBuilder; -import javax.json.JsonValue; -import javax.security.auth.Subject; -import java.util.Collection; -import java.util.HashSet; -import java.util.List; -import java.util.Map; -import java.util.Set; -import java.util.logging.Level; -import java.util.logging.Logger; - -/** - * A default implementation of JWTCallerPrincipal using jose4j - * Another implementation could use nimbus and another plain JSON-P - */ -public class DefaultJWTCallerPrincipal extends JWTCallerPrincipal { - -private static final Logger logger = Logger.getLogger(DefaultJWTCallerPrincipal.class.getName()); -private final String jwt; -private final String type; -private final JwtClaims claimsSet; - -/** - * Create the DefaultJWTCallerPrincipal from the parsed JWT token and the extracted principal name - * - * @param jwt - the parsed JWT token representation - * @param name - the extracted unqiue name to use as the principal name; from "upn", "preferred_username" or "sub" claim - */ -public DefaultJWTCallerPrincipal(final String jwt, final String type, final JwtClaims claimsSet, final String name) { -super(name); -this.jwt = jwt; -this.type = type; -this.claimsSet = claimsSet; -fixJoseTypes(); -} - -@Override -public Set getAudience() { -final Set audSet = new HashSet<>(); -try { -final List audList = claimsSet.getStringListClaimValue("aud"); -if (audList != null) { -audSet.addAll(audList); -} - -} catch (final MalformedClaimException e) { -try { -final String aud = claimsSet.getStringClaimValue("aud"); -audSet.add(aud); -} catch (final MalformedClaimException e1) { -logger.log(Level.FINEST, "Can't retrieve malformed 'aud' claim.", e); -} -} -return audSet.isEmpty() ? null : audSet; -} - -@Override -public Set getGroups() { -final HashSet groups = new HashSet<>(); -try { -final List globalGroups = claimsSet.getStringListClaimValue("groups"); -if (globalGroups != null) { -groups.addAll(globalGroups); -} - -} catch (final MalformedClaimException e) { -logger.log(Level.FINEST, "Can't retrieve malformed 'groups' claim.", e); -} -return groups; -} - - -@Override -public Set getClaimNames() { -return new HashSet<>(claimsSet.getClaimNames()); -} - -public String getRawToken() { -return jwt; -} - -@Override -public Object getClaim(final String claimName) { -Claims claimType = Claims.UNKNOWN; -Object claim = null; -try { -claimType = Claims.valueOf(claimName); -} catch (IllegalArgumentException e) { -} -// Handle the jose4j NumericDate types and -switch (claimType) { -case exp: -
[2/4] tomee git commit: Some refactoring to remove Java 8 lambdas
http://git-wip-us.apache.org/repos/asf/tomee/blob/72c08321/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/principal/DefaultJWTCallerPrincipalFactory.java -- diff --git a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/principal/DefaultJWTCallerPrincipalFactory.java b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/principal/DefaultJWTCallerPrincipalFactory.java new file mode 100644 index 000..feb2008 --- /dev/null +++ b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/principal/DefaultJWTCallerPrincipalFactory.java @@ -0,0 +1,92 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + *http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.tomee.microprofile.jwt.principal; + +import org.apache.tomee.microprofile.jwt.ParseException; +import org.apache.tomee.microprofile.jwt.config.JWTAuthContextInfo; +import org.eclipse.microprofile.jwt.Claims; +import org.jose4j.jwa.AlgorithmConstraints; +import org.jose4j.jws.AlgorithmIdentifiers; +import org.jose4j.jwt.JwtClaims; +import org.jose4j.jwt.MalformedClaimException; +import org.jose4j.jwt.NumericDate; +import org.jose4j.jwt.consumer.InvalidJwtException; +import org.jose4j.jwt.consumer.JwtConsumer; +import org.jose4j.jwt.consumer.JwtConsumerBuilder; +import org.jose4j.jwt.consumer.JwtContext; + +/** + * A default implementation of the abstract JWTCallerPrincipalFactory that uses the Keycloak token parsing classes. + */ +public class DefaultJWTCallerPrincipalFactory extends JWTCallerPrincipalFactory { + +/** + * Tries to load the JWTAuthContextInfo from CDI if the class level authContextInfo has not been set. + */ +public DefaultJWTCallerPrincipalFactory() { +} + +@Override +public JWTCallerPrincipal parse(final String token, final JWTAuthContextInfo authContextInfo) throws ParseException { +JWTCallerPrincipal principal; + +try { +final JwtConsumerBuilder builder = new JwtConsumerBuilder() +.setRequireExpirationTime() +.setRequireSubject() +.setSkipDefaultAudienceValidation() +.setExpectedIssuer(authContextInfo.getIssuedBy()) +.setVerificationKey(authContextInfo.getSignerKey()) +.setJwsAlgorithmConstraints( +new AlgorithmConstraints(AlgorithmConstraints.ConstraintType.WHITELIST, +AlgorithmIdentifiers.RSA_USING_SHA256)); + +if (authContextInfo.getExpGracePeriodSecs() > 0) { + builder.setAllowedClockSkewInSeconds(authContextInfo.getExpGracePeriodSecs()); + +} else { +builder.setEvaluationTime(NumericDate.fromSeconds(0)); +} + +final JwtConsumer jwtConsumer = builder.build(); +final JwtContext jwtContext = jwtConsumer.process(token); +final String type = jwtContext.getJoseObjects().get(0).getHeader("typ"); +// Validate the JWT and process it to the Claims +jwtConsumer.processContext(jwtContext); +JwtClaims claimsSet = jwtContext.getJwtClaims(); + +// We have to determine the unique name to use as the principal name. It comes from upn, preferred_username, sub in that order +String principalName = claimsSet.getClaimValue("upn", String.class); +if (principalName == null) { +principalName = claimsSet.getClaimValue("preferred_username", String.class); +if (principalName == null) { +principalName = claimsSet.getSubject(); +} +} +claimsSet.setClaim(Claims.raw_token.name(), token); +principal = new DefaultJWTCallerPrincipal(token, type, claimsSet, principalName); + +} catch (final InvalidJwtException e) { +throw new ParseException("Failed to verify token", e); + +} catch (final MalformedClaimException e) { +throw new ParseException("Failed to verify token claims", e); +} + +return principal; +} +} \ No newline at end of file
[30/38] tomee git commit: Revert changes on ExtensionProviderRegistration
Revert changes on ExtensionProviderRegistration Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/ae7c21ea Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/ae7c21ea Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/ae7c21ea Branch: refs/heads/master Commit: ae7c21ea514594031cad102ad871203ef1f6bcb0 Parents: e75018b Author: Jean-Louis MonteiroAuthored: Wed Mar 7 08:12:10 2018 +0100 Committer: Jean-Louis Monteiro Committed: Wed Mar 7 08:12:10 2018 +0100 -- .../apache/openejb/server/cxf/rs/CxfRsHttpListener.java | 2 +- .../cxf/rs/event/ExtensionProviderRegistration.java | 9 + .../microprofile/jwt/jaxrs/MPJWPProviderRegistration.java | 10 -- 3 files changed, 2 insertions(+), 19 deletions(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/ae7c21ea/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/CxfRsHttpListener.java -- diff --git a/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/CxfRsHttpListener.java b/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/CxfRsHttpListener.java index 305a1c1..e10172f 100644 --- a/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/CxfRsHttpListener.java +++ b/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/CxfRsHttpListener.java @@ -1019,7 +1019,7 @@ public class CxfRsHttpListener implements RsHttpListener { } } -SystemInstance.get().fireEvent(new ExtensionProviderRegistration(server, +SystemInstance.get().fireEvent(new ExtensionProviderRegistration( AppFinder.findAppContextOrWeb(Thread.currentThread().getContextClassLoader(), AppFinder.AppContextTransformer.INSTANCE), providers)); if (!providers.isEmpty()) { http://git-wip-us.apache.org/repos/asf/tomee/blob/ae7c21ea/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/event/ExtensionProviderRegistration.java -- diff --git a/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/event/ExtensionProviderRegistration.java b/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/event/ExtensionProviderRegistration.java index 7af089f..cfae25c 100644 --- a/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/event/ExtensionProviderRegistration.java +++ b/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/event/ExtensionProviderRegistration.java @@ -16,7 +16,6 @@ */ package org.apache.openejb.server.cxf.rs.event; -import org.apache.cxf.endpoint.Server; import org.apache.openejb.AppContext; import org.apache.openejb.observer.Event; @@ -26,12 +25,10 @@ import java.util.List; // this event can allow to add/remove/resort providers @Event public class ExtensionProviderRegistration { -private final Server server; private final List providers; private final AppContext appContext; -public ExtensionProviderRegistration(final Server server, final AppContext ctx, final List existings) { -this.server = server; +public ExtensionProviderRegistration(final AppContext ctx, final List existings) { this.appContext = ctx; this.providers = existings; } @@ -44,10 +41,6 @@ public class ExtensionProviderRegistration { return providers; } -public Server getServer() { -return server; -} - @Override public String toString() { return "ExtensionProviderRegistration{}"; http://git-wip-us.apache.org/repos/asf/tomee/blob/ae7c21ea/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWPProviderRegistration.java -- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWPProviderRegistration.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWPProviderRegistration.java index 29c146e..2102c89 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWPProviderRegistration.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWPProviderRegistration.java @@ -19,16 +19,6 @@ package org.apache.tomee.microprofile.jwt.jaxrs; import org.apache.openejb.observer.Observes; import org.apache.openejb.server.cxf.rs.event.ExtensionProviderRegistration; import org.apache.tomee.microprofile.jwt.MPJWTFilter; -import org.eclipse.microprofile.auth.LoginConfig; - -import javax.servlet.FilterRegistration; -import javax.servlet.ServletContainerInitializer;
[24/38] tomee git commit: Cleanup
Cleanup Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/92846aee Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/92846aee Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/92846aee Branch: refs/heads/master Commit: 92846aee07e5346864ab1eb8da2223cfb50b9802 Parents: 5060806 Author: Jean-Louis MonteiroAuthored: Fri Mar 2 10:09:31 2018 +0100 Committer: Jean-Louis Monteiro Committed: Fri Mar 2 10:09:31 2018 +0100 -- .../tomee/microprofile/jwt/cdi/ClaimBean.java | 3 +- .../jwt/cdi/ClaimInjectionPoint.java| 2 +- .../microprofile/jwt/cdi/MPJWTProducer.java | 101 +-- 3 files changed, 4 insertions(+), 102 deletions(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/92846aee/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java -- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java index ad713dd..10abedf 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java @@ -64,7 +64,6 @@ public class ClaimBean implements Bean, PassivationCapable { } else if (type instanceof ParameterizedType) { final ParameterizedType paramType = (ParameterizedType) type; - return (Class) paramType.getRawType(); } @@ -195,7 +194,7 @@ public class ClaimBean implements Bean, PassivationCapable { } private T getClaimValue(final String name, final Class clazz) { -final JsonWebToken jwt = MPJWTProducer.getJWTPrincpal(); +final JsonWebToken jwt = MPJWTProducer.getJWTPrincipal(); if (jwt == null) { logger.warning(String.format("Can't retrieve claim %s. No active principal.", name)); return null; http://git-wip-us.apache.org/repos/asf/tomee/blob/92846aee/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimInjectionPoint.java -- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimInjectionPoint.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimInjectionPoint.java index a281014..949e36c 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimInjectionPoint.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimInjectionPoint.java @@ -25,7 +25,7 @@ import java.lang.reflect.Type; import java.util.Collections; import java.util.Set; -class ClaimInjectionPoint implements InjectionPoint{ +class ClaimInjectionPoint implements InjectionPoint { private final Bean bean; ClaimInjectionPoint(Bean bean) { http://git-wip-us.apache.org/repos/asf/tomee/blob/92846aee/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/MPJWTProducer.java -- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/MPJWTProducer.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/MPJWTProducer.java index 1d83a08..21196a8 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/MPJWTProducer.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/MPJWTProducer.java @@ -16,122 +16,25 @@ */ package org.apache.tomee.microprofile.jwt.cdi; -import org.eclipse.microprofile.jwt.Claim; -import org.eclipse.microprofile.jwt.ClaimValue; -import org.eclipse.microprofile.jwt.Claims; import org.eclipse.microprofile.jwt.JsonWebToken; import javax.enterprise.context.ApplicationScoped; import javax.enterprise.context.RequestScoped; import javax.enterprise.inject.Produces; -import javax.enterprise.inject.spi.InjectionPoint; -import javax.inject.Inject; -import javax.json.Json; -import javax.json.JsonArrayBuilder; -import javax.json.JsonObject; -import javax.json.JsonValue; -import javax.json.bind.Jsonb; -import java.lang.annotation.Annotation; -import java.util.Collection; -import java.util.Map; -import java.util.Optional; -import java.util.logging.Logger; @ApplicationScoped public class MPJWTProducer { -@Inject -private Jsonb jsonb; - -private static final String TMP = "tmp"; -private static Logger log = Logger.getLogger(MPJWTProducer.class.getName()); private static ThreadLocal currentPrincipal = new ThreadLocal<>(); -
[17/38] tomee git commit: some refactoring
http://git-wip-us.apache.org/repos/asf/tomee/blob/c5964e07/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueProducer.java -- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueProducer.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueProducer.java new file mode 100644 index 000..d69df02 --- /dev/null +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueProducer.java @@ -0,0 +1,75 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + *http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.tomee.microprofile.jwt.cdi; + +import java.lang.annotation.Annotation; +import java.lang.reflect.ParameterizedType; +import java.lang.reflect.Type; +import java.util.Optional; + +import javax.enterprise.inject.Produces; +import javax.enterprise.inject.spi.InjectionPoint; + +import org.eclipse.microprofile.jwt.Claim; +import org.eclipse.microprofile.jwt.ClaimValue; +import org.eclipse.microprofile.jwt.Claims; + +/** + * A producer for the ClaimValue wrapper injection sites. + * @param the raw claim type + */ +public class ClaimValueProducer { + +@Produces +@Claim("") +ClaimValue produce(InjectionPoint ip) { +String name = getName(ip); +ClaimValuecv = MPJWTProducer.generalClaimValueProducer(name); +ClaimValue returnValue = (ClaimValue) cv; +Optional value = cv.getValue(); +// Pull out the ClaimValue T type, +Type matchType = ip.getType(); +Type actualType = Object.class; +boolean isOptional = false; +if (matchType instanceof ParameterizedType) { +actualType = ((ParameterizedType) matchType).getActualTypeArguments()[0]; +isOptional = matchType.getTypeName().equals(Optional.class.getTypeName()); +if (isOptional) { +actualType = ((ParameterizedType) matchType).getActualTypeArguments()[0]; +} +} + +if (!actualType.getTypeName().startsWith(Optional.class.getTypeName())) { +T nestedValue = value.orElse(null); +ClaimValueWrapper wrapper = new ClaimValueWrapper<>(cv.getName()); +wrapper.setValue(nestedValue); +returnValue = wrapper; +} +return returnValue; +} + +String getName(InjectionPoint ip) { +String name = null; +for (Annotation ann : ip.getQualifiers()) { +if (ann instanceof Claim) { +Claim claim = (Claim) ann; +name = claim.standard() == Claims.UNKNOWN ? claim.value() : claim.standard().name(); +} +} +return name; +} +} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/tomee/blob/c5964e07/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueWrapper.java -- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueWrapper.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueWrapper.java new file mode 100644 index 000..6776191 --- /dev/null +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueWrapper.java @@ -0,0 +1,54 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + *http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the
[28/38] tomee git commit: cleanup and implement EJB integration
cleanup and implement EJB integration Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/893525f8 Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/893525f8 Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/893525f8 Branch: refs/heads/master Commit: 893525f860c485b5c5d0a79cb1621de3f56e8013 Parents: 7b0c434 Author: Jean-Louis MonteiroAuthored: Tue Mar 6 10:13:04 2018 +0100 Committer: Jean-Louis Monteiro Committed: Tue Mar 6 10:13:04 2018 +0100 -- .../core/security/AbstractSecurityService.java | 9 +- tck/mp-jwt-embedded/pom.xml | 14 +- .../tomee/microprofile/jwt/MPJWTContext.java| 129 --- .../tomee/microprofile/jwt/MPJWTFilter.java | 230 +++ .../microprofile/jwt/MPJWTInitializer.java | 15 +- .../tomee/microprofile/jwt/cdi/ClaimBean.java | 46 ++-- .../microprofile/jwt/cdi/ClaimValueWrapper.java | 10 +- .../microprofile/jwt/cdi/JsonbProducer.java | 1 + .../microprofile/jwt/cdi/MPJWTProducer.java | 28 ++- .../jwt/jaxrs/MPJWPProviderRegistration.java| 46 .../MPJWTSecurityAnnotationsInterceptor.java| 54 + ...TSecurityAnnotationsInterceptorsFeature.java | 144 .../META-INF/org.apache.openejb.extension | 1 + tck/mp-jwt-embedded/src/test/resources/dev.xml | 13 +- .../tomee/catalina/TomcatSecurityService.java | 20 ++ 15 files changed, 532 insertions(+), 228 deletions(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/893525f8/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java -- diff --git a/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java b/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java index 57e2c9c..514847b 100644 --- a/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java +++ b/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java @@ -53,6 +53,7 @@ import java.util.Map; import java.util.Properties; import java.util.Set; import java.util.UUID; +import java.util.concurrent.Callable; import java.util.concurrent.ConcurrentHashMap; /** @@ -153,13 +154,13 @@ public abstract class AbstractSecurityService implements DestroyableResource, Se final ProvidedSecurityContext providedSecurityContext = newContext.get(ProvidedSecurityContext.class); SecurityContext securityContext = oldContext != null ? oldContext.get(SecurityContext.class) : -(providedSecurityContext != null ? providedSecurityContext.context : null); +(providedSecurityContext != null ? providedSecurityContext.context : null); if (providedSecurityContext == null && (securityContext == null || securityContext == defaultContext)) { final Identity identity = clientIdentity.get(); if (identity != null) { securityContext = new SecurityContext(identity.subject); } else { -securityContext = defaultContext; +securityContext = getDefaultContext(); } } @@ -398,6 +399,10 @@ public abstract class AbstractSecurityService implements DestroyableResource, Se } } +protected SecurityContext getDefaultContext() { +return defaultContext; +} + public static final class ProvidedSecurityContext { public final SecurityContext context; http://git-wip-us.apache.org/repos/asf/tomee/blob/893525f8/tck/mp-jwt-embedded/pom.xml -- diff --git a/tck/mp-jwt-embedded/pom.xml b/tck/mp-jwt-embedded/pom.xml index 5055ac4..2af8f28 100644 --- a/tck/mp-jwt-embedded/pom.xml +++ b/tck/mp-jwt-embedded/pom.xml @@ -40,7 +40,13 @@ ${project.groupId} openejb-core ${project.version} - test + provided + + + ${project.groupId} + openejb-cxf-rs + ${project.version} + provided org.slf4j @@ -112,6 +118,12 @@ johnzon-jsonb 1.1.2 + + org.apache.tomcat + tomcat-catalina + ${tomcat.version} + provided + http://git-wip-us.apache.org/repos/asf/tomee/blob/893525f8/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTContext.java -- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTContext.java
[18/38] tomee git commit: some refactoring
some refactoring Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/c5964e07 Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/c5964e07 Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/c5964e07 Branch: refs/heads/master Commit: c5964e079df2dbadc0bd5f7f6567aaf509c69d83 Parents: 830b372 Author: Jean-Louis MonteiroAuthored: Tue Feb 27 10:14:53 2018 +0100 Committer: Jean-Louis Monteiro Committed: Tue Feb 27 10:14:53 2018 +0100 -- .../tomee/microprofile/jwt/ClaimLiteral.java| 32 -- .../jwt/ClaimProviderBeanAttributes.java| 83 .../microprofile/jwt/ClaimValueProducer.java| 75 .../microprofile/jwt/ClaimValueWrapper.java | 54 --- .../jwt/DefaultJWTCallerPrincipal.java | 334 .../jwt/DefaultJWTCallerPrincipalFactory.java | 86 .../microprofile/jwt/JWTAuthContextInfo.java| 66 .../jwt/JWTAuthContextInfoProvider.java | 59 --- .../microprofile/jwt/JWTCallerPrincipal.java| 59 --- .../jwt/JWTCallerPrincipalFactory.java | 124 -- .../microprofile/jwt/JsonValueProducer.java | 111 -- .../microprofile/jwt/MPJWTCDIExtension.java | 391 -- .../tomee/microprofile/jwt/MPJWTFilter.java | 4 + .../tomee/microprofile/jwt/MPJWTProducer.java | 196 - .../microprofile/jwt/RawClaimTypeProducer.java | 69 .../tomee/microprofile/jwt/TCKTokenParser.java | 3 + .../microprofile/jwt/cdi/ClaimLiteral.java | 32 ++ .../jwt/cdi/ClaimProviderBeanAttributes.java| 83 .../jwt/cdi/ClaimValueProducer.java | 75 .../microprofile/jwt/cdi/ClaimValueWrapper.java | 54 +++ .../microprofile/jwt/cdi/JsonValueProducer.java | 111 ++ .../microprofile/jwt/cdi/MPJWTCDIExtension.java | 395 +++ .../microprofile/jwt/cdi/MPJWTProducer.java | 196 + .../jwt/cdi/RawClaimTypeProducer.java | 69 .../jwt/config/JWTAuthContextInfo.java | 66 .../jwt/config/JWTAuthContextInfoProvider.java | 61 +++ .../principal/DefaultJWTCallerPrincipal.java| 334 .../DefaultJWTCallerPrincipalFactory.java | 88 + .../jwt/principal/JWTCallerPrincipal.java | 59 +++ .../principal/JWTCallerPrincipalFactory.java| 127 ++ .../javax.enterprise.inject.spi.Extension | 2 +- ...e.microprofile.jwt.JWTCallerPrincipalFactory | 1 - ...file.jwt.principal.JWTCallerPrincipalFactory | 1 + 33 files changed, 1759 insertions(+), 1741 deletions(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/c5964e07/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/ClaimLiteral.java -- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/ClaimLiteral.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/ClaimLiteral.java deleted file mode 100644 index 5471b2e..000 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/ClaimLiteral.java +++ /dev/null @@ -1,32 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - *http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.tomee.microprofile.jwt; - -import javax.enterprise.util.AnnotationLiteral; - -import org.eclipse.microprofile.jwt.Claim; -import org.eclipse.microprofile.jwt.Claims; - -public class ClaimLiteral extends AnnotationLiteral implements Claim { -public String value() { -return ""; -} - -public Claims standard() { -return Claims.UNKNOWN; -} -} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/tomee/blob/c5964e07/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/ClaimProviderBeanAttributes.java -- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/ClaimProviderBeanAttributes.java
[29/38] tomee git commit: formating
formating Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/e75018b2 Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/e75018b2 Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/e75018b2 Branch: refs/heads/master Commit: e75018b231942bec07c5a81fa513d476ab877877 Parents: 893525f Author: Jean-Louis MonteiroAuthored: Tue Mar 6 10:16:35 2018 +0100 Committer: Jean-Louis Monteiro Committed: Tue Mar 6 10:16:35 2018 +0100 -- .../jwt/jaxrs/MPJWTSecurityAnnotationsInterceptor.java| 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/e75018b2/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWTSecurityAnnotationsInterceptor.java -- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWTSecurityAnnotationsInterceptor.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWTSecurityAnnotationsInterceptor.java index 60c2599..e6ccd5a 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWTSecurityAnnotationsInterceptor.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWTSecurityAnnotationsInterceptor.java @@ -17,7 +17,8 @@ public class MPJWTSecurityAnnotationsInterceptor implements ContainerRequestFilt private final Set denyAll; private final Set permitAll; -public MPJWTSecurityAnnotationsInterceptor(final javax.ws.rs.container.ResourceInfo resourceInfo, final ConcurrentMap rolesAllowed, final Set denyAll, final Set permitAll) { +public MPJWTSecurityAnnotationsInterceptor(final javax.ws.rs.container.ResourceInfo resourceInfo, + final ConcurrentMap rolesAllowed, final Set denyAll, final Set permitAll) { this.resourceInfo = resourceInfo; this.rolesAllowed = rolesAllowed; this.denyAll = denyAll;
[20/38] tomee git commit: some refactoring
some refactoring Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/1ad96bbd Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/1ad96bbd Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/1ad96bbd Branch: refs/heads/master Commit: 1ad96bbdf1239c4d57cb5b0bc9fa857fa028f427 Parents: 812cfed Author: Jean-Louis MonteiroAuthored: Tue Feb 27 11:03:11 2018 +0100 Committer: Jean-Louis Monteiro Committed: Tue Feb 27 11:03:11 2018 +0100 -- tck/mp-jwt-embedded/pom.xml | 16 ++-- .../apache/tomee/microprofile/jwt/KeyUtils.java | 85 --- .../tomee/microprofile/jwt/MPJWTFilter.java | 2 +- .../microprofile/jwt/MPJWTInitializer.java | 1 + .../tomee/microprofile/jwt/ParseException.java | 4 +- .../tomee/microprofile/jwt/TCKTokenParser.java | 2 +- .../microprofile/jwt/cdi/ClaimLiteral.java | 32 .../jwt/cdi/ClaimProviderBeanAttributes.java| 23 ++ .../jwt/cdi/ClaimValueProducer.java | 16 ++-- .../microprofile/jwt/cdi/ClaimValueWrapper.java | 13 ++- .../microprofile/jwt/cdi/JsonValueProducer.java | 37 - .../microprofile/jwt/cdi/JsonbProducer.java | 45 ++ .../microprofile/jwt/cdi/MPJWTCDIExtension.java | 15 +--- .../microprofile/jwt/cdi/MPJWTProducer.java | 86 +++- .../jwt/cdi/RawClaimTypeProducer.java | 21 ++--- .../jwt/config/JWTAuthContextInfoProvider.java | 42 +- .../principal/DefaultJWTCallerPrincipal.java| 6 +- tck/mp-jwt-embedded/src/test/resources/dev.xml | 6 +- 18 files changed, 148 insertions(+), 304 deletions(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/1ad96bbd/tck/mp-jwt-embedded/pom.xml -- diff --git a/tck/mp-jwt-embedded/pom.xml b/tck/mp-jwt-embedded/pom.xml index 272f4ad..5055ac4 100644 --- a/tck/mp-jwt-embedded/pom.xml +++ b/tck/mp-jwt-embedded/pom.xml @@ -96,15 +96,21 @@ jose4j 0.6.0 + + + org.apache.geronimo.specs + geronimo-json_1.1_spec + 1.0 + - javax.json.bind - javax.json.bind-api + org.apache.geronimo.specs + geronimo-jsonb_1.0_spec 1.0 - org.glassfish - javax.json - 1.0.4 + org.apache.johnzon + johnzon-jsonb + 1.1.2 http://git-wip-us.apache.org/repos/asf/tomee/blob/1ad96bbd/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/KeyUtils.java -- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/KeyUtils.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/KeyUtils.java deleted file mode 100644 index c65ea98..000 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/KeyUtils.java +++ /dev/null @@ -1,85 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - *http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.tomee.microprofile.jwt; - -import java.io.InputStream; -import java.security.KeyFactory; -import java.security.KeyPair; -import java.security.KeyPairGenerator; -import java.security.NoSuchAlgorithmException; -import java.security.PrivateKey; -import java.security.PublicKey; -import java.security.spec.PKCS8EncodedKeySpec; -import java.security.spec.X509EncodedKeySpec; -import java.util.Base64; - -public class KeyUtils { -private KeyUtils() { -} - -public static PrivateKey readPrivateKey(String pemResName) throws Exception { -InputStream contentIS = KeyUtils.class.getResourceAsStream(pemResName); -byte[] tmp = new byte[4096]; -int length = contentIS.read(tmp); -PrivateKey privateKey = decodePrivateKey(new String(tmp, 0, length)); -return privateKey; -} - -public static PublicKey readPublicKey(String pemResName) throws Exception { -InputStream contentIS =
buildbot failure in on tomee-trunk-ubuntu
The Buildbot has detected a new failure on builder tomee-trunk-ubuntu while building tomee. Full details are available at: https://ci.apache.org/builders/tomee-trunk-ubuntu/builds/910 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: bb_qnode5_ubuntu Build Reason: The SingleBranchScheduler scheduler named 'on-tomee-trunk-ubuntu-commit' triggered this build Build Source Stamp: [branch master] 09ca434d9d80de8a36e9973682e071e19934552f Blamelist: Jean-Louis MonteiroBUILD FAILED: failed compile Sincerely, -The Buildbot
[23/38] tomee git commit: Iterate
Iterate Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/50608069 Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/50608069 Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/50608069 Branch: refs/heads/master Commit: 506080699d96c06db707ba66a4342aabf5e378f3 Parents: d81bd39 Author: Jean-Louis MonteiroAuthored: Fri Mar 2 09:14:46 2018 +0100 Committer: Jean-Louis Monteiro Committed: Fri Mar 2 09:14:46 2018 +0100 -- .../tomee/microprofile/jwt/cdi/ClaimBean.java | 32 +--- .../microprofile/jwt/cdi/MPJWTCDIExtension.java | 2 +- 2 files changed, 28 insertions(+), 6 deletions(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/50608069/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java -- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java index d04d807..ad713dd 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java @@ -17,7 +17,9 @@ package org.apache.tomee.microprofile.jwt.cdi; import org.eclipse.microprofile.jwt.Claim; +import org.eclipse.microprofile.jwt.ClaimValue; import org.eclipse.microprofile.jwt.Claims; +import org.eclipse.microprofile.jwt.JsonWebToken; import javax.enterprise.context.Dependent; import javax.enterprise.context.spi.CreationalContext; @@ -35,9 +37,12 @@ import java.util.HashSet; import java.util.List; import java.util.Optional; import java.util.Set; +import java.util.logging.Logger; public class ClaimBean implements Bean, PassivationCapable { +private static Logger logger = Logger.getLogger(MPJWTCDIExtension.class.getName()); + private final static Set QUALIFIERS = new HashSet<>(); private final BeanManager bm; @@ -53,7 +58,7 @@ public class ClaimBean implements Bean, PassivationCapable { this.id = "ClaimBean_" + types; } -private Class getRawType(Type type) { +private Class getRawType(final Type type) { if (type instanceof Class) { return (Class) type; @@ -63,7 +68,7 @@ public class ClaimBean implements Bean, PassivationCapable { return (Class) paramType.getRawType(); } -// todo deal with Optional here? +// todo deal with Optional here? aka check type again throw new UnsupportedOperationException("Unsupported type " + type); } @@ -132,9 +137,12 @@ public class ClaimBean implements Bean, PassivationCapable { } final Annotated annotated = ip.getAnnotated(); -Claim claim = annotated.getAnnotation(Claim.class); +final Claim claim = annotated.getAnnotation(Claim.class); final String key = getClaimKey(claim); +System.out.println(String.format("Found Claim injection with name=%s and for InjectionPoint=%s", key, ip.toString())); +logger.finest(String.format("Found Claim injection with name=%s and for InjectionPoint=%s", key, ip.toString())); + if (annotated.getBaseType() instanceof ParameterizedType) { final ParameterizedType paramType = (ParameterizedType) annotated.getBaseType(); final Type rawType = paramType.getRawType(); @@ -148,6 +156,12 @@ public class ClaimBean implements Bean, PassivationCapable { return (T) getClaimValue(key, clazz); } +// handle ClaimValue +if (rawTypeClass.isAssignableFrom(ClaimValue.class)) { +final Class clazz = (Class) paramType.getActualTypeArguments()[0]; //X TODO check type again, etc +return (T) getClaimValue(key, clazz); +} + // handle Optional if (rawTypeClass.isAssignableFrom(Optional.class)) { final Class clazz = (Class) paramType.getActualTypeArguments()[0]; //X TODO check type again, etc @@ -180,8 +194,16 @@ public class ClaimBean implements Bean, PassivationCapable { return claim.standard() == Claims.UNKNOWN ? claim.value() : claim.standard().name(); } -private T getClaimValue(final String key, final Class clazz) { -return null; // todo +private T getClaimValue(final String name, final Class clazz) { +final JsonWebToken jwt = MPJWTProducer.getJWTPrincpal(); +if (jwt == null) { +logger.warning(String.format("Can't retrieve claim %s. No active principal.", name)); +return null; +} + +
[35/38] tomee git commit: Not needed
Not needed Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/7446cbb0 Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/7446cbb0 Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/7446cbb0 Branch: refs/heads/master Commit: 7446cbb0d062ffaa6009b1283822fe520f1aec3f Parents: 3c089d3 Author: Jean-Louis MonteiroAuthored: Wed Mar 7 11:31:36 2018 +0100 Committer: Jean-Louis Monteiro Committed: Wed Mar 7 11:31:36 2018 +0100 -- .../openejb/core/security/JwtSecurityTest.java | 364 --- 1 file changed, 364 deletions(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/7446cbb0/container/openejb-core/src/test/java/org/apache/openejb/core/security/JwtSecurityTest.java -- diff --git a/container/openejb-core/src/test/java/org/apache/openejb/core/security/JwtSecurityTest.java b/container/openejb-core/src/test/java/org/apache/openejb/core/security/JwtSecurityTest.java deleted file mode 100644 index ddd92f3..000 --- a/container/openejb-core/src/test/java/org/apache/openejb/core/security/JwtSecurityTest.java +++ /dev/null @@ -1,364 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.openejb.core.security; - -import org.apache.openejb.OpenEJB; -import org.apache.openejb.assembler.classic.Assembler; -import org.apache.openejb.assembler.classic.EjbJarInfo; -import org.apache.openejb.assembler.classic.ProxyFactoryInfo; -import org.apache.openejb.assembler.classic.SecurityServiceInfo; -import org.apache.openejb.assembler.classic.StatelessSessionContainerInfo; -import org.apache.openejb.assembler.classic.TransactionServiceInfo; -import org.apache.openejb.config.ConfigurationFactory; -import org.apache.openejb.core.LocalInitialContextFactory; -import org.apache.openejb.core.security.jaas.GroupPrincipal; -import org.apache.openejb.core.security.jaas.UserPrincipal; -import org.apache.openejb.jee.EjbJar; -import org.apache.openejb.jee.StatelessBean; -import org.junit.AfterClass; -import org.junit.Test; - -import javax.annotation.Resource; -import javax.annotation.security.DeclareRoles; -import javax.annotation.security.DenyAll; -import javax.annotation.security.PermitAll; -import javax.annotation.security.RolesAllowed; -import javax.annotation.security.RunAs; -import javax.ejb.SessionContext; -import javax.ejb.Singleton; -import javax.naming.Context; -import javax.naming.InitialContext; -import javax.security.auth.Subject; -import javax.security.auth.callback.CallbackHandler; -import javax.security.auth.login.AppConfigurationEntry; -import javax.security.auth.login.Configuration; -import javax.security.auth.login.LoginException; -import javax.security.auth.spi.LoginModule; -import java.security.Security; -import java.util.HashMap; -import java.util.HashSet; -import java.util.Map; -import java.util.Properties; -import java.util.Set; - -import static org.junit.Assert.assertTrue; -import static org.junit.Assert.fail; -import static org.testng.AssertJUnit.assertFalse; - -public class JWTSecurityTest { - -@AfterClass -public static void afterClass() throws Exception { -OpenEJB.destroy(); -System.clearProperty(Context.INITIAL_CONTEXT_FACTORY); -// unfortunate we can't reset the value, so setting to default (See Configuration) -Security.setProperty("login.configuration.provider", "sun.security.provider.ConfigFile"); -} - -private Assembler configureAssembler(final String defaultUser) throws Exception { -System.setProperty(Context.INITIAL_CONTEXT_FACTORY, LocalInitialContextFactory.class.getName()); -Security.setProperty("login.configuration.provider", JaasConfig.class.getName()); - -final ConfigurationFactory config = new ConfigurationFactory(); -final Assembler assembler = new Assembler(); - - assembler.createProxyFactory(config.configureService(ProxyFactoryInfo.class)); -
[36/38] tomee git commit: No more needed
No more needed Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/04675f5d Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/04675f5d Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/04675f5d Branch: refs/heads/master Commit: 04675f5dfb0c3d235c95386baf7cb59208f7a42e Parents: 7446cbb Author: Jean-Louis MonteiroAuthored: Wed Mar 7 11:35:02 2018 +0100 Committer: Jean-Louis Monteiro Committed: Wed Mar 7 11:35:02 2018 +0100 -- container/openejb-core/pom.xml | 19 -- .../apache/openejb/core/security/JWTUtil.java | 100 --- .../server/cxf/rs/MPJWTSecurityContextTest.java | 260 --- 3 files changed, 379 deletions(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/04675f5d/container/openejb-core/pom.xml -- diff --git a/container/openejb-core/pom.xml b/container/openejb-core/pom.xml index c7f..be1e710 100644 --- a/container/openejb-core/pom.xml +++ b/container/openejb-core/pom.xml @@ -712,25 +712,6 @@ provided - - org.eclipse.microprofile.config - microprofile-config-api - 1.2 - compile - - - org.eclipse.microprofile.jwt - microprofile-jwt-auth-api - 1.1-SNAPSHOT - compile - - - com.nimbusds - nimbus-jose-jwt - 5.1 - compile - - http://git-wip-us.apache.org/repos/asf/tomee/blob/04675f5d/container/openejb-core/src/test/java/org/apache/openejb/core/security/JWTUtil.java -- diff --git a/container/openejb-core/src/test/java/org/apache/openejb/core/security/JWTUtil.java b/container/openejb-core/src/test/java/org/apache/openejb/core/security/JWTUtil.java deleted file mode 100644 index 4ae438f..000 --- a/container/openejb-core/src/test/java/org/apache/openejb/core/security/JWTUtil.java +++ /dev/null @@ -1,100 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.openejb.core.security; - -import com.nimbusds.jose.JOSEException; -import com.nimbusds.jose.JWSAlgorithm; -import com.nimbusds.jose.JWSHeader; -import com.nimbusds.jose.JWSSigner; -import com.nimbusds.jose.crypto.MACSigner; -import com.nimbusds.jose.crypto.RSASSASigner; -import com.nimbusds.jwt.JWTClaimsSet; -import com.nimbusds.jwt.SignedJWT; - -import javax.crypto.SecretKey; -import javax.crypto.spec.SecretKeySpec; -import java.security.Key; -import java.security.interfaces.RSAPrivateKey; -import java.time.LocalDate; -import java.util.Date; -import java.util.UUID; - -import static java.time.ZoneId.systemDefault; - -public class JWTUtil { - -protected static final String MYSHAREDSECRET = "abcdefghijklmnopqrstuvwxyzabcdef"; // at least 256 bits - -private JWTUtil() { -// prevent direct instantiation -} - -public static String createValidJwtAccessToken(String... scopes) throws Exception { -final SecretKey key = new SecretKeySpec(MYSHAREDSECRET.getBytes(), "hmac-sha256"); - -// Prepare JWT with claims set -final JWTClaimsSet.Builder claimsBuilder = createValidJwtClaimsSet(); - -if (scopes != null && scopes.length > 0) { -claimsBuilder.claim("scopes", scopes); -} - -final JWTClaimsSet claimsSet = claimsBuilder.build(); - -final JWSHeader header = new JWSHeader(JWSAlgorithm.HS256); - -return sign(claimsSet, header, key).serialize(); -} - -public static SignedJWT sign(final JWTClaimsSet jwtClaimsSet, final JWSHeader jwsHeader, final Key key) throws JOSEException { -JWSSigner signer = null; -if (RSAPrivateKey.class.isInstance(key)) { -signer = new RSASSASigner(RSAPrivateKey.class.cast(key)); - -} else if (SecretKey.class.isInstance(key)) { -signer = new MACSigner(SecretKey.class.cast(key).getEncoded()); - -} else { -throw new
[31/38] tomee git commit: Renamed to providers because the event gives the existing list but it's up to the observer to add more
Renamed to providers because the event gives the existing list but it's up to the observer to add more Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/9a428e15 Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/9a428e15 Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/9a428e15 Branch: refs/heads/master Commit: 9a428e151eea46cc0c0e5e0ffac01282b1ce1e98 Parents: ae7c21e Author: Jean-Louis MonteiroAuthored: Wed Mar 7 08:13:13 2018 +0100 Committer: Jean-Louis Monteiro Committed: Wed Mar 7 08:13:13 2018 +0100 -- .../server/cxf/rs/event/ExtensionProviderRegistration.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/9a428e15/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/event/ExtensionProviderRegistration.java -- diff --git a/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/event/ExtensionProviderRegistration.java b/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/event/ExtensionProviderRegistration.java index cfae25c..932a6bf 100644 --- a/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/event/ExtensionProviderRegistration.java +++ b/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/event/ExtensionProviderRegistration.java @@ -28,9 +28,9 @@ public class ExtensionProviderRegistration { private final List providers; private final AppContext appContext; -public ExtensionProviderRegistration(final AppContext ctx, final List existings) { +public ExtensionProviderRegistration(final AppContext ctx, final List providers) { this.appContext = ctx; -this.providers = existings; +this.providers = providers; } public AppContext getAppContext() {
[34/38] tomee git commit: Not needed
Not needed Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/3c089d35 Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/3c089d35 Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/3c089d35 Branch: refs/heads/master Commit: 3c089d35e72987a93cfa3853f754e90cdbf8d267 Parents: 0340cef Author: Jean-Louis MonteiroAuthored: Wed Mar 7 11:30:44 2018 +0100 Committer: Jean-Louis Monteiro Committed: Wed Mar 7 11:30:44 2018 +0100 -- .../tests/jaxrs/mpjwt/HelloResource.java| 49 - .../tests/jaxrs/mpjwt/MPJWTApplication.java | 28 --- .../arquillian/tests/jaxrs/mpjwt/MPJWTTest.java | 77 3 files changed, 154 deletions(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/3c089d35/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/java/org/apache/openejb/arquillian/tests/jaxrs/mpjwt/HelloResource.java -- diff --git a/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/java/org/apache/openejb/arquillian/tests/jaxrs/mpjwt/HelloResource.java b/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/java/org/apache/openejb/arquillian/tests/jaxrs/mpjwt/HelloResource.java deleted file mode 100644 index bc030f1..000 --- a/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/java/org/apache/openejb/arquillian/tests/jaxrs/mpjwt/HelloResource.java +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.openejb.arquillian.tests.jaxrs.mpjwt; - -import org.eclipse.microprofile.jwt.Claim; -import org.eclipse.microprofile.jwt.ClaimValue; - -import javax.annotation.security.RolesAllowed; -import javax.ejb.Lock; -import javax.ejb.LockType; -import javax.ejb.Stateless; -import javax.inject.Inject; -import javax.ws.rs.GET; -import javax.ws.rs.Path; -import javax.ws.rs.Produces; -import javax.ws.rs.core.Context; -import javax.ws.rs.core.MediaType; -import javax.ws.rs.core.SecurityContext; - -@Path("/hello") -@Stateless -@Lock(LockType.READ) -public class HelloResource { - -@Inject -@Claim("jti") -private ClaimValue jti; - -@GET -@Produces(MediaType.TEXT_PLAIN) -@RolesAllowed("helloRole") -public String sayHello(@Context SecurityContext context) { -return "hello " + context.getUserPrincipal().getName(); -} -} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/tomee/blob/3c089d35/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/java/org/apache/openejb/arquillian/tests/jaxrs/mpjwt/MPJWTApplication.java -- diff --git a/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/java/org/apache/openejb/arquillian/tests/jaxrs/mpjwt/MPJWTApplication.java b/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/java/org/apache/openejb/arquillian/tests/jaxrs/mpjwt/MPJWTApplication.java deleted file mode 100644 index 18bdee6..000 --- a/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/java/org/apache/openejb/arquillian/tests/jaxrs/mpjwt/MPJWTApplication.java +++ /dev/null @@ -1,28 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -
[08/38] tomee git commit: comments
comments Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/f58a39aa Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/f58a39aa Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/f58a39aa Branch: refs/heads/master Commit: f58a39aaab0772839b149ccdc198b067924a648b Parents: 7d93131 Author: Jean-Louis MonteiroAuthored: Wed Feb 21 17:10:12 2018 +0100 Committer: Jean-Louis Monteiro Committed: Wed Feb 21 17:10:12 2018 +0100 -- .../org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/f58a39aa/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java -- diff --git a/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java b/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java index 28cc45d..c85e6fb 100644 --- a/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java +++ b/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java @@ -103,7 +103,7 @@ public class MPJWTSecurityContextTest { @LoginConfig(authMethod = "MP-JWT") @ApplicationPath("/api") public static class RestApplication extends Application { - +// auto discovered } @Path("sc")
[16/38] tomee git commit: Add more implementations and TCK coverage
Add more implementations and TCK coverage Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/830b3729 Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/830b3729 Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/830b3729 Branch: refs/heads/master Commit: 830b372981330bf028b576b155e497b24c85bf9a Parents: 9c69190 Author: Jean-Louis MonteiroAuthored: Tue Feb 27 09:16:44 2018 +0100 Committer: Jean-Louis Monteiro Committed: Tue Feb 27 09:16:44 2018 +0100 -- tck/mp-jwt-embedded/pom.xml | 11 + .../tomee/microprofile/jwt/ClaimLiteral.java| 32 ++ .../jwt/ClaimProviderBeanAttributes.java| 83 .../microprofile/jwt/ClaimValueProducer.java| 75 .../microprofile/jwt/ClaimValueWrapper.java | 54 +++ .../jwt/JWTAuthContextInfoProvider.java | 59 +++ .../jwt/JWTCallerPrincipalFactory.java | 2 +- .../microprofile/jwt/JsonValueProducer.java | 111 ++ .../apache/tomee/microprofile/jwt/KeyUtils.java | 84 .../microprofile/jwt/MPJWTCDIExtension.java | 391 +++ .../tomee/microprofile/jwt/MPJWTContext.java| 9 +- .../tomee/microprofile/jwt/MPJWTFilter.java | 25 +- .../microprofile/jwt/MPJWTInitializer.java | 7 +- .../tomee/microprofile/jwt/MPJWTProducer.java | 196 ++ .../microprofile/jwt/RawClaimTypeProducer.java | 69 .../javax.enterprise.inject.spi.Extension | 1 + ...e.microprofile.jwt.JWTCallerPrincipalFactory | 1 + ...file.jwt.principal.JWTCallerPrincipalFactory | 1 - .../jwt/AppDeploymentExtension.java | 37 ++ jboss.arquillian.core.spi.LoadableExtension | 1 + tck/mp-jwt-embedded/src/test/resources/dev.xml | 8 +- 21 files changed, 1237 insertions(+), 20 deletions(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/830b3729/tck/mp-jwt-embedded/pom.xml -- diff --git a/tck/mp-jwt-embedded/pom.xml b/tck/mp-jwt-embedded/pom.xml index ddbccec..272f4ad 100644 --- a/tck/mp-jwt-embedded/pom.xml +++ b/tck/mp-jwt-embedded/pom.xml @@ -112,6 +112,16 @@ org.apache.maven.plugins +maven-compiler-plugin +3.6.1 + + 1.8 + 1.8JwSecTest + + + org.apache.maven.plugins maven-surefire-plugin http://git-wip-us.apache.org/repos/asf/tomee/blob/830b3729/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/ClaimLiteral.java -- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/ClaimLiteral.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/ClaimLiteral.java new file mode 100644 index 000..5471b2e --- /dev/null +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/ClaimLiteral.java @@ -0,0 +1,32 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + *http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.tomee.microprofile.jwt; + +import javax.enterprise.util.AnnotationLiteral; + +import org.eclipse.microprofile.jwt.Claim; +import org.eclipse.microprofile.jwt.Claims; + +public class ClaimLiteral extends AnnotationLiteral implements Claim { +public String value() { +return ""; +} + +public Claims standard() { +return Claims.UNKNOWN; +} +} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/tomee/blob/830b3729/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/ClaimProviderBeanAttributes.java -- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/ClaimProviderBeanAttributes.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/ClaimProviderBeanAttributes.java new file mode 100644 index 000..ce6e97c --- /dev/null +++
[06/38] tomee git commit: Better handling of the internal application
Better handling of the internal application Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/7acf3146 Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/7acf3146 Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/7acf3146 Branch: refs/heads/master Commit: 7acf3146b12e5bbd0e4db58ed432345ca4eec4ae Parents: a2468e4 Author: Jean-Louis MonteiroAuthored: Wed Feb 21 16:45:35 2018 +0100 Committer: Jean-Louis Monteiro Committed: Wed Feb 21 16:45:35 2018 +0100 -- .../server/cxf/rs/MPJWTSecurityContextTest.java | 22 +++- 1 file changed, 8 insertions(+), 14 deletions(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/7acf3146/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java -- diff --git a/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java b/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java index b7bceb5..266aa66 100644 --- a/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java +++ b/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java @@ -23,6 +23,7 @@ import org.apache.openejb.loader.SystemInstance; import org.apache.openejb.observer.Observes; import org.apache.openejb.server.cxf.rs.event.ExtensionProviderRegistration; import org.apache.openejb.server.cxf.rs.event.ServerCreated; +import org.apache.openejb.server.rest.InternalApplication; import org.apache.openejb.spi.SecurityService; import org.apache.openejb.testing.Classes; import org.apache.openejb.testing.Configuration; @@ -101,7 +102,7 @@ public class MPJWTSecurityContextTest { @LoginConfig(authMethod = "MP-JWT") @ApplicationPath("/api") -public class RestApplication extends Application { +public static class RestApplication extends Application { } @@ -122,22 +123,15 @@ public class MPJWTSecurityContextTest { public void obs(@Observes final ServerCreated event) { System.out.println("Observer.obs"); final ApplicationInfo appInfo = (ApplicationInfo) event.getServer().getEndpoint().get("javax.ws.rs.core.Application"); -final Application application = appInfo.getProvider(); -final LoginConfig annotation = application.getClass().getAnnotation(LoginConfig.class); -if (annotation != null) { -// add the ContainerRequestFilter on the fly -} -} - -public void extension(@Observes final ExtensionProviderRegistration registration) { -System.out.println("Observer.extension"); -// nothing useful here because we cannot access the application -final ApplicationInfo appInfo = (ApplicationInfo) registration.getServer().getEndpoint().get("javax.ws.rs.core.Application"); -final Application application = appInfo.getProvider(); +final Application application = InternalApplication.class.isInstance(appInfo.getProvider()) +? InternalApplication.class.cast(appInfo.getProvider()).getOriginal() +: appInfo.getProvider(); final LoginConfig annotation = application.getClass().getAnnotation(LoginConfig.class); if (annotation != null && "MP-JWT".equals(annotation.authMethod())) { // add the ContainerRequestFilter on the fly -registration.getProviders().add(new MySecuCtx()); +if (InternalApplication.class.isInstance(appInfo.getProvider())) { + InternalApplication.class.cast(appInfo.getProvider()).getClasses().add(MySecuCtx.class); +} } } }
tomee git commit: ASM fixes previously missed
Repository: tomee Updated Branches: refs/heads/fb_tomee8 59c398d19 -> ebad7d709 ASM fixes previously missed Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/ebad7d70 Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/ebad7d70 Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/ebad7d70 Branch: refs/heads/fb_tomee8 Commit: ebad7d709a7524938c8505c835eeb964245bb7cc Parents: 59c398d Author: Jonathan GallimoreAuthored: Wed Mar 14 14:44:25 2018 + Committer: Jonathan Gallimore Committed: Mon Apr 16 21:39:08 2018 +0100 -- .../org/apache/openejb/config/ServiceClasspathTest.java | 10 +- .../java/org/apache/openejb/core/cmp/jpa/JpaTest.java | 4 ++-- 2 files changed, 7 insertions(+), 7 deletions(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/ebad7d70/container/openejb-core/src/test/java/org/apache/openejb/config/ServiceClasspathTest.java -- diff --git a/container/openejb-core/src/test/java/org/apache/openejb/config/ServiceClasspathTest.java b/container/openejb-core/src/test/java/org/apache/openejb/config/ServiceClasspathTest.java index a8b59dc..51fd351 100644 --- a/container/openejb-core/src/test/java/org/apache/openejb/config/ServiceClasspathTest.java +++ b/container/openejb-core/src/test/java/org/apache/openejb/config/ServiceClasspathTest.java @@ -53,11 +53,11 @@ import java.util.Properties; import java.util.zip.ZipEntry; import java.util.zip.ZipOutputStream; -import static org.apache.xbean.asm5.Opcodes.ACC_PUBLIC; -import static org.apache.xbean.asm5.Opcodes.ACC_SUPER; -import static org.apache.xbean.asm5.Opcodes.ALOAD; -import static org.apache.xbean.asm5.Opcodes.INVOKESPECIAL; -import static org.apache.xbean.asm5.Opcodes.RETURN; +import static org.apache.xbean.asm6.Opcodes.ACC_PUBLIC; +import static org.apache.xbean.asm6.Opcodes.ACC_SUPER; +import static org.apache.xbean.asm6.Opcodes.ALOAD; +import static org.apache.xbean.asm6.Opcodes.INVOKESPECIAL; +import static org.apache.xbean.asm6.Opcodes.RETURN; /** * @version $Rev$ $Date$ http://git-wip-us.apache.org/repos/asf/tomee/blob/ebad7d70/container/openejb-core/src/test/java/org/apache/openejb/core/cmp/jpa/JpaTest.java -- diff --git a/container/openejb-core/src/test/java/org/apache/openejb/core/cmp/jpa/JpaTest.java b/container/openejb-core/src/test/java/org/apache/openejb/core/cmp/jpa/JpaTest.java index 3c75490..ad38935 100644 --- a/container/openejb-core/src/test/java/org/apache/openejb/core/cmp/jpa/JpaTest.java +++ b/container/openejb-core/src/test/java/org/apache/openejb/core/cmp/jpa/JpaTest.java @@ -54,8 +54,8 @@ import java.util.Hashtable; import java.util.Map; import java.util.Properties; -import static org.apache.xbean.asm5.Opcodes.ACC_PRIVATE; -import static org.apache.xbean.asm5.Opcodes.ACC_TRANSIENT; +import static org.apache.xbean.asm6.Opcodes.ACC_PRIVATE; +import static org.apache.xbean.asm6.Opcodes.ACC_TRANSIENT; public class JpaTest extends TestCase { static {
[26/38] tomee git commit: Provider and Instance
Provider and Instance Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/cfc2ae1f Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/cfc2ae1f Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/cfc2ae1f Branch: refs/heads/master Commit: cfc2ae1f873a5b413cd79af69969f4dfe620829d Parents: b05e564 Author: Jean-Louis MonteiroAuthored: Fri Mar 2 15:40:17 2018 +0100 Committer: Jean-Louis Monteiro Committed: Fri Mar 2 15:40:17 2018 +0100 -- .../org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java| 2 ++ .../tomee/microprofile/jwt/cdi/MPJWTCDIExtension.java | 9 + tck/mp-jwt-embedded/src/test/resources/dev.xml | 8 3 files changed, 15 insertions(+), 4 deletions(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/cfc2ae1f/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java -- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java index 0e87404..0b6f3de 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java @@ -168,11 +168,13 @@ public class ClaimBean implements Bean, PassivationCapable { // handle Provider if (rawTypeClass.isAssignableFrom(Provider.class)) { +final Type providerType = paramType.getActualTypeArguments()[0]; return getClaimValue(key); } // handle Instance if (rawTypeClass.isAssignableFrom(Instance.class)) { +final Type instanceType = paramType.getActualTypeArguments()[0]; return getClaimValue(key); } http://git-wip-us.apache.org/repos/asf/tomee/blob/cfc2ae1f/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/MPJWTCDIExtension.java -- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/MPJWTCDIExtension.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/MPJWTCDIExtension.java index 9f8e602..05b08de 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/MPJWTCDIExtension.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/MPJWTCDIExtension.java @@ -23,6 +23,7 @@ import org.apache.tomee.microprofile.jwt.config.JWTAuthContextInfoProvider; import org.eclipse.microprofile.jwt.Claim; import javax.enterprise.event.Observes; +import javax.enterprise.inject.Instance; import javax.enterprise.inject.spi.AfterBeanDiscovery; import javax.enterprise.inject.spi.AfterDeploymentValidation; import javax.enterprise.inject.spi.BeanManager; @@ -46,6 +47,7 @@ public class MPJWTCDIExtension implements Extension { private static Logger logger = Logger.getLogger(MPJWTCDIExtension.class.getName()); private static final Predicate NOT_PROVIDERS = ip -> (ip.getType() instanceof Class) || (ip.getType() instanceof ParameterizedType && ((ParameterizedType)ip.getType()).getRawType() != Provider.class); +private static final Predicate NOT_INSTANCES = ip -> (ip.getType() instanceof Class) || (ip.getType() instanceof ParameterizedType && ((ParameterizedType)ip.getType()).getRawType() != Instance.class); private static final Map REPLACED_TYPES = new HashMap<>(); static { @@ -68,6 +70,7 @@ public class MPJWTCDIExtension implements Extension { public void registerClaimProducer(@Observes final AfterBeanDiscovery abd, final BeanManager bm) { final Set types = injectionPoints.stream() .filter(NOT_PROVIDERS) +.filter(NOT_INSTANCES) .map(ip -> REPLACED_TYPES.getOrDefault(ip.getType(), ip.getType())) .collect(Collectors.toSet()); @@ -76,7 +79,13 @@ public class MPJWTCDIExtension implements Extension { .map(ip -> ((ParameterizedType)ip.getType()).getActualTypeArguments()[0]) .collect(Collectors.toSet()); +final Set instanceTypes = injectionPoints.stream() +.filter(NOT_INSTANCES.negate()) +.map(ip -> ((ParameterizedType)ip.getType()).getActualTypeArguments()[0]) +.collect(Collectors.toSet()); + types.addAll(providerTypes); +types.addAll(instanceTypes); types.stream() .map(type -> new ClaimBean<>(bm,
[19/38] tomee git commit: Formating
Formating Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/812cfed9 Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/812cfed9 Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/812cfed9 Branch: refs/heads/master Commit: 812cfed9bc64f6d5985d507dd00b62cbfa5215bc Parents: c5964e0 Author: Jean-Louis MonteiroAuthored: Tue Feb 27 10:23:02 2018 +0100 Committer: Jean-Louis Monteiro Committed: Tue Feb 27 10:23:02 2018 +0100 -- .../apache/tomee/microprofile/jwt/KeyUtils.java | 5 +- .../tomee/microprofile/jwt/MPJWTContext.java| 1 - .../microprofile/jwt/MPJWTInitializer.java | 1 - .../tomee/microprofile/jwt/TCKTokenParser.java | 4 +- .../microprofile/jwt/cdi/ClaimLiteral.java | 4 +- .../jwt/cdi/ClaimProviderBeanAttributes.java| 14 ++-- .../jwt/cdi/ClaimValueProducer.java | 14 ++-- .../microprofile/jwt/cdi/MPJWTCDIExtension.java | 88 .../microprofile/jwt/cdi/MPJWTProducer.java | 50 +-- .../jwt/config/JWTAuthContextInfo.java | 3 +- .../DefaultJWTCallerPrincipalFactory.java | 2 +- .../principal/JWTCallerPrincipalFactory.java| 2 +- 12 files changed, 85 insertions(+), 103 deletions(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/812cfed9/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/KeyUtils.java -- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/KeyUtils.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/KeyUtils.java index 07e00f2..c65ea98 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/KeyUtils.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/KeyUtils.java @@ -28,6 +28,9 @@ import java.security.spec.X509EncodedKeySpec; import java.util.Base64; public class KeyUtils { +private KeyUtils() { +} + public static PrivateKey readPrivateKey(String pemResName) throws Exception { InputStream contentIS = KeyUtils.class.getResourceAsStream(pemResName); byte[] tmp = new byte[4096]; @@ -79,6 +82,4 @@ public class KeyUtils { pem = pem.replaceAll("\n", ""); return pem.trim(); } -private KeyUtils() { -} } \ No newline at end of file http://git-wip-us.apache.org/repos/asf/tomee/blob/812cfed9/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTContext.java -- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTContext.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTContext.java index 07dfe0b..50b7d1e 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTContext.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTContext.java @@ -16,7 +16,6 @@ */ package org.apache.tomee.microprofile.jwt; -import javax.enterprise.context.ApplicationScoped; import java.util.Map; import java.util.Objects; import java.util.Optional; http://git-wip-us.apache.org/repos/asf/tomee/blob/812cfed9/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTInitializer.java -- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTInitializer.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTInitializer.java index bb8bb16..8fa9259 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTInitializer.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTInitializer.java @@ -18,7 +18,6 @@ package org.apache.tomee.microprofile.jwt; import org.eclipse.microprofile.auth.LoginConfig; -import javax.inject.Inject; import javax.servlet.FilterRegistration; import javax.servlet.ServletContainerInitializer; import javax.servlet.ServletContext; http://git-wip-us.apache.org/repos/asf/tomee/blob/812cfed9/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/TCKTokenParser.java -- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/TCKTokenParser.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/TCKTokenParser.java index 0c65795..aeea598 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/TCKTokenParser.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/TCKTokenParser.java @@ -32,8 +32,8 @@ public
[12/38] tomee git commit: Add a bit more in terms of wiring - still designing and working on it
Add a bit more in terms of wiring - still designing and working on it Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/d987d3ae Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/d987d3ae Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/d987d3ae Branch: refs/heads/master Commit: d987d3aedf89abf68e2975cd3c2be4274616a2fc Parents: 672b422 Author: Jean-Louis MonteiroAuthored: Thu Feb 22 22:00:27 2018 +0100 Committer: Jean-Louis Monteiro Committed: Thu Feb 22 22:00:27 2018 +0100 -- .../server/cxf/rs/MPJWTSecurityContextTest.java | 183 ++- .../tomee/microprofile/jwt/MPJWTContext.java| 134 ++ .../tomee/microprofile/jwt/MPJWTFilter.java | 22 ++- .../microprofile/jwt/MPJWTInitializer.java | 19 +- .../src/main/resources/META-INF/beans.xml | 1 + 5 files changed, 305 insertions(+), 54 deletions(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/d987d3ae/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java -- diff --git a/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java b/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java index 62565b4..10a1305 100644 --- a/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java +++ b/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java @@ -21,71 +21,81 @@ import org.apache.cxf.endpoint.Server; import org.apache.cxf.jaxrs.model.ApplicationInfo; import org.apache.openejb.jee.WebApp; import org.apache.openejb.junit.ApplicationComposer; -import org.apache.openejb.loader.SystemInstance; import org.apache.openejb.observer.Observes; import org.apache.openejb.server.cxf.rs.event.ServerCreated; import org.apache.openejb.server.rest.InternalApplication; -import org.apache.openejb.spi.SecurityService; import org.apache.openejb.testing.Classes; import org.apache.openejb.testing.Configuration; import org.apache.openejb.testing.EnableServices; import org.apache.openejb.testing.Module; +import org.apache.openejb.testing.RandomPort; import org.apache.openejb.testng.PropertiesBuilder; -import org.apache.openejb.util.NetworkUtil; import org.eclipse.microprofile.auth.LoginConfig; -import org.junit.BeforeClass; +import org.eclipse.microprofile.jwt.JsonWebToken; import org.junit.Test; import org.junit.runner.RunWith; +import javax.annotation.PostConstruct; +import javax.enterprise.context.ApplicationScoped; +import javax.inject.Inject; +import javax.servlet.Filter; +import javax.servlet.FilterChain; +import javax.servlet.FilterConfig; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; +import javax.servlet.annotation.WebFilter; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletRequestWrapper; import javax.ws.rs.ApplicationPath; import javax.ws.rs.GET; import javax.ws.rs.Path; +import javax.ws.rs.Produces; +import javax.ws.rs.QueryParam; import javax.ws.rs.client.ClientBuilder; -import javax.ws.rs.container.ContainerRequestContext; -import javax.ws.rs.container.ContainerRequestFilter; import javax.ws.rs.core.Application; import javax.ws.rs.core.Context; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.SecurityContext; -import javax.ws.rs.ext.Provider; import java.io.IOException; +import java.lang.annotation.Annotation; import java.security.Principal; -import java.util.Objects; +import java.util.Collections; +import java.util.HashMap; +import java.util.Map; +import java.util.Optional; import java.util.Properties; +import java.util.Set; +import java.util.function.Predicate; import static org.junit.Assert.assertEquals; @EnableServices("jax-rs") @RunWith(ApplicationComposer.class) public class MPJWTSecurityContextTest { - -private static int port = -1; - -@BeforeClass -public static void beforeClass() { -port = NetworkUtil.getNextAvailablePort(); -} +@RandomPort("http") +private int port; @Configuration public Properties props() { return new PropertiesBuilder() -.p("httpejbd.port", Integer.toString(port)) .p("observer", "new://Service?class-name=" + Observer.class.getName()) // properly packaged and auto registered .build(); } @Module -@Classes(cdi = true, value = {Res.class, RestApplication.class}) +@Classes(value = {Res.class, RestApplication.class, MPFilter.class, MPContext.class}, cdi = true) public WebApp war()
[09/38] tomee git commit: Renaming
Renaming Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/ad9e2221 Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/ad9e2221 Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/ad9e2221 Branch: refs/heads/master Commit: ad9e2221cdb1fe00e6f59d4b5ee46f1f24dabd4f Parents: f58a39a Author: Jean-Louis MonteiroAuthored: Thu Feb 22 09:57:43 2018 +0100 Committer: Jean-Louis Monteiro Committed: Thu Feb 22 09:57:43 2018 +0100 -- .../server/cxf/rs/MPJWTSecurityContextTest.java | 24 +--- 1 file changed, 11 insertions(+), 13 deletions(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/ad9e2221/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java -- diff --git a/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java b/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java index c85e6fb..5c62851 100644 --- a/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java +++ b/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java @@ -16,19 +16,19 @@ */ package org.apache.openejb.server.cxf.rs; +import org.apache.cxf.Bus; +import org.apache.cxf.endpoint.Server; import org.apache.cxf.jaxrs.model.ApplicationInfo; import org.apache.openejb.jee.WebApp; import org.apache.openejb.junit.ApplicationComposer; import org.apache.openejb.loader.SystemInstance; import org.apache.openejb.observer.Observes; -import org.apache.openejb.server.cxf.rs.event.ExtensionProviderRegistration; import org.apache.openejb.server.cxf.rs.event.ServerCreated; import org.apache.openejb.server.rest.InternalApplication; import org.apache.openejb.spi.SecurityService; import org.apache.openejb.testing.Classes; import org.apache.openejb.testing.Configuration; import org.apache.openejb.testing.EnableServices; -import org.apache.openejb.testing.JaxrsProviders; import org.apache.openejb.testing.Module; import org.apache.openejb.testng.PropertiesBuilder; import org.apache.openejb.util.NetworkUtil; @@ -75,10 +75,10 @@ public class MPJWTSecurityContextTest { } @Module -@Classes({ Res.class, RestApplication.class}) +@Classes({Res.class, RestApplication.class}) public WebApp war() { return new WebApp() -.contextRoot("foo"); +.contextRoot("foo"); } @Test @@ -122,35 +122,33 @@ public class MPJWTSecurityContextTest { public void obs(@Observes final ServerCreated event) { System.out.println("Observer.obs"); -final ApplicationInfo appInfo = (ApplicationInfo) event.getServer().getEndpoint().get("javax.ws.rs.core.Application"); +final Server server = event.getServer(); +final Bus bus = (Bus) server.getEndpoint().get("org.apache.cxf.Bus"); +final ApplicationInfo appInfo = (ApplicationInfo) server.getEndpoint().get("javax.ws.rs.core.Application"); final Application application = InternalApplication.class.isInstance(appInfo.getProvider()) -? InternalApplication.class.cast(appInfo.getProvider()).getOriginal() -: appInfo.getProvider(); +? InternalApplication.class.cast(appInfo.getProvider()).getOriginal() +: appInfo.getProvider(); final LoginConfig annotation = application.getClass().getAnnotation(LoginConfig.class); if (annotation != null && "MP-JWT".equals(annotation.authMethod())) { // add the ContainerRequestFilter on the fly -if (InternalApplication.class.isInstance(appInfo.getProvider())) { - InternalApplication.class.cast(appInfo.getProvider()).getClasses().add(MySecuCtx.class); -} } } } // this should also be packaged into the same module and delegate to the security service @Provider -public static class MySecuCtx implements ContainerRequestFilter { +public static class MPJWTSecurityContext implements ContainerRequestFilter { private final SecurityService securityService; -public MySecuCtx() { +public MPJWTSecurityContext() { securityService = SystemInstance.get().getComponent(SecurityService.class); Objects.requireNonNull(securityService, "A security context needs to be properly configured to enforce security in REST services"); } @Override public void filter(final ContainerRequestContext
[25/38] tomee git commit: Handling most of the injections. Missing Provider and Instance for now and then a couple of failures with @RolesAllowed and JACC
Handling most of the injections. Missing Provider and Instance for now and then a couple of failures with @RolesAllowed and JACC Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/b05e5643 Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/b05e5643 Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/b05e5643 Branch: refs/heads/master Commit: b05e5643dd976ecbc7509ac634f4a35f7f9b95f0 Parents: 92846ae Author: Jean-Louis MonteiroAuthored: Fri Mar 2 15:04:59 2018 +0100 Committer: Jean-Louis Monteiro Committed: Fri Mar 2 15:04:59 2018 +0100 -- .../tomee/microprofile/jwt/MPJWTFilter.java | 6 +- .../tomee/microprofile/jwt/cdi/ClaimBean.java | 159 +-- tck/mp-jwt-embedded/src/test/resources/dev.xml | 10 +- 3 files changed, 152 insertions(+), 23 deletions(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/b05e5643/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java -- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java index ebed96d..36e53cf 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java @@ -84,9 +84,9 @@ public class MPJWTFilter implements Filter { jsonWebToken = validate(token); } catch (final ParseException e) { -// todo properly handle the exception as required per spec -e.printStackTrace(); -throw new RuntimeException(e); +// todo is this enough? + HttpServletResponse.class.cast(response).sendError(HttpServletResponse.SC_UNAUTHORIZED); +return; } // associate with the producer. Should not be needed. http://git-wip-us.apache.org/repos/asf/tomee/blob/b05e5643/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java -- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java index 10abedf..0e87404 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java @@ -23,18 +23,28 @@ import org.eclipse.microprofile.jwt.JsonWebToken; import javax.enterprise.context.Dependent; import javax.enterprise.context.spi.CreationalContext; +import javax.enterprise.inject.Instance; import javax.enterprise.inject.spi.Annotated; import javax.enterprise.inject.spi.Bean; import javax.enterprise.inject.spi.BeanManager; import javax.enterprise.inject.spi.InjectionPoint; import javax.enterprise.inject.spi.PassivationCapable; +import javax.enterprise.util.AnnotationLiteral; +import javax.inject.Inject; import javax.inject.Provider; +import javax.json.Json; +import javax.json.JsonArrayBuilder; +import javax.json.JsonObject; +import javax.json.JsonValue; +import javax.json.bind.Jsonb; import java.lang.annotation.Annotation; import java.lang.reflect.ParameterizedType; import java.lang.reflect.Type; +import java.util.Collection; import java.util.Collections; import java.util.HashSet; import java.util.List; +import java.util.Map; import java.util.Optional; import java.util.Set; import java.util.logging.Logger; @@ -45,6 +55,13 @@ public class ClaimBean implements Bean, PassivationCapable { private final static Set QUALIFIERS = new HashSet<>(); +static { +QUALIFIERS.add(new ClaimLiteral()); +} + +@Inject +private Jsonb jsonb; + private final BeanManager bm; private final Class rawType; private final Set types; @@ -140,7 +157,7 @@ public class ClaimBean implements Bean, PassivationCapable { final String key = getClaimKey(claim); System.out.println(String.format("Found Claim injection with name=%s and for InjectionPoint=%s", key, ip.toString())); -logger.finest(String.format("Found Claim injection with name=%s and for InjectionPoint=%s", key, ip.toString())); +logger.finest(String.format("Found Claim injection with name=%s and for %s", key, ip.toString())); if (annotated.getBaseType() instanceof ParameterizedType) { final ParameterizedType paramType = (ParameterizedType) annotated.getBaseType(); @@ -151,39 +168,65 @@ public class ClaimBean implements Bean, PassivationCapable {
[15/38] tomee git commit: See if we can run something
See if we can run something Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/9c691901 Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/9c691901 Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/9c691901 Branch: refs/heads/master Commit: 9c691901d10df7482ce60529443add1c8b9eda8f Parents: 7639e0d Author: Jean-Louis MonteiroAuthored: Fri Feb 23 14:35:51 2018 +0100 Committer: Jean-Louis Monteiro Committed: Fri Feb 23 14:35:51 2018 +0100 -- tck/mp-jwt-embedded/pom.xml | 5 +++ .../src/test/resources/arquillian.xml | 37 tck/mp-jwt-embedded/src/test/resources/dev.xml | 5 ++- 3 files changed, 46 insertions(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/9c691901/tck/mp-jwt-embedded/pom.xml -- diff --git a/tck/mp-jwt-embedded/pom.xml b/tck/mp-jwt-embedded/pom.xml index fac5766..ddbccec 100644 --- a/tck/mp-jwt-embedded/pom.xml +++ b/tck/mp-jwt-embedded/pom.xml @@ -85,6 +85,11 @@ arquillian-container-test-spi ${version.arquillian} + + org.jboss.arquillian.testng + arquillian-testng-container + ${version.arquillian} + org.bitbucket.b_c http://git-wip-us.apache.org/repos/asf/tomee/blob/9c691901/tck/mp-jwt-embedded/src/test/resources/arquillian.xml -- diff --git a/tck/mp-jwt-embedded/src/test/resources/arquillian.xml b/tck/mp-jwt-embedded/src/test/resources/arquillian.xml new file mode 100644 index 000..caab73b --- /dev/null +++ b/tck/mp-jwt-embedded/src/test/resources/arquillian.xml @@ -0,0 +1,37 @@ + + +http://www.w3.org/2001/XMLSchema-instance; +xsi:schemaLocation=" + http://jboss.org/schema/arquillian + http://jboss.org/schema/arquillian/arquillian_1_0.xsd;> + + + + -Xmx512m -XX:MaxPermSize=512m + -1 + -1 + -1 + target/tomee-tck + target/tck-workdir + true + + + + http://git-wip-us.apache.org/repos/asf/tomee/blob/9c691901/tck/mp-jwt-embedded/src/test/resources/dev.xml -- diff --git a/tck/mp-jwt-embedded/src/test/resources/dev.xml b/tck/mp-jwt-embedded/src/test/resources/dev.xml index c2b24b8..16038c9 100644 --- a/tck/mp-jwt-embedded/src/test/resources/dev.xml +++ b/tck/mp-jwt-embedded/src/test/resources/dev.xml @@ -42,6 +42,7 @@ + +
[22/38] tomee git commit: Different CDI approach
Different CDI approach Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/d81bd39d Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/d81bd39d Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/d81bd39d Branch: refs/heads/master Commit: d81bd39d0df71608bc2ae9f334df344e04b5081f Parents: 2b9950f Author: Jean-Louis MonteiroAuthored: Fri Mar 2 08:52:59 2018 +0100 Committer: Jean-Louis Monteiro Committed: Fri Mar 2 08:52:59 2018 +0100 -- .../tomee/microprofile/jwt/cdi/ClaimBean.java | 187 ++ .../jwt/cdi/ClaimInjectionPoint.java| 69 .../jwt/cdi/ClaimProviderBeanAttributes.java| 66 .../jwt/cdi/ClaimValueProducer.java | 80 - .../microprofile/jwt/cdi/DefaultLiteral.java| 24 ++ .../microprofile/jwt/cdi/JsonValueProducer.java | 109 -- .../microprofile/jwt/cdi/JsonbProducer.java | 2 +- .../microprofile/jwt/cdi/MPJWTCDIExtension.java | 347 +++ .../microprofile/jwt/cdi/MPJWTProducer.java | 4 + .../jwt/cdi/RawClaimTypeProducer.java | 80 - tck/mp-jwt-embedded/src/test/resources/dev.xml | 12 +- 11 files changed, 329 insertions(+), 651 deletions(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/d81bd39d/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java -- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java new file mode 100644 index 000..d04d807 --- /dev/null +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java @@ -0,0 +1,187 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + *http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.tomee.microprofile.jwt.cdi; + +import org.eclipse.microprofile.jwt.Claim; +import org.eclipse.microprofile.jwt.Claims; + +import javax.enterprise.context.Dependent; +import javax.enterprise.context.spi.CreationalContext; +import javax.enterprise.inject.spi.Annotated; +import javax.enterprise.inject.spi.Bean; +import javax.enterprise.inject.spi.BeanManager; +import javax.enterprise.inject.spi.InjectionPoint; +import javax.enterprise.inject.spi.PassivationCapable; +import javax.inject.Provider; +import java.lang.annotation.Annotation; +import java.lang.reflect.ParameterizedType; +import java.lang.reflect.Type; +import java.util.Collections; +import java.util.HashSet; +import java.util.List; +import java.util.Optional; +import java.util.Set; + +public class ClaimBean implements Bean, PassivationCapable { + +private final static Set QUALIFIERS = new HashSet<>(); + +private final BeanManager bm; +private final Class rawType; +private final Set types; +private final String id; + +public ClaimBean(final BeanManager bm, final Type type) { +this.bm = bm; +types = new HashSet<>(); +types.add(type); +rawType = getRawType(type); +this.id = "ClaimBean_" + types; +} + +private Class getRawType(Type type) { +if (type instanceof Class) { +return (Class) type; + +} else if (type instanceof ParameterizedType) { +final ParameterizedType paramType = (ParameterizedType) type; + +return (Class) paramType.getRawType(); +} + +// todo deal with Optional here? + +throw new UnsupportedOperationException("Unsupported type " + type); +} + + +@Override +public Set getInjectionPoints() { +return Collections.emptySet(); +} + +@Override +public Class getBeanClass() { +return rawType; +} + +@Override +public boolean isNullable() { +return false; +} + +@Override +public void destroy(T instance, CreationalContext context) { + +} + +@Override +public Set getTypes() { +
[37/38] tomee git commit: Merge remote-tracking branch 'github/master' into jlmonteiro-mp-jwt-playground
Merge remote-tracking branch 'github/master' into jlmonteiro-mp-jwt-playground Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/d7b1ec64 Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/d7b1ec64 Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/d7b1ec64 Branch: refs/heads/master Commit: d7b1ec640dde173d07b6f22cf8b4c5ddf2a26a68 Parents: 04675f5 3332c7e Author: Jean-Louis MonteiroAuthored: Wed Mar 7 11:45:37 2018 +0100 Committer: Jean-Louis Monteiro Committed: Wed Mar 7 11:45:37 2018 +0100 -- ...edExecutorServiceGetPrincipalInTaskTest.java | 11 +- .../src/test/resources/managed/web.xml | 49 ++ .../arquillian/tests/jms/EnvEntryTest.java | 2 + .../securityejb/SecurityEJBPropagationTest.java | 4 +- .../src/test/resources/test/context.xml | 20 +++ .../org/apache/openejb/config/AutoConfig.java | 113 - .../openejb/core/mdb/MdbInstanceManager.java| 44 +++-- .../openejb/core/mdb/MdbPoolContainer.java | 8 +- .../mdb/TxTimeoutPoolEndpointHandlerTest.java | 167 +++ .../superbiz/counter/CounterCallbacksTest.java | 2 +- pom.xml | 9 +- .../tomee/catalina/TomcatWebAppBuilder.java | 10 +- .../tomee/embedded/ConnectorConfigTest.java | 4 +- .../src/test/resources/test/context.xml | 2 +- .../src/test/resources/test/login.config| 4 +- 15 files changed, 407 insertions(+), 42 deletions(-) --
[05/38] tomee git commit: chech the auth method
chech the auth method Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/a2468e4d Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/a2468e4d Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/a2468e4d Branch: refs/heads/master Commit: a2468e4dd19cb203124e7f0635772e56c3cbde7a Parents: 9114b2a Author: Jean-Louis MonteiroAuthored: Wed Feb 21 16:31:53 2018 +0100 Committer: Jean-Louis Monteiro Committed: Wed Feb 21 16:31:53 2018 +0100 -- .../org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/a2468e4d/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java -- diff --git a/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java b/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java index ed13615..b7bceb5 100644 --- a/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java +++ b/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java @@ -135,7 +135,7 @@ public class MPJWTSecurityContextTest { final ApplicationInfo appInfo = (ApplicationInfo) registration.getServer().getEndpoint().get("javax.ws.rs.core.Application"); final Application application = appInfo.getProvider(); final LoginConfig annotation = application.getClass().getAnnotation(LoginConfig.class); -if (annotation != null) { +if (annotation != null && "MP-JWT".equals(annotation.authMethod())) { // add the ContainerRequestFilter on the fly registration.getProviders().add(new MySecuCtx()); }
[01/38] tomee git commit: Testing code
Repository: tomee Updated Branches: refs/heads/master 3e487f0f9 -> 09ca434d9 Testing code Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/e55b4dcf Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/e55b4dcf Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/e55b4dcf Branch: refs/heads/master Commit: e55b4dcf3f6d1e657ff88749afa351d906a4376c Parents: 715e7f2 Author: Jean-Louis MonteiroAuthored: Tue Feb 20 09:29:35 2018 +0100 Committer: Jean-Louis Monteiro Committed: Tue Feb 20 09:29:35 2018 +0100 -- container/openejb-core/pom.xml | 19 .../apache/openejb/core/security/JWTUtil.java | 100 +++ 2 files changed, 119 insertions(+) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/e55b4dcf/container/openejb-core/pom.xml -- diff --git a/container/openejb-core/pom.xml b/container/openejb-core/pom.xml index be1e710..c7f 100644 --- a/container/openejb-core/pom.xml +++ b/container/openejb-core/pom.xml @@ -712,6 +712,25 @@ provided + + org.eclipse.microprofile.config + microprofile-config-api + 1.2 + compile + + + org.eclipse.microprofile.jwt + microprofile-jwt-auth-api + 1.1-SNAPSHOT + compile + + + com.nimbusds + nimbus-jose-jwt + 5.1 + compile + + http://git-wip-us.apache.org/repos/asf/tomee/blob/e55b4dcf/container/openejb-core/src/test/java/org/apache/openejb/core/security/JWTUtil.java -- diff --git a/container/openejb-core/src/test/java/org/apache/openejb/core/security/JWTUtil.java b/container/openejb-core/src/test/java/org/apache/openejb/core/security/JWTUtil.java new file mode 100644 index 000..4ae438f --- /dev/null +++ b/container/openejb-core/src/test/java/org/apache/openejb/core/security/JWTUtil.java @@ -0,0 +1,100 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.openejb.core.security; + +import com.nimbusds.jose.JOSEException; +import com.nimbusds.jose.JWSAlgorithm; +import com.nimbusds.jose.JWSHeader; +import com.nimbusds.jose.JWSSigner; +import com.nimbusds.jose.crypto.MACSigner; +import com.nimbusds.jose.crypto.RSASSASigner; +import com.nimbusds.jwt.JWTClaimsSet; +import com.nimbusds.jwt.SignedJWT; + +import javax.crypto.SecretKey; +import javax.crypto.spec.SecretKeySpec; +import java.security.Key; +import java.security.interfaces.RSAPrivateKey; +import java.time.LocalDate; +import java.util.Date; +import java.util.UUID; + +import static java.time.ZoneId.systemDefault; + +public class JWTUtil { + +protected static final String MYSHAREDSECRET = "abcdefghijklmnopqrstuvwxyzabcdef"; // at least 256 bits + +private JWTUtil() { +// prevent direct instantiation +} + +public static String createValidJwtAccessToken(String... scopes) throws Exception { +final SecretKey key = new SecretKeySpec(MYSHAREDSECRET.getBytes(), "hmac-sha256"); + +// Prepare JWT with claims set +final JWTClaimsSet.Builder claimsBuilder = createValidJwtClaimsSet(); + +if (scopes != null && scopes.length > 0) { +claimsBuilder.claim("scopes", scopes); +} + +final JWTClaimsSet claimsSet = claimsBuilder.build(); + +final JWSHeader header = new JWSHeader(JWSAlgorithm.HS256); + +return sign(claimsSet, header, key).serialize(); +} + +public static SignedJWT sign(final JWTClaimsSet jwtClaimsSet, final JWSHeader jwsHeader, final Key key) throws JOSEException { +JWSSigner signer = null; +if (RSAPrivateKey.class.isInstance(key)) { +signer = new RSASSASigner(RSAPrivateKey.class.cast(key)); + +} else if (SecretKey.class.isInstance(key)) { +signer = new MACSigner(SecretKey.class.cast(key).getEncoded()); + +} else { +throw new
[04/38] tomee git commit: See if I can wire into the REST layer
See if I can wire into the REST layer Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/9114b2af Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/9114b2af Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/9114b2af Branch: refs/heads/master Commit: 9114b2afc89c06664fcb9a80b1757af729bc7e54 Parents: 7c7236b Author: Jean-Louis MonteiroAuthored: Wed Feb 21 16:29:21 2018 +0100 Committer: Jean-Louis Monteiro Committed: Wed Feb 21 16:29:21 2018 +0100 -- .../server/cxf/rs/CxfRsHttpListener.java| 2 +- .../rs/event/ExtensionProviderRegistration.java | 9 +- .../server/cxf/rs/MPJWTSecurityContextTest.java | 183 +++ 3 files changed, 192 insertions(+), 2 deletions(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/9114b2af/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/CxfRsHttpListener.java -- diff --git a/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/CxfRsHttpListener.java b/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/CxfRsHttpListener.java index e10172f..305a1c1 100644 --- a/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/CxfRsHttpListener.java +++ b/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/CxfRsHttpListener.java @@ -1019,7 +1019,7 @@ public class CxfRsHttpListener implements RsHttpListener { } } -SystemInstance.get().fireEvent(new ExtensionProviderRegistration( +SystemInstance.get().fireEvent(new ExtensionProviderRegistration(server, AppFinder.findAppContextOrWeb(Thread.currentThread().getContextClassLoader(), AppFinder.AppContextTransformer.INSTANCE), providers)); if (!providers.isEmpty()) { http://git-wip-us.apache.org/repos/asf/tomee/blob/9114b2af/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/event/ExtensionProviderRegistration.java -- diff --git a/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/event/ExtensionProviderRegistration.java b/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/event/ExtensionProviderRegistration.java index cfae25c..7af089f 100644 --- a/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/event/ExtensionProviderRegistration.java +++ b/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/event/ExtensionProviderRegistration.java @@ -16,6 +16,7 @@ */ package org.apache.openejb.server.cxf.rs.event; +import org.apache.cxf.endpoint.Server; import org.apache.openejb.AppContext; import org.apache.openejb.observer.Event; @@ -25,10 +26,12 @@ import java.util.List; // this event can allow to add/remove/resort providers @Event public class ExtensionProviderRegistration { +private final Server server; private final List providers; private final AppContext appContext; -public ExtensionProviderRegistration(final AppContext ctx, final List existings) { +public ExtensionProviderRegistration(final Server server, final AppContext ctx, final List existings) { +this.server = server; this.appContext = ctx; this.providers = existings; } @@ -41,6 +44,10 @@ public class ExtensionProviderRegistration { return providers; } +public Server getServer() { +return server; +} + @Override public String toString() { return "ExtensionProviderRegistration{}"; http://git-wip-us.apache.org/repos/asf/tomee/blob/9114b2af/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java -- diff --git a/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java b/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java new file mode 100644 index 000..ed13615 --- /dev/null +++ b/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java @@ -0,0 +1,183 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + *http://www.apache.org/licenses/LICENSE-2.0 + * + *
[13/38] tomee git commit: Get some code from https://github.com/MicroProfileJWT/microprofile-jwt-auth-prototype
Get some code from https://github.com/MicroProfileJWT/microprofile-jwt-auth-prototype Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/c5b38b37 Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/c5b38b37 Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/c5b38b37 Branch: refs/heads/master Commit: c5b38b37142af58fe771d7a397b388cec847f734 Parents: d987d3a Author: Jean-Louis MonteiroAuthored: Thu Feb 22 22:19:49 2018 +0100 Committer: Jean-Louis Monteiro Committed: Thu Feb 22 22:19:49 2018 +0100 -- tck/mp-jwt-embedded/pom.xml | 15 + .../jwt/DefaultJWTCallerPrincipal.java | 305 ++- .../jwt/DefaultJWTCallerPrincipalFactory.java | 86 ++ .../microprofile/jwt/JWTAuthContextInfo.java| 66 .../microprofile/jwt/JWTCallerPrincipal.java| 9 +- .../jwt/JWTCallerPrincipalFactory.java | 124 .../tomee/microprofile/jwt/MPJWTContext.java| 3 - .../tomee/microprofile/jwt/MPJWTFilter.java | 10 +- .../tomee/microprofile/jwt/ParseException.java | 32 ++ ...file.jwt.principal.JWTCallerPrincipalFactory | 1 + 10 files changed, 632 insertions(+), 19 deletions(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/c5b38b37/tck/mp-jwt-embedded/pom.xml -- diff --git a/tck/mp-jwt-embedded/pom.xml b/tck/mp-jwt-embedded/pom.xml index 361fd50..fac5766 100644 --- a/tck/mp-jwt-embedded/pom.xml +++ b/tck/mp-jwt-embedded/pom.xml @@ -86,6 +86,21 @@ ${version.arquillian} + + org.bitbucket.b_c + jose4j + 0.6.0 + + + javax.json.bind + javax.json.bind-api + 1.0 + + + org.glassfish + javax.json + 1.0.4 + http://git-wip-us.apache.org/repos/asf/tomee/blob/c5b38b37/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/DefaultJWTCallerPrincipal.java -- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/DefaultJWTCallerPrincipal.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/DefaultJWTCallerPrincipal.java index d141a5f..2559b1e 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/DefaultJWTCallerPrincipal.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/DefaultJWTCallerPrincipal.java @@ -16,36 +16,319 @@ */ package org.apache.tomee.microprofile.jwt; +import org.eclipse.microprofile.jwt.Claims; +import org.jose4j.jwt.JwtClaims; +import org.jose4j.jwt.MalformedClaimException; + +import javax.json.Json; +import javax.json.JsonArray; +import javax.json.JsonArrayBuilder; +import javax.json.JsonNumber; +import javax.json.JsonObject; +import javax.json.JsonObjectBuilder; +import javax.json.JsonValue; +import javax.security.auth.Subject; +import java.util.Collection; +import java.util.HashSet; +import java.util.List; +import java.util.Map; import java.util.Set; +import java.util.logging.Level; +import java.util.logging.Logger; /** - * A default implementation of JWTCallerPrincipal that wraps Nimbus library used by default here - * We could create another implementation using plain JSON-P - * + * A default implementation of JWTCallerPrincipal using jose4j + * Another implementation could use nimbus and another plain JSON-P */ public class DefaultJWTCallerPrincipal extends JWTCallerPrincipal { +private static Logger logger = Logger.getLogger(DefaultJWTCallerPrincipal.class.getName()); +private String jwt; +private String type; +private JwtClaims claimsSet; + /** - * Create a JWTCallerPrincipal with the caller's name + * Create the DefaultJWTCallerPrincipal from the parsed JWT token and the extracted principal name * - * @param name - caller's name + * @param jwt - the parsed JWT token representation + * @param name - the extracted unqiue name to use as the principal name; from "upn", "preferred_username" or "sub" claim */ -public DefaultJWTCallerPrincipal(final String name) { +public DefaultJWTCallerPrincipal(String jwt, String type, JwtClaims claimsSet, String name) { super(name); +this.jwt = jwt; +this.type = type; +this.claimsSet = claimsSet; +fixJoseTypes(); +} + +@Override +public Set getAudience() { +Set audSet = new HashSet<>(); +try { +List audList = claimsSet.getStringListClaimValue("aud"); +if (audList != null) { +audSet.addAll(audList); +} +} catch (MalformedClaimException e) { +try { +String
[11/38] tomee git commit: Start adding a TCK module and implementing some stuff
Start adding a TCK module and implementing some stuff Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/672b422e Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/672b422e Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/672b422e Branch: refs/heads/master Commit: 672b422ee8ad459d15fac5000d4a01013c01e2b3 Parents: 35e671d Author: Jean-Louis MonteiroAuthored: Thu Feb 22 16:58:13 2018 +0100 Committer: Jean-Louis Monteiro Committed: Thu Feb 22 16:58:13 2018 +0100 -- .../server/cxf/rs/MPJWTSecurityContextTest.java | 7 +- tck/mp-jwt-embedded/pom.xml | 157 +++ .../jwt/DefaultJWTCallerPrincipal.java | 51 ++ .../microprofile/jwt/JWTCallerPrincipal.java| 58 +++ .../tomee/microprofile/jwt/MPJWTFilter.java | 76 + .../microprofile/jwt/MPJWTInitializer.java | 59 +++ .../tomee/microprofile/jwt/TCKTokenParser.java | 33 .../javax.servlet.ServletContainerInitializer | 1 + tck/mp-jwt-embedded/src/test/resources/dev.xml | 80 ++ tck/pom.xml | 1 + 10 files changed, 520 insertions(+), 3 deletions(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/672b422e/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java -- diff --git a/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java b/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java index 5c62851..62565b4 100644 --- a/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java +++ b/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java @@ -75,7 +75,7 @@ public class MPJWTSecurityContextTest { } @Module -@Classes({Res.class, RestApplication.class}) +@Classes(cdi = true, value = {Res.class, RestApplication.class}) public WebApp war() { return new WebApp() .contextRoot("foo"); @@ -85,7 +85,7 @@ public class MPJWTSecurityContextTest { public void check() throws IOException { assertEquals("true", ClientBuilder.newClient() .target("http://127.0.0.1:; + port) -.path("foo/sc") +.path("api/foo/sc") .queryParam("role", "therole") .request() .accept(MediaType.TEXT_PLAIN_TYPE) @@ -93,7 +93,7 @@ public class MPJWTSecurityContextTest { assertEquals("false", ClientBuilder.newClient() .target("http://127.0.0.1:; + port) -.path("foo/sc") +.path("api/foo/sc") .queryParam("role", "another") .request() .accept(MediaType.TEXT_PLAIN_TYPE) @@ -132,6 +132,7 @@ public class MPJWTSecurityContextTest { final LoginConfig annotation = application.getClass().getAnnotation(LoginConfig.class); if (annotation != null && "MP-JWT".equals(annotation.authMethod())) { // add the ContainerRequestFilter on the fly +// todo how to add this on the fly } } } http://git-wip-us.apache.org/repos/asf/tomee/blob/672b422e/tck/mp-jwt-embedded/pom.xml -- diff --git a/tck/mp-jwt-embedded/pom.xml b/tck/mp-jwt-embedded/pom.xml new file mode 100644 index 000..361fd50 --- /dev/null +++ b/tck/mp-jwt-embedded/pom.xml @@ -0,0 +1,157 @@ + + +http://maven.apache.org/POM/4.0.0; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance; + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd;> + +tck +org.apache.tomee +7.0.5-SNAPSHOT + + 4.0.0 + + mp-jwt-embedded + OpenEJB :: TCK :: MP-JWT Embedded + + +1.1-SNAPSHOT + + + + + ${project.groupId} + javaee-api + + + ${project.groupId} + openejb-core + ${project.version} + test + + + org.slf4j + slf4j-jdk14 + ${slf4j.version} + test + + + org.testng + testng + test + + + ${project.groupId} + arquillian-tomee-embedded + ${project.version} + test + + + + + org.eclipse.microprofile.jwt + microprofile-jwt-auth-tck + ${tck.version} + + + + org.eclipse.microprofile.jwt + microprofile-jwt-auth-tck + ${tck.version} + test-jar + test + + + + org.jboss.arquillian.container +
[07/38] tomee git commit: format
format Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/7d93131a Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/7d93131a Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/7d93131a Branch: refs/heads/master Commit: 7d93131a542f20ff6f4f0848f151a9ae71898602 Parents: 7acf314 Author: Jean-Louis MonteiroAuthored: Wed Feb 21 17:09:29 2018 +0100 Committer: Jean-Louis Monteiro Committed: Wed Feb 21 17:09:29 2018 +0100 -- .../org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java | 1 + 1 file changed, 1 insertion(+) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/7d93131a/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java -- diff --git a/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java b/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java index 266aa66..28cc45d 100644 --- a/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java +++ b/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java @@ -126,6 +126,7 @@ public class MPJWTSecurityContextTest { final Application application = InternalApplication.class.isInstance(appInfo.getProvider()) ? InternalApplication.class.cast(appInfo.getProvider()).getOriginal() : appInfo.getProvider(); + final LoginConfig annotation = application.getClass().getAnnotation(LoginConfig.class); if (annotation != null && "MP-JWT".equals(annotation.authMethod())) { // add the ContainerRequestFilter on the fly
[03/38] tomee git commit: Try to reset to default
Try to reset to default Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/7c7236b8 Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/7c7236b8 Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/7c7236b8 Branch: refs/heads/master Commit: 7c7236b84f5d07062721c520207b44abe3cc97d1 Parents: d56dc9e Author: Jean-Louis MonteiroAuthored: Tue Feb 20 09:34:27 2018 +0100 Committer: Jean-Louis Monteiro Committed: Tue Feb 20 09:34:27 2018 +0100 -- .../java/org/apache/openejb/core/security/JwtSecurityTest.java| 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/7c7236b8/container/openejb-core/src/test/java/org/apache/openejb/core/security/JwtSecurityTest.java -- diff --git a/container/openejb-core/src/test/java/org/apache/openejb/core/security/JwtSecurityTest.java b/container/openejb-core/src/test/java/org/apache/openejb/core/security/JwtSecurityTest.java index 8708074..ddd92f3 100644 --- a/container/openejb-core/src/test/java/org/apache/openejb/core/security/JwtSecurityTest.java +++ b/container/openejb-core/src/test/java/org/apache/openejb/core/security/JwtSecurityTest.java @@ -65,7 +65,8 @@ public class JWTSecurityTest { public static void afterClass() throws Exception { OpenEJB.destroy(); System.clearProperty(Context.INITIAL_CONTEXT_FACTORY); -Security.setProperty("login.configuration.provider", null); +// unfortunate we can't reset the value, so setting to default (See Configuration) +Security.setProperty("login.configuration.provider", "sun.security.provider.ConfigFile"); } private Assembler configureAssembler(final String defaultUser) throws Exception {
[10/38] tomee git commit: Integ test for MPJWT on TomEE
Integ test for MPJWT on TomEE Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/35e671d3 Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/35e671d3 Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/35e671d3 Branch: refs/heads/master Commit: 35e671d395496a89316659e671d15609c534ef86 Parents: ad9e222 Author: Jean-Louis MonteiroAuthored: Thu Feb 22 11:28:44 2018 +0100 Committer: Jean-Louis Monteiro Committed: Thu Feb 22 11:28:44 2018 +0100 -- .../tests/jaxrs/mpjwt/HelloResource.java| 49 + .../tests/jaxrs/mpjwt/MPJWTApplication.java | 28 +++ .../arquillian/tests/jaxrs/mpjwt/MPJWTTest.java | 77 3 files changed, 154 insertions(+) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/35e671d3/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/java/org/apache/openejb/arquillian/tests/jaxrs/mpjwt/HelloResource.java -- diff --git a/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/java/org/apache/openejb/arquillian/tests/jaxrs/mpjwt/HelloResource.java b/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/java/org/apache/openejb/arquillian/tests/jaxrs/mpjwt/HelloResource.java new file mode 100644 index 000..bc030f1 --- /dev/null +++ b/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/java/org/apache/openejb/arquillian/tests/jaxrs/mpjwt/HelloResource.java @@ -0,0 +1,49 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.openejb.arquillian.tests.jaxrs.mpjwt; + +import org.eclipse.microprofile.jwt.Claim; +import org.eclipse.microprofile.jwt.ClaimValue; + +import javax.annotation.security.RolesAllowed; +import javax.ejb.Lock; +import javax.ejb.LockType; +import javax.ejb.Stateless; +import javax.inject.Inject; +import javax.ws.rs.GET; +import javax.ws.rs.Path; +import javax.ws.rs.Produces; +import javax.ws.rs.core.Context; +import javax.ws.rs.core.MediaType; +import javax.ws.rs.core.SecurityContext; + +@Path("/hello") +@Stateless +@Lock(LockType.READ) +public class HelloResource { + +@Inject +@Claim("jti") +private ClaimValue jti; + +@GET +@Produces(MediaType.TEXT_PLAIN) +@RolesAllowed("helloRole") +public String sayHello(@Context SecurityContext context) { +return "hello " + context.getUserPrincipal().getName(); +} +} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/tomee/blob/35e671d3/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/java/org/apache/openejb/arquillian/tests/jaxrs/mpjwt/MPJWTApplication.java -- diff --git a/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/java/org/apache/openejb/arquillian/tests/jaxrs/mpjwt/MPJWTApplication.java b/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/java/org/apache/openejb/arquillian/tests/jaxrs/mpjwt/MPJWTApplication.java new file mode 100644 index 000..18bdee6 --- /dev/null +++ b/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/java/org/apache/openejb/arquillian/tests/jaxrs/mpjwt/MPJWTApplication.java @@ -0,0 +1,28 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
[32/38] tomee git commit: Incorporate feedback
Incorporate feedback Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/898c8219 Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/898c8219 Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/898c8219 Branch: refs/heads/master Commit: 898c82191408443ed262bafb0dff8fa61ece1296 Parents: 9a428e1 Author: Jean-Louis MonteiroAuthored: Wed Mar 7 08:57:27 2018 +0100 Committer: Jean-Louis Monteiro Committed: Wed Mar 7 08:57:27 2018 +0100 -- .../microprofile/jwt/MPJWTInitializer.java | 3 +- .../tomee/microprofile/jwt/cdi/ClaimBean.java | 17 ++- .../microprofile/jwt/cdi/DefaultLiteral.java| 2 +- .../principal/DefaultJWTCallerPrincipal.java| 114 +++ 4 files changed, 79 insertions(+), 57 deletions(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/898c8219/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTInitializer.java -- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTInitializer.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTInitializer.java index bf64601..fb954a5 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTInitializer.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTInitializer.java @@ -36,7 +36,7 @@ public class MPJWTInitializer implements ServletContainerInitializer { public void onStartup(final Set classes, final ServletContext ctx) throws ServletException { if (classes == null || classes.isEmpty()) { -return; // to REST application having @LoginConfig on it +return; // to classes having @LoginConfig on it } for (Class clazz : classes) { @@ -48,6 +48,7 @@ public class MPJWTInitializer implements ServletContainerInitializer { if (!Application.class.isAssignableFrom(clazz)) { continue; // do we really want Application? +// See https://github.com/eclipse/microprofile-jwt-auth/issues/70 to clarify this point } final FilterRegistration.Dynamic mpJwtFilter = ctx.addFilter("mp-jwt-filter", MPJWTFilter.class); http://git-wip-us.apache.org/repos/asf/tomee/blob/898c8219/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java -- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java index 513e271..5f7852f 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java @@ -54,9 +54,9 @@ import java.util.logging.Logger; @Vetoed public class ClaimBean implements Bean, PassivationCapable { -private static Logger logger = Logger.getLogger(MPJWTCDIExtension.class.getName()); +private static final Logger logger = Logger.getLogger(MPJWTCDIExtension.class.getName()); -private final static Set QUALIFIERS = new HashSet<>(); +private static final Set QUALIFIERS = new HashSet<>(); static { QUALIFIERS.add(new ClaimLiteral()); @@ -65,9 +65,6 @@ public class ClaimBean implements Bean, PassivationCapable { @Inject private Jsonb jsonb; -@Inject -private JsonWebToken jsonWebToken; - private final BeanManager bm; private final Class rawType; private final Set types; @@ -112,8 +109,8 @@ public class ClaimBean implements Bean, PassivationCapable { } @Override -public void destroy(T instance, CreationalContext context) { - +public void destroy(final T instance, final CreationalContext context) { +logger.finest("Destroying CDI Bean for type " + types.iterator().next()); } @Override @@ -153,9 +150,10 @@ public class ClaimBean implements Bean, PassivationCapable { @Override public T create(final CreationalContext context) { +logger.finest("Creating CDI Bean for type " + types.iterator().next()); final InjectionPoint ip = (InjectionPoint) bm.getInjectableReference(new ClaimInjectionPoint(this), context); if (ip == null) { -throw new IllegalStateException("Could not retrieve InjectionPoint"); +throw new IllegalStateException("Could not retrieve InjectionPoint for type " + types.iterator().next()); } final Annotated annotated = ip.getAnnotated(); @@ -259,6 +257,7 @@ public class ClaimBean implements
[02/38] tomee git commit: small quick and dirty test
small quick and dirty test Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/d56dc9e9 Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/d56dc9e9 Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/d56dc9e9 Branch: refs/heads/master Commit: d56dc9e98bc0db270413bbd553b1f13ef3a60b7c Parents: e55b4dc Author: Jean-Louis MonteiroAuthored: Tue Feb 20 09:30:07 2018 +0100 Committer: Jean-Louis Monteiro Committed: Tue Feb 20 09:30:07 2018 +0100 -- .../openejb/core/security/JwtSecurityTest.java | 363 +++ 1 file changed, 363 insertions(+) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/d56dc9e9/container/openejb-core/src/test/java/org/apache/openejb/core/security/JwtSecurityTest.java -- diff --git a/container/openejb-core/src/test/java/org/apache/openejb/core/security/JwtSecurityTest.java b/container/openejb-core/src/test/java/org/apache/openejb/core/security/JwtSecurityTest.java new file mode 100644 index 000..8708074 --- /dev/null +++ b/container/openejb-core/src/test/java/org/apache/openejb/core/security/JwtSecurityTest.java @@ -0,0 +1,363 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.openejb.core.security; + +import org.apache.openejb.OpenEJB; +import org.apache.openejb.assembler.classic.Assembler; +import org.apache.openejb.assembler.classic.EjbJarInfo; +import org.apache.openejb.assembler.classic.ProxyFactoryInfo; +import org.apache.openejb.assembler.classic.SecurityServiceInfo; +import org.apache.openejb.assembler.classic.StatelessSessionContainerInfo; +import org.apache.openejb.assembler.classic.TransactionServiceInfo; +import org.apache.openejb.config.ConfigurationFactory; +import org.apache.openejb.core.LocalInitialContextFactory; +import org.apache.openejb.core.security.jaas.GroupPrincipal; +import org.apache.openejb.core.security.jaas.UserPrincipal; +import org.apache.openejb.jee.EjbJar; +import org.apache.openejb.jee.StatelessBean; +import org.junit.AfterClass; +import org.junit.Test; + +import javax.annotation.Resource; +import javax.annotation.security.DeclareRoles; +import javax.annotation.security.DenyAll; +import javax.annotation.security.PermitAll; +import javax.annotation.security.RolesAllowed; +import javax.annotation.security.RunAs; +import javax.ejb.SessionContext; +import javax.ejb.Singleton; +import javax.naming.Context; +import javax.naming.InitialContext; +import javax.security.auth.Subject; +import javax.security.auth.callback.CallbackHandler; +import javax.security.auth.login.AppConfigurationEntry; +import javax.security.auth.login.Configuration; +import javax.security.auth.login.LoginException; +import javax.security.auth.spi.LoginModule; +import java.security.Security; +import java.util.HashMap; +import java.util.HashSet; +import java.util.Map; +import java.util.Properties; +import java.util.Set; + +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; +import static org.testng.AssertJUnit.assertFalse; + +public class JWTSecurityTest { + +@AfterClass +public static void afterClass() throws Exception { +OpenEJB.destroy(); +System.clearProperty(Context.INITIAL_CONTEXT_FACTORY); +Security.setProperty("login.configuration.provider", null); +} + +private Assembler configureAssembler(final String defaultUser) throws Exception { +System.setProperty(Context.INITIAL_CONTEXT_FACTORY, LocalInitialContextFactory.class.getName()); +Security.setProperty("login.configuration.provider", JaasConfig.class.getName()); + +final ConfigurationFactory config = new ConfigurationFactory(); +final Assembler assembler = new Assembler(); + + assembler.createProxyFactory(config.configureService(ProxyFactoryInfo.class)); + assembler.createTransactionManager(config.configureService(TransactionServiceInfo.class)); + +final SecurityServiceInfo
[14/38] tomee git commit: Token impl for TCK tests
Token impl for TCK tests Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/7639e0d2 Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/7639e0d2 Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/7639e0d2 Branch: refs/heads/master Commit: 7639e0d2cbfdfe91305d7d1a24513da840e0e7ab Parents: c5b38b3 Author: Jean-Louis MonteiroAuthored: Thu Feb 22 22:48:14 2018 +0100 Committer: Jean-Louis Monteiro Committed: Thu Feb 22 22:48:14 2018 +0100 -- .../apache/tomee/microprofile/jwt/TCKTokenParser.java | 12 1 file changed, 8 insertions(+), 4 deletions(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/7639e0d2/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/TCKTokenParser.java -- diff --git a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/TCKTokenParser.java b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/TCKTokenParser.java index b07ba24..ba57491 100644 --- a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/TCKTokenParser.java +++ b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/TCKTokenParser.java @@ -20,14 +20,18 @@ import org.eclipse.microprofile.jwt.JsonWebToken; import org.eclipse.microprofile.jwt.tck.util.ITokenParser; import java.security.PublicKey; +import java.security.interfaces.RSAPublicKey; -// this is only used by the TCK +/** + * MP-JWT TCK harness class to parse a token string + */ public class TCKTokenParser implements ITokenParser { - @Override -public JsonWebToken parse(final String bearerToken, final String issuer, final PublicKey publicKey) throws Exception { -return null; // todo - do some work +public JsonWebToken parse(String bearerToken, String issuer, PublicKey publicKey) throws Exception { +JWTAuthContextInfo authContextInfo = new JWTAuthContextInfo((RSAPublicKey) publicKey, issuer); +JWTCallerPrincipalFactory factory = DefaultJWTCallerPrincipalFactory.instance(); +return factory.parse(bearerToken, authContextInfo); } }
[38/38] tomee git commit: Merge remote-tracking branch 'github/master' into jlmonteiro-mp-jwt-playground
Merge remote-tracking branch 'github/master' into jlmonteiro-mp-jwt-playground Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/09ca434d Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/09ca434d Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/09ca434d Branch: refs/heads/master Commit: 09ca434d9d80de8a36e9973682e071e19934552f Parents: d7b1ec6 3e487f0 Author: Jean-Louis MonteiroAuthored: Tue Apr 17 00:16:25 2018 +0200 Committer: Jean-Louis Monteiro Committed: Tue Apr 17 00:16:25 2018 +0200 -- arquillian/arquillian-tomee-common/pom.xml | 2 +- .../arquillian-tomee-webapp-remote/pom.xml | 2 +- container/openejb-core/pom.xml | 4 ++-- .../config/PersistenceContextAnnFactory.java| 14 ++--- .../apache/openejb/core/TempClassLoader.java| 6 +++--- .../openejb/core/cmp/cmp2/Cmp1Generator.java| 10 - .../openejb/core/cmp/cmp2/Cmp2Generator.java| 12 +-- .../apache/openejb/core/cmp/cmp2/CmpField.java | 2 +- .../apache/openejb/core/cmp/cmp2/CmrField.java | 2 +- .../apache/openejb/core/cmp/cmp2/CmrStyle.java | 2 +- .../core/cmp/cmp2/PostCreateGenerator.java | 8 +++ .../apache/openejb/dyni/DynamicSubclass.java| 20 +- .../apache/openejb/util/AnnotationFinder.java | 16 +++--- .../util/proxy/LocalBeanProxyFactory.java | 10 - .../openejb/DependenceValidationTest.java | 4 ++-- .../org/apache/openejb/DependencyVisitor.java | 22 ++-- .../openejb/config/ServiceClasspathTest.java| 16 +++--- .../config/rules/KeysAnnotationVisitor.java | 8 +++ .../config/rules/ValidationKeysAuditorTest.java | 4 ++-- .../apache/openejb/core/cmp/jpa/JpaTest.java| 14 ++--- container/openejb-jpa-integration/pom.xml | 2 +- .../openejb/jpa/integration/MakeTxLookup.java | 10 - maven/maven-util/pom.xml| 5 + pom.xml | 12 +-- server/openejb-bonecp/pom.xml | 5 + server/openejb-common-cli/pom.xml | 6 +- server/openejb-hessian/pom.xml | 5 + server/openejb-hsql/pom.xml | 5 + server/openejb-rest/pom.xml | 5 + server/openejb-server/pom.xml | 2 +- server/openejb-ssh/pom.xml | 5 + server/openejb-webservices/pom.xml | 10 + tck/bval-embedded/pom.xml | 5 + tomee/apache-tomee/pom.xml | 2 +- tomee/tomee-jaxrs/pom.xml | 5 + tomee/tomee-loader/pom.xml | 5 + tomee/tomee-webapp/pom.xml | 5 + utils/openejb-mockito/pom.xml | 5 + .../openejb/mockito/MockitoExtension.java | 2 +- utils/openejb-provisionning/pom.xml | 5 + 40 files changed, 179 insertions(+), 105 deletions(-) --
tomee git commit: Revert "TOMEE-2183"
Repository: tomee Updated Branches: refs/heads/master 61a688d9a -> 3e487f0f9 Revert "TOMEE-2183" This reverts commit 61a688d9a6d43b267a5e0602fa8ae02cd20d2fb0. Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/3e487f0f Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/3e487f0f Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/3e487f0f Branch: refs/heads/master Commit: 3e487f0f9ab3189c41e5c3767cd7465d63d3ae15 Parents: 61a688d Author: Jonathan GallimoreAuthored: Mon Apr 16 15:03:39 2018 +0100 Committer: Jonathan Gallimore Committed: Mon Apr 16 15:03:39 2018 +0100 -- .../org/apache/openejb/util/classloader/URLClassLoaderFirst.java | 3 +++ 1 file changed, 3 insertions(+) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/3e487f0f/container/openejb-core/src/main/java/org/apache/openejb/util/classloader/URLClassLoaderFirst.java -- diff --git a/container/openejb-core/src/main/java/org/apache/openejb/util/classloader/URLClassLoaderFirst.java b/container/openejb-core/src/main/java/org/apache/openejb/util/classloader/URLClassLoaderFirst.java index f124a1b..7280e1b 100644 --- a/container/openejb-core/src/main/java/org/apache/openejb/util/classloader/URLClassLoaderFirst.java +++ b/container/openejb-core/src/main/java/org/apache/openejb/util/classloader/URLClassLoaderFirst.java @@ -302,6 +302,9 @@ public class URLClassLoaderFirst extends URLClassLoader { if (commons.startsWith("cli.")) { return true; } +if (commons.startsWith("codec.")) { +return true; +} if (commons.startsWith("collections.")) { return true; }
[jira] [Commented] (TOMEE-2183) org.apache.commons.codec filtered by the classloader but not provided by TomEE WebProfile
[ https://issues.apache.org/jira/browse/TOMEE-2183?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16439480#comment-16439480 ] Jonathan Gallimore commented on TOMEE-2183: --- Ok - so we *do* include this in Plume and Plus. I'll revert and provide a different patch. > org.apache.commons.codec filtered by the classloader but not provided by > TomEE WebProfile > - > > Key: TOMEE-2183 > URL: https://issues.apache.org/jira/browse/TOMEE-2183 > Project: TomEE > Issue Type: Bug > Components: TomEE Core Server >Affects Versions: 7.0.4 >Reporter: Violeta Georgieva >Assignee: Jonathan Gallimore >Priority: Major > > Hi, > > I have an EAR file with "lib" folder that contains "commons-codec" and a WAR > file that uses the libraries located in the "lib" folder. I do not have > issues with the other libraries in that folder but with "commons-codec" I > receive the exception below. > > I'm using TomEE 7.0.4 WebProfile and in that distribution there is no > "commons-codec" provided by TomEE itself because of this I'm providing it > with the EAR file. > > While debugging I saw that "org.apache.commons.codec" is intentionally > filtered by the classloader > > [https://github.com/apache/tomee/blob/master/container/openejb-core/src/main/java/org/apache/openejb/util/classloader/URLClassLoaderFirst.java#L305] > > How it is supposed to provide this library so that my application can use it? > > Thanks, > Violeta > > {code} > java.lang.ClassNotFoundException: org.apache.commons.codec.binary.Base64 > org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1285) > > org.apache.tomee.catalina.TomEEWebappClassLoader.loadClass(TomEEWebappClassLoader.java:208) > > org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1119) > {code} -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (TOMEE-2183) org.apache.commons.codec filtered by the classloader but not provided by TomEE WebProfile
[ https://issues.apache.org/jira/browse/TOMEE-2183?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16439478#comment-16439478 ] Jonathan Gallimore commented on TOMEE-2183: --- Romain pinged me offline about this. The lib folder in the final build is as follows: Jonathans-MBP:lib jgallimore$ ls -la total 82400 drwxr-xr-x 117 jgallimore staff 3744 16 Apr 14:48 . drwxr-xr-x 13 jgallimore staff 416 16 Apr 14:58 .. -rw-r--r-- 1 jgallimore staff 102309 16 Apr 14:48 bval-core-1.1.2.jar -rw-r--r-- 1 jgallimore staff 397858 16 Apr 14:48 bval-jsr-1.1.2.jar -rw-r--r-- 1 jgallimore staff 54183 3 Apr 21:04 catalina-ant.jar -rw-r--r-- 1 jgallimore staff 118644 3 Apr 21:04 catalina-ha.jar -rw-r--r-- 1 jgallimore staff 75852 3 Apr 21:04 catalina-storeconfig.jar -rw-r--r-- 1 jgallimore staff 283585 3 Apr 21:04 catalina-tribes.jar -rw-r--r-- 1 jgallimore staff 1628975 3 Apr 21:04 catalina.jar -rw-r--r-- 1 jgallimore staff 246174 16 Apr 14:48 commons-beanutils-1.9.3.jar -rw-r--r-- 1 jgallimore staff 41123 16 Apr 14:48 commons-cli-1.2.jar -rw-r--r-- 1 jgallimore staff 588337 16 Apr 14:48 commons-collections-3.2.2.jar -rw-r--r-- 1 jgallimore staff 173567 16 Apr 14:48 commons-dbcp2-2.1.jar -rw-r--r-- 1 jgallimore staff 143602 16 Apr 14:48 commons-digester-1.8.jar -rw-r--r-- 1 jgallimore staff 284220 16 Apr 14:48 commons-lang-2.6.jar -rw-r--r-- 1 jgallimore staff 479881 16 Apr 14:48 commons-lang3-3.5.jar -rw-r--r-- 1 jgallimore staff 61829 16 Apr 14:48 commons-logging-1.2.jar -rw-r--r-- 1 jgallimore staff 109568 16 Apr 14:48 commons-pool2-2.3.jar -rw-r--r-- 1 jgallimore staff 1387295 16 Apr 14:48 cxf-core-3.1.15.jar -rw-r--r-- 1 jgallimore staff 647816 16 Apr 14:48 cxf-rt-frontend-jaxrs-3.1.15.jar -rw-r--r-- 1 jgallimore staff 75344 16 Apr 14:48 cxf-rt-management-3.1.15.jar -rw-r--r-- 1 jgallimore staff 171769 16 Apr 14:48 cxf-rt-rs-client-3.1.15.jar -rw-r--r-- 1 jgallimore staff 87696 16 Apr 14:48 cxf-rt-rs-extension-providers-3.1.15.jar -rw-r--r-- 1 jgallimore staff 138935 16 Apr 14:48 cxf-rt-rs-extension-search-3.1.15.jar -rw-r--r-- 1 jgallimore staff 20455 16 Apr 14:48 cxf-rt-rs-json-basic-3.1.15.jar -rw-r--r-- 1 jgallimore staff 19115 16 Apr 14:48 cxf-rt-rs-security-cors-3.1.15.jar -rw-r--r-- 1 jgallimore staff 229874 16 Apr 14:48 cxf-rt-rs-security-jose-3.1.15.jar -rw-r--r-- 1 jgallimore staff 76462 16 Apr 14:48 cxf-rt-rs-security-jose-jaxrs-3.1.15.jar -rw-r--r-- 1 jgallimore staff 324892 16 Apr 14:48 cxf-rt-rs-security-oauth2-3.1.15.jar -rw-r--r-- 1 jgallimore staff 58583 16 Apr 14:48 cxf-rt-rs-service-description-3.1.15.jar -rw-r--r-- 1 jgallimore staff 32551 16 Apr 14:48 cxf-rt-security-3.1.15.jar -rw-r--r-- 1 jgallimore staff 355838 16 Apr 14:48 cxf-rt-transports-http-3.1.15.jar -rw-r--r-- 1 jgallimore staff 2450404 3 Apr 21:04 ecj-4.6.3.jar -rw-r--r-- 1 jgallimore staff 81613 3 Apr 21:04 el-api.jar -rw-r--r-- 1 jgallimore staff 555318 16 Apr 14:48 geronimo-javamail_1.4_mail-1.9.0-alpha-2.jar -rw-r--r-- 1 jgallimore staff 75839 16 Apr 14:48 geronimo-transaction-3.1.4.jar -rw-r--r-- 1 jgallimore staff 79981 16 Apr 14:48 howl-1.0.1-1.jar -rw-r--r-- 1 jgallimore staff 1473091 16 Apr 14:48 hsqldb-2.3.2.jar -rw-r--r-- 1 jgallimore staff 163392 3 Apr 21:04 jasper-el.jar -rw-r--r-- 1 jgallimore staff 589478 3 Apr 21:04 jasper.jar -rw-r--r-- 1 jgallimore staff 26912 3 Apr 21:04 jaspic-api.jar -rw-r--r-- 1 jgallimore staff 930849 16 Apr 14:48 javaee-api-7.0-1.jar -rw-r--r-- 1 jgallimore staff 125632 16 Apr 14:48 jaxb-api-2.3.0.jar -rw-r--r-- 1 jgallimore staff 255502 16 Apr 14:48 jaxb-core-2.3.0.jar -rw-r--r-- 1 jgallimore staff 963660 16 Apr 14:48 jaxb-impl-2.3.0.jar -rw-r--r-- 1 jgallimore staff 90358 16 Apr 14:48 johnzon-core-1.0.0.jar -rw-r--r-- 1 jgallimore staff 30528 16 Apr 14:48 johnzon-jaxrs-1.0.0.jar -rw-r--r-- 1 jgallimore staff 134778 16 Apr 14:48 johnzon-mapper-1.0.0.jar -rw-r--r-- 1 jgallimore staff 61652 3 Apr 21:04 jsp-api.jar -rw-r--r-- 1 jgallimore staff 10083 16 Apr 14:48 mbean-annotation-api-7.0.5-SNAPSHOT.jar -rw-r--r-- 1 jgallimore staff 1294735 16 Apr 14:48 myfaces-api-2.2.12.jar -rw-r--r-- 1 jgallimore staff 2606015 16 Apr 14:48 myfaces-impl-2.2.12.jar -rw-r--r-- 1 jgallimore staff 16768 16 Apr 14:48 openejb-api-7.0.5-SNAPSHOT.jar -rw-r--r-- 1 jgallimore staff 352697 16 Apr 14:48 openejb-client-7.0.5-SNAPSHOT.jar -rw-r--r-- 1 jgallimore staff 3247725 16 Apr 14:48 openejb-core-7.0.5-SNAPSHOT.jar -rw-r--r-- 1 jgallimore staff 96881 16 Apr 14:48 openejb-cxf-rs-7.0.5-SNAPSHOT.jar -rw-r--r-- 1 jgallimore staff 26858 16 Apr 14:48 openejb-cxf-transport-7.0.5-SNAPSHOT.jar -rw-r--r-- 1 jgallimore staff 77092 16 Apr 14:48 openejb-ejbd-7.0.5-SNAPSHOT.jar -rw-r--r-- 1 jgallimore staff 17959 16 Apr 14:48 openejb-hsql-7.0.5-SNAPSHOT.jar -rw-r--r-- 1 jgallimore staff 132097 16 Apr 14:48 openejb-http-7.0.5-SNAPSHOT.jar -rw-r--r-- 1 jgallimore staff 13880 16 Apr 14:48 openejb-javaagent.jar -rw-r--r-- 1 jgallimore staff 1276210 16
tomee git commit: TOMEE-2183
Repository: tomee Updated Branches: refs/heads/master afbac7614 -> 61a688d9a TOMEE-2183 Project: http://git-wip-us.apache.org/repos/asf/tomee/repo Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/61a688d9 Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/61a688d9 Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/61a688d9 Branch: refs/heads/master Commit: 61a688d9a6d43b267a5e0602fa8ae02cd20d2fb0 Parents: afbac76 Author: Jonathan GallimoreAuthored: Mon Apr 16 12:13:47 2018 +0100 Committer: Jonathan Gallimore Committed: Mon Apr 16 12:13:47 2018 +0100 -- .../org/apache/openejb/util/classloader/URLClassLoaderFirst.java | 3 --- 1 file changed, 3 deletions(-) -- http://git-wip-us.apache.org/repos/asf/tomee/blob/61a688d9/container/openejb-core/src/main/java/org/apache/openejb/util/classloader/URLClassLoaderFirst.java -- diff --git a/container/openejb-core/src/main/java/org/apache/openejb/util/classloader/URLClassLoaderFirst.java b/container/openejb-core/src/main/java/org/apache/openejb/util/classloader/URLClassLoaderFirst.java index 7280e1b..f124a1b 100644 --- a/container/openejb-core/src/main/java/org/apache/openejb/util/classloader/URLClassLoaderFirst.java +++ b/container/openejb-core/src/main/java/org/apache/openejb/util/classloader/URLClassLoaderFirst.java @@ -302,9 +302,6 @@ public class URLClassLoaderFirst extends URLClassLoader { if (commons.startsWith("cli.")) { return true; } -if (commons.startsWith("codec.")) { -return true; -} if (commons.startsWith("collections.")) { return true; }
[jira] [Commented] (TOMEE-2183) org.apache.commons.codec filtered by the classloader but not provided by TomEE WebProfile
[ https://issues.apache.org/jira/browse/TOMEE-2183?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16439296#comment-16439296 ] Jonathan Gallimore commented on TOMEE-2183: --- I think the issue is that we filter that library, but no longer ship it with TomEE, presumably because we don't use it internally. I'm checking and confirming. > org.apache.commons.codec filtered by the classloader but not provided by > TomEE WebProfile > - > > Key: TOMEE-2183 > URL: https://issues.apache.org/jira/browse/TOMEE-2183 > Project: TomEE > Issue Type: Bug > Components: TomEE Core Server >Affects Versions: 7.0.4 >Reporter: Violeta Georgieva >Assignee: Jonathan Gallimore >Priority: Major > > Hi, > > I have an EAR file with "lib" folder that contains "commons-codec" and a WAR > file that uses the libraries located in the "lib" folder. I do not have > issues with the other libraries in that folder but with "commons-codec" I > receive the exception below. > > I'm using TomEE 7.0.4 WebProfile and in that distribution there is no > "commons-codec" provided by TomEE itself because of this I'm providing it > with the EAR file. > > While debugging I saw that "org.apache.commons.codec" is intentionally > filtered by the classloader > > [https://github.com/apache/tomee/blob/master/container/openejb-core/src/main/java/org/apache/openejb/util/classloader/URLClassLoaderFirst.java#L305] > > How it is supposed to provide this library so that my application can use it? > > Thanks, > Violeta > > {code} > java.lang.ClassNotFoundException: org.apache.commons.codec.binary.Base64 > org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1285) > > org.apache.tomee.catalina.TomEEWebappClassLoader.loadClass(TomEEWebappClassLoader.java:208) > > org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1119) > {code} -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Assigned] (TOMEE-2183) org.apache.commons.codec filtered by the classloader but not provided by TomEE WebProfile
[ https://issues.apache.org/jira/browse/TOMEE-2183?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jonathan Gallimore reassigned TOMEE-2183: - Assignee: Jonathan Gallimore > org.apache.commons.codec filtered by the classloader but not provided by > TomEE WebProfile > - > > Key: TOMEE-2183 > URL: https://issues.apache.org/jira/browse/TOMEE-2183 > Project: TomEE > Issue Type: Bug > Components: TomEE Core Server >Affects Versions: 7.0.4 >Reporter: Violeta Georgieva >Assignee: Jonathan Gallimore >Priority: Major > > Hi, > > I have an EAR file with "lib" folder that contains "commons-codec" and a WAR > file that uses the libraries located in the "lib" folder. I do not have > issues with the other libraries in that folder but with "commons-codec" I > receive the exception below. > > I'm using TomEE 7.0.4 WebProfile and in that distribution there is no > "commons-codec" provided by TomEE itself because of this I'm providing it > with the EAR file. > > While debugging I saw that "org.apache.commons.codec" is intentionally > filtered by the classloader > > [https://github.com/apache/tomee/blob/master/container/openejb-core/src/main/java/org/apache/openejb/util/classloader/URLClassLoaderFirst.java#L305] > > How it is supposed to provide this library so that my application can use it? > > Thanks, > Violeta > > {code} > java.lang.ClassNotFoundException: org.apache.commons.codec.binary.Base64 > org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1285) > > org.apache.tomee.catalina.TomEEWebappClassLoader.loadClass(TomEEWebappClassLoader.java:208) > > org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1119) > {code} -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (TOMEE-2183) org.apache.commons.codec filtered by the classloader but not provided by TomEE WebProfile
[ https://issues.apache.org/jira/browse/TOMEE-2183?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16439289#comment-16439289 ] Romain Manni-Bucau commented on TOMEE-2183: --- Hi Violeta, The filter should request the container lib to be used first and if not found fallback on the child loader. You can use openejb.classloader.forced-load system prop to deactivate this behavior too. > org.apache.commons.codec filtered by the classloader but not provided by > TomEE WebProfile > - > > Key: TOMEE-2183 > URL: https://issues.apache.org/jira/browse/TOMEE-2183 > Project: TomEE > Issue Type: Bug > Components: TomEE Core Server >Affects Versions: 7.0.4 >Reporter: Violeta Georgieva >Priority: Major > > Hi, > > I have an EAR file with "lib" folder that contains "commons-codec" and a WAR > file that uses the libraries located in the "lib" folder. I do not have > issues with the other libraries in that folder but with "commons-codec" I > receive the exception below. > > I'm using TomEE 7.0.4 WebProfile and in that distribution there is no > "commons-codec" provided by TomEE itself because of this I'm providing it > with the EAR file. > > While debugging I saw that "org.apache.commons.codec" is intentionally > filtered by the classloader > > [https://github.com/apache/tomee/blob/master/container/openejb-core/src/main/java/org/apache/openejb/util/classloader/URLClassLoaderFirst.java#L305] > > How it is supposed to provide this library so that my application can use it? > > Thanks, > Violeta > > {code} > java.lang.ClassNotFoundException: org.apache.commons.codec.binary.Base64 > org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1285) > > org.apache.tomee.catalina.TomEEWebappClassLoader.loadClass(TomEEWebappClassLoader.java:208) > > org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1119) > {code} -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (TOMEE-2183) org.apache.commons.codec filtered by the classloader but not provided by TomEE WebProfile
Violeta Georgieva created TOMEE-2183: Summary: org.apache.commons.codec filtered by the classloader but not provided by TomEE WebProfile Key: TOMEE-2183 URL: https://issues.apache.org/jira/browse/TOMEE-2183 Project: TomEE Issue Type: Bug Components: TomEE Core Server Affects Versions: 7.0.4 Reporter: Violeta Georgieva Hi, I have an EAR file with "lib" folder that contains "commons-codec" and a WAR file that uses the libraries located in the "lib" folder. I do not have issues with the other libraries in that folder but with "commons-codec" I receive the exception below. I'm using TomEE 7.0.4 WebProfile and in that distribution there is no "commons-codec" provided by TomEE itself because of this I'm providing it with the EAR file. While debugging I saw that "org.apache.commons.codec" is intentionally filtered by the classloader [https://github.com/apache/tomee/blob/master/container/openejb-core/src/main/java/org/apache/openejb/util/classloader/URLClassLoaderFirst.java#L305] How it is supposed to provide this library so that my application can use it? Thanks, Violeta {code} java.lang.ClassNotFoundException: org.apache.commons.codec.binary.Base64 org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1285) org.apache.tomee.catalina.TomEEWebappClassLoader.loadClass(TomEEWebappClassLoader.java:208) org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1119) \{code} -- This message was sent by Atlassian JIRA (v7.6.3#76005)