[27/38] tomee git commit: Fix Provider and Instance

2018-04-16 Thread jlmonteiro 
Fix Provider and Instance


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/7b0c434d
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/7b0c434d
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/7b0c434d

Branch: refs/heads/master
Commit: 7b0c434dbe42c80d1bb276e7f24d27cee2ea6b74
Parents: cfc2ae1
Author: Jean-Louis Monteiro 
Authored: Fri Mar 2 16:20:21 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Fri Mar 2 16:20:21 2018 +0100

--
 .../org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java| 8 +++-
 tck/mp-jwt-embedded/src/test/resources/dev.xml  | 9 ++---
 2 files changed, 9 insertions(+), 8 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/7b0c434d/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
--
diff --git 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
index 0b6f3de..0d3488a 100644
--- 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
+++ 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
@@ -169,12 +169,18 @@ public class ClaimBean implements Bean, 
PassivationCapable {
 // handle Provider
 if (rawTypeClass.isAssignableFrom(Provider.class)) {
 final Type providerType = 
paramType.getActualTypeArguments()[0];
+if (providerType instanceof ParameterizedType && 
isOptional((ParameterizedType) providerType)) {
+return (T) Optional.ofNullable(getClaimValue(key));
+}
 return getClaimValue(key);
 }
 
 // handle Instance
 if (rawTypeClass.isAssignableFrom(Instance.class)) {
 final Type instanceType = 
paramType.getActualTypeArguments()[0];
+if (instanceType instanceof ParameterizedType && 
isOptional((ParameterizedType) instanceType)) {
+return (T) Optional.ofNullable(getClaimValue(key));
+}
 return getClaimValue(key);
 }
 
@@ -231,7 +237,7 @@ public class ClaimBean implements Bean, 
PassivationCapable {
 return getClaimValue(key);
 }
 
-throw new IllegalStateException("Unhandled ClaimValue type");
+throw new IllegalStateException("Unhandled Claim type " + 
annotated.getBaseType());
 }
 
 public static String getClaimKey(final Claim claim) {

http://git-wip-us.apache.org/repos/asf/tomee/blob/7b0c434d/tck/mp-jwt-embedded/src/test/resources/dev.xml
--
diff --git a/tck/mp-jwt-embedded/src/test/resources/dev.xml 
b/tck/mp-jwt-embedded/src/test/resources/dev.xml
index b10e250..3814456 100644
--- a/tck/mp-jwt-embedded/src/test/resources/dev.xml
+++ b/tck/mp-jwt-embedded/src/test/resources/dev.xml
@@ -41,7 +41,6 @@
   
 
 
-  
-  
-  
 
   
 
-  
+

[21/38] tomee git commit: Better injection support

2018-04-16 Thread jlmonteiro 
Better injection support


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/2b9950f6
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/2b9950f6
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/2b9950f6

Branch: refs/heads/master
Commit: 2b9950f66edc5ffb845b1400155c0aa2be0e858f
Parents: 1ad96bb
Author: Jean-Louis Monteiro 
Authored: Tue Feb 27 14:20:49 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Tue Feb 27 14:20:49 2018 +0100

--
 .../tomee/microprofile/jwt/MPJWTFilter.java | 12 ++
 .../jwt/cdi/ClaimValueProducer.java | 11 ++---
 .../microprofile/jwt/cdi/JsonValueProducer.java |  1 +
 .../jwt/cdi/RawClaimTypeProducer.java   | 24 
 .../principal/DefaultJWTCallerPrincipal.java|  2 +-
 5 files changed, 41 insertions(+), 9 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/2b9950f6/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java
--
diff --git 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java
 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java
index 752bcda..ebed96d 100644
--- 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java
+++ 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java
@@ -32,8 +32,10 @@ import javax.servlet.ServletResponse;
 import javax.servlet.annotation.WebFilter;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletRequestWrapper;
+import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.security.Principal;
+import java.util.Locale;
 import java.util.Map;
 import java.util.Optional;
 
@@ -66,6 +68,16 @@ public class MPJWTFilter implements Filter {
 // todo not sure what to do with the realm
 
 final String authorizationHeader = ((HttpServletRequest) 
request).getHeader("Authorization");
+if (authorizationHeader == null || authorizationHeader.isEmpty()) {
+
HttpServletResponse.class.cast(response).sendError(HttpServletResponse.SC_UNAUTHORIZED);
+return;
+}
+
+if 
(!authorizationHeader.toLowerCase(Locale.ENGLISH).startsWith("bearer ")) {
+
HttpServletResponse.class.cast(response).sendError(HttpServletResponse.SC_UNAUTHORIZED);
+return;
+}
+
 final String token = authorizationHeader.substring("bearer ".length());
 final JsonWebToken jsonWebToken;
 try {

http://git-wip-us.apache.org/repos/asf/tomee/blob/2b9950f6/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueProducer.java
--
diff --git 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueProducer.java
 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueProducer.java
index aeed7c8..b0e2e7b 100644
--- 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueProducer.java
+++ 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueProducer.java
@@ -47,9 +47,14 @@ public class ClaimValueProducer {
 boolean isOptional = false;
 if (matchType instanceof ParameterizedType) {
 actualType = ((ParameterizedType) 
matchType).getActualTypeArguments()[0];
-isOptional = 
matchType.getTypeName().equals(Optional.class.getTypeName());
+
+if (actualType instanceof ParameterizedType) {
+isOptional = 
ParameterizedType.class.cast(actualType).getRawType().getTypeName()
+.startsWith(Optional.class.getTypeName());
+}
+
 if (isOptional) {
-actualType = ((ParameterizedType) 
matchType).getActualTypeArguments()[0];
+actualType = ((ParameterizedType) 
actualType).getActualTypeArguments()[0];
 }
 }
 
@@ -62,7 +67,7 @@ public class ClaimValueProducer {
 return returnValue;
 }
 
-String getName(final InjectionPoint ip) {
+private String getName(final InjectionPoint ip) {
 String name = null;
 for (Annotation ann : ip.getQualifiers()) {
 if (ann instanceof Claim) {

http://git-wip-us.apache.org/repos/asf/tomee/blob/2b9950f6/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/JsonValueProducer.java
--
diff --git

[3/4] tomee git commit: Some refactoring to remove Java 8 lambdas

2018-04-16 Thread jlmonteiro 
Some refactoring to remove Java 8 lambdas


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/72c08321
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/72c08321
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/72c08321

Branch: refs/heads/master
Commit: 72c0832184c4354627cb97a52f557e6d0ffb4aa2
Parents: 09ca434
Author: Jean-Louis Monteiro 
Authored: Tue Apr 17 01:27:50 2018 +0200
Committer: Jean-Louis Monteiro 
Committed: Tue Apr 17 01:27:50 2018 +0200

--
 mp-jwt/pom.xml  |  93 +
 .../tomee/microprofile/jwt/MPJWTFilter.java | 271 ++
 .../microprofile/jwt/MPJWTInitializer.java  |  64 
 .../tomee/microprofile/jwt/ParseException.java  |  32 ++
 .../tomee/microprofile/jwt/cdi/ClaimBean.java   | 373 +++
 .../jwt/cdi/ClaimInjectionPoint.java|  70 
 .../microprofile/jwt/cdi/ClaimValueWrapper.java |  53 +++
 .../microprofile/jwt/cdi/DefaultLiteral.java|  24 ++
 .../microprofile/jwt/cdi/JsonbProducer.java |  46 +++
 .../microprofile/jwt/cdi/MPJWTCDIExtension.java | 136 +++
 .../microprofile/jwt/cdi/MPJWTProducer.java |  49 +++
 .../jwt/config/JWTAuthContextInfo.java  |  67 
 .../jwt/config/JWTAuthContextInfoProvider.java  |  61 +++
 .../jwt/jaxrs/MPJWPProviderRegistration.java|  36 ++
 .../MPJWTSecurityAnnotationsInterceptor.java|  57 +++
 ...TSecurityAnnotationsInterceptorsFeature.java | 144 +++
 .../principal/DefaultJWTCallerPrincipal.java| 360 ++
 .../DefaultJWTCallerPrincipalFactory.java   |  92 +
 .../jwt/principal/JWTCallerPrincipal.java   |  59 +++
 .../principal/JWTCallerPrincipalFactory.java| 129 +++
 mp-jwt/src/main/resources/META-INF/beans.xml|   1 +
 .../META-INF/org.apache.openejb.extension   |   1 +
 .../javax.enterprise.inject.spi.Extension   |   1 +
 .../javax.servlet.ServletContainerInitializer   |   1 +
 ...file.jwt.principal.JWTCallerPrincipalFactory |   1 +
 pom.xml |   1 +
 tck/mp-jwt-embedded/pom.xml |  44 +--
 .../tomee/microprofile/jwt/MPJWTFilter.java | 258 -
 .../microprofile/jwt/MPJWTInitializer.java  |  64 
 .../tomee/microprofile/jwt/ParseException.java  |  32 --
 .../tomee/microprofile/jwt/cdi/ClaimBean.java   | 360 --
 .../jwt/cdi/ClaimInjectionPoint.java|  70 
 .../microprofile/jwt/cdi/ClaimValueWrapper.java |  53 ---
 .../microprofile/jwt/cdi/DefaultLiteral.java|  24 --
 .../microprofile/jwt/cdi/JsonbProducer.java |  46 ---
 .../microprofile/jwt/cdi/MPJWTCDIExtension.java | 100 -
 .../microprofile/jwt/cdi/MPJWTProducer.java |  49 ---
 .../jwt/config/JWTAuthContextInfo.java  |  67 
 .../jwt/config/JWTAuthContextInfoProvider.java  |  61 ---
 .../jwt/jaxrs/MPJWPProviderRegistration.java|  36 --
 .../MPJWTSecurityAnnotationsInterceptor.java|  57 ---
 ...TSecurityAnnotationsInterceptorsFeature.java | 144 ---
 .../principal/DefaultJWTCallerPrincipal.java| 360 --
 .../DefaultJWTCallerPrincipalFactory.java   |  92 -
 .../jwt/principal/JWTCallerPrincipal.java   |  59 ---
 .../principal/JWTCallerPrincipalFactory.java| 129 ---
 .../src/main/resources/META-INF/beans.xml   |   1 -
 .../META-INF/org.apache.openejb.extension   |   1 -
 .../javax.enterprise.inject.spi.Extension   |   1 -
 .../javax.servlet.ServletContainerInitializer   |   1 -
 ...file.jwt.principal.JWTCallerPrincipalFactory |   1 -
 51 files changed, 2225 insertions(+), 2107 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/72c08321/mp-jwt/pom.xml
--
diff --git a/mp-jwt/pom.xml b/mp-jwt/pom.xml
new file mode 100644
index 000..adc79c6
--- /dev/null
+++ b/mp-jwt/pom.xml
@@ -0,0 +1,93 @@
+
+
+http://maven.apache.org/POM/4.0.0; 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance;
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 
http://maven.apache.org/maven-v4_0_0.xsd;>
+  
+tomee-project
+org.apache.tomee
+7.0.5-SNAPSHOT
+  
+  4.0.0
+  mp-jwt
+  jar
+  OpenEJB :: Microprofile JWT
+
+  
+1.1-SNAPSHOT
+  
+
+  
+
+  ${project.groupId}
+  javaee-api
+
+
+  ${project.groupId}
+  openejb-core
+  ${project.version}
+  provided
+
+
+  ${project.groupId}
+  openejb-cxf-rs
+  ${project.version}
+  provided
+
+
+  org.slf4j
+  slf4j-jdk14
+  ${slf4j.version}
+  test
+
+
+
+  org.bitbucket.b_c
+  jose4j
+  0.6.0
+
+
+
+  org.eclipse.microprofile.jwt
+

[4/4] tomee git commit: Fix java compilation issues

2018-04-16 Thread jlmonteiro 
Fix java compilation issues


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/387c11af
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/387c11af
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/387c11af

Branch: refs/heads/master
Commit: 387c11af07b3867f84c4aa65e76a8db89a4a5dc8
Parents: 72c0832
Author: Jean-Louis Monteiro 
Authored: Tue Apr 17 01:52:04 2018 +0200
Committer: Jean-Louis Monteiro 
Committed: Tue Apr 17 01:52:04 2018 +0200

--
 .../apache/tomee/microprofile/jwt/cdi/ClaimInjectionPoint.java   | 2 +-
 .../org/apache/tomee/microprofile/jwt/cdi/JsonbProducer.java | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/387c11af/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimInjectionPoint.java
--
diff --git 
a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimInjectionPoint.java
 
b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimInjectionPoint.java
index 17be756..2f1fd3d 100644
--- 
a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimInjectionPoint.java
+++ 
b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimInjectionPoint.java
@@ -50,7 +50,7 @@ public class ClaimInjectionPoint implements InjectionPoint {
 
 @Override
 public Set getQualifiers() {
-return Collections.singleton(DefaultLiteral.INSTANCE);
+return Collections.singleton(DefaultLiteral.INSTANCE);
 }
 
 @Override

http://git-wip-us.apache.org/repos/asf/tomee/blob/387c11af/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/cdi/JsonbProducer.java
--
diff --git 
a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/cdi/JsonbProducer.java 
b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/cdi/JsonbProducer.java
index 59f42c5..53a9088 100644
--- 
a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/cdi/JsonbProducer.java
+++ 
b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/cdi/JsonbProducer.java
@@ -20,7 +20,7 @@ import javax.enterprise.context.ApplicationScoped;
 import javax.enterprise.inject.Disposes;
 import javax.enterprise.inject.Produces;
 import javax.json.bind.Jsonb;
-import javax.json.bind.JsonbBuilder;
+import javax.json.bind.spi.JsonbProvider;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
@@ -32,7 +32,7 @@ public class JsonbProducer {
 
 @Produces
 public Jsonb create() {
-return JsonbBuilder.create();
+return JsonbProvider.provider().create().build();
 }
 
 public void close(@Disposes final Jsonb jsonb) {

[1/4] tomee git commit: Some refactoring to remove Java 8 lambdas

2018-04-16 Thread jlmonteiro 
Repository: tomee
Updated Branches:
  refs/heads/master 09ca434d9 -> 387c11af0


http://git-wip-us.apache.org/repos/asf/tomee/blob/72c08321/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/principal/DefaultJWTCallerPrincipal.java
--
diff --git 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/principal/DefaultJWTCallerPrincipal.java
 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/principal/DefaultJWTCallerPrincipal.java
deleted file mode 100644
index 661fbde..000
--- 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/principal/DefaultJWTCallerPrincipal.java
+++ /dev/null
@@ -1,360 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.tomee.microprofile.jwt.principal;
-
-import org.eclipse.microprofile.jwt.Claims;
-import org.jose4j.jwt.JwtClaims;
-import org.jose4j.jwt.MalformedClaimException;
-
-import javax.json.Json;
-import javax.json.JsonArray;
-import javax.json.JsonArrayBuilder;
-import javax.json.JsonNumber;
-import javax.json.JsonObject;
-import javax.json.JsonObjectBuilder;
-import javax.json.JsonValue;
-import javax.security.auth.Subject;
-import java.util.Collection;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-import java.util.logging.Level;
-import java.util.logging.Logger;
-
-/**
- * A default implementation of JWTCallerPrincipal using jose4j
- * Another implementation could use nimbus and another plain JSON-P
- */
-public class DefaultJWTCallerPrincipal extends JWTCallerPrincipal {
-
-private static final Logger logger = 
Logger.getLogger(DefaultJWTCallerPrincipal.class.getName());
-private final String jwt;
-private final String type;
-private final JwtClaims claimsSet;
-
-/**
- * Create the DefaultJWTCallerPrincipal from the parsed JWT token and the 
extracted principal name
- *
- * @param jwt  - the parsed JWT token representation
- * @param name - the extracted unqiue name to use as the principal name; 
from "upn", "preferred_username" or "sub" claim
- */
-public DefaultJWTCallerPrincipal(final String jwt, final String type, 
final JwtClaims claimsSet, final String name) {
-super(name);
-this.jwt = jwt;
-this.type = type;
-this.claimsSet = claimsSet;
-fixJoseTypes();
-}
-
-@Override
-public Set getAudience() {
-final Set audSet = new HashSet<>();
-try {
-final List audList = 
claimsSet.getStringListClaimValue("aud");
-if (audList != null) {
-audSet.addAll(audList);
-}
-
-} catch (final MalformedClaimException e) {
-try {
-final String aud = claimsSet.getStringClaimValue("aud");
-audSet.add(aud);
-} catch (final MalformedClaimException e1) {
-logger.log(Level.FINEST, "Can't retrieve malformed 'aud' 
claim.", e);
-}
-}
-return audSet.isEmpty() ? null : audSet;
-}
-
-@Override
-public Set getGroups() {
-final HashSet groups = new HashSet<>();
-try {
-final List globalGroups = 
claimsSet.getStringListClaimValue("groups");
-if (globalGroups != null) {
-groups.addAll(globalGroups);
-}
-
-} catch (final MalformedClaimException e) {
-logger.log(Level.FINEST, "Can't retrieve malformed 'groups' 
claim.", e);
-}
-return groups;
-}
-
-
-@Override
-public Set getClaimNames() {
-return new HashSet<>(claimsSet.getClaimNames());
-}
-
-public String getRawToken() {
-return jwt;
-}
-
-@Override
-public Object getClaim(final String claimName) {
-Claims claimType = Claims.UNKNOWN;
-Object claim = null;
-try {
-claimType = Claims.valueOf(claimName);
-} catch (IllegalArgumentException e) {
-}
-// Handle the jose4j NumericDate types and
-switch (claimType) {
-case exp:
-

[2/4] tomee git commit: Some refactoring to remove Java 8 lambdas

2018-04-16 Thread jlmonteiro 
http://git-wip-us.apache.org/repos/asf/tomee/blob/72c08321/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/principal/DefaultJWTCallerPrincipalFactory.java
--
diff --git 
a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/principal/DefaultJWTCallerPrincipalFactory.java
 
b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/principal/DefaultJWTCallerPrincipalFactory.java
new file mode 100644
index 000..feb2008
--- /dev/null
+++ 
b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/principal/DefaultJWTCallerPrincipalFactory.java
@@ -0,0 +1,92 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.tomee.microprofile.jwt.principal;
+
+import org.apache.tomee.microprofile.jwt.ParseException;
+import org.apache.tomee.microprofile.jwt.config.JWTAuthContextInfo;
+import org.eclipse.microprofile.jwt.Claims;
+import org.jose4j.jwa.AlgorithmConstraints;
+import org.jose4j.jws.AlgorithmIdentifiers;
+import org.jose4j.jwt.JwtClaims;
+import org.jose4j.jwt.MalformedClaimException;
+import org.jose4j.jwt.NumericDate;
+import org.jose4j.jwt.consumer.InvalidJwtException;
+import org.jose4j.jwt.consumer.JwtConsumer;
+import org.jose4j.jwt.consumer.JwtConsumerBuilder;
+import org.jose4j.jwt.consumer.JwtContext;
+
+/**
+ * A default implementation of the abstract JWTCallerPrincipalFactory that 
uses the Keycloak token parsing classes.
+ */
+public class DefaultJWTCallerPrincipalFactory extends 
JWTCallerPrincipalFactory {
+
+/**
+ * Tries to load the JWTAuthContextInfo from CDI if the class level 
authContextInfo has not been set.
+ */
+public DefaultJWTCallerPrincipalFactory() {
+}
+
+@Override
+public JWTCallerPrincipal parse(final String token, final 
JWTAuthContextInfo authContextInfo) throws ParseException {
+JWTCallerPrincipal principal;
+
+try {
+final JwtConsumerBuilder builder = new JwtConsumerBuilder()
+.setRequireExpirationTime()
+.setRequireSubject()
+.setSkipDefaultAudienceValidation()
+.setExpectedIssuer(authContextInfo.getIssuedBy())
+.setVerificationKey(authContextInfo.getSignerKey())
+.setJwsAlgorithmConstraints(
+new 
AlgorithmConstraints(AlgorithmConstraints.ConstraintType.WHITELIST,
+AlgorithmIdentifiers.RSA_USING_SHA256));
+
+if (authContextInfo.getExpGracePeriodSecs() > 0) {
+
builder.setAllowedClockSkewInSeconds(authContextInfo.getExpGracePeriodSecs());
+
+} else {
+builder.setEvaluationTime(NumericDate.fromSeconds(0));
+}
+
+final JwtConsumer jwtConsumer = builder.build();
+final JwtContext jwtContext = jwtConsumer.process(token);
+final String type = 
jwtContext.getJoseObjects().get(0).getHeader("typ");
+//  Validate the JWT and process it to the Claims
+jwtConsumer.processContext(jwtContext);
+JwtClaims claimsSet = jwtContext.getJwtClaims();
+
+// We have to determine the unique name to use as the principal 
name. It comes from upn, preferred_username, sub in that order
+String principalName = claimsSet.getClaimValue("upn", 
String.class);
+if (principalName == null) {
+principalName = claimsSet.getClaimValue("preferred_username", 
String.class);
+if (principalName == null) {
+principalName = claimsSet.getSubject();
+}
+}
+claimsSet.setClaim(Claims.raw_token.name(), token);
+principal = new DefaultJWTCallerPrincipal(token, type, claimsSet, 
principalName);
+
+} catch (final InvalidJwtException e) {
+throw new ParseException("Failed to verify token", e);
+
+} catch (final MalformedClaimException e) {
+throw new ParseException("Failed to verify token claims", e);
+}
+
+return principal;
+}
+}
\ No newline at end of file

[30/38] tomee git commit: Revert changes on ExtensionProviderRegistration

2018-04-16 Thread jlmonteiro 
Revert changes on ExtensionProviderRegistration


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/ae7c21ea
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/ae7c21ea
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/ae7c21ea

Branch: refs/heads/master
Commit: ae7c21ea514594031cad102ad871203ef1f6bcb0
Parents: e75018b
Author: Jean-Louis Monteiro 
Authored: Wed Mar 7 08:12:10 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Wed Mar 7 08:12:10 2018 +0100

--
 .../apache/openejb/server/cxf/rs/CxfRsHttpListener.java   |  2 +-
 .../cxf/rs/event/ExtensionProviderRegistration.java   |  9 +
 .../microprofile/jwt/jaxrs/MPJWPProviderRegistration.java | 10 --
 3 files changed, 2 insertions(+), 19 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/ae7c21ea/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/CxfRsHttpListener.java
--
diff --git 
a/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/CxfRsHttpListener.java
 
b/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/CxfRsHttpListener.java
index 305a1c1..e10172f 100644
--- 
a/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/CxfRsHttpListener.java
+++ 
b/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/CxfRsHttpListener.java
@@ -1019,7 +1019,7 @@ public class CxfRsHttpListener implements RsHttpListener {
 }
 }
 
-SystemInstance.get().fireEvent(new 
ExtensionProviderRegistration(server,
+SystemInstance.get().fireEvent(new ExtensionProviderRegistration(
 
AppFinder.findAppContextOrWeb(Thread.currentThread().getContextClassLoader(), 
AppFinder.AppContextTransformer.INSTANCE), providers));
 
 if (!providers.isEmpty()) {

http://git-wip-us.apache.org/repos/asf/tomee/blob/ae7c21ea/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/event/ExtensionProviderRegistration.java
--
diff --git 
a/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/event/ExtensionProviderRegistration.java
 
b/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/event/ExtensionProviderRegistration.java
index 7af089f..cfae25c 100644
--- 
a/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/event/ExtensionProviderRegistration.java
+++ 
b/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/event/ExtensionProviderRegistration.java
@@ -16,7 +16,6 @@
  */
 package org.apache.openejb.server.cxf.rs.event;
 
-import org.apache.cxf.endpoint.Server;
 import org.apache.openejb.AppContext;
 import org.apache.openejb.observer.Event;
 
@@ -26,12 +25,10 @@ import java.util.List;
 // this event can allow to add/remove/resort providers
 @Event
 public class ExtensionProviderRegistration {
-private final Server server;
 private final List providers;
 private final AppContext appContext;
 
-public ExtensionProviderRegistration(final Server server, final AppContext 
ctx, final List existings) {
-this.server = server;
+public ExtensionProviderRegistration(final AppContext ctx, final 
List existings) {
 this.appContext = ctx;
 this.providers = existings;
 }
@@ -44,10 +41,6 @@ public class ExtensionProviderRegistration {
 return providers;
 }
 
-public Server getServer() {
-return server;
-}
-
 @Override
 public String toString() {
 return "ExtensionProviderRegistration{}";

http://git-wip-us.apache.org/repos/asf/tomee/blob/ae7c21ea/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWPProviderRegistration.java
--
diff --git 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWPProviderRegistration.java
 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWPProviderRegistration.java
index 29c146e..2102c89 100644
--- 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWPProviderRegistration.java
+++ 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWPProviderRegistration.java
@@ -19,16 +19,6 @@ package org.apache.tomee.microprofile.jwt.jaxrs;
 import org.apache.openejb.observer.Observes;
 import org.apache.openejb.server.cxf.rs.event.ExtensionProviderRegistration;
 import org.apache.tomee.microprofile.jwt.MPJWTFilter;
-import org.eclipse.microprofile.auth.LoginConfig;
-
-import javax.servlet.FilterRegistration;
-import javax.servlet.ServletContainerInitializer;

[24/38] tomee git commit: Cleanup

2018-04-16 Thread jlmonteiro 
Cleanup


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/92846aee
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/92846aee
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/92846aee

Branch: refs/heads/master
Commit: 92846aee07e5346864ab1eb8da2223cfb50b9802
Parents: 5060806
Author: Jean-Louis Monteiro 
Authored: Fri Mar 2 10:09:31 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Fri Mar 2 10:09:31 2018 +0100

--
 .../tomee/microprofile/jwt/cdi/ClaimBean.java   |   3 +-
 .../jwt/cdi/ClaimInjectionPoint.java|   2 +-
 .../microprofile/jwt/cdi/MPJWTProducer.java | 101 +--
 3 files changed, 4 insertions(+), 102 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/92846aee/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
--
diff --git 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
index ad713dd..10abedf 100644
--- 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
+++ 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
@@ -64,7 +64,6 @@ public class ClaimBean implements Bean, 
PassivationCapable {
 
 } else if (type instanceof ParameterizedType) {
 final ParameterizedType paramType = (ParameterizedType) type;
-
 return (Class) paramType.getRawType();
 }
 
@@ -195,7 +194,7 @@ public class ClaimBean implements Bean, 
PassivationCapable {
 }
 
 private T getClaimValue(final String name, final Class clazz) {
-final JsonWebToken jwt = MPJWTProducer.getJWTPrincpal();
+final JsonWebToken jwt = MPJWTProducer.getJWTPrincipal();
 if (jwt == null) {
 logger.warning(String.format("Can't retrieve claim %s. No active 
principal.", name));
 return null;

http://git-wip-us.apache.org/repos/asf/tomee/blob/92846aee/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimInjectionPoint.java
--
diff --git 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimInjectionPoint.java
 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimInjectionPoint.java
index a281014..949e36c 100644
--- 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimInjectionPoint.java
+++ 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimInjectionPoint.java
@@ -25,7 +25,7 @@ import java.lang.reflect.Type;
 import java.util.Collections;
 import java.util.Set;
 
-class ClaimInjectionPoint implements InjectionPoint{
+class ClaimInjectionPoint implements InjectionPoint {
 private final Bean bean;
 
 ClaimInjectionPoint(Bean bean) {

http://git-wip-us.apache.org/repos/asf/tomee/blob/92846aee/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/MPJWTProducer.java
--
diff --git 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/MPJWTProducer.java
 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/MPJWTProducer.java
index 1d83a08..21196a8 100644
--- 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/MPJWTProducer.java
+++ 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/MPJWTProducer.java
@@ -16,122 +16,25 @@
  */
 package org.apache.tomee.microprofile.jwt.cdi;
 
-import org.eclipse.microprofile.jwt.Claim;
-import org.eclipse.microprofile.jwt.ClaimValue;
-import org.eclipse.microprofile.jwt.Claims;
 import org.eclipse.microprofile.jwt.JsonWebToken;
 
 import javax.enterprise.context.ApplicationScoped;
 import javax.enterprise.context.RequestScoped;
 import javax.enterprise.inject.Produces;
-import javax.enterprise.inject.spi.InjectionPoint;
-import javax.inject.Inject;
-import javax.json.Json;
-import javax.json.JsonArrayBuilder;
-import javax.json.JsonObject;
-import javax.json.JsonValue;
-import javax.json.bind.Jsonb;
-import java.lang.annotation.Annotation;
-import java.util.Collection;
-import java.util.Map;
-import java.util.Optional;
-import java.util.logging.Logger;
 
 @ApplicationScoped
 public class MPJWTProducer {
 
-@Inject
-private Jsonb jsonb;
-
-private static final String TMP = "tmp";
-private static Logger log = 
Logger.getLogger(MPJWTProducer.class.getName());
 private static ThreadLocal currentPrincipal = new 
ThreadLocal<>();
 
-

[17/38] tomee git commit: some refactoring

2018-04-16 Thread jlmonteiro 
http://git-wip-us.apache.org/repos/asf/tomee/blob/c5964e07/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueProducer.java
--
diff --git 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueProducer.java
 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueProducer.java
new file mode 100644
index 000..d69df02
--- /dev/null
+++ 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueProducer.java
@@ -0,0 +1,75 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.tomee.microprofile.jwt.cdi;
+
+import java.lang.annotation.Annotation;
+import java.lang.reflect.ParameterizedType;
+import java.lang.reflect.Type;
+import java.util.Optional;
+
+import javax.enterprise.inject.Produces;
+import javax.enterprise.inject.spi.InjectionPoint;
+
+import org.eclipse.microprofile.jwt.Claim;
+import org.eclipse.microprofile.jwt.ClaimValue;
+import org.eclipse.microprofile.jwt.Claims;
+
+/**
+ * A producer for the ClaimValue wrapper injection sites.
+ * @param  the raw claim type
+ */
+public class ClaimValueProducer {
+
+@Produces
+@Claim("")
+ClaimValue produce(InjectionPoint ip) {
+String name = getName(ip);
+ClaimValue cv = 
MPJWTProducer.generalClaimValueProducer(name);
+ClaimValue returnValue = (ClaimValue) cv;
+Optional value = cv.getValue();
+// Pull out the ClaimValue T type,
+Type matchType = ip.getType();
+Type actualType = Object.class;
+boolean isOptional = false;
+if (matchType instanceof ParameterizedType) {
+actualType = ((ParameterizedType) 
matchType).getActualTypeArguments()[0];
+isOptional = 
matchType.getTypeName().equals(Optional.class.getTypeName());
+if (isOptional) {
+actualType = ((ParameterizedType) 
matchType).getActualTypeArguments()[0];
+}
+}
+
+if 
(!actualType.getTypeName().startsWith(Optional.class.getTypeName())) {
+T nestedValue = value.orElse(null);
+ClaimValueWrapper wrapper = new 
ClaimValueWrapper<>(cv.getName());
+wrapper.setValue(nestedValue);
+returnValue = wrapper;
+}
+return returnValue;
+}
+
+String getName(InjectionPoint ip) {
+String name = null;
+for (Annotation ann : ip.getQualifiers()) {
+if (ann instanceof Claim) {
+Claim claim = (Claim) ann;
+name = claim.standard() == Claims.UNKNOWN ? claim.value() : 
claim.standard().name();
+}
+}
+return name;
+}
+}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/tomee/blob/c5964e07/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueWrapper.java
--
diff --git 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueWrapper.java
 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueWrapper.java
new file mode 100644
index 000..6776191
--- /dev/null
+++ 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimValueWrapper.java
@@ -0,0 +1,54 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the

[28/38] tomee git commit: cleanup and implement EJB integration

2018-04-16 Thread jlmonteiro 
cleanup and implement EJB integration


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/893525f8
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/893525f8
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/893525f8

Branch: refs/heads/master
Commit: 893525f860c485b5c5d0a79cb1621de3f56e8013
Parents: 7b0c434
Author: Jean-Louis Monteiro 
Authored: Tue Mar 6 10:13:04 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Tue Mar 6 10:13:04 2018 +0100

--
 .../core/security/AbstractSecurityService.java  |   9 +-
 tck/mp-jwt-embedded/pom.xml |  14 +-
 .../tomee/microprofile/jwt/MPJWTContext.java| 129 ---
 .../tomee/microprofile/jwt/MPJWTFilter.java | 230 +++
 .../microprofile/jwt/MPJWTInitializer.java  |  15 +-
 .../tomee/microprofile/jwt/cdi/ClaimBean.java   |  46 ++--
 .../microprofile/jwt/cdi/ClaimValueWrapper.java |  10 +-
 .../microprofile/jwt/cdi/JsonbProducer.java |   1 +
 .../microprofile/jwt/cdi/MPJWTProducer.java |  28 ++-
 .../jwt/jaxrs/MPJWPProviderRegistration.java|  46 
 .../MPJWTSecurityAnnotationsInterceptor.java|  54 +
 ...TSecurityAnnotationsInterceptorsFeature.java | 144 
 .../META-INF/org.apache.openejb.extension   |   1 +
 tck/mp-jwt-embedded/src/test/resources/dev.xml  |  13 +-
 .../tomee/catalina/TomcatSecurityService.java   |  20 ++
 15 files changed, 532 insertions(+), 228 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/893525f8/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java
--
diff --git 
a/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java
 
b/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java
index 57e2c9c..514847b 100644
--- 
a/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java
+++ 
b/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java
@@ -53,6 +53,7 @@ import java.util.Map;
 import java.util.Properties;
 import java.util.Set;
 import java.util.UUID;
+import java.util.concurrent.Callable;
 import java.util.concurrent.ConcurrentHashMap;
 
 /**
@@ -153,13 +154,13 @@ public abstract class AbstractSecurityService implements 
DestroyableResource, Se
 
 final ProvidedSecurityContext providedSecurityContext = 
newContext.get(ProvidedSecurityContext.class);
 SecurityContext securityContext = oldContext != null ? 
oldContext.get(SecurityContext.class) :
-(providedSecurityContext != null ? providedSecurityContext.context 
: null);
+(providedSecurityContext != null ? 
providedSecurityContext.context : null);
 if (providedSecurityContext == null && (securityContext == null || 
securityContext == defaultContext)) {
 final Identity identity = clientIdentity.get();
 if (identity != null) {
 securityContext = new SecurityContext(identity.subject);
 } else {
-securityContext = defaultContext;
+securityContext = getDefaultContext();
 }
 }
 
@@ -398,6 +399,10 @@ public abstract class AbstractSecurityService implements 
DestroyableResource, Se
 }
 }
 
+protected SecurityContext getDefaultContext() {
+return defaultContext;
+}
+
 public static final class ProvidedSecurityContext {
 public final SecurityContext context;
 

http://git-wip-us.apache.org/repos/asf/tomee/blob/893525f8/tck/mp-jwt-embedded/pom.xml
--
diff --git a/tck/mp-jwt-embedded/pom.xml b/tck/mp-jwt-embedded/pom.xml
index 5055ac4..2af8f28 100644
--- a/tck/mp-jwt-embedded/pom.xml
+++ b/tck/mp-jwt-embedded/pom.xml
@@ -40,7 +40,13 @@
   ${project.groupId}
   openejb-core
   ${project.version}
-  test
+  provided
+
+
+  ${project.groupId}
+  openejb-cxf-rs
+  ${project.version}
+  provided
 
 
   org.slf4j
@@ -112,6 +118,12 @@
   johnzon-jsonb
   1.1.2
 
+
+  org.apache.tomcat
+  tomcat-catalina
+  ${tomcat.version}
+  provided
+
   
 
   

http://git-wip-us.apache.org/repos/asf/tomee/blob/893525f8/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTContext.java
--
diff --git 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTContext.java

[18/38] tomee git commit: some refactoring

2018-04-16 Thread jlmonteiro 
some refactoring


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/c5964e07
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/c5964e07
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/c5964e07

Branch: refs/heads/master
Commit: c5964e079df2dbadc0bd5f7f6567aaf509c69d83
Parents: 830b372
Author: Jean-Louis Monteiro 
Authored: Tue Feb 27 10:14:53 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Tue Feb 27 10:14:53 2018 +0100

--
 .../tomee/microprofile/jwt/ClaimLiteral.java|  32 --
 .../jwt/ClaimProviderBeanAttributes.java|  83 
 .../microprofile/jwt/ClaimValueProducer.java|  75 
 .../microprofile/jwt/ClaimValueWrapper.java |  54 ---
 .../jwt/DefaultJWTCallerPrincipal.java  | 334 
 .../jwt/DefaultJWTCallerPrincipalFactory.java   |  86 
 .../microprofile/jwt/JWTAuthContextInfo.java|  66 
 .../jwt/JWTAuthContextInfoProvider.java |  59 ---
 .../microprofile/jwt/JWTCallerPrincipal.java|  59 ---
 .../jwt/JWTCallerPrincipalFactory.java  | 124 --
 .../microprofile/jwt/JsonValueProducer.java | 111 --
 .../microprofile/jwt/MPJWTCDIExtension.java | 391 --
 .../tomee/microprofile/jwt/MPJWTFilter.java |   4 +
 .../tomee/microprofile/jwt/MPJWTProducer.java   | 196 -
 .../microprofile/jwt/RawClaimTypeProducer.java  |  69 
 .../tomee/microprofile/jwt/TCKTokenParser.java  |   3 +
 .../microprofile/jwt/cdi/ClaimLiteral.java  |  32 ++
 .../jwt/cdi/ClaimProviderBeanAttributes.java|  83 
 .../jwt/cdi/ClaimValueProducer.java |  75 
 .../microprofile/jwt/cdi/ClaimValueWrapper.java |  54 +++
 .../microprofile/jwt/cdi/JsonValueProducer.java | 111 ++
 .../microprofile/jwt/cdi/MPJWTCDIExtension.java | 395 +++
 .../microprofile/jwt/cdi/MPJWTProducer.java | 196 +
 .../jwt/cdi/RawClaimTypeProducer.java   |  69 
 .../jwt/config/JWTAuthContextInfo.java  |  66 
 .../jwt/config/JWTAuthContextInfoProvider.java  |  61 +++
 .../principal/DefaultJWTCallerPrincipal.java| 334 
 .../DefaultJWTCallerPrincipalFactory.java   |  88 +
 .../jwt/principal/JWTCallerPrincipal.java   |  59 +++
 .../principal/JWTCallerPrincipalFactory.java| 127 ++
 .../javax.enterprise.inject.spi.Extension   |   2 +-
 ...e.microprofile.jwt.JWTCallerPrincipalFactory |   1 -
 ...file.jwt.principal.JWTCallerPrincipalFactory |   1 +
 33 files changed, 1759 insertions(+), 1741 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/c5964e07/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/ClaimLiteral.java
--
diff --git 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/ClaimLiteral.java
 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/ClaimLiteral.java
deleted file mode 100644
index 5471b2e..000
--- 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/ClaimLiteral.java
+++ /dev/null
@@ -1,32 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.tomee.microprofile.jwt;
-
-import javax.enterprise.util.AnnotationLiteral;
-
-import org.eclipse.microprofile.jwt.Claim;
-import org.eclipse.microprofile.jwt.Claims;
-
-public class ClaimLiteral extends AnnotationLiteral implements Claim {
-public String value() {
-return "";
-}
-
-public Claims standard() {
-return Claims.UNKNOWN;
-}
-}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/tomee/blob/c5964e07/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/ClaimProviderBeanAttributes.java
--
diff --git 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/ClaimProviderBeanAttributes.java

[29/38] tomee git commit: formating

2018-04-16 Thread jlmonteiro 
formating


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/e75018b2
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/e75018b2
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/e75018b2

Branch: refs/heads/master
Commit: e75018b231942bec07c5a81fa513d476ab877877
Parents: 893525f
Author: Jean-Louis Monteiro 
Authored: Tue Mar 6 10:16:35 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Tue Mar 6 10:16:35 2018 +0100

--
 .../jwt/jaxrs/MPJWTSecurityAnnotationsInterceptor.java| 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/e75018b2/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWTSecurityAnnotationsInterceptor.java
--
diff --git 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWTSecurityAnnotationsInterceptor.java
 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWTSecurityAnnotationsInterceptor.java
index 60c2599..e6ccd5a 100644
--- 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWTSecurityAnnotationsInterceptor.java
+++ 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/jaxrs/MPJWTSecurityAnnotationsInterceptor.java
@@ -17,7 +17,8 @@ public class MPJWTSecurityAnnotationsInterceptor implements 
ContainerRequestFilt
 private final Set denyAll;
 private final Set permitAll;
 
-public MPJWTSecurityAnnotationsInterceptor(final 
javax.ws.rs.container.ResourceInfo resourceInfo, final ConcurrentMap rolesAllowed, final Set denyAll, final Set 
permitAll) {
+public MPJWTSecurityAnnotationsInterceptor(final 
javax.ws.rs.container.ResourceInfo resourceInfo,
+   final ConcurrentMap rolesAllowed, final Set denyAll, final Set 
permitAll) {
 this.resourceInfo = resourceInfo;
 this.rolesAllowed = rolesAllowed;
 this.denyAll = denyAll;

[20/38] tomee git commit: some refactoring

2018-04-16 Thread jlmonteiro 
some refactoring


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/1ad96bbd
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/1ad96bbd
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/1ad96bbd

Branch: refs/heads/master
Commit: 1ad96bbdf1239c4d57cb5b0bc9fa857fa028f427
Parents: 812cfed
Author: Jean-Louis Monteiro 
Authored: Tue Feb 27 11:03:11 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Tue Feb 27 11:03:11 2018 +0100

--
 tck/mp-jwt-embedded/pom.xml | 16 ++--
 .../apache/tomee/microprofile/jwt/KeyUtils.java | 85 ---
 .../tomee/microprofile/jwt/MPJWTFilter.java |  2 +-
 .../microprofile/jwt/MPJWTInitializer.java  |  1 +
 .../tomee/microprofile/jwt/ParseException.java  |  4 +-
 .../tomee/microprofile/jwt/TCKTokenParser.java  |  2 +-
 .../microprofile/jwt/cdi/ClaimLiteral.java  | 32 
 .../jwt/cdi/ClaimProviderBeanAttributes.java| 23 ++
 .../jwt/cdi/ClaimValueProducer.java | 16 ++--
 .../microprofile/jwt/cdi/ClaimValueWrapper.java | 13 ++-
 .../microprofile/jwt/cdi/JsonValueProducer.java | 37 -
 .../microprofile/jwt/cdi/JsonbProducer.java | 45 ++
 .../microprofile/jwt/cdi/MPJWTCDIExtension.java | 15 +---
 .../microprofile/jwt/cdi/MPJWTProducer.java | 86 +++-
 .../jwt/cdi/RawClaimTypeProducer.java   | 21 ++---
 .../jwt/config/JWTAuthContextInfoProvider.java  | 42 +-
 .../principal/DefaultJWTCallerPrincipal.java|  6 +-
 tck/mp-jwt-embedded/src/test/resources/dev.xml  |  6 +-
 18 files changed, 148 insertions(+), 304 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/1ad96bbd/tck/mp-jwt-embedded/pom.xml
--
diff --git a/tck/mp-jwt-embedded/pom.xml b/tck/mp-jwt-embedded/pom.xml
index 272f4ad..5055ac4 100644
--- a/tck/mp-jwt-embedded/pom.xml
+++ b/tck/mp-jwt-embedded/pom.xml
@@ -96,15 +96,21 @@
   jose4j
   0.6.0
 
+
+
+  org.apache.geronimo.specs
+  geronimo-json_1.1_spec
+  1.0
+
 
-  javax.json.bind
-  javax.json.bind-api
+  org.apache.geronimo.specs
+  geronimo-jsonb_1.0_spec
   1.0
 
 
-  org.glassfish
-  javax.json
-  1.0.4
+  org.apache.johnzon
+  johnzon-jsonb
+  1.1.2
 
   
 

http://git-wip-us.apache.org/repos/asf/tomee/blob/1ad96bbd/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/KeyUtils.java
--
diff --git 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/KeyUtils.java
 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/KeyUtils.java
deleted file mode 100644
index c65ea98..000
--- 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/KeyUtils.java
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.tomee.microprofile.jwt;
-
-import java.io.InputStream;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.NoSuchAlgorithmException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-import java.util.Base64;
-
-public class KeyUtils {
-private KeyUtils() {
-}
-
-public static PrivateKey readPrivateKey(String pemResName) throws 
Exception {
-InputStream contentIS = KeyUtils.class.getResourceAsStream(pemResName);
-byte[] tmp = new byte[4096];
-int length = contentIS.read(tmp);
-PrivateKey privateKey = decodePrivateKey(new String(tmp, 0, length));
-return privateKey;
-}
-
-public static PublicKey readPublicKey(String pemResName) throws Exception {
-InputStream contentIS =

buildbot failure in on tomee-trunk-ubuntu

2018-04-16 Thread buildbot 
The Buildbot has detected a new failure on builder tomee-trunk-ubuntu while 
building tomee. Full details are available at:
https://ci.apache.org/builders/tomee-trunk-ubuntu/builds/910

Buildbot URL: https://ci.apache.org/

Buildslave for this Build: bb_qnode5_ubuntu

Build Reason: The SingleBranchScheduler scheduler named 
'on-tomee-trunk-ubuntu-commit' triggered this build
Build Source Stamp: [branch master] 09ca434d9d80de8a36e9973682e071e19934552f
Blamelist: Jean-Louis Monteiro 

BUILD FAILED: failed compile

Sincerely,
 -The Buildbot

[23/38] tomee git commit: Iterate

2018-04-16 Thread jlmonteiro 
Iterate


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/50608069
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/50608069
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/50608069

Branch: refs/heads/master
Commit: 506080699d96c06db707ba66a4342aabf5e378f3
Parents: d81bd39
Author: Jean-Louis Monteiro 
Authored: Fri Mar 2 09:14:46 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Fri Mar 2 09:14:46 2018 +0100

--
 .../tomee/microprofile/jwt/cdi/ClaimBean.java   | 32 +---
 .../microprofile/jwt/cdi/MPJWTCDIExtension.java |  2 +-
 2 files changed, 28 insertions(+), 6 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/50608069/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
--
diff --git 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
index d04d807..ad713dd 100644
--- 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
+++ 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
@@ -17,7 +17,9 @@
 package org.apache.tomee.microprofile.jwt.cdi;
 
 import org.eclipse.microprofile.jwt.Claim;
+import org.eclipse.microprofile.jwt.ClaimValue;
 import org.eclipse.microprofile.jwt.Claims;
+import org.eclipse.microprofile.jwt.JsonWebToken;
 
 import javax.enterprise.context.Dependent;
 import javax.enterprise.context.spi.CreationalContext;
@@ -35,9 +37,12 @@ import java.util.HashSet;
 import java.util.List;
 import java.util.Optional;
 import java.util.Set;
+import java.util.logging.Logger;
 
 public class ClaimBean implements Bean, PassivationCapable {
 
+private static Logger logger = 
Logger.getLogger(MPJWTCDIExtension.class.getName());
+
 private final static Set QUALIFIERS = new HashSet<>();
 
 private final BeanManager bm;
@@ -53,7 +58,7 @@ public class ClaimBean implements Bean, 
PassivationCapable {
 this.id = "ClaimBean_" + types;
 }
 
-private Class getRawType(Type type) {
+private Class getRawType(final Type type) {
 if (type instanceof Class) {
 return (Class) type;
 
@@ -63,7 +68,7 @@ public class ClaimBean implements Bean, 
PassivationCapable {
 return (Class) paramType.getRawType();
 }
 
-// todo deal with Optional here?
+// todo deal with Optional here? aka check type again
 
 throw new UnsupportedOperationException("Unsupported type " + type);
 }
@@ -132,9 +137,12 @@ public class ClaimBean implements Bean, 
PassivationCapable {
 }
 
 final Annotated annotated = ip.getAnnotated();
-Claim claim = annotated.getAnnotation(Claim.class);
+final Claim claim = annotated.getAnnotation(Claim.class);
 final String key = getClaimKey(claim);
 
+System.out.println(String.format("Found Claim injection with name=%s 
and for InjectionPoint=%s", key, ip.toString()));
+logger.finest(String.format("Found Claim injection with name=%s and 
for InjectionPoint=%s", key, ip.toString()));
+
 if (annotated.getBaseType() instanceof ParameterizedType) {
 final ParameterizedType paramType = (ParameterizedType) 
annotated.getBaseType();
 final Type rawType = paramType.getRawType();
@@ -148,6 +156,12 @@ public class ClaimBean implements Bean, 
PassivationCapable {
 return (T) getClaimValue(key, clazz);
 }
 
+// handle ClaimValue
+if (rawTypeClass.isAssignableFrom(ClaimValue.class)) {
+final Class clazz = (Class) 
paramType.getActualTypeArguments()[0]; //X TODO check type again, etc
+return (T) getClaimValue(key, clazz);
+}
+
 // handle Optional
 if (rawTypeClass.isAssignableFrom(Optional.class)) {
 final Class clazz = (Class) 
paramType.getActualTypeArguments()[0]; //X TODO check type again, etc
@@ -180,8 +194,16 @@ public class ClaimBean implements Bean, 
PassivationCapable {
 return claim.standard() == Claims.UNKNOWN ? claim.value() : 
claim.standard().name();
 }
 
-private T getClaimValue(final String key, final Class clazz) {
-return null; // todo
+private T getClaimValue(final String name, final Class clazz) {
+final JsonWebToken jwt = MPJWTProducer.getJWTPrincpal();
+if (jwt == null) {
+logger.warning(String.format("Can't retrieve claim %s. No active 
principal.", name));
+return null;
+}
+
+

[35/38] tomee git commit: Not needed

2018-04-16 Thread jlmonteiro 
Not needed


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/7446cbb0
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/7446cbb0
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/7446cbb0

Branch: refs/heads/master
Commit: 7446cbb0d062ffaa6009b1283822fe520f1aec3f
Parents: 3c089d3
Author: Jean-Louis Monteiro 
Authored: Wed Mar 7 11:31:36 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Wed Mar 7 11:31:36 2018 +0100

--
 .../openejb/core/security/JwtSecurityTest.java  | 364 ---
 1 file changed, 364 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/7446cbb0/container/openejb-core/src/test/java/org/apache/openejb/core/security/JwtSecurityTest.java
--
diff --git 
a/container/openejb-core/src/test/java/org/apache/openejb/core/security/JwtSecurityTest.java
 
b/container/openejb-core/src/test/java/org/apache/openejb/core/security/JwtSecurityTest.java
deleted file mode 100644
index ddd92f3..000
--- 
a/container/openejb-core/src/test/java/org/apache/openejb/core/security/JwtSecurityTest.java
+++ /dev/null
@@ -1,364 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS,
- *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-package org.apache.openejb.core.security;
-
-import org.apache.openejb.OpenEJB;
-import org.apache.openejb.assembler.classic.Assembler;
-import org.apache.openejb.assembler.classic.EjbJarInfo;
-import org.apache.openejb.assembler.classic.ProxyFactoryInfo;
-import org.apache.openejb.assembler.classic.SecurityServiceInfo;
-import org.apache.openejb.assembler.classic.StatelessSessionContainerInfo;
-import org.apache.openejb.assembler.classic.TransactionServiceInfo;
-import org.apache.openejb.config.ConfigurationFactory;
-import org.apache.openejb.core.LocalInitialContextFactory;
-import org.apache.openejb.core.security.jaas.GroupPrincipal;
-import org.apache.openejb.core.security.jaas.UserPrincipal;
-import org.apache.openejb.jee.EjbJar;
-import org.apache.openejb.jee.StatelessBean;
-import org.junit.AfterClass;
-import org.junit.Test;
-
-import javax.annotation.Resource;
-import javax.annotation.security.DeclareRoles;
-import javax.annotation.security.DenyAll;
-import javax.annotation.security.PermitAll;
-import javax.annotation.security.RolesAllowed;
-import javax.annotation.security.RunAs;
-import javax.ejb.SessionContext;
-import javax.ejb.Singleton;
-import javax.naming.Context;
-import javax.naming.InitialContext;
-import javax.security.auth.Subject;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.login.AppConfigurationEntry;
-import javax.security.auth.login.Configuration;
-import javax.security.auth.login.LoginException;
-import javax.security.auth.spi.LoginModule;
-import java.security.Security;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Map;
-import java.util.Properties;
-import java.util.Set;
-
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
-import static org.testng.AssertJUnit.assertFalse;
-
-public class JWTSecurityTest {
-
-@AfterClass
-public static void afterClass() throws Exception {
-OpenEJB.destroy();
-System.clearProperty(Context.INITIAL_CONTEXT_FACTORY);
-// unfortunate we can't reset the value, so setting to default (See 
Configuration)
-Security.setProperty("login.configuration.provider", 
"sun.security.provider.ConfigFile");
-}
-
-private Assembler configureAssembler(final String defaultUser) throws 
Exception {
-System.setProperty(Context.INITIAL_CONTEXT_FACTORY, 
LocalInitialContextFactory.class.getName());
-Security.setProperty("login.configuration.provider", 
JaasConfig.class.getName());
-
-final ConfigurationFactory config = new ConfigurationFactory();
-final Assembler assembler = new Assembler();
-
-
assembler.createProxyFactory(config.configureService(ProxyFactoryInfo.class));
-

[36/38] tomee git commit: No more needed

2018-04-16 Thread jlmonteiro 
No more needed


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/04675f5d
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/04675f5d
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/04675f5d

Branch: refs/heads/master
Commit: 04675f5dfb0c3d235c95386baf7cb59208f7a42e
Parents: 7446cbb
Author: Jean-Louis Monteiro 
Authored: Wed Mar 7 11:35:02 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Wed Mar 7 11:35:02 2018 +0100

--
 container/openejb-core/pom.xml  |  19 --
 .../apache/openejb/core/security/JWTUtil.java   | 100 ---
 .../server/cxf/rs/MPJWTSecurityContextTest.java | 260 ---
 3 files changed, 379 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/04675f5d/container/openejb-core/pom.xml
--
diff --git a/container/openejb-core/pom.xml b/container/openejb-core/pom.xml
index c7f..be1e710 100644
--- a/container/openejb-core/pom.xml
+++ b/container/openejb-core/pom.xml
@@ -712,25 +712,6 @@
   provided
 
 
-
-  org.eclipse.microprofile.config
-  microprofile-config-api
-  1.2
-  compile
-
-
-  org.eclipse.microprofile.jwt
-  microprofile-jwt-auth-api
-  1.1-SNAPSHOT
-  compile
-
-
-  com.nimbusds
-  nimbus-jose-jwt
-  5.1
-  compile
-
-
   
 
   

http://git-wip-us.apache.org/repos/asf/tomee/blob/04675f5d/container/openejb-core/src/test/java/org/apache/openejb/core/security/JWTUtil.java
--
diff --git 
a/container/openejb-core/src/test/java/org/apache/openejb/core/security/JWTUtil.java
 
b/container/openejb-core/src/test/java/org/apache/openejb/core/security/JWTUtil.java
deleted file mode 100644
index 4ae438f..000
--- 
a/container/openejb-core/src/test/java/org/apache/openejb/core/security/JWTUtil.java
+++ /dev/null
@@ -1,100 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- * 
- * http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.openejb.core.security;
-
-import com.nimbusds.jose.JOSEException;
-import com.nimbusds.jose.JWSAlgorithm;
-import com.nimbusds.jose.JWSHeader;
-import com.nimbusds.jose.JWSSigner;
-import com.nimbusds.jose.crypto.MACSigner;
-import com.nimbusds.jose.crypto.RSASSASigner;
-import com.nimbusds.jwt.JWTClaimsSet;
-import com.nimbusds.jwt.SignedJWT;
-
-import javax.crypto.SecretKey;
-import javax.crypto.spec.SecretKeySpec;
-import java.security.Key;
-import java.security.interfaces.RSAPrivateKey;
-import java.time.LocalDate;
-import java.util.Date;
-import java.util.UUID;
-
-import static java.time.ZoneId.systemDefault;
-
-public class JWTUtil {
-
-protected static final String MYSHAREDSECRET = 
"abcdefghijklmnopqrstuvwxyzabcdef"; // at least 256 bits
-
-private JWTUtil() {
-// prevent direct instantiation
-}
-
-public static String createValidJwtAccessToken(String... scopes) throws 
Exception {
-final SecretKey key = new SecretKeySpec(MYSHAREDSECRET.getBytes(), 
"hmac-sha256");
-
-// Prepare JWT with claims set
-final JWTClaimsSet.Builder claimsBuilder = createValidJwtClaimsSet();
-
-if (scopes != null && scopes.length > 0) {
-claimsBuilder.claim("scopes", scopes);
-}
-
-final JWTClaimsSet claimsSet = claimsBuilder.build();
-
-final JWSHeader header = new JWSHeader(JWSAlgorithm.HS256);
-
-return sign(claimsSet, header, key).serialize();
-}
-
-public static SignedJWT sign(final JWTClaimsSet jwtClaimsSet, final 
JWSHeader jwsHeader, final Key key) throws JOSEException {
-JWSSigner signer = null;
-if (RSAPrivateKey.class.isInstance(key)) {
-signer = new RSASSASigner(RSAPrivateKey.class.cast(key));
-
-} else if (SecretKey.class.isInstance(key)) {
-signer = new MACSigner(SecretKey.class.cast(key).getEncoded());
-
-} else {
-throw new

[31/38] tomee git commit: Renamed to providers because the event gives the existing list but it's up to the observer to add more

2018-04-16 Thread jlmonteiro 
Renamed to providers because the event gives the existing list but it's up to 
the observer to add more


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/9a428e15
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/9a428e15
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/9a428e15

Branch: refs/heads/master
Commit: 9a428e151eea46cc0c0e5e0ffac01282b1ce1e98
Parents: ae7c21e
Author: Jean-Louis Monteiro 
Authored: Wed Mar 7 08:13:13 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Wed Mar 7 08:13:13 2018 +0100

--
 .../server/cxf/rs/event/ExtensionProviderRegistration.java   | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/9a428e15/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/event/ExtensionProviderRegistration.java
--
diff --git 
a/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/event/ExtensionProviderRegistration.java
 
b/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/event/ExtensionProviderRegistration.java
index cfae25c..932a6bf 100644
--- 
a/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/event/ExtensionProviderRegistration.java
+++ 
b/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/event/ExtensionProviderRegistration.java
@@ -28,9 +28,9 @@ public class ExtensionProviderRegistration {
 private final List providers;
 private final AppContext appContext;
 
-public ExtensionProviderRegistration(final AppContext ctx, final 
List existings) {
+public ExtensionProviderRegistration(final AppContext ctx, final 
List providers) {
 this.appContext = ctx;
-this.providers = existings;
+this.providers = providers;
 }
 
 public AppContext getAppContext() {

[34/38] tomee git commit: Not needed

2018-04-16 Thread jlmonteiro 
Not needed


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/3c089d35
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/3c089d35
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/3c089d35

Branch: refs/heads/master
Commit: 3c089d35e72987a93cfa3853f754e90cdbf8d267
Parents: 0340cef
Author: Jean-Louis Monteiro 
Authored: Wed Mar 7 11:30:44 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Wed Mar 7 11:30:44 2018 +0100

--
 .../tests/jaxrs/mpjwt/HelloResource.java| 49 -
 .../tests/jaxrs/mpjwt/MPJWTApplication.java | 28 ---
 .../arquillian/tests/jaxrs/mpjwt/MPJWTTest.java | 77 
 3 files changed, 154 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/3c089d35/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/java/org/apache/openejb/arquillian/tests/jaxrs/mpjwt/HelloResource.java
--
diff --git 
a/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/java/org/apache/openejb/arquillian/tests/jaxrs/mpjwt/HelloResource.java
 
b/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/java/org/apache/openejb/arquillian/tests/jaxrs/mpjwt/HelloResource.java
deleted file mode 100644
index bc030f1..000
--- 
a/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/java/org/apache/openejb/arquillian/tests/jaxrs/mpjwt/HelloResource.java
+++ /dev/null
@@ -1,49 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS,
- *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-package org.apache.openejb.arquillian.tests.jaxrs.mpjwt;
-
-import org.eclipse.microprofile.jwt.Claim;
-import org.eclipse.microprofile.jwt.ClaimValue;
-
-import javax.annotation.security.RolesAllowed;
-import javax.ejb.Lock;
-import javax.ejb.LockType;
-import javax.ejb.Stateless;
-import javax.inject.Inject;
-import javax.ws.rs.GET;
-import javax.ws.rs.Path;
-import javax.ws.rs.Produces;
-import javax.ws.rs.core.Context;
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.SecurityContext;
-
-@Path("/hello")
-@Stateless
-@Lock(LockType.READ)
-public class HelloResource {
-
-@Inject
-@Claim("jti")
-private ClaimValue jti;
-
-@GET
-@Produces(MediaType.TEXT_PLAIN)
-@RolesAllowed("helloRole")
-public String sayHello(@Context SecurityContext context) {
-return "hello " + context.getUserPrincipal().getName();
-}
-}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/tomee/blob/3c089d35/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/java/org/apache/openejb/arquillian/tests/jaxrs/mpjwt/MPJWTApplication.java
--
diff --git 
a/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/java/org/apache/openejb/arquillian/tests/jaxrs/mpjwt/MPJWTApplication.java
 
b/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/java/org/apache/openejb/arquillian/tests/jaxrs/mpjwt/MPJWTApplication.java
deleted file mode 100644
index 18bdee6..000
--- 
a/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/java/org/apache/openejb/arquillian/tests/jaxrs/mpjwt/MPJWTApplication.java
+++ /dev/null
@@ -1,28 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS,
- *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-

[08/38] tomee git commit: comments

2018-04-16 Thread jlmonteiro 
comments


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/f58a39aa
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/f58a39aa
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/f58a39aa

Branch: refs/heads/master
Commit: f58a39aaab0772839b149ccdc198b067924a648b
Parents: 7d93131
Author: Jean-Louis Monteiro 
Authored: Wed Feb 21 17:10:12 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Wed Feb 21 17:10:12 2018 +0100

--
 .../org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/f58a39aa/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
--
diff --git 
a/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
 
b/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
index 28cc45d..c85e6fb 100644
--- 
a/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
+++ 
b/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
@@ -103,7 +103,7 @@ public class MPJWTSecurityContextTest {
 @LoginConfig(authMethod = "MP-JWT")
 @ApplicationPath("/api")
 public static class RestApplication extends Application {
-
+// auto discovered
 }
 
 @Path("sc")

[16/38] tomee git commit: Add more implementations and TCK coverage

2018-04-16 Thread jlmonteiro 
Add more implementations and TCK coverage


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/830b3729
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/830b3729
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/830b3729

Branch: refs/heads/master
Commit: 830b372981330bf028b576b155e497b24c85bf9a
Parents: 9c69190
Author: Jean-Louis Monteiro 
Authored: Tue Feb 27 09:16:44 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Tue Feb 27 09:16:44 2018 +0100

--
 tck/mp-jwt-embedded/pom.xml |  11 +
 .../tomee/microprofile/jwt/ClaimLiteral.java|  32 ++
 .../jwt/ClaimProviderBeanAttributes.java|  83 
 .../microprofile/jwt/ClaimValueProducer.java|  75 
 .../microprofile/jwt/ClaimValueWrapper.java |  54 +++
 .../jwt/JWTAuthContextInfoProvider.java |  59 +++
 .../jwt/JWTCallerPrincipalFactory.java  |   2 +-
 .../microprofile/jwt/JsonValueProducer.java | 111 ++
 .../apache/tomee/microprofile/jwt/KeyUtils.java |  84 
 .../microprofile/jwt/MPJWTCDIExtension.java | 391 +++
 .../tomee/microprofile/jwt/MPJWTContext.java|   9 +-
 .../tomee/microprofile/jwt/MPJWTFilter.java |  25 +-
 .../microprofile/jwt/MPJWTInitializer.java  |   7 +-
 .../tomee/microprofile/jwt/MPJWTProducer.java   | 196 ++
 .../microprofile/jwt/RawClaimTypeProducer.java  |  69 
 .../javax.enterprise.inject.spi.Extension   |   1 +
 ...e.microprofile.jwt.JWTCallerPrincipalFactory |   1 +
 ...file.jwt.principal.JWTCallerPrincipalFactory |   1 -
 .../jwt/AppDeploymentExtension.java |  37 ++
 jboss.arquillian.core.spi.LoadableExtension |   1 +
 tck/mp-jwt-embedded/src/test/resources/dev.xml  |   8 +-
 21 files changed, 1237 insertions(+), 20 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/830b3729/tck/mp-jwt-embedded/pom.xml
--
diff --git a/tck/mp-jwt-embedded/pom.xml b/tck/mp-jwt-embedded/pom.xml
index ddbccec..272f4ad 100644
--- a/tck/mp-jwt-embedded/pom.xml
+++ b/tck/mp-jwt-embedded/pom.xml
@@ -112,6 +112,16 @@
 
   
 org.apache.maven.plugins
+maven-compiler-plugin
+3.6.1
+
+  1.8
+  1.8JwSecTest
+
+  
+  
   
 org.apache.maven.plugins
 maven-surefire-plugin

http://git-wip-us.apache.org/repos/asf/tomee/blob/830b3729/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/ClaimLiteral.java
--
diff --git 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/ClaimLiteral.java
 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/ClaimLiteral.java
new file mode 100644
index 000..5471b2e
--- /dev/null
+++ 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/ClaimLiteral.java
@@ -0,0 +1,32 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.tomee.microprofile.jwt;
+
+import javax.enterprise.util.AnnotationLiteral;
+
+import org.eclipse.microprofile.jwt.Claim;
+import org.eclipse.microprofile.jwt.Claims;
+
+public class ClaimLiteral extends AnnotationLiteral implements Claim {
+public String value() {
+return "";
+}
+
+public Claims standard() {
+return Claims.UNKNOWN;
+}
+}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/tomee/blob/830b3729/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/ClaimProviderBeanAttributes.java
--
diff --git 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/ClaimProviderBeanAttributes.java
 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/ClaimProviderBeanAttributes.java
new file mode 100644
index 000..ce6e97c
--- /dev/null
+++

[06/38] tomee git commit: Better handling of the internal application

2018-04-16 Thread jlmonteiro 
Better handling of the internal application


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/7acf3146
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/7acf3146
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/7acf3146

Branch: refs/heads/master
Commit: 7acf3146b12e5bbd0e4db58ed432345ca4eec4ae
Parents: a2468e4
Author: Jean-Louis Monteiro 
Authored: Wed Feb 21 16:45:35 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Wed Feb 21 16:45:35 2018 +0100

--
 .../server/cxf/rs/MPJWTSecurityContextTest.java | 22 +++-
 1 file changed, 8 insertions(+), 14 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/7acf3146/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
--
diff --git 
a/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
 
b/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
index b7bceb5..266aa66 100644
--- 
a/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
+++ 
b/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
@@ -23,6 +23,7 @@ import org.apache.openejb.loader.SystemInstance;
 import org.apache.openejb.observer.Observes;
 import org.apache.openejb.server.cxf.rs.event.ExtensionProviderRegistration;
 import org.apache.openejb.server.cxf.rs.event.ServerCreated;
+import org.apache.openejb.server.rest.InternalApplication;
 import org.apache.openejb.spi.SecurityService;
 import org.apache.openejb.testing.Classes;
 import org.apache.openejb.testing.Configuration;
@@ -101,7 +102,7 @@ public class MPJWTSecurityContextTest {
 
 @LoginConfig(authMethod = "MP-JWT")
 @ApplicationPath("/api")
-public class RestApplication extends Application {
+public static class RestApplication extends Application {
 
 }
 
@@ -122,22 +123,15 @@ public class MPJWTSecurityContextTest {
 public void obs(@Observes final ServerCreated event) {
 System.out.println("Observer.obs");
 final ApplicationInfo appInfo = (ApplicationInfo) 
event.getServer().getEndpoint().get("javax.ws.rs.core.Application");
-final Application application = appInfo.getProvider();
-final LoginConfig annotation = 
application.getClass().getAnnotation(LoginConfig.class);
-if (annotation != null) {
-// add the ContainerRequestFilter on the fly
-}
-}
-
-public void extension(@Observes final ExtensionProviderRegistration 
registration) {
-System.out.println("Observer.extension");
-// nothing useful here because we cannot access the application
-final ApplicationInfo appInfo = (ApplicationInfo) 
registration.getServer().getEndpoint().get("javax.ws.rs.core.Application");
-final Application application = appInfo.getProvider();
+final Application application = 
InternalApplication.class.isInstance(appInfo.getProvider())
+? 
InternalApplication.class.cast(appInfo.getProvider()).getOriginal()
+: appInfo.getProvider();
 final LoginConfig annotation = 
application.getClass().getAnnotation(LoginConfig.class);
 if (annotation != null && 
"MP-JWT".equals(annotation.authMethod())) {
 // add the ContainerRequestFilter on the fly
-registration.getProviders().add(new MySecuCtx());
+if 
(InternalApplication.class.isInstance(appInfo.getProvider())) {
+
InternalApplication.class.cast(appInfo.getProvider()).getClasses().add(MySecuCtx.class);
+}
 }
 }
 }

tomee git commit: ASM fixes previously missed

2018-04-16 Thread jgallimore 
Repository: tomee
Updated Branches:
  refs/heads/fb_tomee8 59c398d19 -> ebad7d709


ASM fixes previously missed


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/ebad7d70
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/ebad7d70
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/ebad7d70

Branch: refs/heads/fb_tomee8
Commit: ebad7d709a7524938c8505c835eeb964245bb7cc
Parents: 59c398d
Author: Jonathan Gallimore 
Authored: Wed Mar 14 14:44:25 2018 +
Committer: Jonathan Gallimore 
Committed: Mon Apr 16 21:39:08 2018 +0100

--
 .../org/apache/openejb/config/ServiceClasspathTest.java   | 10 +-
 .../java/org/apache/openejb/core/cmp/jpa/JpaTest.java |  4 ++--
 2 files changed, 7 insertions(+), 7 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/ebad7d70/container/openejb-core/src/test/java/org/apache/openejb/config/ServiceClasspathTest.java
--
diff --git 
a/container/openejb-core/src/test/java/org/apache/openejb/config/ServiceClasspathTest.java
 
b/container/openejb-core/src/test/java/org/apache/openejb/config/ServiceClasspathTest.java
index a8b59dc..51fd351 100644
--- 
a/container/openejb-core/src/test/java/org/apache/openejb/config/ServiceClasspathTest.java
+++ 
b/container/openejb-core/src/test/java/org/apache/openejb/config/ServiceClasspathTest.java
@@ -53,11 +53,11 @@ import java.util.Properties;
 import java.util.zip.ZipEntry;
 import java.util.zip.ZipOutputStream;
 
-import static org.apache.xbean.asm5.Opcodes.ACC_PUBLIC;
-import static org.apache.xbean.asm5.Opcodes.ACC_SUPER;
-import static org.apache.xbean.asm5.Opcodes.ALOAD;
-import static org.apache.xbean.asm5.Opcodes.INVOKESPECIAL;
-import static org.apache.xbean.asm5.Opcodes.RETURN;
+import static org.apache.xbean.asm6.Opcodes.ACC_PUBLIC;
+import static org.apache.xbean.asm6.Opcodes.ACC_SUPER;
+import static org.apache.xbean.asm6.Opcodes.ALOAD;
+import static org.apache.xbean.asm6.Opcodes.INVOKESPECIAL;
+import static org.apache.xbean.asm6.Opcodes.RETURN;
 
 /**
  * @version $Rev$ $Date$

http://git-wip-us.apache.org/repos/asf/tomee/blob/ebad7d70/container/openejb-core/src/test/java/org/apache/openejb/core/cmp/jpa/JpaTest.java
--
diff --git 
a/container/openejb-core/src/test/java/org/apache/openejb/core/cmp/jpa/JpaTest.java
 
b/container/openejb-core/src/test/java/org/apache/openejb/core/cmp/jpa/JpaTest.java
index 3c75490..ad38935 100644
--- 
a/container/openejb-core/src/test/java/org/apache/openejb/core/cmp/jpa/JpaTest.java
+++ 
b/container/openejb-core/src/test/java/org/apache/openejb/core/cmp/jpa/JpaTest.java
@@ -54,8 +54,8 @@ import java.util.Hashtable;
 import java.util.Map;
 import java.util.Properties;
 
-import static org.apache.xbean.asm5.Opcodes.ACC_PRIVATE;
-import static org.apache.xbean.asm5.Opcodes.ACC_TRANSIENT;
+import static org.apache.xbean.asm6.Opcodes.ACC_PRIVATE;
+import static org.apache.xbean.asm6.Opcodes.ACC_TRANSIENT;
 
 public class JpaTest extends TestCase {
 static {

[26/38] tomee git commit: Provider and Instance

2018-04-16 Thread jlmonteiro 
Provider and Instance


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/cfc2ae1f
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/cfc2ae1f
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/cfc2ae1f

Branch: refs/heads/master
Commit: cfc2ae1f873a5b413cd79af69969f4dfe620829d
Parents: b05e564
Author: Jean-Louis Monteiro 
Authored: Fri Mar 2 15:40:17 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Fri Mar 2 15:40:17 2018 +0100

--
 .../org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java| 2 ++
 .../tomee/microprofile/jwt/cdi/MPJWTCDIExtension.java   | 9 +
 tck/mp-jwt-embedded/src/test/resources/dev.xml  | 8 
 3 files changed, 15 insertions(+), 4 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/cfc2ae1f/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
--
diff --git 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
index 0e87404..0b6f3de 100644
--- 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
+++ 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
@@ -168,11 +168,13 @@ public class ClaimBean implements Bean, 
PassivationCapable {
 
 // handle Provider
 if (rawTypeClass.isAssignableFrom(Provider.class)) {
+final Type providerType = 
paramType.getActualTypeArguments()[0];
 return getClaimValue(key);
 }
 
 // handle Instance
 if (rawTypeClass.isAssignableFrom(Instance.class)) {
+final Type instanceType = 
paramType.getActualTypeArguments()[0];
 return getClaimValue(key);
 }
 

http://git-wip-us.apache.org/repos/asf/tomee/blob/cfc2ae1f/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/MPJWTCDIExtension.java
--
diff --git 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/MPJWTCDIExtension.java
 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/MPJWTCDIExtension.java
index 9f8e602..05b08de 100644
--- 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/MPJWTCDIExtension.java
+++ 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/MPJWTCDIExtension.java
@@ -23,6 +23,7 @@ import 
org.apache.tomee.microprofile.jwt.config.JWTAuthContextInfoProvider;
 import org.eclipse.microprofile.jwt.Claim;
 
 import javax.enterprise.event.Observes;
+import javax.enterprise.inject.Instance;
 import javax.enterprise.inject.spi.AfterBeanDiscovery;
 import javax.enterprise.inject.spi.AfterDeploymentValidation;
 import javax.enterprise.inject.spi.BeanManager;
@@ -46,6 +47,7 @@ public class MPJWTCDIExtension implements Extension {
 private static Logger logger = 
Logger.getLogger(MPJWTCDIExtension.class.getName());
 
 private static final Predicate NOT_PROVIDERS = ip -> 
(ip.getType() instanceof Class) || (ip.getType() instanceof ParameterizedType 
&& ((ParameterizedType)ip.getType()).getRawType() != Provider.class);
+private static final Predicate NOT_INSTANCES = ip -> 
(ip.getType() instanceof Class) || (ip.getType() instanceof ParameterizedType 
&& ((ParameterizedType)ip.getType()).getRawType() != Instance.class);
 private static final Map REPLACED_TYPES = new HashMap<>();
 
 static {
@@ -68,6 +70,7 @@ public class MPJWTCDIExtension implements Extension {
 public void registerClaimProducer(@Observes final AfterBeanDiscovery abd, 
final BeanManager bm) {
 final Set types = injectionPoints.stream()
 .filter(NOT_PROVIDERS)
+.filter(NOT_INSTANCES)
 .map(ip -> REPLACED_TYPES.getOrDefault(ip.getType(), 
ip.getType()))
 .collect(Collectors.toSet());
 
@@ -76,7 +79,13 @@ public class MPJWTCDIExtension implements Extension {
 .map(ip -> 
((ParameterizedType)ip.getType()).getActualTypeArguments()[0])
 .collect(Collectors.toSet());
 
+final Set instanceTypes = injectionPoints.stream()
+.filter(NOT_INSTANCES.negate())
+.map(ip -> 
((ParameterizedType)ip.getType()).getActualTypeArguments()[0])
+.collect(Collectors.toSet());
+
 types.addAll(providerTypes);
+types.addAll(instanceTypes);
 
 types.stream()
 .map(type -> new ClaimBean<>(bm,

[19/38] tomee git commit: Formating

2018-04-16 Thread jlmonteiro 
Formating


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/812cfed9
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/812cfed9
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/812cfed9

Branch: refs/heads/master
Commit: 812cfed9bc64f6d5985d507dd00b62cbfa5215bc
Parents: c5964e0
Author: Jean-Louis Monteiro 
Authored: Tue Feb 27 10:23:02 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Tue Feb 27 10:23:02 2018 +0100

--
 .../apache/tomee/microprofile/jwt/KeyUtils.java |  5 +-
 .../tomee/microprofile/jwt/MPJWTContext.java|  1 -
 .../microprofile/jwt/MPJWTInitializer.java  |  1 -
 .../tomee/microprofile/jwt/TCKTokenParser.java  |  4 +-
 .../microprofile/jwt/cdi/ClaimLiteral.java  |  4 +-
 .../jwt/cdi/ClaimProviderBeanAttributes.java| 14 ++--
 .../jwt/cdi/ClaimValueProducer.java | 14 ++--
 .../microprofile/jwt/cdi/MPJWTCDIExtension.java | 88 
 .../microprofile/jwt/cdi/MPJWTProducer.java | 50 +--
 .../jwt/config/JWTAuthContextInfo.java  |  3 +-
 .../DefaultJWTCallerPrincipalFactory.java   |  2 +-
 .../principal/JWTCallerPrincipalFactory.java|  2 +-
 12 files changed, 85 insertions(+), 103 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/812cfed9/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/KeyUtils.java
--
diff --git 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/KeyUtils.java
 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/KeyUtils.java
index 07e00f2..c65ea98 100644
--- 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/KeyUtils.java
+++ 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/KeyUtils.java
@@ -28,6 +28,9 @@ import java.security.spec.X509EncodedKeySpec;
 import java.util.Base64;
 
 public class KeyUtils {
+private KeyUtils() {
+}
+
 public static PrivateKey readPrivateKey(String pemResName) throws 
Exception {
 InputStream contentIS = KeyUtils.class.getResourceAsStream(pemResName);
 byte[] tmp = new byte[4096];
@@ -79,6 +82,4 @@ public class KeyUtils {
 pem = pem.replaceAll("\n", "");
 return pem.trim();
 }
-private KeyUtils() {
-}
 }
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/tomee/blob/812cfed9/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTContext.java
--
diff --git 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTContext.java
 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTContext.java
index 07dfe0b..50b7d1e 100644
--- 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTContext.java
+++ 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTContext.java
@@ -16,7 +16,6 @@
  */
 package org.apache.tomee.microprofile.jwt;
 
-import javax.enterprise.context.ApplicationScoped;
 import java.util.Map;
 import java.util.Objects;
 import java.util.Optional;

http://git-wip-us.apache.org/repos/asf/tomee/blob/812cfed9/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTInitializer.java
--
diff --git 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTInitializer.java
 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTInitializer.java
index bb8bb16..8fa9259 100644
--- 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTInitializer.java
+++ 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTInitializer.java
@@ -18,7 +18,6 @@ package org.apache.tomee.microprofile.jwt;
 
 import org.eclipse.microprofile.auth.LoginConfig;
 
-import javax.inject.Inject;
 import javax.servlet.FilterRegistration;
 import javax.servlet.ServletContainerInitializer;
 import javax.servlet.ServletContext;

http://git-wip-us.apache.org/repos/asf/tomee/blob/812cfed9/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/TCKTokenParser.java
--
diff --git 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/TCKTokenParser.java
 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/TCKTokenParser.java
index 0c65795..aeea598 100644
--- 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/TCKTokenParser.java
+++ 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/TCKTokenParser.java
@@ -32,8 +32,8 @@ public

[12/38] tomee git commit: Add a bit more in terms of wiring - still designing and working on it

2018-04-16 Thread jlmonteiro 
Add a bit more in terms of wiring - still designing and working on it


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/d987d3ae
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/d987d3ae
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/d987d3ae

Branch: refs/heads/master
Commit: d987d3aedf89abf68e2975cd3c2be4274616a2fc
Parents: 672b422
Author: Jean-Louis Monteiro 
Authored: Thu Feb 22 22:00:27 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Thu Feb 22 22:00:27 2018 +0100

--
 .../server/cxf/rs/MPJWTSecurityContextTest.java | 183 ++-
 .../tomee/microprofile/jwt/MPJWTContext.java| 134 ++
 .../tomee/microprofile/jwt/MPJWTFilter.java |  22 ++-
 .../microprofile/jwt/MPJWTInitializer.java  |  19 +-
 .../src/main/resources/META-INF/beans.xml   |   1 +
 5 files changed, 305 insertions(+), 54 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/d987d3ae/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
--
diff --git 
a/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
 
b/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
index 62565b4..10a1305 100644
--- 
a/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
+++ 
b/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
@@ -21,71 +21,81 @@ import org.apache.cxf.endpoint.Server;
 import org.apache.cxf.jaxrs.model.ApplicationInfo;
 import org.apache.openejb.jee.WebApp;
 import org.apache.openejb.junit.ApplicationComposer;
-import org.apache.openejb.loader.SystemInstance;
 import org.apache.openejb.observer.Observes;
 import org.apache.openejb.server.cxf.rs.event.ServerCreated;
 import org.apache.openejb.server.rest.InternalApplication;
-import org.apache.openejb.spi.SecurityService;
 import org.apache.openejb.testing.Classes;
 import org.apache.openejb.testing.Configuration;
 import org.apache.openejb.testing.EnableServices;
 import org.apache.openejb.testing.Module;
+import org.apache.openejb.testing.RandomPort;
 import org.apache.openejb.testng.PropertiesBuilder;
-import org.apache.openejb.util.NetworkUtil;
 import org.eclipse.microprofile.auth.LoginConfig;
-import org.junit.BeforeClass;
+import org.eclipse.microprofile.jwt.JsonWebToken;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 
+import javax.annotation.PostConstruct;
+import javax.enterprise.context.ApplicationScoped;
+import javax.inject.Inject;
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.annotation.WebFilter;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletRequestWrapper;
 import javax.ws.rs.ApplicationPath;
 import javax.ws.rs.GET;
 import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.QueryParam;
 import javax.ws.rs.client.ClientBuilder;
-import javax.ws.rs.container.ContainerRequestContext;
-import javax.ws.rs.container.ContainerRequestFilter;
 import javax.ws.rs.core.Application;
 import javax.ws.rs.core.Context;
 import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.SecurityContext;
-import javax.ws.rs.ext.Provider;
 import java.io.IOException;
+import java.lang.annotation.Annotation;
 import java.security.Principal;
-import java.util.Objects;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Optional;
 import java.util.Properties;
+import java.util.Set;
+import java.util.function.Predicate;
 
 import static org.junit.Assert.assertEquals;
 
 @EnableServices("jax-rs")
 @RunWith(ApplicationComposer.class)
 public class MPJWTSecurityContextTest {
-
-private static int port = -1;
-
-@BeforeClass
-public static void beforeClass() {
-port = NetworkUtil.getNextAvailablePort();
-}
+@RandomPort("http")
+private int port;
 
 @Configuration
 public Properties props() {
 return new PropertiesBuilder()
-.p("httpejbd.port", Integer.toString(port))
 .p("observer", "new://Service?class-name=" + 
Observer.class.getName()) // properly packaged and auto registered
 .build();
 }
 
 @Module
-@Classes(cdi = true, value = {Res.class, RestApplication.class})
+@Classes(value = {Res.class, RestApplication.class, MPFilter.class, 
MPContext.class}, cdi = true)
 public WebApp war()

[09/38] tomee git commit: Renaming

2018-04-16 Thread jlmonteiro 
Renaming


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/ad9e2221
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/ad9e2221
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/ad9e2221

Branch: refs/heads/master
Commit: ad9e2221cdb1fe00e6f59d4b5ee46f1f24dabd4f
Parents: f58a39a
Author: Jean-Louis Monteiro 
Authored: Thu Feb 22 09:57:43 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Thu Feb 22 09:57:43 2018 +0100

--
 .../server/cxf/rs/MPJWTSecurityContextTest.java | 24 +---
 1 file changed, 11 insertions(+), 13 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/ad9e2221/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
--
diff --git 
a/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
 
b/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
index c85e6fb..5c62851 100644
--- 
a/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
+++ 
b/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
@@ -16,19 +16,19 @@
  */
 package org.apache.openejb.server.cxf.rs;
 
+import org.apache.cxf.Bus;
+import org.apache.cxf.endpoint.Server;
 import org.apache.cxf.jaxrs.model.ApplicationInfo;
 import org.apache.openejb.jee.WebApp;
 import org.apache.openejb.junit.ApplicationComposer;
 import org.apache.openejb.loader.SystemInstance;
 import org.apache.openejb.observer.Observes;
-import org.apache.openejb.server.cxf.rs.event.ExtensionProviderRegistration;
 import org.apache.openejb.server.cxf.rs.event.ServerCreated;
 import org.apache.openejb.server.rest.InternalApplication;
 import org.apache.openejb.spi.SecurityService;
 import org.apache.openejb.testing.Classes;
 import org.apache.openejb.testing.Configuration;
 import org.apache.openejb.testing.EnableServices;
-import org.apache.openejb.testing.JaxrsProviders;
 import org.apache.openejb.testing.Module;
 import org.apache.openejb.testng.PropertiesBuilder;
 import org.apache.openejb.util.NetworkUtil;
@@ -75,10 +75,10 @@ public class MPJWTSecurityContextTest {
 }
 
 @Module
-@Classes({ Res.class, RestApplication.class})
+@Classes({Res.class, RestApplication.class})
 public WebApp war() {
 return new WebApp()
-.contextRoot("foo");
+.contextRoot("foo");
 }
 
 @Test
@@ -122,35 +122,33 @@ public class MPJWTSecurityContextTest {
 
 public void obs(@Observes final ServerCreated event) {
 System.out.println("Observer.obs");
-final ApplicationInfo appInfo = (ApplicationInfo) 
event.getServer().getEndpoint().get("javax.ws.rs.core.Application");
+final Server server = event.getServer();
+final Bus bus = (Bus) 
server.getEndpoint().get("org.apache.cxf.Bus");
+final ApplicationInfo appInfo = (ApplicationInfo) 
server.getEndpoint().get("javax.ws.rs.core.Application");
 final Application application = 
InternalApplication.class.isInstance(appInfo.getProvider())
-? 
InternalApplication.class.cast(appInfo.getProvider()).getOriginal()
-: appInfo.getProvider();
+? 
InternalApplication.class.cast(appInfo.getProvider()).getOriginal()
+: appInfo.getProvider();
 
 final LoginConfig annotation = 
application.getClass().getAnnotation(LoginConfig.class);
 if (annotation != null && 
"MP-JWT".equals(annotation.authMethod())) {
 // add the ContainerRequestFilter on the fly
-if 
(InternalApplication.class.isInstance(appInfo.getProvider())) {
-
InternalApplication.class.cast(appInfo.getProvider()).getClasses().add(MySecuCtx.class);
-}
 }
 }
 }
 
 // this should also be packaged into the same module and delegate to the 
security service
 @Provider
-public static class MySecuCtx implements ContainerRequestFilter {
+public static class MPJWTSecurityContext implements ContainerRequestFilter 
{
 
 private final SecurityService securityService;
 
-public MySecuCtx() {
+public MPJWTSecurityContext() {
 securityService = 
SystemInstance.get().getComponent(SecurityService.class);
 Objects.requireNonNull(securityService, "A security context needs 
to be properly configured to enforce security in REST services");
 }
 
 @Override
 public void filter(final ContainerRequestContext

[25/38] tomee git commit: Handling most of the injections. Missing Provider and Instance for now and then a couple of failures with @RolesAllowed and JACC

2018-04-16 Thread jlmonteiro 
Handling most of the injections. Missing Provider and Instance for now and then 
a couple of failures with @RolesAllowed and JACC


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/b05e5643
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/b05e5643
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/b05e5643

Branch: refs/heads/master
Commit: b05e5643dd976ecbc7509ac634f4a35f7f9b95f0
Parents: 92846ae
Author: Jean-Louis Monteiro 
Authored: Fri Mar 2 15:04:59 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Fri Mar 2 15:04:59 2018 +0100

--
 .../tomee/microprofile/jwt/MPJWTFilter.java |   6 +-
 .../tomee/microprofile/jwt/cdi/ClaimBean.java   | 159 +--
 tck/mp-jwt-embedded/src/test/resources/dev.xml  |  10 +-
 3 files changed, 152 insertions(+), 23 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/b05e5643/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java
--
diff --git 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java
 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java
index ebed96d..36e53cf 100644
--- 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java
+++ 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java
@@ -84,9 +84,9 @@ public class MPJWTFilter implements Filter {
 jsonWebToken = validate(token);
 
 } catch (final ParseException e) {
-// todo properly handle the exception as required per spec
-e.printStackTrace();
-throw new RuntimeException(e);
+// todo is this enough?
+
HttpServletResponse.class.cast(response).sendError(HttpServletResponse.SC_UNAUTHORIZED);
+return;
 }
 
 // associate with the producer. Should not be needed.

http://git-wip-us.apache.org/repos/asf/tomee/blob/b05e5643/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
--
diff --git 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
index 10abedf..0e87404 100644
--- 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
+++ 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
@@ -23,18 +23,28 @@ import org.eclipse.microprofile.jwt.JsonWebToken;
 
 import javax.enterprise.context.Dependent;
 import javax.enterprise.context.spi.CreationalContext;
+import javax.enterprise.inject.Instance;
 import javax.enterprise.inject.spi.Annotated;
 import javax.enterprise.inject.spi.Bean;
 import javax.enterprise.inject.spi.BeanManager;
 import javax.enterprise.inject.spi.InjectionPoint;
 import javax.enterprise.inject.spi.PassivationCapable;
+import javax.enterprise.util.AnnotationLiteral;
+import javax.inject.Inject;
 import javax.inject.Provider;
+import javax.json.Json;
+import javax.json.JsonArrayBuilder;
+import javax.json.JsonObject;
+import javax.json.JsonValue;
+import javax.json.bind.Jsonb;
 import java.lang.annotation.Annotation;
 import java.lang.reflect.ParameterizedType;
 import java.lang.reflect.Type;
+import java.util.Collection;
 import java.util.Collections;
 import java.util.HashSet;
 import java.util.List;
+import java.util.Map;
 import java.util.Optional;
 import java.util.Set;
 import java.util.logging.Logger;
@@ -45,6 +55,13 @@ public class ClaimBean implements Bean, 
PassivationCapable {
 
 private final static Set QUALIFIERS = new HashSet<>();
 
+static {
+QUALIFIERS.add(new ClaimLiteral());
+}
+
+@Inject
+private Jsonb jsonb;
+
 private final BeanManager bm;
 private final Class rawType;
 private final Set types;
@@ -140,7 +157,7 @@ public class ClaimBean implements Bean, 
PassivationCapable {
 final String key = getClaimKey(claim);
 
 System.out.println(String.format("Found Claim injection with name=%s 
and for InjectionPoint=%s", key, ip.toString()));
-logger.finest(String.format("Found Claim injection with name=%s and 
for InjectionPoint=%s", key, ip.toString()));
+logger.finest(String.format("Found Claim injection with name=%s and 
for %s", key, ip.toString()));
 
 if (annotated.getBaseType() instanceof ParameterizedType) {
 final ParameterizedType paramType = (ParameterizedType) 
annotated.getBaseType();
@@ -151,39 +168,65 @@ public class ClaimBean implements Bean, 
PassivationCapable {

[15/38] tomee git commit: See if we can run something

2018-04-16 Thread jlmonteiro 
See if we can run something


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/9c691901
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/9c691901
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/9c691901

Branch: refs/heads/master
Commit: 9c691901d10df7482ce60529443add1c8b9eda8f
Parents: 7639e0d
Author: Jean-Louis Monteiro 
Authored: Fri Feb 23 14:35:51 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Fri Feb 23 14:35:51 2018 +0100

--
 tck/mp-jwt-embedded/pom.xml |  5 +++
 .../src/test/resources/arquillian.xml   | 37 
 tck/mp-jwt-embedded/src/test/resources/dev.xml  |  5 ++-
 3 files changed, 46 insertions(+), 1 deletion(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/9c691901/tck/mp-jwt-embedded/pom.xml
--
diff --git a/tck/mp-jwt-embedded/pom.xml b/tck/mp-jwt-embedded/pom.xml
index fac5766..ddbccec 100644
--- a/tck/mp-jwt-embedded/pom.xml
+++ b/tck/mp-jwt-embedded/pom.xml
@@ -85,6 +85,11 @@
   arquillian-container-test-spi
   ${version.arquillian}
 
+
+  org.jboss.arquillian.testng
+  arquillian-testng-container
+  ${version.arquillian}
+
 
 
   org.bitbucket.b_c

http://git-wip-us.apache.org/repos/asf/tomee/blob/9c691901/tck/mp-jwt-embedded/src/test/resources/arquillian.xml
--
diff --git a/tck/mp-jwt-embedded/src/test/resources/arquillian.xml 
b/tck/mp-jwt-embedded/src/test/resources/arquillian.xml
new file mode 100644
index 000..caab73b
--- /dev/null
+++ b/tck/mp-jwt-embedded/src/test/resources/arquillian.xml
@@ -0,0 +1,37 @@
+
+
+http://www.w3.org/2001/XMLSchema-instance;
+xsi:schemaLocation="
+  http://jboss.org/schema/arquillian
+  http://jboss.org/schema/arquillian/arquillian_1_0.xsd;>
+
+  
+
+  -Xmx512m -XX:MaxPermSize=512m
+  -1
+  -1
+  -1
+  target/tomee-tck
+  target/tck-workdir
+  true
+  
+
+  
+

http://git-wip-us.apache.org/repos/asf/tomee/blob/9c691901/tck/mp-jwt-embedded/src/test/resources/dev.xml
--
diff --git a/tck/mp-jwt-embedded/src/test/resources/dev.xml 
b/tck/mp-jwt-embedded/src/test/resources/dev.xml
index c2b24b8..16038c9 100644
--- a/tck/mp-jwt-embedded/src/test/resources/dev.xml
+++ b/tck/mp-jwt-embedded/src/test/resources/dev.xml
@@ -42,6 +42,7 @@
 
 
   
+  
 
   
+

[22/38] tomee git commit: Different CDI approach

2018-04-16 Thread jlmonteiro 
Different CDI approach


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/d81bd39d
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/d81bd39d
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/d81bd39d

Branch: refs/heads/master
Commit: d81bd39d0df71608bc2ae9f334df344e04b5081f
Parents: 2b9950f
Author: Jean-Louis Monteiro 
Authored: Fri Mar 2 08:52:59 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Fri Mar 2 08:52:59 2018 +0100

--
 .../tomee/microprofile/jwt/cdi/ClaimBean.java   | 187 ++
 .../jwt/cdi/ClaimInjectionPoint.java|  69 
 .../jwt/cdi/ClaimProviderBeanAttributes.java|  66 
 .../jwt/cdi/ClaimValueProducer.java |  80 -
 .../microprofile/jwt/cdi/DefaultLiteral.java|  24 ++
 .../microprofile/jwt/cdi/JsonValueProducer.java | 109 --
 .../microprofile/jwt/cdi/JsonbProducer.java |   2 +-
 .../microprofile/jwt/cdi/MPJWTCDIExtension.java | 347 +++
 .../microprofile/jwt/cdi/MPJWTProducer.java |   4 +
 .../jwt/cdi/RawClaimTypeProducer.java   |  80 -
 tck/mp-jwt-embedded/src/test/resources/dev.xml  |  12 +-
 11 files changed, 329 insertions(+), 651 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/d81bd39d/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
--
diff --git 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
new file mode 100644
index 000..d04d807
--- /dev/null
+++ 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
@@ -0,0 +1,187 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.tomee.microprofile.jwt.cdi;
+
+import org.eclipse.microprofile.jwt.Claim;
+import org.eclipse.microprofile.jwt.Claims;
+
+import javax.enterprise.context.Dependent;
+import javax.enterprise.context.spi.CreationalContext;
+import javax.enterprise.inject.spi.Annotated;
+import javax.enterprise.inject.spi.Bean;
+import javax.enterprise.inject.spi.BeanManager;
+import javax.enterprise.inject.spi.InjectionPoint;
+import javax.enterprise.inject.spi.PassivationCapable;
+import javax.inject.Provider;
+import java.lang.annotation.Annotation;
+import java.lang.reflect.ParameterizedType;
+import java.lang.reflect.Type;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Optional;
+import java.util.Set;
+
+public class ClaimBean implements Bean, PassivationCapable {
+
+private final static Set QUALIFIERS = new HashSet<>();
+
+private final BeanManager bm;
+private final Class rawType;
+private final Set types;
+private final String id;
+
+public ClaimBean(final BeanManager bm, final Type type) {
+this.bm = bm;
+types = new HashSet<>();
+types.add(type);
+rawType = getRawType(type);
+this.id = "ClaimBean_" + types;
+}
+
+private Class getRawType(Type type) {
+if (type instanceof Class) {
+return (Class) type;
+
+} else if (type instanceof ParameterizedType) {
+final ParameterizedType paramType = (ParameterizedType) type;
+
+return (Class) paramType.getRawType();
+}
+
+// todo deal with Optional here?
+
+throw new UnsupportedOperationException("Unsupported type " + type);
+}
+
+
+@Override
+public Set getInjectionPoints() {
+return Collections.emptySet();
+}
+
+@Override
+public Class getBeanClass() {
+return rawType;
+}
+
+@Override
+public boolean isNullable() {
+return false;
+}
+
+@Override
+public void destroy(T instance, CreationalContext context) {
+
+}
+
+@Override
+public Set getTypes() {
+

[37/38] tomee git commit: Merge remote-tracking branch 'github/master' into jlmonteiro-mp-jwt-playground

2018-04-16 Thread jlmonteiro 
Merge remote-tracking branch 'github/master' into jlmonteiro-mp-jwt-playground


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/d7b1ec64
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/d7b1ec64
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/d7b1ec64

Branch: refs/heads/master
Commit: d7b1ec640dde173d07b6f22cf8b4c5ddf2a26a68
Parents: 04675f5 3332c7e
Author: Jean-Louis Monteiro 
Authored: Wed Mar 7 11:45:37 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Wed Mar 7 11:45:37 2018 +0100

--
 ...edExecutorServiceGetPrincipalInTaskTest.java |  11 +-
 .../src/test/resources/managed/web.xml  |  49 ++
 .../arquillian/tests/jms/EnvEntryTest.java  |   2 +
 .../securityejb/SecurityEJBPropagationTest.java |   4 +-
 .../src/test/resources/test/context.xml |  20 +++
 .../org/apache/openejb/config/AutoConfig.java   | 113 -
 .../openejb/core/mdb/MdbInstanceManager.java|  44 +++--
 .../openejb/core/mdb/MdbPoolContainer.java  |   8 +-
 .../mdb/TxTimeoutPoolEndpointHandlerTest.java   | 167 +++
 .../superbiz/counter/CounterCallbacksTest.java  |   2 +-
 pom.xml |   9 +-
 .../tomee/catalina/TomcatWebAppBuilder.java |  10 +-
 .../tomee/embedded/ConnectorConfigTest.java |   4 +-
 .../src/test/resources/test/context.xml |   2 +-
 .../src/test/resources/test/login.config|   4 +-
 15 files changed, 407 insertions(+), 42 deletions(-)
--

[05/38] tomee git commit: chech the auth method

2018-04-16 Thread jlmonteiro 
chech the auth method


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/a2468e4d
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/a2468e4d
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/a2468e4d

Branch: refs/heads/master
Commit: a2468e4dd19cb203124e7f0635772e56c3cbde7a
Parents: 9114b2a
Author: Jean-Louis Monteiro 
Authored: Wed Feb 21 16:31:53 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Wed Feb 21 16:31:53 2018 +0100

--
 .../org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/a2468e4d/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
--
diff --git 
a/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
 
b/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
index ed13615..b7bceb5 100644
--- 
a/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
+++ 
b/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
@@ -135,7 +135,7 @@ public class MPJWTSecurityContextTest {
 final ApplicationInfo appInfo = (ApplicationInfo) 
registration.getServer().getEndpoint().get("javax.ws.rs.core.Application");
 final Application application = appInfo.getProvider();
 final LoginConfig annotation = 
application.getClass().getAnnotation(LoginConfig.class);
-if (annotation != null) {
+if (annotation != null && 
"MP-JWT".equals(annotation.authMethod())) {
 // add the ContainerRequestFilter on the fly
 registration.getProviders().add(new MySecuCtx());
 }

[01/38] tomee git commit: Testing code

2018-04-16 Thread jlmonteiro 
Repository: tomee
Updated Branches:
  refs/heads/master 3e487f0f9 -> 09ca434d9


Testing code


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/e55b4dcf
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/e55b4dcf
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/e55b4dcf

Branch: refs/heads/master
Commit: e55b4dcf3f6d1e657ff88749afa351d906a4376c
Parents: 715e7f2
Author: Jean-Louis Monteiro 
Authored: Tue Feb 20 09:29:35 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Tue Feb 20 09:29:35 2018 +0100

--
 container/openejb-core/pom.xml  |  19 
 .../apache/openejb/core/security/JWTUtil.java   | 100 +++
 2 files changed, 119 insertions(+)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/e55b4dcf/container/openejb-core/pom.xml
--
diff --git a/container/openejb-core/pom.xml b/container/openejb-core/pom.xml
index be1e710..c7f 100644
--- a/container/openejb-core/pom.xml
+++ b/container/openejb-core/pom.xml
@@ -712,6 +712,25 @@
   provided
 
 
+
+  org.eclipse.microprofile.config
+  microprofile-config-api
+  1.2
+  compile
+
+
+  org.eclipse.microprofile.jwt
+  microprofile-jwt-auth-api
+  1.1-SNAPSHOT
+  compile
+
+
+  com.nimbusds
+  nimbus-jose-jwt
+  5.1
+  compile
+
+
   
 
   

http://git-wip-us.apache.org/repos/asf/tomee/blob/e55b4dcf/container/openejb-core/src/test/java/org/apache/openejb/core/security/JWTUtil.java
--
diff --git 
a/container/openejb-core/src/test/java/org/apache/openejb/core/security/JWTUtil.java
 
b/container/openejb-core/src/test/java/org/apache/openejb/core/security/JWTUtil.java
new file mode 100644
index 000..4ae438f
--- /dev/null
+++ 
b/container/openejb-core/src/test/java/org/apache/openejb/core/security/JWTUtil.java
@@ -0,0 +1,100 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * 
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.openejb.core.security;
+
+import com.nimbusds.jose.JOSEException;
+import com.nimbusds.jose.JWSAlgorithm;
+import com.nimbusds.jose.JWSHeader;
+import com.nimbusds.jose.JWSSigner;
+import com.nimbusds.jose.crypto.MACSigner;
+import com.nimbusds.jose.crypto.RSASSASigner;
+import com.nimbusds.jwt.JWTClaimsSet;
+import com.nimbusds.jwt.SignedJWT;
+
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
+import java.security.Key;
+import java.security.interfaces.RSAPrivateKey;
+import java.time.LocalDate;
+import java.util.Date;
+import java.util.UUID;
+
+import static java.time.ZoneId.systemDefault;
+
+public class JWTUtil {
+
+protected static final String MYSHAREDSECRET = 
"abcdefghijklmnopqrstuvwxyzabcdef"; // at least 256 bits
+
+private JWTUtil() {
+// prevent direct instantiation
+}
+
+public static String createValidJwtAccessToken(String... scopes) throws 
Exception {
+final SecretKey key = new SecretKeySpec(MYSHAREDSECRET.getBytes(), 
"hmac-sha256");
+
+// Prepare JWT with claims set
+final JWTClaimsSet.Builder claimsBuilder = createValidJwtClaimsSet();
+
+if (scopes != null && scopes.length > 0) {
+claimsBuilder.claim("scopes", scopes);
+}
+
+final JWTClaimsSet claimsSet = claimsBuilder.build();
+
+final JWSHeader header = new JWSHeader(JWSAlgorithm.HS256);
+
+return sign(claimsSet, header, key).serialize();
+}
+
+public static SignedJWT sign(final JWTClaimsSet jwtClaimsSet, final 
JWSHeader jwsHeader, final Key key) throws JOSEException {
+JWSSigner signer = null;
+if (RSAPrivateKey.class.isInstance(key)) {
+signer = new RSASSASigner(RSAPrivateKey.class.cast(key));
+
+} else if (SecretKey.class.isInstance(key)) {
+signer = new MACSigner(SecretKey.class.cast(key).getEncoded());
+
+} else {
+throw new

[04/38] tomee git commit: See if I can wire into the REST layer

2018-04-16 Thread jlmonteiro 
See if I can wire into the REST layer


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/9114b2af
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/9114b2af
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/9114b2af

Branch: refs/heads/master
Commit: 9114b2afc89c06664fcb9a80b1757af729bc7e54
Parents: 7c7236b
Author: Jean-Louis Monteiro 
Authored: Wed Feb 21 16:29:21 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Wed Feb 21 16:29:21 2018 +0100

--
 .../server/cxf/rs/CxfRsHttpListener.java|   2 +-
 .../rs/event/ExtensionProviderRegistration.java |   9 +-
 .../server/cxf/rs/MPJWTSecurityContextTest.java | 183 +++
 3 files changed, 192 insertions(+), 2 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/9114b2af/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/CxfRsHttpListener.java
--
diff --git 
a/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/CxfRsHttpListener.java
 
b/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/CxfRsHttpListener.java
index e10172f..305a1c1 100644
--- 
a/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/CxfRsHttpListener.java
+++ 
b/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/CxfRsHttpListener.java
@@ -1019,7 +1019,7 @@ public class CxfRsHttpListener implements RsHttpListener {
 }
 }
 
-SystemInstance.get().fireEvent(new ExtensionProviderRegistration(
+SystemInstance.get().fireEvent(new 
ExtensionProviderRegistration(server,
 
AppFinder.findAppContextOrWeb(Thread.currentThread().getContextClassLoader(), 
AppFinder.AppContextTransformer.INSTANCE), providers));
 
 if (!providers.isEmpty()) {

http://git-wip-us.apache.org/repos/asf/tomee/blob/9114b2af/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/event/ExtensionProviderRegistration.java
--
diff --git 
a/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/event/ExtensionProviderRegistration.java
 
b/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/event/ExtensionProviderRegistration.java
index cfae25c..7af089f 100644
--- 
a/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/event/ExtensionProviderRegistration.java
+++ 
b/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/event/ExtensionProviderRegistration.java
@@ -16,6 +16,7 @@
  */
 package org.apache.openejb.server.cxf.rs.event;
 
+import org.apache.cxf.endpoint.Server;
 import org.apache.openejb.AppContext;
 import org.apache.openejb.observer.Event;
 
@@ -25,10 +26,12 @@ import java.util.List;
 // this event can allow to add/remove/resort providers
 @Event
 public class ExtensionProviderRegistration {
+private final Server server;
 private final List providers;
 private final AppContext appContext;
 
-public ExtensionProviderRegistration(final AppContext ctx, final 
List existings) {
+public ExtensionProviderRegistration(final Server server, final AppContext 
ctx, final List existings) {
+this.server = server;
 this.appContext = ctx;
 this.providers = existings;
 }
@@ -41,6 +44,10 @@ public class ExtensionProviderRegistration {
 return providers;
 }
 
+public Server getServer() {
+return server;
+}
+
 @Override
 public String toString() {
 return "ExtensionProviderRegistration{}";

http://git-wip-us.apache.org/repos/asf/tomee/blob/9114b2af/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
--
diff --git 
a/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
 
b/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
new file mode 100644
index 000..ed13615
--- /dev/null
+++ 
b/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
@@ -0,0 +1,183 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *

[13/38] tomee git commit: Get some code from https://github.com/MicroProfileJWT/microprofile-jwt-auth-prototype

2018-04-16 Thread jlmonteiro 
Get some code from 
https://github.com/MicroProfileJWT/microprofile-jwt-auth-prototype


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/c5b38b37
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/c5b38b37
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/c5b38b37

Branch: refs/heads/master
Commit: c5b38b37142af58fe771d7a397b388cec847f734
Parents: d987d3a
Author: Jean-Louis Monteiro 
Authored: Thu Feb 22 22:19:49 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Thu Feb 22 22:19:49 2018 +0100

--
 tck/mp-jwt-embedded/pom.xml |  15 +
 .../jwt/DefaultJWTCallerPrincipal.java  | 305 ++-
 .../jwt/DefaultJWTCallerPrincipalFactory.java   |  86 ++
 .../microprofile/jwt/JWTAuthContextInfo.java|  66 
 .../microprofile/jwt/JWTCallerPrincipal.java|   9 +-
 .../jwt/JWTCallerPrincipalFactory.java  | 124 
 .../tomee/microprofile/jwt/MPJWTContext.java|   3 -
 .../tomee/microprofile/jwt/MPJWTFilter.java |  10 +-
 .../tomee/microprofile/jwt/ParseException.java  |  32 ++
 ...file.jwt.principal.JWTCallerPrincipalFactory |   1 +
 10 files changed, 632 insertions(+), 19 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/c5b38b37/tck/mp-jwt-embedded/pom.xml
--
diff --git a/tck/mp-jwt-embedded/pom.xml b/tck/mp-jwt-embedded/pom.xml
index 361fd50..fac5766 100644
--- a/tck/mp-jwt-embedded/pom.xml
+++ b/tck/mp-jwt-embedded/pom.xml
@@ -86,6 +86,21 @@
   ${version.arquillian}
 
 
+
+  org.bitbucket.b_c
+  jose4j
+  0.6.0
+
+
+  javax.json.bind
+  javax.json.bind-api
+  1.0
+
+
+  org.glassfish
+  javax.json
+  1.0.4
+
   
 
   

http://git-wip-us.apache.org/repos/asf/tomee/blob/c5b38b37/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/DefaultJWTCallerPrincipal.java
--
diff --git 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/DefaultJWTCallerPrincipal.java
 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/DefaultJWTCallerPrincipal.java
index d141a5f..2559b1e 100644
--- 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/DefaultJWTCallerPrincipal.java
+++ 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/DefaultJWTCallerPrincipal.java
@@ -16,36 +16,319 @@
  */
 package org.apache.tomee.microprofile.jwt;
 
+import org.eclipse.microprofile.jwt.Claims;
+import org.jose4j.jwt.JwtClaims;
+import org.jose4j.jwt.MalformedClaimException;
+
+import javax.json.Json;
+import javax.json.JsonArray;
+import javax.json.JsonArrayBuilder;
+import javax.json.JsonNumber;
+import javax.json.JsonObject;
+import javax.json.JsonObjectBuilder;
+import javax.json.JsonValue;
+import javax.security.auth.Subject;
+import java.util.Collection;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Map;
 import java.util.Set;
+import java.util.logging.Level;
+import java.util.logging.Logger;
 
 /**
- * A default implementation of JWTCallerPrincipal that wraps Nimbus library 
used by default here
- * We could create another implementation using plain JSON-P
- *
+ * A default implementation of JWTCallerPrincipal using jose4j
+ * Another implementation could use nimbus and another plain JSON-P
  */
 public class DefaultJWTCallerPrincipal extends JWTCallerPrincipal {
 
+private static Logger logger = 
Logger.getLogger(DefaultJWTCallerPrincipal.class.getName());
+private String jwt;
+private String type;
+private JwtClaims claimsSet;
+
 /**
- * Create a JWTCallerPrincipal with the caller's name
+ * Create the DefaultJWTCallerPrincipal from the parsed JWT token and the 
extracted principal name
  *
- * @param name - caller's name
+ * @param jwt  - the parsed JWT token representation
+ * @param name - the extracted unqiue name to use as the principal name; 
from "upn", "preferred_username" or "sub" claim
  */
-public DefaultJWTCallerPrincipal(final String name) {
+public DefaultJWTCallerPrincipal(String jwt, String type, JwtClaims 
claimsSet, String name) {
 super(name);
+this.jwt = jwt;
+this.type = type;
+this.claimsSet = claimsSet;
+fixJoseTypes();
+}
+
+@Override
+public Set getAudience() {
+Set audSet = new HashSet<>();
+try {
+List audList = claimsSet.getStringListClaimValue("aud");
+if (audList != null) {
+audSet.addAll(audList);
+}
+} catch (MalformedClaimException e) {
+try {
+String

[11/38] tomee git commit: Start adding a TCK module and implementing some stuff

2018-04-16 Thread jlmonteiro 
Start adding a TCK module and implementing some stuff


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/672b422e
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/672b422e
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/672b422e

Branch: refs/heads/master
Commit: 672b422ee8ad459d15fac5000d4a01013c01e2b3
Parents: 35e671d
Author: Jean-Louis Monteiro 
Authored: Thu Feb 22 16:58:13 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Thu Feb 22 16:58:13 2018 +0100

--
 .../server/cxf/rs/MPJWTSecurityContextTest.java |   7 +-
 tck/mp-jwt-embedded/pom.xml | 157 +++
 .../jwt/DefaultJWTCallerPrincipal.java  |  51 ++
 .../microprofile/jwt/JWTCallerPrincipal.java|  58 +++
 .../tomee/microprofile/jwt/MPJWTFilter.java |  76 +
 .../microprofile/jwt/MPJWTInitializer.java  |  59 +++
 .../tomee/microprofile/jwt/TCKTokenParser.java  |  33 
 .../javax.servlet.ServletContainerInitializer   |   1 +
 tck/mp-jwt-embedded/src/test/resources/dev.xml  |  80 ++
 tck/pom.xml |   1 +
 10 files changed, 520 insertions(+), 3 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/672b422e/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
--
diff --git 
a/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
 
b/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
index 5c62851..62565b4 100644
--- 
a/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
+++ 
b/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
@@ -75,7 +75,7 @@ public class MPJWTSecurityContextTest {
 }
 
 @Module
-@Classes({Res.class, RestApplication.class})
+@Classes(cdi = true, value = {Res.class, RestApplication.class})
 public WebApp war() {
 return new WebApp()
 .contextRoot("foo");
@@ -85,7 +85,7 @@ public class MPJWTSecurityContextTest {
 public void check() throws IOException {
 assertEquals("true", ClientBuilder.newClient()
 .target("http://127.0.0.1:; + port)
-.path("foo/sc")
+.path("api/foo/sc")
 .queryParam("role", "therole")
 .request()
 .accept(MediaType.TEXT_PLAIN_TYPE)
@@ -93,7 +93,7 @@ public class MPJWTSecurityContextTest {
 
 assertEquals("false", ClientBuilder.newClient()
 .target("http://127.0.0.1:; + port)
-.path("foo/sc")
+.path("api/foo/sc")
 .queryParam("role", "another")
 .request()
 .accept(MediaType.TEXT_PLAIN_TYPE)
@@ -132,6 +132,7 @@ public class MPJWTSecurityContextTest {
 final LoginConfig annotation = 
application.getClass().getAnnotation(LoginConfig.class);
 if (annotation != null && 
"MP-JWT".equals(annotation.authMethod())) {
 // add the ContainerRequestFilter on the fly
+// todo how to add this on the fly
 }
 }
 }

http://git-wip-us.apache.org/repos/asf/tomee/blob/672b422e/tck/mp-jwt-embedded/pom.xml
--
diff --git a/tck/mp-jwt-embedded/pom.xml b/tck/mp-jwt-embedded/pom.xml
new file mode 100644
index 000..361fd50
--- /dev/null
+++ b/tck/mp-jwt-embedded/pom.xml
@@ -0,0 +1,157 @@
+
+
+http://maven.apache.org/POM/4.0.0; 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance;
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 
http://maven.apache.org/maven-v4_0_0.xsd;>
+  
+tck
+org.apache.tomee
+7.0.5-SNAPSHOT
+  
+  4.0.0
+
+  mp-jwt-embedded
+  OpenEJB :: TCK :: MP-JWT Embedded
+
+  
+1.1-SNAPSHOT
+  
+
+  
+
+  ${project.groupId}
+  javaee-api
+
+
+  ${project.groupId}
+  openejb-core
+  ${project.version}
+  test
+
+
+  org.slf4j
+  slf4j-jdk14
+  ${slf4j.version}
+  test
+
+
+  org.testng
+  testng
+  test
+
+
+  ${project.groupId}
+  arquillian-tomee-embedded
+  ${project.version}
+  test
+
+
+
+
+  org.eclipse.microprofile.jwt
+  microprofile-jwt-auth-tck
+  ${tck.version}
+
+
+
+  org.eclipse.microprofile.jwt
+  microprofile-jwt-auth-tck
+  ${tck.version}
+  test-jar
+  test
+
+
+
+  org.jboss.arquillian.container
+

[07/38] tomee git commit: format

2018-04-16 Thread jlmonteiro 
format


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/7d93131a
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/7d93131a
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/7d93131a

Branch: refs/heads/master
Commit: 7d93131a542f20ff6f4f0848f151a9ae71898602
Parents: 7acf314
Author: Jean-Louis Monteiro 
Authored: Wed Feb 21 17:09:29 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Wed Feb 21 17:09:29 2018 +0100

--
 .../org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java  | 1 +
 1 file changed, 1 insertion(+)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/7d93131a/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
--
diff --git 
a/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
 
b/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
index 266aa66..28cc45d 100644
--- 
a/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
+++ 
b/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/MPJWTSecurityContextTest.java
@@ -126,6 +126,7 @@ public class MPJWTSecurityContextTest {
 final Application application = 
InternalApplication.class.isInstance(appInfo.getProvider())
 ? 
InternalApplication.class.cast(appInfo.getProvider()).getOriginal()
 : appInfo.getProvider();
+
 final LoginConfig annotation = 
application.getClass().getAnnotation(LoginConfig.class);
 if (annotation != null && 
"MP-JWT".equals(annotation.authMethod())) {
 // add the ContainerRequestFilter on the fly

[03/38] tomee git commit: Try to reset to default

2018-04-16 Thread jlmonteiro 
Try to reset to default


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/7c7236b8
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/7c7236b8
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/7c7236b8

Branch: refs/heads/master
Commit: 7c7236b84f5d07062721c520207b44abe3cc97d1
Parents: d56dc9e
Author: Jean-Louis Monteiro 
Authored: Tue Feb 20 09:34:27 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Tue Feb 20 09:34:27 2018 +0100

--
 .../java/org/apache/openejb/core/security/JwtSecurityTest.java| 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/7c7236b8/container/openejb-core/src/test/java/org/apache/openejb/core/security/JwtSecurityTest.java
--
diff --git 
a/container/openejb-core/src/test/java/org/apache/openejb/core/security/JwtSecurityTest.java
 
b/container/openejb-core/src/test/java/org/apache/openejb/core/security/JwtSecurityTest.java
index 8708074..ddd92f3 100644
--- 
a/container/openejb-core/src/test/java/org/apache/openejb/core/security/JwtSecurityTest.java
+++ 
b/container/openejb-core/src/test/java/org/apache/openejb/core/security/JwtSecurityTest.java
@@ -65,7 +65,8 @@ public class JWTSecurityTest {
 public static void afterClass() throws Exception {
 OpenEJB.destroy();
 System.clearProperty(Context.INITIAL_CONTEXT_FACTORY);
-Security.setProperty("login.configuration.provider", null);
+// unfortunate we can't reset the value, so setting to default (See 
Configuration)
+Security.setProperty("login.configuration.provider", 
"sun.security.provider.ConfigFile");
 }
 
 private Assembler configureAssembler(final String defaultUser) throws 
Exception {

[10/38] tomee git commit: Integ test for MPJWT on TomEE

2018-04-16 Thread jlmonteiro 
Integ test for MPJWT on TomEE


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/35e671d3
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/35e671d3
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/35e671d3

Branch: refs/heads/master
Commit: 35e671d395496a89316659e671d15609c534ef86
Parents: ad9e222
Author: Jean-Louis Monteiro 
Authored: Thu Feb 22 11:28:44 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Thu Feb 22 11:28:44 2018 +0100

--
 .../tests/jaxrs/mpjwt/HelloResource.java| 49 +
 .../tests/jaxrs/mpjwt/MPJWTApplication.java | 28 +++
 .../arquillian/tests/jaxrs/mpjwt/MPJWTTest.java | 77 
 3 files changed, 154 insertions(+)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/35e671d3/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/java/org/apache/openejb/arquillian/tests/jaxrs/mpjwt/HelloResource.java
--
diff --git 
a/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/java/org/apache/openejb/arquillian/tests/jaxrs/mpjwt/HelloResource.java
 
b/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/java/org/apache/openejb/arquillian/tests/jaxrs/mpjwt/HelloResource.java
new file mode 100644
index 000..bc030f1
--- /dev/null
+++ 
b/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/java/org/apache/openejb/arquillian/tests/jaxrs/mpjwt/HelloResource.java
@@ -0,0 +1,49 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package org.apache.openejb.arquillian.tests.jaxrs.mpjwt;
+
+import org.eclipse.microprofile.jwt.Claim;
+import org.eclipse.microprofile.jwt.ClaimValue;
+
+import javax.annotation.security.RolesAllowed;
+import javax.ejb.Lock;
+import javax.ejb.LockType;
+import javax.ejb.Stateless;
+import javax.inject.Inject;
+import javax.ws.rs.GET;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.Context;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.SecurityContext;
+
+@Path("/hello")
+@Stateless
+@Lock(LockType.READ)
+public class HelloResource {
+
+@Inject
+@Claim("jti")
+private ClaimValue jti;
+
+@GET
+@Produces(MediaType.TEXT_PLAIN)
+@RolesAllowed("helloRole")
+public String sayHello(@Context SecurityContext context) {
+return "hello " + context.getUserPrincipal().getName();
+}
+}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/tomee/blob/35e671d3/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/java/org/apache/openejb/arquillian/tests/jaxrs/mpjwt/MPJWTApplication.java
--
diff --git 
a/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/java/org/apache/openejb/arquillian/tests/jaxrs/mpjwt/MPJWTApplication.java
 
b/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/java/org/apache/openejb/arquillian/tests/jaxrs/mpjwt/MPJWTApplication.java
new file mode 100644
index 000..18bdee6
--- /dev/null
+++ 
b/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/java/org/apache/openejb/arquillian/tests/jaxrs/mpjwt/MPJWTApplication.java
@@ -0,0 +1,28 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express

[32/38] tomee git commit: Incorporate feedback

2018-04-16 Thread jlmonteiro 
Incorporate feedback


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/898c8219
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/898c8219
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/898c8219

Branch: refs/heads/master
Commit: 898c82191408443ed262bafb0dff8fa61ece1296
Parents: 9a428e1
Author: Jean-Louis Monteiro 
Authored: Wed Mar 7 08:57:27 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Wed Mar 7 08:57:27 2018 +0100

--
 .../microprofile/jwt/MPJWTInitializer.java  |   3 +-
 .../tomee/microprofile/jwt/cdi/ClaimBean.java   |  17 ++-
 .../microprofile/jwt/cdi/DefaultLiteral.java|   2 +-
 .../principal/DefaultJWTCallerPrincipal.java| 114 +++
 4 files changed, 79 insertions(+), 57 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/898c8219/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTInitializer.java
--
diff --git 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTInitializer.java
 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTInitializer.java
index bf64601..fb954a5 100644
--- 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTInitializer.java
+++ 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTInitializer.java
@@ -36,7 +36,7 @@ public class MPJWTInitializer implements 
ServletContainerInitializer {
 public void onStartup(final Set classes, final ServletContext 
ctx) throws ServletException {
 
 if (classes == null || classes.isEmpty()) {
-return; // to REST application having @LoginConfig on it
+return; // to classes having @LoginConfig on it
 }
 
 for (Class clazz : classes) {
@@ -48,6 +48,7 @@ public class MPJWTInitializer implements 
ServletContainerInitializer {
 
 if (!Application.class.isAssignableFrom(clazz)) {
 continue; // do we really want Application?
+// See 
https://github.com/eclipse/microprofile-jwt-auth/issues/70 to clarify this point
 }
 
 final FilterRegistration.Dynamic mpJwtFilter = 
ctx.addFilter("mp-jwt-filter", MPJWTFilter.class);

http://git-wip-us.apache.org/repos/asf/tomee/blob/898c8219/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
--
diff --git 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
index 513e271..5f7852f 100644
--- 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
+++ 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/cdi/ClaimBean.java
@@ -54,9 +54,9 @@ import java.util.logging.Logger;
 @Vetoed
 public class ClaimBean implements Bean, PassivationCapable {
 
-private static Logger logger = 
Logger.getLogger(MPJWTCDIExtension.class.getName());
+private static final Logger logger = 
Logger.getLogger(MPJWTCDIExtension.class.getName());
 
-private final static Set QUALIFIERS = new HashSet<>();
+private static final Set QUALIFIERS = new HashSet<>();
 
 static {
 QUALIFIERS.add(new ClaimLiteral());
@@ -65,9 +65,6 @@ public class ClaimBean implements Bean, 
PassivationCapable {
 @Inject
 private Jsonb jsonb;
 
-@Inject
-private JsonWebToken jsonWebToken;
-
 private final BeanManager bm;
 private final Class rawType;
 private final Set types;
@@ -112,8 +109,8 @@ public class ClaimBean implements Bean, 
PassivationCapable {
 }
 
 @Override
-public void destroy(T instance, CreationalContext context) {
-
+public void destroy(final T instance, final CreationalContext context) {
+logger.finest("Destroying CDI Bean for type " + 
types.iterator().next());
 }
 
 @Override
@@ -153,9 +150,10 @@ public class ClaimBean implements Bean, 
PassivationCapable {
 
 @Override
 public T create(final CreationalContext context) {
+logger.finest("Creating CDI Bean for type " + types.iterator().next());
 final InjectionPoint ip = (InjectionPoint) 
bm.getInjectableReference(new ClaimInjectionPoint(this), context);
 if (ip == null) {
-throw new IllegalStateException("Could not retrieve 
InjectionPoint");
+throw new IllegalStateException("Could not retrieve InjectionPoint 
for type " + types.iterator().next());
 }
 
 final Annotated annotated = ip.getAnnotated();
@@ -259,6 +257,7 @@ public class ClaimBean implements

[02/38] tomee git commit: small quick and dirty test

2018-04-16 Thread jlmonteiro 
small quick and dirty test


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/d56dc9e9
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/d56dc9e9
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/d56dc9e9

Branch: refs/heads/master
Commit: d56dc9e98bc0db270413bbd553b1f13ef3a60b7c
Parents: e55b4dc
Author: Jean-Louis Monteiro 
Authored: Tue Feb 20 09:30:07 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Tue Feb 20 09:30:07 2018 +0100

--
 .../openejb/core/security/JwtSecurityTest.java  | 363 +++
 1 file changed, 363 insertions(+)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/d56dc9e9/container/openejb-core/src/test/java/org/apache/openejb/core/security/JwtSecurityTest.java
--
diff --git 
a/container/openejb-core/src/test/java/org/apache/openejb/core/security/JwtSecurityTest.java
 
b/container/openejb-core/src/test/java/org/apache/openejb/core/security/JwtSecurityTest.java
new file mode 100644
index 000..8708074
--- /dev/null
+++ 
b/container/openejb-core/src/test/java/org/apache/openejb/core/security/JwtSecurityTest.java
@@ -0,0 +1,363 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package org.apache.openejb.core.security;
+
+import org.apache.openejb.OpenEJB;
+import org.apache.openejb.assembler.classic.Assembler;
+import org.apache.openejb.assembler.classic.EjbJarInfo;
+import org.apache.openejb.assembler.classic.ProxyFactoryInfo;
+import org.apache.openejb.assembler.classic.SecurityServiceInfo;
+import org.apache.openejb.assembler.classic.StatelessSessionContainerInfo;
+import org.apache.openejb.assembler.classic.TransactionServiceInfo;
+import org.apache.openejb.config.ConfigurationFactory;
+import org.apache.openejb.core.LocalInitialContextFactory;
+import org.apache.openejb.core.security.jaas.GroupPrincipal;
+import org.apache.openejb.core.security.jaas.UserPrincipal;
+import org.apache.openejb.jee.EjbJar;
+import org.apache.openejb.jee.StatelessBean;
+import org.junit.AfterClass;
+import org.junit.Test;
+
+import javax.annotation.Resource;
+import javax.annotation.security.DeclareRoles;
+import javax.annotation.security.DenyAll;
+import javax.annotation.security.PermitAll;
+import javax.annotation.security.RolesAllowed;
+import javax.annotation.security.RunAs;
+import javax.ejb.SessionContext;
+import javax.ejb.Singleton;
+import javax.naming.Context;
+import javax.naming.InitialContext;
+import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.login.AppConfigurationEntry;
+import javax.security.auth.login.Configuration;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.spi.LoginModule;
+import java.security.Security;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Properties;
+import java.util.Set;
+
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
+import static org.testng.AssertJUnit.assertFalse;
+
+public class JWTSecurityTest {
+
+@AfterClass
+public static void afterClass() throws Exception {
+OpenEJB.destroy();
+System.clearProperty(Context.INITIAL_CONTEXT_FACTORY);
+Security.setProperty("login.configuration.provider", null);
+}
+
+private Assembler configureAssembler(final String defaultUser) throws 
Exception {
+System.setProperty(Context.INITIAL_CONTEXT_FACTORY, 
LocalInitialContextFactory.class.getName());
+Security.setProperty("login.configuration.provider", 
JaasConfig.class.getName());
+
+final ConfigurationFactory config = new ConfigurationFactory();
+final Assembler assembler = new Assembler();
+
+
assembler.createProxyFactory(config.configureService(ProxyFactoryInfo.class));
+
assembler.createTransactionManager(config.configureService(TransactionServiceInfo.class));
+
+final SecurityServiceInfo

[14/38] tomee git commit: Token impl for TCK tests

2018-04-16 Thread jlmonteiro 
Token impl for TCK tests


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/7639e0d2
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/7639e0d2
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/7639e0d2

Branch: refs/heads/master
Commit: 7639e0d2cbfdfe91305d7d1a24513da840e0e7ab
Parents: c5b38b3
Author: Jean-Louis Monteiro 
Authored: Thu Feb 22 22:48:14 2018 +0100
Committer: Jean-Louis Monteiro 
Committed: Thu Feb 22 22:48:14 2018 +0100

--
 .../apache/tomee/microprofile/jwt/TCKTokenParser.java   | 12 
 1 file changed, 8 insertions(+), 4 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/7639e0d2/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/TCKTokenParser.java
--
diff --git 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/TCKTokenParser.java
 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/TCKTokenParser.java
index b07ba24..ba57491 100644
--- 
a/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/TCKTokenParser.java
+++ 
b/tck/mp-jwt-embedded/src/main/java/org/apache/tomee/microprofile/jwt/TCKTokenParser.java
@@ -20,14 +20,18 @@ import org.eclipse.microprofile.jwt.JsonWebToken;
 import org.eclipse.microprofile.jwt.tck.util.ITokenParser;
 
 import java.security.PublicKey;
+import java.security.interfaces.RSAPublicKey;
 
-// this is only used by the TCK
+/**
+ * MP-JWT TCK harness class to parse a token string
+ */
 public class TCKTokenParser implements ITokenParser {
 
-
 @Override
-public JsonWebToken parse(final String bearerToken, final String issuer, 
final PublicKey publicKey) throws Exception {
-return null; // todo - do some work
+public JsonWebToken parse(String bearerToken, String issuer, PublicKey 
publicKey) throws Exception {
+JWTAuthContextInfo authContextInfo = new 
JWTAuthContextInfo((RSAPublicKey) publicKey, issuer);
+JWTCallerPrincipalFactory factory = 
DefaultJWTCallerPrincipalFactory.instance();
+return factory.parse(bearerToken, authContextInfo);
 }
 
 }

[38/38] tomee git commit: Merge remote-tracking branch 'github/master' into jlmonteiro-mp-jwt-playground

2018-04-16 Thread jlmonteiro 
Merge remote-tracking branch 'github/master' into jlmonteiro-mp-jwt-playground


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/09ca434d
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/09ca434d
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/09ca434d

Branch: refs/heads/master
Commit: 09ca434d9d80de8a36e9973682e071e19934552f
Parents: d7b1ec6 3e487f0
Author: Jean-Louis Monteiro 
Authored: Tue Apr 17 00:16:25 2018 +0200
Committer: Jean-Louis Monteiro 
Committed: Tue Apr 17 00:16:25 2018 +0200

--
 arquillian/arquillian-tomee-common/pom.xml  |  2 +-
 .../arquillian-tomee-webapp-remote/pom.xml  |  2 +-
 container/openejb-core/pom.xml  |  4 ++--
 .../config/PersistenceContextAnnFactory.java| 14 ++---
 .../apache/openejb/core/TempClassLoader.java|  6 +++---
 .../openejb/core/cmp/cmp2/Cmp1Generator.java| 10 -
 .../openejb/core/cmp/cmp2/Cmp2Generator.java| 12 +--
 .../apache/openejb/core/cmp/cmp2/CmpField.java  |  2 +-
 .../apache/openejb/core/cmp/cmp2/CmrField.java  |  2 +-
 .../apache/openejb/core/cmp/cmp2/CmrStyle.java  |  2 +-
 .../core/cmp/cmp2/PostCreateGenerator.java  |  8 +++
 .../apache/openejb/dyni/DynamicSubclass.java| 20 +-
 .../apache/openejb/util/AnnotationFinder.java   | 16 +++---
 .../util/proxy/LocalBeanProxyFactory.java   | 10 -
 .../openejb/DependenceValidationTest.java   |  4 ++--
 .../org/apache/openejb/DependencyVisitor.java   | 22 ++--
 .../openejb/config/ServiceClasspathTest.java| 16 +++---
 .../config/rules/KeysAnnotationVisitor.java |  8 +++
 .../config/rules/ValidationKeysAuditorTest.java |  4 ++--
 .../apache/openejb/core/cmp/jpa/JpaTest.java| 14 ++---
 container/openejb-jpa-integration/pom.xml   |  2 +-
 .../openejb/jpa/integration/MakeTxLookup.java   | 10 -
 maven/maven-util/pom.xml|  5 +
 pom.xml | 12 +--
 server/openejb-bonecp/pom.xml   |  5 +
 server/openejb-common-cli/pom.xml   |  6 +-
 server/openejb-hessian/pom.xml  |  5 +
 server/openejb-hsql/pom.xml |  5 +
 server/openejb-rest/pom.xml |  5 +
 server/openejb-server/pom.xml   |  2 +-
 server/openejb-ssh/pom.xml  |  5 +
 server/openejb-webservices/pom.xml  | 10 +
 tck/bval-embedded/pom.xml   |  5 +
 tomee/apache-tomee/pom.xml  |  2 +-
 tomee/tomee-jaxrs/pom.xml   |  5 +
 tomee/tomee-loader/pom.xml  |  5 +
 tomee/tomee-webapp/pom.xml  |  5 +
 utils/openejb-mockito/pom.xml   |  5 +
 .../openejb/mockito/MockitoExtension.java   |  2 +-
 utils/openejb-provisionning/pom.xml |  5 +
 40 files changed, 179 insertions(+), 105 deletions(-)
--

tomee git commit: Revert "TOMEE-2183"

2018-04-16 Thread jgallimore 
Repository: tomee
Updated Branches:
  refs/heads/master 61a688d9a -> 3e487f0f9


Revert "TOMEE-2183"

This reverts commit 61a688d9a6d43b267a5e0602fa8ae02cd20d2fb0.


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/3e487f0f
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/3e487f0f
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/3e487f0f

Branch: refs/heads/master
Commit: 3e487f0f9ab3189c41e5c3767cd7465d63d3ae15
Parents: 61a688d
Author: Jonathan Gallimore 
Authored: Mon Apr 16 15:03:39 2018 +0100
Committer: Jonathan Gallimore 
Committed: Mon Apr 16 15:03:39 2018 +0100

--
 .../org/apache/openejb/util/classloader/URLClassLoaderFirst.java  | 3 +++
 1 file changed, 3 insertions(+)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/3e487f0f/container/openejb-core/src/main/java/org/apache/openejb/util/classloader/URLClassLoaderFirst.java
--
diff --git 
a/container/openejb-core/src/main/java/org/apache/openejb/util/classloader/URLClassLoaderFirst.java
 
b/container/openejb-core/src/main/java/org/apache/openejb/util/classloader/URLClassLoaderFirst.java
index f124a1b..7280e1b 100644
--- 
a/container/openejb-core/src/main/java/org/apache/openejb/util/classloader/URLClassLoaderFirst.java
+++ 
b/container/openejb-core/src/main/java/org/apache/openejb/util/classloader/URLClassLoaderFirst.java
@@ -302,6 +302,9 @@ public class URLClassLoaderFirst extends URLClassLoader {
 if (commons.startsWith("cli.")) {
 return true;
 }
+if (commons.startsWith("codec.")) {
+return true;
+}
 if (commons.startsWith("collections.")) {
 return true;
 }

[jira] [Commented] (TOMEE-2183) org.apache.commons.codec filtered by the classloader but not provided by TomEE WebProfile

2018-04-16 Thread Jonathan Gallimore (JIRA) 

[ 
https://issues.apache.org/jira/browse/TOMEE-2183?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16439480#comment-16439480
 ] 

Jonathan Gallimore commented on TOMEE-2183:
---

Ok - so we *do* include this in Plume and Plus. I'll revert and provide a 
different patch.

> org.apache.commons.codec filtered by the classloader but not provided by 
> TomEE WebProfile
> -
>
> Key: TOMEE-2183
> URL: https://issues.apache.org/jira/browse/TOMEE-2183
> Project: TomEE
>  Issue Type: Bug
>  Components: TomEE Core Server
>Affects Versions: 7.0.4
>Reporter: Violeta Georgieva
>Assignee: Jonathan Gallimore
>Priority: Major
>
> Hi,
>  
> I have an EAR file with "lib" folder that contains "commons-codec" and a WAR 
> file that uses the libraries located in the "lib" folder. I do not have 
> issues with the other libraries in that folder but with "commons-codec" I 
> receive the exception below.
>  
> I'm using TomEE 7.0.4 WebProfile and in that distribution there is no 
> "commons-codec" provided by TomEE itself because of this I'm providing it 
> with the EAR file.
>  
> While debugging I saw that "org.apache.commons.codec" is intentionally 
> filtered by the classloader
>  
> [https://github.com/apache/tomee/blob/master/container/openejb-core/src/main/java/org/apache/openejb/util/classloader/URLClassLoaderFirst.java#L305]
>  
> How it is supposed to provide this library so that my application can use it?
>  
> Thanks,
> Violeta
>  
> {code}
> java.lang.ClassNotFoundException: org.apache.commons.codec.binary.Base64 
> org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1285)
>  
> org.apache.tomee.catalina.TomEEWebappClassLoader.loadClass(TomEEWebappClassLoader.java:208)
>  
> org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1119)
>  {code}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (TOMEE-2183) org.apache.commons.codec filtered by the classloader but not provided by TomEE WebProfile

2018-04-16 Thread Jonathan Gallimore (JIRA) 

[ 
https://issues.apache.org/jira/browse/TOMEE-2183?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16439478#comment-16439478
 ] 

Jonathan Gallimore commented on TOMEE-2183:
---

Romain pinged me offline about this. The lib folder in the final build is as 
follows:

 

Jonathans-MBP:lib jgallimore$ ls -la
total 82400
drwxr-xr-x 117 jgallimore staff 3744 16 Apr 14:48 .
drwxr-xr-x 13 jgallimore staff 416 16 Apr 14:58 ..
-rw-r--r-- 1 jgallimore staff 102309 16 Apr 14:48 bval-core-1.1.2.jar
-rw-r--r-- 1 jgallimore staff 397858 16 Apr 14:48 bval-jsr-1.1.2.jar
-rw-r--r-- 1 jgallimore staff 54183 3 Apr 21:04 catalina-ant.jar
-rw-r--r-- 1 jgallimore staff 118644 3 Apr 21:04 catalina-ha.jar
-rw-r--r-- 1 jgallimore staff 75852 3 Apr 21:04 catalina-storeconfig.jar
-rw-r--r-- 1 jgallimore staff 283585 3 Apr 21:04 catalina-tribes.jar
-rw-r--r-- 1 jgallimore staff 1628975 3 Apr 21:04 catalina.jar
-rw-r--r-- 1 jgallimore staff 246174 16 Apr 14:48 commons-beanutils-1.9.3.jar
-rw-r--r-- 1 jgallimore staff 41123 16 Apr 14:48 commons-cli-1.2.jar
-rw-r--r-- 1 jgallimore staff 588337 16 Apr 14:48 commons-collections-3.2.2.jar
-rw-r--r-- 1 jgallimore staff 173567 16 Apr 14:48 commons-dbcp2-2.1.jar
-rw-r--r-- 1 jgallimore staff 143602 16 Apr 14:48 commons-digester-1.8.jar
-rw-r--r-- 1 jgallimore staff 284220 16 Apr 14:48 commons-lang-2.6.jar
-rw-r--r-- 1 jgallimore staff 479881 16 Apr 14:48 commons-lang3-3.5.jar
-rw-r--r-- 1 jgallimore staff 61829 16 Apr 14:48 commons-logging-1.2.jar
-rw-r--r-- 1 jgallimore staff 109568 16 Apr 14:48 commons-pool2-2.3.jar
-rw-r--r-- 1 jgallimore staff 1387295 16 Apr 14:48 cxf-core-3.1.15.jar
-rw-r--r-- 1 jgallimore staff 647816 16 Apr 14:48 
cxf-rt-frontend-jaxrs-3.1.15.jar
-rw-r--r-- 1 jgallimore staff 75344 16 Apr 14:48 cxf-rt-management-3.1.15.jar
-rw-r--r-- 1 jgallimore staff 171769 16 Apr 14:48 cxf-rt-rs-client-3.1.15.jar
-rw-r--r-- 1 jgallimore staff 87696 16 Apr 14:48 
cxf-rt-rs-extension-providers-3.1.15.jar
-rw-r--r-- 1 jgallimore staff 138935 16 Apr 14:48 
cxf-rt-rs-extension-search-3.1.15.jar
-rw-r--r-- 1 jgallimore staff 20455 16 Apr 14:48 cxf-rt-rs-json-basic-3.1.15.jar
-rw-r--r-- 1 jgallimore staff 19115 16 Apr 14:48 
cxf-rt-rs-security-cors-3.1.15.jar
-rw-r--r-- 1 jgallimore staff 229874 16 Apr 14:48 
cxf-rt-rs-security-jose-3.1.15.jar
-rw-r--r-- 1 jgallimore staff 76462 16 Apr 14:48 
cxf-rt-rs-security-jose-jaxrs-3.1.15.jar
-rw-r--r-- 1 jgallimore staff 324892 16 Apr 14:48 
cxf-rt-rs-security-oauth2-3.1.15.jar
-rw-r--r-- 1 jgallimore staff 58583 16 Apr 14:48 
cxf-rt-rs-service-description-3.1.15.jar
-rw-r--r-- 1 jgallimore staff 32551 16 Apr 14:48 cxf-rt-security-3.1.15.jar
-rw-r--r-- 1 jgallimore staff 355838 16 Apr 14:48 
cxf-rt-transports-http-3.1.15.jar
-rw-r--r-- 1 jgallimore staff 2450404 3 Apr 21:04 ecj-4.6.3.jar
-rw-r--r-- 1 jgallimore staff 81613 3 Apr 21:04 el-api.jar
-rw-r--r-- 1 jgallimore staff 555318 16 Apr 14:48 
geronimo-javamail_1.4_mail-1.9.0-alpha-2.jar
-rw-r--r-- 1 jgallimore staff 75839 16 Apr 14:48 geronimo-transaction-3.1.4.jar
-rw-r--r-- 1 jgallimore staff 79981 16 Apr 14:48 howl-1.0.1-1.jar
-rw-r--r-- 1 jgallimore staff 1473091 16 Apr 14:48 hsqldb-2.3.2.jar
-rw-r--r-- 1 jgallimore staff 163392 3 Apr 21:04 jasper-el.jar
-rw-r--r-- 1 jgallimore staff 589478 3 Apr 21:04 jasper.jar
-rw-r--r-- 1 jgallimore staff 26912 3 Apr 21:04 jaspic-api.jar
-rw-r--r-- 1 jgallimore staff 930849 16 Apr 14:48 javaee-api-7.0-1.jar
-rw-r--r-- 1 jgallimore staff 125632 16 Apr 14:48 jaxb-api-2.3.0.jar
-rw-r--r-- 1 jgallimore staff 255502 16 Apr 14:48 jaxb-core-2.3.0.jar
-rw-r--r-- 1 jgallimore staff 963660 16 Apr 14:48 jaxb-impl-2.3.0.jar
-rw-r--r-- 1 jgallimore staff 90358 16 Apr 14:48 johnzon-core-1.0.0.jar
-rw-r--r-- 1 jgallimore staff 30528 16 Apr 14:48 johnzon-jaxrs-1.0.0.jar
-rw-r--r-- 1 jgallimore staff 134778 16 Apr 14:48 johnzon-mapper-1.0.0.jar
-rw-r--r-- 1 jgallimore staff 61652 3 Apr 21:04 jsp-api.jar
-rw-r--r-- 1 jgallimore staff 10083 16 Apr 14:48 
mbean-annotation-api-7.0.5-SNAPSHOT.jar
-rw-r--r-- 1 jgallimore staff 1294735 16 Apr 14:48 myfaces-api-2.2.12.jar
-rw-r--r-- 1 jgallimore staff 2606015 16 Apr 14:48 myfaces-impl-2.2.12.jar
-rw-r--r-- 1 jgallimore staff 16768 16 Apr 14:48 openejb-api-7.0.5-SNAPSHOT.jar
-rw-r--r-- 1 jgallimore staff 352697 16 Apr 14:48 
openejb-client-7.0.5-SNAPSHOT.jar
-rw-r--r-- 1 jgallimore staff 3247725 16 Apr 14:48 
openejb-core-7.0.5-SNAPSHOT.jar
-rw-r--r-- 1 jgallimore staff 96881 16 Apr 14:48 
openejb-cxf-rs-7.0.5-SNAPSHOT.jar
-rw-r--r-- 1 jgallimore staff 26858 16 Apr 14:48 
openejb-cxf-transport-7.0.5-SNAPSHOT.jar
-rw-r--r-- 1 jgallimore staff 77092 16 Apr 14:48 openejb-ejbd-7.0.5-SNAPSHOT.jar
-rw-r--r-- 1 jgallimore staff 17959 16 Apr 14:48 openejb-hsql-7.0.5-SNAPSHOT.jar
-rw-r--r-- 1 jgallimore staff 132097 16 Apr 14:48 
openejb-http-7.0.5-SNAPSHOT.jar
-rw-r--r-- 1 jgallimore staff 13880 16 Apr 14:48 openejb-javaagent.jar
-rw-r--r-- 1 jgallimore staff 1276210 16

tomee git commit: TOMEE-2183

2018-04-16 Thread jgallimore 
Repository: tomee
Updated Branches:
  refs/heads/master afbac7614 -> 61a688d9a


TOMEE-2183


Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/61a688d9
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/61a688d9
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/61a688d9

Branch: refs/heads/master
Commit: 61a688d9a6d43b267a5e0602fa8ae02cd20d2fb0
Parents: afbac76
Author: Jonathan Gallimore 
Authored: Mon Apr 16 12:13:47 2018 +0100
Committer: Jonathan Gallimore 
Committed: Mon Apr 16 12:13:47 2018 +0100

--
 .../org/apache/openejb/util/classloader/URLClassLoaderFirst.java  | 3 ---
 1 file changed, 3 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/tomee/blob/61a688d9/container/openejb-core/src/main/java/org/apache/openejb/util/classloader/URLClassLoaderFirst.java
--
diff --git 
a/container/openejb-core/src/main/java/org/apache/openejb/util/classloader/URLClassLoaderFirst.java
 
b/container/openejb-core/src/main/java/org/apache/openejb/util/classloader/URLClassLoaderFirst.java
index 7280e1b..f124a1b 100644
--- 
a/container/openejb-core/src/main/java/org/apache/openejb/util/classloader/URLClassLoaderFirst.java
+++ 
b/container/openejb-core/src/main/java/org/apache/openejb/util/classloader/URLClassLoaderFirst.java
@@ -302,9 +302,6 @@ public class URLClassLoaderFirst extends URLClassLoader {
 if (commons.startsWith("cli.")) {
 return true;
 }
-if (commons.startsWith("codec.")) {
-return true;
-}
 if (commons.startsWith("collections.")) {
 return true;
 }

[jira] [Commented] (TOMEE-2183) org.apache.commons.codec filtered by the classloader but not provided by TomEE WebProfile

2018-04-16 Thread Jonathan Gallimore (JIRA) 

[ 
https://issues.apache.org/jira/browse/TOMEE-2183?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16439296#comment-16439296
 ] 

Jonathan Gallimore commented on TOMEE-2183:
---

I think the issue is that we filter that library, but no longer ship it with 
TomEE, presumably because we don't use it internally. I'm checking and 
confirming.

> org.apache.commons.codec filtered by the classloader but not provided by 
> TomEE WebProfile
> -
>
> Key: TOMEE-2183
> URL: https://issues.apache.org/jira/browse/TOMEE-2183
> Project: TomEE
>  Issue Type: Bug
>  Components: TomEE Core Server
>Affects Versions: 7.0.4
>Reporter: Violeta Georgieva
>Assignee: Jonathan Gallimore
>Priority: Major
>
> Hi,
>  
> I have an EAR file with "lib" folder that contains "commons-codec" and a WAR 
> file that uses the libraries located in the "lib" folder. I do not have 
> issues with the other libraries in that folder but with "commons-codec" I 
> receive the exception below.
>  
> I'm using TomEE 7.0.4 WebProfile and in that distribution there is no 
> "commons-codec" provided by TomEE itself because of this I'm providing it 
> with the EAR file.
>  
> While debugging I saw that "org.apache.commons.codec" is intentionally 
> filtered by the classloader
>  
> [https://github.com/apache/tomee/blob/master/container/openejb-core/src/main/java/org/apache/openejb/util/classloader/URLClassLoaderFirst.java#L305]
>  
> How it is supposed to provide this library so that my application can use it?
>  
> Thanks,
> Violeta
>  
> {code}
> java.lang.ClassNotFoundException: org.apache.commons.codec.binary.Base64 
> org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1285)
>  
> org.apache.tomee.catalina.TomEEWebappClassLoader.loadClass(TomEEWebappClassLoader.java:208)
>  
> org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1119)
>  {code}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Assigned] (TOMEE-2183) org.apache.commons.codec filtered by the classloader but not provided by TomEE WebProfile

2018-04-16 Thread Jonathan Gallimore (JIRA) 

 [ 
https://issues.apache.org/jira/browse/TOMEE-2183?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jonathan Gallimore reassigned TOMEE-2183:
-

Assignee: Jonathan Gallimore

> org.apache.commons.codec filtered by the classloader but not provided by 
> TomEE WebProfile
> -
>
> Key: TOMEE-2183
> URL: https://issues.apache.org/jira/browse/TOMEE-2183
> Project: TomEE
>  Issue Type: Bug
>  Components: TomEE Core Server
>Affects Versions: 7.0.4
>Reporter: Violeta Georgieva
>Assignee: Jonathan Gallimore
>Priority: Major
>
> Hi,
>  
> I have an EAR file with "lib" folder that contains "commons-codec" and a WAR 
> file that uses the libraries located in the "lib" folder. I do not have 
> issues with the other libraries in that folder but with "commons-codec" I 
> receive the exception below.
>  
> I'm using TomEE 7.0.4 WebProfile and in that distribution there is no 
> "commons-codec" provided by TomEE itself because of this I'm providing it 
> with the EAR file.
>  
> While debugging I saw that "org.apache.commons.codec" is intentionally 
> filtered by the classloader
>  
> [https://github.com/apache/tomee/blob/master/container/openejb-core/src/main/java/org/apache/openejb/util/classloader/URLClassLoaderFirst.java#L305]
>  
> How it is supposed to provide this library so that my application can use it?
>  
> Thanks,
> Violeta
>  
> {code}
> java.lang.ClassNotFoundException: org.apache.commons.codec.binary.Base64 
> org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1285)
>  
> org.apache.tomee.catalina.TomEEWebappClassLoader.loadClass(TomEEWebappClassLoader.java:208)
>  
> org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1119)
>  {code}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (TOMEE-2183) org.apache.commons.codec filtered by the classloader but not provided by TomEE WebProfile

2018-04-16 Thread Romain Manni-Bucau (JIRA) 

[ 
https://issues.apache.org/jira/browse/TOMEE-2183?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16439289#comment-16439289
 ] 

Romain Manni-Bucau commented on TOMEE-2183:
---

Hi Violeta,

The filter should request the container lib to be used first and if not found 
fallback on the child loader.

You can use openejb.classloader.forced-load system prop to deactivate this 
behavior too.

> org.apache.commons.codec filtered by the classloader but not provided by 
> TomEE WebProfile
> -
>
> Key: TOMEE-2183
> URL: https://issues.apache.org/jira/browse/TOMEE-2183
> Project: TomEE
>  Issue Type: Bug
>  Components: TomEE Core Server
>Affects Versions: 7.0.4
>Reporter: Violeta Georgieva
>Priority: Major
>
> Hi,
>  
> I have an EAR file with "lib" folder that contains "commons-codec" and a WAR 
> file that uses the libraries located in the "lib" folder. I do not have 
> issues with the other libraries in that folder but with "commons-codec" I 
> receive the exception below.
>  
> I'm using TomEE 7.0.4 WebProfile and in that distribution there is no 
> "commons-codec" provided by TomEE itself because of this I'm providing it 
> with the EAR file.
>  
> While debugging I saw that "org.apache.commons.codec" is intentionally 
> filtered by the classloader
>  
> [https://github.com/apache/tomee/blob/master/container/openejb-core/src/main/java/org/apache/openejb/util/classloader/URLClassLoaderFirst.java#L305]
>  
> How it is supposed to provide this library so that my application can use it?
>  
> Thanks,
> Violeta
>  
> {code}
> java.lang.ClassNotFoundException: org.apache.commons.codec.binary.Base64 
> org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1285)
>  
> org.apache.tomee.catalina.TomEEWebappClassLoader.loadClass(TomEEWebappClassLoader.java:208)
>  
> org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1119)
>  {code}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Created] (TOMEE-2183) org.apache.commons.codec filtered by the classloader but not provided by TomEE WebProfile

2018-04-16 Thread Violeta Georgieva (JIRA) 
Violeta Georgieva created TOMEE-2183:


 Summary: org.apache.commons.codec filtered by the classloader but 
not provided by TomEE WebProfile
 Key: TOMEE-2183
 URL: https://issues.apache.org/jira/browse/TOMEE-2183
 Project: TomEE
  Issue Type: Bug
  Components: TomEE Core Server
Affects Versions: 7.0.4
Reporter: Violeta Georgieva


Hi,
 
I have an EAR file with "lib" folder that contains "commons-codec" and a WAR 
file that uses the libraries located in the "lib" folder. I do not have issues 
with the other libraries in that folder but with "commons-codec" I receive the 
exception below.
 
I'm using TomEE 7.0.4 WebProfile and in that distribution there is no 
"commons-codec" provided by TomEE itself because of this I'm providing it with 
the EAR file.
 
While debugging I saw that "org.apache.commons.codec" is intentionally filtered 
by the classloader
 
[https://github.com/apache/tomee/blob/master/container/openejb-core/src/main/java/org/apache/openejb/util/classloader/URLClassLoaderFirst.java#L305]
 
How it is supposed to provide this library so that my application can use it?
 
Thanks,
Violeta
 
{code}
java.lang.ClassNotFoundException: org.apache.commons.codec.binary.Base64 
org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1285)
 
org.apache.tomee.catalina.TomEEWebappClassLoader.loadClass(TomEEWebappClassLoader.java:208)
 
org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1119)
 \{code}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)