Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
fjtirado commented on PR #4021: URL: https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#issuecomment-3582052261 @ishanjogi89 I have merged since we were in a hurry, but you can incorporate Gonzalo's comments in a follow up PR -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] - To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
fjtirado merged PR #4021: URL: https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] - To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
gmunozfe commented on code in PR #4021:
URL:
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#discussion_r2565209307
##
quarkus/addons/jwt-parser/runtime/src/main/java/org/kie/kogito/addons/jwt/JwtParserWorkItemHandler.java:
##
@@ -0,0 +1,104 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.kie.kogito.addons.jwt;
+
+import java.util.Map;
+import java.util.Optional;
+
+import org.kie.kogito.internal.process.workitem.KogitoWorkItem;
+import org.kie.kogito.internal.process.workitem.KogitoWorkItemHandler;
+import org.kie.kogito.internal.process.workitem.KogitoWorkItemManager;
+import org.kie.kogito.internal.process.workitem.WorkItemTransition;
+import org.kie.kogito.jackson.utils.JsonObjectUtils;
+import org.kie.kogito.process.workitems.impl.DefaultKogitoWorkItemHandler;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.fasterxml.jackson.databind.JsonNode;
+
+/**
+ * WorkItem handler for JWT token parsing operations in SonataFlow
+ */
+public class JwtParserWorkItemHandler extends DefaultKogitoWorkItemHandler {
+
+public static final String NAME = "jwt-parser";
+public static final String TOKEN_PARAM = "token";
+public static final String CLAIM_PARAM = "claim";
+public static final String OPERATION_PARAM = "operation";
+
+// Operations
+public static final String PARSE_OPERATION = "parse";
+public static final String EXTRACT_USER_OPERATION = "extractUser";
+public static final String EXTRACT_CLAIM_OPERATION = "extractClaim";
+
+private static final Logger logger =
LoggerFactory.getLogger(JwtParserWorkItemHandler.class);
+
+private final JwtTokenParser jwtTokenParser;
+
+public JwtParserWorkItemHandler() {
+this.jwtTokenParser = new JwtTokenParser();
+}
+
+public JwtParserWorkItemHandler(JwtTokenParser jwtTokenParser) {
+this.jwtTokenParser = jwtTokenParser;
+}
+
+@Override
+public String getName() {
+return NAME;
+}
+
+@Override
+public Optional
activateWorkItemHandler(KogitoWorkItemManager manager, KogitoWorkItemHandler
handler, KogitoWorkItem workItem, WorkItemTransition transition) {
+try {
+Map parameters = workItem.getParameters();
+String token = (String) parameters.get(TOKEN_PARAM);
Review Comment:
If token is not present or blank, it's better to detect it at this point,
but it's a robustness check
##
quarkus/addons/jwt-parser/runtime/src/main/java/org/kie/kogito/addons/jwt/JwtTokenParser.java:
##
@@ -0,0 +1,118 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.kie.kogito.addons.jwt;
+
+import java.util.Base64;
+
+import org.kie.kogito.jackson.utils.ObjectMapperFactory;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.node.ObjectNode;
+
+/**
+ * JWT Token Parser utility for extracting claims from JWT tokens
+ * Used by SonataFlow workflows to parse JWT tokens and access claims
+ */
+public class JwtTokenParser {
+
+private static final String BEARER = "Bearer ";
+
+/**
+ * Parses a JWT token and returns the payload as a JsonNode
+ *
+ * @param token The JWT token string (can include "Bearer " prefix)
+ * @return JsonNode containing the JWT payload/claims
+ * @throws RuntimeException if token parsing fails
+ */
+public JsonNode parseToken(String token) {
+
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
gmunozfe commented on PR #4021: URL: https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#issuecomment-3581316370 @ishanjogi89 thanks, now it's working locally also for me, let's see the CI now -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] - To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
ishanjogi89 commented on PR #4021: URL: https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#issuecomment-3580857255 @gmunozfe Thanks for pointing it out.I have pushed the changes and the localtests are passing now. https://github.com/user-attachments/assets/a0f06860-0da0-4440-a7dc-1fc242b59261"; /> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] - To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
gmunozfe commented on PR #4021: URL: https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#issuecomment-3580699683 @ishanjogi89 testing locally is also failing: `2025-11-26 11:36:05,325 ERROR [org.jbp.wor.ins.nod.WorkItemNodeInstance] (executor-thread-1) The workitem de2b35e5-b7b5-488f-ab5e-bba79e3e6fb3 is being aborted but not workitem handlers was associated with jwt-parser 2025-11-26 11:36:05,328 ERROR [org.jbp.wor.ins.imp.NodeInstanceImpl] (executor-thread-1) Error executing node instance 'ac072c2e-d2fb-4465-883c-98706b874b5c' (node 'extractUser' id: '6') in process instance 'd527643e-e6da-4e69-86bf-da31995d5a46' (process: 'jwt_example') in a non transactional environment 2025-11-26 11:36:05,329 ERROR [org.jbp.wor.ins.imp.WorkflowProcessInstanceImpl] (executor-thread-1) Unexpected error while executing node extractUser in process instance d527643e-e6da-4e69-86bf-da31995d5a46: org.kie.kogito.internal.process.workitem.KogitoWorkItemHandlerNotFoundException: Could not find work item handler for jwt-parser at org.jbpm.process.instance.LightWorkItemManager.getWorkItemHandler(LightWorkItemManager.java:109) at org.jbpm.process.instance.LightWorkItemManager.internalExecuteWorkItem(LightWorkItemManager.java:93) at org.jbpm.workflow.instance.node.WorkItemNodeInstance.lambda$internalTrigger$0(WorkItemNodeInstance.java:162) at org.jbpm.workflow.instance.node.WorkItemNodeInstance.processWorkItemHandler(WorkItemNodeInstance.java:171) at org.jbpm.workflow.instance.node.WorkItemNodeInstance.internalTrigger(WorkItemNodeInstance.java:161) at org.jbpm.workflow.instance.impl.NodeInstanceImpl.lambda$trigger$0(NodeInstanceImpl.java:250) at org.jbpm.workflow.instance.impl.NodeInstanceImpl.captureExecutionException(NodeInstanceImpl.java:260) at org.jbpm.workflow.instance.impl.NodeInstanceImpl.trigger(NodeInstanceImpl.java:250) at org.jbpm.workflow.instance.impl.NodeInstanceImpl.lambda$triggerNodeInstance$1(NodeInstanceImpl.java:479) at org.jbpm.workflow.instance.impl.NodeInstanceImpl.captureExecutionException(NodeInstanceImpl.java:260) at org.jbpm.workflow.instance.impl.NodeInstanceImpl.triggerNodeInstance(NodeInstanceImpl.java:479) at org.jbpm.workflow.instance.impl.NodeInstanceImpl.triggerNodeInstance(NodeInstanceImpl.java:463) at org.jbpm.workflow.instance.impl.NodeInstanceImpl.triggerCompleted(NodeInstanceImpl.java:433) at org.jbpm.workflow.instance.node.StartNodeInstance.triggerCompleted(StartNodeInstance.java:76) ` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] - To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
ishanjogi89 commented on PR #4021: URL: https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#issuecomment-3580503420 @fjtirado @wmedvede @gabriel-farache The CI failures are all due to Keycloak container startup timeouts in the CI infrastructure (not related to the JWT parser changes): > - All 4 failing tests show: Timed out waiting for log output matching '.*Keycloak.*started.*' > - 3,667 tests passed successfully > - The JWT parser integration tests (JwtParserIT) are being affected by this infrastructure issue, but the local builds pass > > This appears to be a known flaky test issue with Testcontainers/Keycloak in the CI environment. Could we re-run the CI or evaluate the PR based on the code review? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] - To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
kie-ci3 commented on PR #4021:
URL:
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#issuecomment-3576526775
**PR job** `#13` was: **UNSTABLE**
Possible explanation: This should be test failures
Reproducer
build-chain build full_downstream -f
'https://raw.githubusercontent.com/${AUTHOR:apache}/incubator-kie-kogito-pipelines/${BRANCH:main}/.ci/buildchain-config-pr-cdb.yaml'
-o 'bc' -p apache/incubator-kie-kogito-runtimes -u
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021
--skipParallelCheckout
NOTE: To install the build-chain tool, please refer to
https://github.com/kiegroup/github-action-build-chain#local-execution
Please look here:
https://ci-builds.apache.org/job/KIE/job/kogito/job/main/job/pullrequest_jobs/job/kogito-runtimes-pr/job/PR-4021/13/display/redirect
**Test results:**
- PASSED: 3667
- FAILED: 4
Those are the test failures:
https://ci-builds.apache.org/job/KIE/job/kogito/job/main/job/pullrequest_jobs/job/kogito-runtimes-pr/job/PR-4021/13/testReport/org.kie.kogito.addons.jwt.it/JwtParserIT/testJwtParserWorkflowEndToEnd/";>org.kie.kogito.addons.jwt.it.JwtParserIT.testJwtParserWorkflowEndToEnd
java.lang.RuntimeException: io.quarkus.builder.BuildException: Build
failure: Build failed due to errors [error]: Build step
io.quarkus.devservices.keycloak.KeycloakDevServicesProcessor#startKeycloakContainer
threw an exception: java.lang.RuntimeException:
org.testcontainers.containers.ContainerLaunchException: Container startup
failed for image quay.io/keycloak/keycloak:26.1.3 at
io.quarkus.devservices.keycloak.KeycloakDevServicesProcessor.startKeycloakContainer(KeycloakDevServicesProcessor.java:250)
at
java.base/java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:732)
at
io.quarkus.deployment.ExtensionLoader$3.execute(ExtensionLoader.java:856)
at io.quarkus.builder.BuildContext.run(BuildContext.java:255) at
org.jboss.threads.ContextHandler$1.runWith(ContextHandler.java:18) at
org.jboss.threads.EnhancedQueueExecutor$Task.doRunWith(EnhancedQueueExecutor.java:2675)
at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQu
eueExecutor.java:2654) at
org.jboss.threads.EnhancedQueueExecutor.runThreadBody(EnhancedQueueExecutor.java:1627)
at
org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1594)
at java.base/java.lang.Thread.run(Thread.java:840) at
org.jboss.threads.JBossThread.run(JBossThread.java:499)Caused by:
org.testcontainers.containers.ContainerLaunchException: Container startup
failed for image quay.io/keycloak/keycloak:26.1.3 at
org.testcontainers.containers.GenericContainer.doStart(GenericContainer.java:346)
at
org.testcontainers.containers.GenericContainer.start(GenericContainer.java:317)
at
io.quarkus.devservices.keycloak.KeycloakDevServicesProcessor.lambda$startContainer$4(KeycloakDevServicesProcessor.java:421)
at java.base/java.util.Optional.orElseGet(Optional.java:364) at
io.quarkus.devservices.keycloak.KeycloakDevServicesProcessor.startContainer(KeycloakDevServicesProcessor.java:447)
at io.quarkus.devser
vices.keycloak.KeycloakDevServicesProcessor.startKeycloakContainer(KeycloakDevServicesProcessor.java:200)
... 10 moreCaused by: org.rnorth.ducttape.RetryCountExceededException:
Retry limit hit with exception at
org.rnorth.ducttape.unreliables.Unreliables.retryUntilSuccess(Unreliables.java:88)
at
org.testcontainers.containers.GenericContainer.doStart(GenericContainer.java:331)
... 15 moreCaused by:
org.testcontainers.containers.ContainerLaunchException: Could not create/start
container at
org.testcontainers.containers.GenericContainer.tryStart(GenericContainer.java:551)
at
org.testcontainers.containers.GenericContainer.lambda$doStart$0(GenericContainer.java:341)
at
org.rnorth.ducttape.unreliables.Unreliables.retryUntilSuccess(Unreliables.java:81)
... 16 moreCaused by:
org.testcontainers.containers.ContainerLaunchException: Timed out waiting for
log output matching '.*Keycloak.*started.*' at
org.testcontainers.containers.wait
.strategy.LogMessageWaitStrategy.waitUntilReady(LogMessageWaitStrategy.java:47)
at
org.testcontainers.containers.wait.strategy.AbstractWaitStrategy.waitUntilReady(AbstractWaitStrategy.java:52)
at
org.testcontainers.containers.GenericContainer.waitUntilContainerStarted(GenericContainer.java:904)
at
org.testcontainers.containers.GenericContainer.tryStart(GenericContainer.java:487)
... 18 more
https://ci-builds.apache.org/job/KIE/job/kogito/job/main/job/pullrequest_jobs/job/kogito-runtimes-pr/job/PR-4021/13/testReport/org.kie.kogito.addons.quarkus.knative.serving.customfunctions.it/KnativeServingAddonIT/___/";>org.kie.kogito.addons.quarkus.knative.serving.customfunctions.it.KnativeServingAddonIT.(?)
java.lang.RuntimeException: io.quarkus.builder.BuildException: Build
failure: Build failed due to errors [error]: Build
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
kie-ci3 commented on PR #4021:
URL:
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#issuecomment-3575344641
**PR job** `#12` was: **UNSTABLE**
Possible explanation: This should be test failures
Reproducer
build-chain build full_downstream -f
'https://raw.githubusercontent.com/${AUTHOR:apache}/incubator-kie-kogito-pipelines/${BRANCH:main}/.ci/buildchain-config-pr-cdb.yaml'
-o 'bc' -p apache/incubator-kie-kogito-runtimes -u
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021
--skipParallelCheckout
NOTE: To install the build-chain tool, please refer to
https://github.com/kiegroup/github-action-build-chain#local-execution
Please look here:
https://ci-builds.apache.org/job/KIE/job/kogito/job/main/job/pullrequest_jobs/job/kogito-runtimes-pr/job/PR-4021/12/display/redirect
**Test results:**
- PASSED: 3667
- FAILED: 4
Those are the test failures:
https://ci-builds.apache.org/job/KIE/job/kogito/job/main/job/pullrequest_jobs/job/kogito-runtimes-pr/job/PR-4021/12/testReport/org.kie.kogito.addons.jwt.it/JwtParserIT/testJwtParserWorkflowEndToEnd/";>org.kie.kogito.addons.jwt.it.JwtParserIT.testJwtParserWorkflowEndToEnd
java.lang.RuntimeException: io.quarkus.builder.BuildException: Build
failure: Build failed due to errors [error]: Build step
io.quarkus.devservices.keycloak.KeycloakDevServicesProcessor#startKeycloakContainer
threw an exception: java.lang.RuntimeException:
org.testcontainers.containers.ContainerLaunchException: Container startup
failed for image quay.io/keycloak/keycloak:26.1.3 at
io.quarkus.devservices.keycloak.KeycloakDevServicesProcessor.startKeycloakContainer(KeycloakDevServicesProcessor.java:250)
at
java.base/java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:732)
at
io.quarkus.deployment.ExtensionLoader$3.execute(ExtensionLoader.java:856)
at io.quarkus.builder.BuildContext.run(BuildContext.java:255) at
org.jboss.threads.ContextHandler$1.runWith(ContextHandler.java:18) at
org.jboss.threads.EnhancedQueueExecutor$Task.doRunWith(EnhancedQueueExecutor.java:2675)
at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQu
eueExecutor.java:2654) at
org.jboss.threads.EnhancedQueueExecutor.runThreadBody(EnhancedQueueExecutor.java:1627)
at
org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1594)
at java.base/java.lang.Thread.run(Thread.java:840) at
org.jboss.threads.JBossThread.run(JBossThread.java:499)Caused by:
org.testcontainers.containers.ContainerLaunchException: Container startup
failed for image quay.io/keycloak/keycloak:26.1.3 at
org.testcontainers.containers.GenericContainer.doStart(GenericContainer.java:346)
at
org.testcontainers.containers.GenericContainer.start(GenericContainer.java:317)
at
io.quarkus.devservices.keycloak.KeycloakDevServicesProcessor.lambda$startContainer$4(KeycloakDevServicesProcessor.java:421)
at java.base/java.util.Optional.orElseGet(Optional.java:364) at
io.quarkus.devservices.keycloak.KeycloakDevServicesProcessor.startContainer(KeycloakDevServicesProcessor.java:447)
at io.quarkus.devser
vices.keycloak.KeycloakDevServicesProcessor.startKeycloakContainer(KeycloakDevServicesProcessor.java:200)
... 10 moreCaused by: org.rnorth.ducttape.RetryCountExceededException:
Retry limit hit with exception at
org.rnorth.ducttape.unreliables.Unreliables.retryUntilSuccess(Unreliables.java:88)
at
org.testcontainers.containers.GenericContainer.doStart(GenericContainer.java:331)
... 15 moreCaused by:
org.testcontainers.containers.ContainerLaunchException: Could not create/start
container at
org.testcontainers.containers.GenericContainer.tryStart(GenericContainer.java:551)
at
org.testcontainers.containers.GenericContainer.lambda$doStart$0(GenericContainer.java:341)
at
org.rnorth.ducttape.unreliables.Unreliables.retryUntilSuccess(Unreliables.java:81)
... 16 moreCaused by:
org.testcontainers.containers.ContainerLaunchException: Timed out waiting for
log output matching '.*Keycloak.*started.*' at
org.testcontainers.containers.wait
.strategy.LogMessageWaitStrategy.waitUntilReady(LogMessageWaitStrategy.java:47)
at
org.testcontainers.containers.wait.strategy.AbstractWaitStrategy.waitUntilReady(AbstractWaitStrategy.java:52)
at
org.testcontainers.containers.GenericContainer.waitUntilContainerStarted(GenericContainer.java:904)
at
org.testcontainers.containers.GenericContainer.tryStart(GenericContainer.java:487)
... 18 more
https://ci-builds.apache.org/job/KIE/job/kogito/job/main/job/pullrequest_jobs/job/kogito-runtimes-pr/job/PR-4021/12/testReport/org.kie.kogito.addons.quarkus.knative.serving.customfunctions.it/KnativeServingAddonIT/___/";>org.kie.kogito.addons.quarkus.knative.serving.customfunctions.it.KnativeServingAddonIT.(?)
java.lang.RuntimeException: io.quarkus.builder.BuildException: Build
failure: Build failed due to errors [error]: Build
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
kie-ci3 commented on PR #4021:
URL:
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#issuecomment-3574145037
**PR job** `#11` was: **UNSTABLE**
Possible explanation: This should be test failures
Reproducer
build-chain build full_downstream -f
'https://raw.githubusercontent.com/${AUTHOR:apache}/incubator-kie-kogito-pipelines/${BRANCH:main}/.ci/buildchain-config-pr-cdb.yaml'
-o 'bc' -p apache/incubator-kie-kogito-runtimes -u
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021
--skipParallelCheckout
NOTE: To install the build-chain tool, please refer to
https://github.com/kiegroup/github-action-build-chain#local-execution
Please look here:
https://ci-builds.apache.org/job/KIE/job/kogito/job/main/job/pullrequest_jobs/job/kogito-runtimes-pr/job/PR-4021/11/display/redirect
**Test results:**
- PASSED: 3688
- FAILED: 2
Those are the test failures:
https://ci-builds.apache.org/job/KIE/job/kogito/job/main/job/pullrequest_jobs/job/kogito-runtimes-pr/job/PR-4021/11/testReport/org.kie.kogito.addons.jwt.it/JwtParserIT/testJwtParserWorkflowEndToEnd/";>org.kie.kogito.addons.jwt.it.JwtParserIT.testJwtParserWorkflowEndToEnd
1 expectation failed.Expected status code <201> but was <500>.
https://ci-builds.apache.org/job/KIE/job/kogito/job/main/job/pullrequest_jobs/job/kogito-runtimes-pr/job/PR-4021/11/testReport/org.kie.kogito.addons.jwt.it/JwtParserIT/testJwtParserWithBearerPrefix/";>org.kie.kogito.addons.jwt.it.JwtParserIT.testJwtParserWithBearerPrefix
1 expectation failed.Expected status code <201> but was <500>.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
-
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
fjtirado commented on PR #4021: URL: https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#issuecomment-3570626865 @ishanjogi89 you need to fix runtime-deployment dependencies, essentially you need to check if for every runtime dependency there is one which has the same name plus the suffix deployment. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] - To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
wmedvede commented on PR #4021: URL: https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#issuecomment-3502816295 @ishanjogi89 I can see these erros in the build logs. Would you mind take a look? 2025-11-07T11:14:32.5263137Z [INFO] BUILD FAILURE 2025-11-07T11:14:32.5263382Z [INFO] 2025-11-07T11:14:32.5263677Z [INFO] Total time: 57:11 min 2025-11-07T11:14:32.5263898Z [INFO] Finished at: 2025-11-07T11:14:32Z 2025-11-07T11:14:32.5264190Z [INFO] 2025-11-07T11:14:32.5272489Z [ERROR] Failed to execute goal io.quarkus:quarkus-extension-maven-plugin:3.20.3:extension-descriptor (default) on project sonataflow-addons-quarkus-jwt-parser: The deployment artifact org.apache.kie.sonataflow:sonataflow-addons-quarkus-jwt-parser-deployment::jar depends on the following Quarkus extension deployment artifacts whose corresponding runtime artifacts were not found among the dependencies of org.apache.kie.sonataflow:sonataflow-addons-quarkus-jwt-parser:jar:999-SNAPSHOT: io.quarkiverse.reactivemessaging.http:quarkus-reactive-messaging-http-deployment::jar io.quarkus:quarkus-jackson-deployment::jar io.quarkus:quarkus-jsonp-deployment::jar io.quarkus:quarkus-swagger-ui-deployment::jar io.quarkus:quarkus-resteasy-common-deployment::jar io.quarkus:quarkus-netty-deployment::jar io.quarkus:quarkus-oidc-common-deployment::jar io.quarkus:quarkus-vertx-http-deployment::jar io.quarkus:quarkus-rest-client-config-deployment::jar io.quarkus:quarkus-small rye-stork-deployment::jar io.quarkus:quarkus-smallrye-health-deployment::jar io.quarkus:quarkus-mutiny-deployment::jar io.quarkus:quarkus-reactive-routes-deployment::jar io.quarkiverse.jackson-jq:quarkus-jackson-jq-deployment::jar io.quarkus:quarkus-cache-deployment::jar io.quarkus:quarkus-mutiny-reactive-streams-operators-deployment::jar io.quarkus:quarkus-grpc-deployment::jar io.quarkus:quarkus-smallrye-openapi-deployment::jar io.quarkus:quarkus-smallrye-context-propagation-deployment::jar io.quarkus:quarkus-smallrye-jwt-build-deployment::jar io.quarkus:quarkus-virtual-threads-deployment::jar io.quarkus:quarkus-tls-registry-deployment::jar io.quarkus:quarkus-resteasy-client-jackson-deployment::jar org.apache.kie.sonataflow:sonataflow-quarkus-deployment::jar io.quarkus:quarkus-resteasy-client-deployment::jar io.quarkus:quarkus-messaging-deployment::jar io.quarkus:quarkus-oidc-client-deployment::jar io.quarkus:quarkus-narayana-jta-deployment::jar io.quarkus:quarkus-grpc-common-deplo yment::jar io.quarkiverse.openapi.generator:quarkus-openapi-generator-deployment::jar io.quarkus:quarkus-apache-httpclient-deployment::jar org.apache.kie.sonataflow:sonataflow-addons-quarkus-openapi-deployment::jar io.quarkus:quarkus-qute-deployment::jar io.quarkus:quarkus-caffeine-deployment::jar io.quarkiverse.asyncapi:quarkus-asyncapi-deployment::jar io.quarkus:quarkus-vertx-deployment::jar -> [Help 1] 2025-11-07T11:14:32.5289154Z org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal io.quarkus:quarkus-extension-maven-plugin:3.20.3:extension-descriptor (default) on project sonataflow-addons-quarkus-jwt-parser: The deployment artifact org.apache.kie.sonataflow:sonataflow-addons-quarkus-jwt-parser-deployment::jar depends on the following Quarkus extension deployment artifacts whose corresponding runtime artifacts were not found among the dependencies of org.apache.kie.sonataflow:sonataflow-addons-quarkus-jwt-parser:jar:999-SNAPSHOT: io.quarkiverse.reactivemessaging.http:quarkus-reactive-messaging-http-deployment::jar io.quarkus:quarkus-jackson-deployment::jar io.quarkus:quarkus-jsonp-deployment::jar io.quarkus:quarkus-swagger-ui-deployment::jar io.quarkus:quarkus-resteasy-common-deployment::jar io.quarkus:quarkus-netty-deployment::jar io.quarkus:quarkus-oidc-common-deployment::jar io.quarkus:quarkus-vertx-http-deployment::jar io.quarkus:quarkus-rest-client -config-deployment::jar io.quarkus:quarkus-smallrye-stork-deployment::jar io.quarkus:quarkus-smallrye-health-deployment::jar io.quarkus:quarkus-mutiny-deployment::jar io.quarkus:quarkus-reactive-routes-deployment::jar io.quarkiverse.jackson-jq:quarkus-jackson-jq-deployment::jar io.quarkus:quarkus-cache-deployment::jar io.quarkus:quarkus-mutiny-reactive-streams-operators-deployment::jar io.quarkus:quarkus-grpc-deployment::jar io.quarkus:quarkus-smallrye-openapi-deployment::jar io.quarkus:quarkus-smallrye-context-propagation-deployment::jar io.quarkus:quarkus-smallrye-jwt-build-deployment::jar io.quarkus:quarkus-virtual-threads-deployment::jar io.quarkus:quarkus-tls-registry-deployment::jar io.quarkus:quarkus-resteasy-client-jackson-deployment::jar org.apache.kie.sonataflow:sonataflow-quarkus-deployment::jar io.quarkus:quarkus-resteasy-client-deployment::jar io.quarkus:q
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
kie-ci3 commented on PR #4021:
URL:
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#issuecomment-3482582638
**PR job** `#1` was: **UNSTABLE**
Possible explanation: This should be test failures
Reproducer
build-chain build full_downstream -f
'https://raw.githubusercontent.com/${AUTHOR:apache}/incubator-kie-kogito-pipelines/${BRANCH:main}/.ci/buildchain-config-pr-cdb.yaml'
-o 'bc' -p apache/incubator-kie-kogito-runtimes -u
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021
--skipParallelCheckout
NOTE: To install the build-chain tool, please refer to
https://github.com/kiegroup/github-action-build-chain#local-execution
Please look here:
https://ci-builds.apache.org/job/KIE/job/__dev/job/lightguardjp/job/main/job/pullrequest_jobs/job/kogito-runtimes-pr/job/PR-4021/1/display/redirect
**Test results:**
- PASSED: 2657
- FAILED: 2
Those are the test failures:
https://ci-builds.apache.org/job/KIE/job/__dev/job/lightguardjp/job/main/job/pullrequest_jobs/job/kogito-runtimes-pr/job/PR-4021/1/testReport/org.kie.kogito.mongodb/MongoDBProcessInstancesIT/___/";>org.kie.kogito.mongodb.MongoDBProcessInstancesIT.(?)
Container startup failed for image mirror.gcr.io/library/mongo:5.0.31
https://ci-builds.apache.org/job/KIE/job/__dev/job/lightguardjp/job/main/job/pullrequest_jobs/job/kogito-runtimes-pr/job/PR-4021/1/testReport/org.kie.kogito.quarkus.token.persistence.workflows/TokenExchangeIT/tokenExchange/";>org.kie.kogito.quarkus.token.persistence.workflows.TokenExchangeIT.tokenExchange
java.lang.RuntimeException: io.quarkus.builder.BuildException: Build
failure: Build failed due to errors [error]: Build step
io.quarkus.devservices.keycloak.KeycloakDevServicesProcessor#startKeycloakContainer
threw an exception: java.lang.RuntimeException:
org.testcontainers.containers.ContainerLaunchException: Container startup
failed for image quay.io/keycloak/keycloak:26.1.3 at
io.quarkus.devservices.keycloak.KeycloakDevServicesProcessor.startKeycloakContainer(KeycloakDevServicesProcessor.java:250)
at
java.base/java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:732)
at
io.quarkus.deployment.ExtensionLoader$3.execute(ExtensionLoader.java:856)
at io.quarkus.builder.BuildContext.run(BuildContext.java:255) at
org.jboss.threads.ContextHandler$1.runWith(ContextHandler.java:18) at
org.jboss.threads.EnhancedQueueExecutor$Task.doRunWith(EnhancedQueueExecutor.java:2675)
at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQu
eueExecutor.java:2654) at
org.jboss.threads.EnhancedQueueExecutor.runThreadBody(EnhancedQueueExecutor.java:1627)
at
org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1594)
at java.base/java.lang.Thread.run(Thread.java:840) at
org.jboss.threads.JBossThread.run(JBossThread.java:499)Caused by:
org.testcontainers.containers.ContainerLaunchException: Container startup
failed for image quay.io/keycloak/keycloak:26.1.3 at
org.testcontainers.containers.GenericContainer.doStart(GenericContainer.java:346)
at
org.testcontainers.containers.GenericContainer.start(GenericContainer.java:317)
at
io.quarkus.devservices.keycloak.KeycloakDevServicesProcessor.lambda$startContainer$4(KeycloakDevServicesProcessor.java:421)
at java.base/java.util.Optional.orElseGet(Optional.java:364) at
io.quarkus.devservices.keycloak.KeycloakDevServicesProcessor.startContainer(KeycloakDevServicesProcessor.java:447)
at io.quarkus.devser
vices.keycloak.KeycloakDevServicesProcessor.startKeycloakContainer(KeycloakDevServicesProcessor.java:200)
... 10 moreCaused by: org.rnorth.ducttape.RetryCountExceededException:
Retry limit hit with exception at
org.rnorth.ducttape.unreliables.Unreliables.retryUntilSuccess(Unreliables.java:88)
at
org.testcontainers.containers.GenericContainer.doStart(GenericContainer.java:331)
... 15 moreCaused by:
org.testcontainers.containers.ContainerLaunchException: Could not create/start
container at
org.testcontainers.containers.GenericContainer.tryStart(GenericContainer.java:551)
at
org.testcontainers.containers.GenericContainer.lambda$doStart$0(GenericContainer.java:341)
at
org.rnorth.ducttape.unreliables.Unreliables.retryUntilSuccess(Unreliables.java:81)
... 16 moreCaused by:
org.testcontainers.containers.ContainerLaunchException: Timed out waiting for
log output matching '.*Keycloak.*started.*' at
org.testcontainers.containers.wait
.strategy.LogMessageWaitStrategy.waitUntilReady(LogMessageWaitStrategy.java:47)
at
org.testcontainers.containers.wait.strategy.AbstractWaitStrategy.waitUntilReady(AbstractWaitStrategy.java:52)
at
org.testcontainers.containers.GenericContainer.waitUntilContainerStarted(GenericContainer.java:904)
at
org.testcontainers.containers.GenericContainer.tryStart(GenericContainer.java:487)
... 18 more
--
This is an automated message from the Apache Git
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
ishanjogi89 commented on code in PR #4021:
URL:
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#discussion_r2476725731
##
quarkus/addons/jwt-parser/integration-tests/src/test/java/org/kie/kogito/addons/jwt/it/JwtParserIT.java:
##
@@ -0,0 +1,180 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.kie.kogito.addons.jwt.it;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import org.junit.jupiter.api.Test;
+import org.kie.kogito.addons.jwt.JwtTokenParser;
+
+import io.quarkus.test.junit.QuarkusIntegrationTest;
+import io.restassured.path.json.JsonPath;
+
+import jakarta.inject.Inject;
+import jakarta.ws.rs.core.HttpHeaders;
+
+import static io.restassured.RestAssured.given;
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static
org.kie.kogito.test.utils.ProcessInstancesRESTTestUtils.assertProcessInstanceHasFinished;
+import static
org.kie.kogito.test.utils.ProcessInstancesRESTTestUtils.assertProcessInstanceNotExists;
+import static
org.kie.kogito.test.utils.ProcessInstancesRESTTestUtils.newProcessInstance;
+
+@QuarkusIntegrationTest
+class JwtParserIT {
+
+@Inject
+JwtTokenParser jwtTokenParser;
+
+// Valid JWT token for testing (contains:
{"sub":"1234567890","preferred_username":"johndoe","email":"[email protected]","iat":1516239022})
+private static final String VALID_JWT_TOKEN =
+
"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiam9obmRvZSIsImVtYWlsIjoiam9obmRvZUBleGFtcGxlLmNvbSIsImlhdCI6MTUxNjIzOTAyMn0.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c";
+
+@Test
+void testJwtTokenParserInjection() {
+assertThat(jwtTokenParser).isNotNull();
+}
+
+@Test
+void testParseTokenWithNullToken() {
+assertThrows(IllegalArgumentException.class, () ->
jwtTokenParser.parseToken(null));
+}
+
+@Test
+void testParseTokenWithEmptyToken() {
+assertThrows(IllegalArgumentException.class, () ->
jwtTokenParser.parseToken(""));
+}
+
+@Test
+void testParseValidJwtToken() {
+var result = jwtTokenParser.parseToken(VALID_JWT_TOKEN);
+assertThat(result).isNotNull();
+assertThat(result.get("sub").asText()).isEqualTo("1234567890");
+
assertThat(result.get("preferred_username").asText()).isEqualTo("johndoe");
+
assertThat(result.get("email").asText()).isEqualTo("[email protected]");
+}
+
+@Test
+void testParseTokenWithBearerPrefix() {
+String tokenWithBearer = "Bearer " + VALID_JWT_TOKEN;
+var result = jwtTokenParser.parseToken(tokenWithBearer);
+assertThat(result).isNotNull();
+assertThat(result.get("sub").asText()).isEqualTo("1234567890");
+}
+
+@Test
+void testExtractUser() {
+var result = jwtTokenParser.extractUser(VALID_JWT_TOKEN);
+assertThat(result).isNotNull();
+assertThat(result.get("sub").asText()).isEqualTo("1234567890");
+
assertThat(result.get("preferred_username").asText()).isEqualTo("johndoe");
+
assertThat(result.get("email").asText()).isEqualTo("[email protected]");
+}
+
+@Test
+void testExtractSpecificClaim() {
+var result = jwtTokenParser.extractClaim(VALID_JWT_TOKEN,
"preferred_username");
+assertThat(result).isNotNull();
+assertThat(result.asText()).isEqualTo("johndoe");
+}
+
+@Test
+void testExtractUserWithInvalidToken() {
+assertThrows(RuntimeException.class, () ->
jwtTokenParser.extractUser("invalid.token.here"));
+}
+
+@Test
+void testExtractClaimWithInvalidToken() {
+assertThrows(RuntimeException.class, () ->
jwtTokenParser.extractClaim("invalid.token.here", "sub"));
+}
+
+/**
+ * End-to-end test that verifies the JWT parser works within a complete
SonataFlow workflow.
+ * This test demonstrates the feature working as requested in Issue #1899.
+ */
+@Test
+void testJwtParserWorkflowEndToEnd() {
+// Prepare workflow input
+String processInput = "{}";
+
+// Set up headers with JWT token
+Map
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
kie-ci3 commented on PR #4021:
URL:
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#issuecomment-3451525015
**PR job** `#10` was: **UNSTABLE**
Possible explanation: This should be test failures
Reproducer
build-chain build full_downstream -f
'https://raw.githubusercontent.com/${AUTHOR:apache}/incubator-kie-kogito-pipelines/${BRANCH:main}/.ci/buildchain-config-pr-cdb.yaml'
-o 'bc' -p apache/incubator-kie-kogito-runtimes -u
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021
--skipParallelCheckout
NOTE: To install the build-chain tool, please refer to
https://github.com/kiegroup/github-action-build-chain#local-execution
Please look here:
https://ci-builds.apache.org/job/KIE/job/kogito/job/main/job/pullrequest_jobs/job/kogito-runtimes-pr/job/PR-4021/10/display/redirect
**Test results:**
- PASSED: 3662
- FAILED: 3
Those are the test failures:
https://ci-builds.apache.org/job/KIE/job/kogito/job/main/job/pullrequest_jobs/job/kogito-runtimes-pr/job/PR-4021/10/testReport/org.kie.kogito.addons.quarkus.knative.serving.customfunctions.it/KnativeServingAddonIT/___/";>org.kie.kogito.addons.quarkus.knative.serving.customfunctions.it.KnativeServingAddonIT.(?)
java.lang.RuntimeException: io.quarkus.builder.BuildException: Build
failure: Build failed due to errors [error]: Build step
io.quarkus.devservices.keycloak.KeycloakDevServicesProcessor#startKeycloakContainer
threw an exception: java.lang.RuntimeException:
org.testcontainers.containers.ContainerLaunchException: Container startup
failed for image quay.io/keycloak/keycloak:26.1.3 at
io.quarkus.devservices.keycloak.KeycloakDevServicesProcessor.startKeycloakContainer(KeycloakDevServicesProcessor.java:250)
at
java.base/java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:732)
at
io.quarkus.deployment.ExtensionLoader$3.execute(ExtensionLoader.java:856)
at io.quarkus.builder.BuildContext.run(BuildContext.java:255) at
org.jboss.threads.ContextHandler$1.runWith(ContextHandler.java:18) at
org.jboss.threads.EnhancedQueueExecutor$Task.doRunWith(EnhancedQueueExecutor.java:2675)
at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQu
eueExecutor.java:2654) at
org.jboss.threads.EnhancedQueueExecutor.runThreadBody(EnhancedQueueExecutor.java:1627)
at
org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1594)
at java.base/java.lang.Thread.run(Thread.java:840) at
org.jboss.threads.JBossThread.run(JBossThread.java:499)Caused by:
org.testcontainers.containers.ContainerLaunchException: Container startup
failed for image quay.io/keycloak/keycloak:26.1.3 at
org.testcontainers.containers.GenericContainer.doStart(GenericContainer.java:346)
at
org.testcontainers.containers.GenericContainer.start(GenericContainer.java:317)
at
io.quarkus.devservices.keycloak.KeycloakDevServicesProcessor.lambda$startContainer$4(KeycloakDevServicesProcessor.java:421)
at java.base/java.util.Optional.orElseGet(Optional.java:364) at
io.quarkus.devservices.keycloak.KeycloakDevServicesProcessor.startContainer(KeycloakDevServicesProcessor.java:447)
at io.quarkus.devser
vices.keycloak.KeycloakDevServicesProcessor.startKeycloakContainer(KeycloakDevServicesProcessor.java:200)
... 10 moreCaused by: org.rnorth.ducttape.RetryCountExceededException:
Retry limit hit with exception at
org.rnorth.ducttape.unreliables.Unreliables.retryUntilSuccess(Unreliables.java:88)
at
org.testcontainers.containers.GenericContainer.doStart(GenericContainer.java:331)
... 15 moreCaused by:
org.testcontainers.containers.ContainerLaunchException: Could not create/start
container at
org.testcontainers.containers.GenericContainer.tryStart(GenericContainer.java:551)
at
org.testcontainers.containers.GenericContainer.lambda$doStart$0(GenericContainer.java:341)
at
org.rnorth.ducttape.unreliables.Unreliables.retryUntilSuccess(Unreliables.java:81)
... 16 moreCaused by:
org.testcontainers.containers.ContainerLaunchException: Timed out waiting for
log output matching '.*Keycloak.*started.*' at
org.testcontainers.containers.wait
.strategy.LogMessageWaitStrategy.waitUntilReady(LogMessageWaitStrategy.java:47)
at
org.testcontainers.containers.wait.strategy.AbstractWaitStrategy.waitUntilReady(AbstractWaitStrategy.java:52)
at
org.testcontainers.containers.GenericContainer.waitUntilContainerStarted(GenericContainer.java:904)
at
org.testcontainers.containers.GenericContainer.tryStart(GenericContainer.java:487)
... 18 more
https://ci-builds.apache.org/job/KIE/job/kogito/job/main/job/pullrequest_jobs/job/kogito-runtimes-pr/job/PR-4021/10/testReport/org.kie.kogito.addons.quarkus.kubernetes/ConfigValueExpanderIT/test/";>org.kie.kogito.addons.quarkus.kubernetes.ConfigValueExpanderIT.test
java.lang.RuntimeException: io.quarkus.builder.BuildException: Build
failure: Build failed due to errors [error]: Build step
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
fjtirado commented on code in PR #4021:
URL:
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#discussion_r2392488795
##
quarkus/addons/jwt-parser/runtime/src/main/java/org/kie/kogito/addons/jwt/JwtParserTypeHandler.java:
##
@@ -0,0 +1,74 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.kie.kogito.addons.jwt;
+
+import org.jbpm.ruleflow.core.RuleFlowNodeContainerFactory;
+import org.jbpm.ruleflow.core.factory.NodeFactory;
+import org.jbpm.ruleflow.core.factory.WorkItemNodeFactory;
+import org.kie.kogito.serverless.workflow.parser.ParserContext;
+import org.kie.kogito.serverless.workflow.parser.VariableInfo;
+import org.kie.kogito.serverless.workflow.parser.types.WorkItemTypeHandler;
+
+import io.serverlessworkflow.api.Workflow;
+import io.serverlessworkflow.api.functions.FunctionDefinition;
+import io.serverlessworkflow.api.functions.FunctionRef;
+
+import static
org.kie.kogito.serverless.workflow.parser.FunctionTypeHandlerFactory.trimCustomOperation;
+
+/**
+ * Function type handler for JWT parsing operations in SonataFlow
+ * Handles custom functions with type "jwt-parser"
+ */
+public class JwtParserTypeHandler extends WorkItemTypeHandler {
+
+@Override
+public NodeFactory getActionNode(Workflow workflow, ParserContext
context,
+RuleFlowNodeContainerFactory embeddedSubProcess,
FunctionDefinition functionDef,
+FunctionRef functionRef, VariableInfo varInfo) {
+
+WorkItemNodeFactory node = buildWorkItem(embeddedSubProcess,
context, varInfo.getInputVar(), varInfo.getOutputVar())
+.name(functionDef.getName());
+
+// Parse the operation from the function definition
+String operation = trimCustomOperation(functionDef);
+if (operation != null && !operation.isEmpty()) {
+node.workParameter(JwtParserWorkItemHandler.OPERATION_PARAM,
operation);
+}
+
+return addFunctionArgs(workflow,
+fillWorkItemHandler(workflow, context, node, functionDef),
+functionRef);
+}
+
+@Override
+protected >
WorkItemNodeFactory fillWorkItemHandler(
+Workflow workflow, ParserContext context, WorkItemNodeFactory
node, FunctionDefinition functionDef) {
+
+if (functionDef.getMetadata() != null) {
+functionDef.getMetadata().forEach(node::metaData);
+}
Review Comment:
Function definition metadata should be automatically added to node metadata
as common approach
If they are not, they should be added with another PR is a common
placeholder, please let me know if your test are not working after removing
these lines to do so.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
-
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
fjtirado commented on code in PR #4021:
URL:
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#discussion_r2392484587
##
quarkus/addons/jwt-parser/runtime/src/main/java/org/kie/kogito/addons/jwt/JwtParserTypeHandler.java:
##
@@ -0,0 +1,74 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.kie.kogito.addons.jwt;
+
+import org.jbpm.ruleflow.core.RuleFlowNodeContainerFactory;
+import org.jbpm.ruleflow.core.factory.NodeFactory;
+import org.jbpm.ruleflow.core.factory.WorkItemNodeFactory;
+import org.kie.kogito.serverless.workflow.parser.ParserContext;
+import org.kie.kogito.serverless.workflow.parser.VariableInfo;
+import org.kie.kogito.serverless.workflow.parser.types.WorkItemTypeHandler;
+
+import io.serverlessworkflow.api.Workflow;
+import io.serverlessworkflow.api.functions.FunctionDefinition;
+import io.serverlessworkflow.api.functions.FunctionRef;
+
+import static
org.kie.kogito.serverless.workflow.parser.FunctionTypeHandlerFactory.trimCustomOperation;
+
+/**
+ * Function type handler for JWT parsing operations in SonataFlow
+ * Handles custom functions with type "jwt-parser"
+ */
+public class JwtParserTypeHandler extends WorkItemTypeHandler {
+
+@Override
+public NodeFactory getActionNode(Workflow workflow, ParserContext
context,
+RuleFlowNodeContainerFactory embeddedSubProcess,
FunctionDefinition functionDef,
+FunctionRef functionRef, VariableInfo varInfo) {
+
+WorkItemNodeFactory node = buildWorkItem(embeddedSubProcess,
context, varInfo.getInputVar(), varInfo.getOutputVar())
+.name(functionDef.getName());
+
+// Parse the operation from the function definition
+String operation = trimCustomOperation(functionDef);
+if (operation != null && !operation.isEmpty()) {
+node.workParameter(JwtParserWorkItemHandler.OPERATION_PARAM,
operation);
+}
+
+return addFunctionArgs(workflow,
+fillWorkItemHandler(workflow, context, node, functionDef),
+functionRef);
+}
Review Comment:
getActionNode does not need to be overrriden
You can add OPERATION_PARAM in fillWorkItemHadnler method, which has the
funcitonDef that you can trim
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
-
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
ishanjogi89 commented on code in PR #4021:
URL:
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#discussion_r2428093153
##
quarkus/addons/jwt-parser/integration-tests/src/test/java/org/kie/kogito/addons/jwt/it/JwtParserIT.java:
##
@@ -0,0 +1,72 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.kie.kogito.addons.jwt.it;
+
+import org.junit.jupiter.api.Test;
+import org.kie.kogito.addons.jwt.JwtTokenParser;
+
+import io.quarkus.test.junit.QuarkusTest;
+
+import jakarta.inject.Inject;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+
+@QuarkusTest
+class JwtParserIT {
+
+@Inject
+JwtTokenParser jwtTokenParser;
Review Comment:
The recommended changes have been referred from the example and incorporated
in this test class now.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
-
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
fjtirado commented on code in PR #4021:
URL:
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#discussion_r2428520722
##
quarkus/addons/jwt-parser/runtime/src/main/java/org/kie/kogito/addons/jwt/JwtTokenParser.java:
##
@@ -0,0 +1,126 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.kie.kogito.addons.jwt;
+
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.node.ObjectNode;
+
+import jakarta.enterprise.context.ApplicationScoped;
+
+/**
+ * JWT Token Parser utility for extracting claims from JWT tokens
+ * Used by SonataFlow workflows to parse JWT tokens and access claims
+ */
+@ApplicationScoped
+public class JwtTokenParser {
+
+private static final ObjectMapper OBJECT_MAPPER = new ObjectMapper();
+
+/**
+ * Parses a JWT token and returns the payload as a JsonNode
+ *
+ * @param token The JWT token string (can include "Bearer " prefix)
+ * @return JsonNode containing the JWT payload/claims
+ * @throws RuntimeException if token parsing fails
+ */
+public JsonNode parseToken(String token) {
+if (token == null || token.trim().isEmpty()) {
+throw new IllegalArgumentException("JWT token cannot be null or
empty");
+}
+
+// Remove "Bearer " prefix if present
+String cleanToken = token.startsWith("Bearer ") ? token.substring(7) :
token;
+
+try {
+// Parse JWT token without signature verification (for claim
extraction only)
+// In production, you might want to verify signatures with proper
keys
+String[] parts = cleanToken.split("\\.");
+if (parts.length != 3) {
+throw new IllegalArgumentException("Invalid JWT token format");
+}
+
+// Decode the payload (second part) using Base64
+String payload = parts[1];
+// Add padding if necessary
+while (payload.length() % 4 != 0) {
+payload += "=";
+}
Review Comment:
We can improve this block by using a StringBuilder (you later call toString
while decoding in the next block). you avoid creating additional string objects
and can use = char.
```suggestion
// Decode the payload (second part) using Base64
StringBuilder payload = new StringBuilder(parts[1]);
// Add padding if necessary
while (payload.length() % 4 != 0) {
payload.append('=');
}
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
-
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
fjtirado commented on code in PR #4021:
URL:
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#discussion_r2428528061
##
quarkus/addons/jwt-parser/runtime/src/main/java/org/kie/kogito/addons/jwt/JwtTokenParser.java:
##
@@ -0,0 +1,126 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.kie.kogito.addons.jwt;
+
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.node.ObjectNode;
+
+import jakarta.enterprise.context.ApplicationScoped;
+
+/**
+ * JWT Token Parser utility for extracting claims from JWT tokens
+ * Used by SonataFlow workflows to parse JWT tokens and access claims
+ */
+@ApplicationScoped
+public class JwtTokenParser {
+
+private static final ObjectMapper OBJECT_MAPPER = new ObjectMapper();
+
+/**
+ * Parses a JWT token and returns the payload as a JsonNode
+ *
+ * @param token The JWT token string (can include "Bearer " prefix)
+ * @return JsonNode containing the JWT payload/claims
+ * @throws RuntimeException if token parsing fails
+ */
+public JsonNode parseToken(String token) {
+if (token == null || token.trim().isEmpty()) {
+throw new IllegalArgumentException("JWT token cannot be null or
empty");
+}
+
+// Remove "Bearer " prefix if present
+String cleanToken = token.startsWith("Bearer ") ? token.substring(7) :
token;
Review Comment:
Picky comment, but I think is safer to do this
At class level
`private static final String BEARER = "Bearer ";`
And here
`String cleanToken = token.startsWith(BEARER) ?
token.substring(BEARER.length()) : token;`
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
-
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
ishanjogi89 commented on code in PR #4021:
URL:
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#discussion_r2428099742
##
quarkus/addons/jwt-parser/runtime/src/main/java/org/kie/kogito/addons/jwt/JwtParserTypeHandler.java:
##
@@ -0,0 +1,74 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.kie.kogito.addons.jwt;
+
+import org.jbpm.ruleflow.core.RuleFlowNodeContainerFactory;
+import org.jbpm.ruleflow.core.factory.NodeFactory;
+import org.jbpm.ruleflow.core.factory.WorkItemNodeFactory;
+import org.kie.kogito.serverless.workflow.parser.ParserContext;
+import org.kie.kogito.serverless.workflow.parser.VariableInfo;
+import org.kie.kogito.serverless.workflow.parser.types.WorkItemTypeHandler;
+
+import io.serverlessworkflow.api.Workflow;
+import io.serverlessworkflow.api.functions.FunctionDefinition;
+import io.serverlessworkflow.api.functions.FunctionRef;
+
+import static
org.kie.kogito.serverless.workflow.parser.FunctionTypeHandlerFactory.trimCustomOperation;
+
+/**
+ * Function type handler for JWT parsing operations in SonataFlow
+ * Handles custom functions with type "jwt-parser"
+ */
+public class JwtParserTypeHandler extends WorkItemTypeHandler {
+
+@Override
+public NodeFactory getActionNode(Workflow workflow, ParserContext
context,
+RuleFlowNodeContainerFactory embeddedSubProcess,
FunctionDefinition functionDef,
+FunctionRef functionRef, VariableInfo varInfo) {
+
+WorkItemNodeFactory node = buildWorkItem(embeddedSubProcess,
context, varInfo.getInputVar(), varInfo.getOutputVar())
+.name(functionDef.getName());
+
+// Parse the operation from the function definition
+String operation = trimCustomOperation(functionDef);
+if (operation != null && !operation.isEmpty()) {
+node.workParameter(JwtParserWorkItemHandler.OPERATION_PARAM,
operation);
+}
+
+return addFunctionArgs(workflow,
+fillWorkItemHandler(workflow, context, node, functionDef),
+functionRef);
+}
Review Comment:
Changes are incorporated.
##
quarkus/addons/jwt-parser/runtime/src/main/java/org/kie/kogito/addons/jwt/JwtParserTypeHandler.java:
##
@@ -0,0 +1,74 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.kie.kogito.addons.jwt;
+
+import org.jbpm.ruleflow.core.RuleFlowNodeContainerFactory;
+import org.jbpm.ruleflow.core.factory.NodeFactory;
+import org.jbpm.ruleflow.core.factory.WorkItemNodeFactory;
+import org.kie.kogito.serverless.workflow.parser.ParserContext;
+import org.kie.kogito.serverless.workflow.parser.VariableInfo;
+import org.kie.kogito.serverless.workflow.parser.types.WorkItemTypeHandler;
+
+import io.serverlessworkflow.api.Workflow;
+import io.serverlessworkflow.api.functions.FunctionDefinition;
+import io.serverlessworkflow.api.functions.FunctionRef;
+
+import static
org.kie.kogito.serverless.workflow.parser.FunctionTypeHandlerFactory.trimCustomOperation;
+
+/**
+ * Function type handler for JWT parsing operations in SonataFlow
+ * Handles custom functions with type "jwt-parser"
+ */
+public class JwtParserTypeHandler extends WorkItemTypeHandler {
+
+@Override
+public NodeFactory getActionNode(Workflow workflow, ParserContext
context,
+RuleFlowNodeContainerFactory embeddedSubProcess,
FunctionDefinition functionDef,
+FunctionRef functionRef,
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
fjtirado commented on code in PR #4021:
URL:
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#discussion_r2428529547
##
quarkus/addons/jwt-parser/runtime/src/main/java/org/kie/kogito/addons/jwt/JwtTokenParser.java:
##
@@ -0,0 +1,126 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.kie.kogito.addons.jwt;
+
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.node.ObjectNode;
+
+import jakarta.enterprise.context.ApplicationScoped;
+
+/**
+ * JWT Token Parser utility for extracting claims from JWT tokens
+ * Used by SonataFlow workflows to parse JWT tokens and access claims
+ */
+@ApplicationScoped
+public class JwtTokenParser {
+
+private static final ObjectMapper OBJECT_MAPPER = new ObjectMapper();
Review Comment:
As you will see in a latter comment, this is not needed.
You can user already existing 'ObjectMapperFactory.get()'
##
quarkus/addons/jwt-parser/runtime/src/main/java/org/kie/kogito/addons/jwt/JwtTokenParser.java:
##
@@ -0,0 +1,126 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.kie.kogito.addons.jwt;
+
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.node.ObjectNode;
+
+import jakarta.enterprise.context.ApplicationScoped;
+
+/**
+ * JWT Token Parser utility for extracting claims from JWT tokens
+ * Used by SonataFlow workflows to parse JWT tokens and access claims
+ */
+@ApplicationScoped
+public class JwtTokenParser {
+
+private static final ObjectMapper OBJECT_MAPPER = new ObjectMapper();
Review Comment:
As you will see in a latter comment, this is not needed.
You can user already existing `ObjectMapperFactory.get()`
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
-
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
fjtirado commented on code in PR #4021:
URL:
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#discussion_r2392484587
##
quarkus/addons/jwt-parser/runtime/src/main/java/org/kie/kogito/addons/jwt/JwtParserTypeHandler.java:
##
@@ -0,0 +1,74 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.kie.kogito.addons.jwt;
+
+import org.jbpm.ruleflow.core.RuleFlowNodeContainerFactory;
+import org.jbpm.ruleflow.core.factory.NodeFactory;
+import org.jbpm.ruleflow.core.factory.WorkItemNodeFactory;
+import org.kie.kogito.serverless.workflow.parser.ParserContext;
+import org.kie.kogito.serverless.workflow.parser.VariableInfo;
+import org.kie.kogito.serverless.workflow.parser.types.WorkItemTypeHandler;
+
+import io.serverlessworkflow.api.Workflow;
+import io.serverlessworkflow.api.functions.FunctionDefinition;
+import io.serverlessworkflow.api.functions.FunctionRef;
+
+import static
org.kie.kogito.serverless.workflow.parser.FunctionTypeHandlerFactory.trimCustomOperation;
+
+/**
+ * Function type handler for JWT parsing operations in SonataFlow
+ * Handles custom functions with type "jwt-parser"
+ */
+public class JwtParserTypeHandler extends WorkItemTypeHandler {
+
+@Override
+public NodeFactory getActionNode(Workflow workflow, ParserContext
context,
+RuleFlowNodeContainerFactory embeddedSubProcess,
FunctionDefinition functionDef,
+FunctionRef functionRef, VariableInfo varInfo) {
+
+WorkItemNodeFactory node = buildWorkItem(embeddedSubProcess,
context, varInfo.getInputVar(), varInfo.getOutputVar())
+.name(functionDef.getName());
+
+// Parse the operation from the function definition
+String operation = trimCustomOperation(functionDef);
+if (operation != null && !operation.isEmpty()) {
+node.workParameter(JwtParserWorkItemHandler.OPERATION_PARAM,
operation);
+}
+
+return addFunctionArgs(workflow,
+fillWorkItemHandler(workflow, context, node, functionDef),
+functionRef);
+}
Review Comment:
getActionNode does not need to be overrriden
You can add OPERATION_PARAM in fillWorkItemHadnler method
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
-
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
fjtirado commented on code in PR #4021:
URL:
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#discussion_r2392488795
##
quarkus/addons/jwt-parser/runtime/src/main/java/org/kie/kogito/addons/jwt/JwtParserTypeHandler.java:
##
@@ -0,0 +1,74 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.kie.kogito.addons.jwt;
+
+import org.jbpm.ruleflow.core.RuleFlowNodeContainerFactory;
+import org.jbpm.ruleflow.core.factory.NodeFactory;
+import org.jbpm.ruleflow.core.factory.WorkItemNodeFactory;
+import org.kie.kogito.serverless.workflow.parser.ParserContext;
+import org.kie.kogito.serverless.workflow.parser.VariableInfo;
+import org.kie.kogito.serverless.workflow.parser.types.WorkItemTypeHandler;
+
+import io.serverlessworkflow.api.Workflow;
+import io.serverlessworkflow.api.functions.FunctionDefinition;
+import io.serverlessworkflow.api.functions.FunctionRef;
+
+import static
org.kie.kogito.serverless.workflow.parser.FunctionTypeHandlerFactory.trimCustomOperation;
+
+/**
+ * Function type handler for JWT parsing operations in SonataFlow
+ * Handles custom functions with type "jwt-parser"
+ */
+public class JwtParserTypeHandler extends WorkItemTypeHandler {
+
+@Override
+public NodeFactory getActionNode(Workflow workflow, ParserContext
context,
+RuleFlowNodeContainerFactory embeddedSubProcess,
FunctionDefinition functionDef,
+FunctionRef functionRef, VariableInfo varInfo) {
+
+WorkItemNodeFactory node = buildWorkItem(embeddedSubProcess,
context, varInfo.getInputVar(), varInfo.getOutputVar())
+.name(functionDef.getName());
+
+// Parse the operation from the function definition
+String operation = trimCustomOperation(functionDef);
+if (operation != null && !operation.isEmpty()) {
+node.workParameter(JwtParserWorkItemHandler.OPERATION_PARAM,
operation);
+}
+
+return addFunctionArgs(workflow,
+fillWorkItemHandler(workflow, context, node, functionDef),
+functionRef);
+}
+
+@Override
+protected >
WorkItemNodeFactory fillWorkItemHandler(
+Workflow workflow, ParserContext context, WorkItemNodeFactory
node, FunctionDefinition functionDef) {
+
+if (functionDef.getMetadata() != null) {
+functionDef.getMetadata().forEach(node::metaData);
+}
Review Comment:
Function definition metadata should be automatically added
If they are not, they should be added with another PR is a common
placeholder, please let me know if your test are not working after removing
these lines to do so.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
-
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
wmedvede commented on PR #4021: URL: https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#issuecomment-3401371579 weird, I have rebased this branch with main locally and got this error: git rebase upstream/main Auto-merging quarkus/addons/pom.xml CONFLICT (content): Merge conflict in quarkus/addons/pom.xml error: could not apply 85adaa02ae... Introducing jwt parser handler and associated classes hint: Resolve all conflicts manually, mark them as resolved with hint: "git add/rm ", then run "git rebase --continue". hint: You can instead skip this commit: run "git rebase --skip". hint: To abort and get back to the state before "git rebase", run "git rebase --abort". Could not apply 85adaa02ae... Introducing jwt parser handler and associated classes However, the github check says "No conflicts with base branch" -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] - To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
ishanjogi89 commented on code in PR #4021:
URL:
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#discussion_r2428607848
##
quarkus/addons/jwt-parser/runtime/src/main/java/org/kie/kogito/addons/jwt/JwtTokenParser.java:
##
@@ -0,0 +1,126 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.kie.kogito.addons.jwt;
+
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.node.ObjectNode;
+
+import jakarta.enterprise.context.ApplicationScoped;
+
+/**
+ * JWT Token Parser utility for extracting claims from JWT tokens
+ * Used by SonataFlow workflows to parse JWT tokens and access claims
+ */
+@ApplicationScoped
+public class JwtTokenParser {
+
+private static final ObjectMapper OBJECT_MAPPER = new ObjectMapper();
Review Comment:
Changes incorporated.
##
quarkus/addons/jwt-parser/runtime/src/main/java/org/kie/kogito/addons/jwt/JwtTokenParser.java:
##
@@ -0,0 +1,126 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.kie.kogito.addons.jwt;
+
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.node.ObjectNode;
+
+import jakarta.enterprise.context.ApplicationScoped;
+
+/**
+ * JWT Token Parser utility for extracting claims from JWT tokens
+ * Used by SonataFlow workflows to parse JWT tokens and access claims
+ */
+@ApplicationScoped
+public class JwtTokenParser {
+
+private static final ObjectMapper OBJECT_MAPPER = new ObjectMapper();
+
+/**
+ * Parses a JWT token and returns the payload as a JsonNode
+ *
+ * @param token The JWT token string (can include "Bearer " prefix)
+ * @return JsonNode containing the JWT payload/claims
+ * @throws RuntimeException if token parsing fails
+ */
+public JsonNode parseToken(String token) {
+if (token == null || token.trim().isEmpty()) {
+throw new IllegalArgumentException("JWT token cannot be null or
empty");
+}
+
+// Remove "Bearer " prefix if present
+String cleanToken = token.startsWith("Bearer ") ? token.substring(7) :
token;
Review Comment:
Changes incorporated.
##
quarkus/addons/jwt-parser/runtime/src/main/java/org/kie/kogito/addons/jwt/JwtTokenParser.java:
##
@@ -0,0 +1,126 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.kie.kogito.addons.jwt;
+
+import java.nio.charse
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
wmedvede commented on code in PR #4021:
URL:
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#discussion_r2393781823
##
quarkus/addons/jwt-parser/integration-tests/src/test/java/org/kie/kogito/addons/jwt/it/JwtParserIT.java:
##
@@ -0,0 +1,72 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.kie.kogito.addons.jwt.it;
+
+import org.junit.jupiter.api.Test;
+import org.kie.kogito.addons.jwt.JwtTokenParser;
+
+import io.quarkus.test.junit.QuarkusTest;
+
+import jakarta.inject.Inject;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+
+@QuarkusTest
+class JwtParserIT {
+
+@Inject
+JwtTokenParser jwtTokenParser;
Review Comment:
It think the tests added here are good, but only checks that the
JwtTokenParser works as an independent parsing class.
Considering that a new feature is being added, I think we need an end-to-end
test showing that the feaure as a hole is worknig, like we do with the other
features.
see some examples here:
https://github.com/apache/incubator-kie-kogito-runtimes/tree/cc5ee492adb6476cdbf805d3171c29ca0c3d3b36/quarkus/extensions/kogito-quarkus-serverless-workflow-extension/kogito-quarkus-serverless-workflow-integration-test/src/test/java/org/kie/kogito/quarkus/workflows
https://github.com/apache/incubator-kie-kogito-runtimes/blob/9f52b4879be6a9b2a5b84b8137465e1a92d810ee/quarkus/extensions/kogito-quarkus-serverless-workflow-extension/kogito-quarkus-serverless-workflow-integration-test/src/test/java/org/kie/kogito/quarkus/workflows/TokenExchangeIT.java
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
-
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
fjtirado commented on code in PR #4021:
URL:
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#discussion_r2428528061
##
quarkus/addons/jwt-parser/runtime/src/main/java/org/kie/kogito/addons/jwt/JwtTokenParser.java:
##
@@ -0,0 +1,126 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.kie.kogito.addons.jwt;
+
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.node.ObjectNode;
+
+import jakarta.enterprise.context.ApplicationScoped;
+
+/**
+ * JWT Token Parser utility for extracting claims from JWT tokens
+ * Used by SonataFlow workflows to parse JWT tokens and access claims
+ */
+@ApplicationScoped
+public class JwtTokenParser {
+
+private static final ObjectMapper OBJECT_MAPPER = new ObjectMapper();
+
+/**
+ * Parses a JWT token and returns the payload as a JsonNode
+ *
+ * @param token The JWT token string (can include "Bearer " prefix)
+ * @return JsonNode containing the JWT payload/claims
+ * @throws RuntimeException if token parsing fails
+ */
+public JsonNode parseToken(String token) {
+if (token == null || token.trim().isEmpty()) {
+throw new IllegalArgumentException("JWT token cannot be null or
empty");
+}
+
+// Remove "Bearer " prefix if present
+String cleanToken = token.startsWith("Bearer ") ? token.substring(7) :
token;
Review Comment:
Picky comment, but I think is safer to do this
At class level
`private static final String BEARER = "Bearer ");`
And here
`String cleanToken = token.startsWith(BEARER) ?
token.substring(BEARER.length()) : token;`
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
-
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
fjtirado commented on code in PR #4021:
URL:
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#discussion_r2392488795
##
quarkus/addons/jwt-parser/runtime/src/main/java/org/kie/kogito/addons/jwt/JwtParserTypeHandler.java:
##
@@ -0,0 +1,74 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.kie.kogito.addons.jwt;
+
+import org.jbpm.ruleflow.core.RuleFlowNodeContainerFactory;
+import org.jbpm.ruleflow.core.factory.NodeFactory;
+import org.jbpm.ruleflow.core.factory.WorkItemNodeFactory;
+import org.kie.kogito.serverless.workflow.parser.ParserContext;
+import org.kie.kogito.serverless.workflow.parser.VariableInfo;
+import org.kie.kogito.serverless.workflow.parser.types.WorkItemTypeHandler;
+
+import io.serverlessworkflow.api.Workflow;
+import io.serverlessworkflow.api.functions.FunctionDefinition;
+import io.serverlessworkflow.api.functions.FunctionRef;
+
+import static
org.kie.kogito.serverless.workflow.parser.FunctionTypeHandlerFactory.trimCustomOperation;
+
+/**
+ * Function type handler for JWT parsing operations in SonataFlow
+ * Handles custom functions with type "jwt-parser"
+ */
+public class JwtParserTypeHandler extends WorkItemTypeHandler {
+
+@Override
+public NodeFactory getActionNode(Workflow workflow, ParserContext
context,
+RuleFlowNodeContainerFactory embeddedSubProcess,
FunctionDefinition functionDef,
+FunctionRef functionRef, VariableInfo varInfo) {
+
+WorkItemNodeFactory node = buildWorkItem(embeddedSubProcess,
context, varInfo.getInputVar(), varInfo.getOutputVar())
+.name(functionDef.getName());
+
+// Parse the operation from the function definition
+String operation = trimCustomOperation(functionDef);
+if (operation != null && !operation.isEmpty()) {
+node.workParameter(JwtParserWorkItemHandler.OPERATION_PARAM,
operation);
+}
+
+return addFunctionArgs(workflow,
+fillWorkItemHandler(workflow, context, node, functionDef),
+functionRef);
+}
+
+@Override
+protected >
WorkItemNodeFactory fillWorkItemHandler(
+Workflow workflow, ParserContext context, WorkItemNodeFactory
node, FunctionDefinition functionDef) {
+
+if (functionDef.getMetadata() != null) {
+functionDef.getMetadata().forEach(node::metaData);
+}
Review Comment:
Node metadata is automatically added, these lines should not be needed
If they are, they should be added with another PR is a common placeholder,
please let me know if your test are not working after removing these lines to
do so.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
-
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
fjtirado commented on code in PR #4021:
URL:
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#discussion_r2428529547
##
quarkus/addons/jwt-parser/runtime/src/main/java/org/kie/kogito/addons/jwt/JwtTokenParser.java:
##
@@ -0,0 +1,126 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.kie.kogito.addons.jwt;
+
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.node.ObjectNode;
+
+import jakarta.enterprise.context.ApplicationScoped;
+
+/**
+ * JWT Token Parser utility for extracting claims from JWT tokens
+ * Used by SonataFlow workflows to parse JWT tokens and access claims
+ */
+@ApplicationScoped
+public class JwtTokenParser {
+
+private static final ObjectMapper OBJECT_MAPPER = new ObjectMapper();
Review Comment:
As you will see in a latter comment, this static field is not needed.
You can user already existing `ObjectMapperFactory.get()`
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
-
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
kie-ci3 commented on PR #4021:
URL:
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#issuecomment-3401668575
**PR job** `#9` was: **UNSTABLE**
Possible explanation: This should be test failures
Reproducer
build-chain build full_downstream -f
'https://raw.githubusercontent.com/${AUTHOR:apache}/incubator-kie-kogito-pipelines/${BRANCH:main}/.ci/buildchain-config-pr-cdb.yaml'
-o 'bc' -p apache/incubator-kie-kogito-runtimes -u
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021
--skipParallelCheckout
NOTE: To install the build-chain tool, please refer to
https://github.com/kiegroup/github-action-build-chain#local-execution
Please look here:
https://ci-builds.apache.org/job/KIE/job/kogito/job/main/job/pullrequest_jobs/job/kogito-runtimes-pr/job/PR-4021/9/display/redirect
**Test results:**
- PASSED: 3644
- FAILED: 3
Those are the test failures:
https://ci-builds.apache.org/job/KIE/job/kogito/job/main/job/pullrequest_jobs/job/kogito-runtimes-pr/job/PR-4021/9/testReport/org.kie.kogito.addons.quarkus.knative.serving.customfunctions.it/KnativeServingAddonIT/___/";>org.kie.kogito.addons.quarkus.knative.serving.customfunctions.it.KnativeServingAddonIT.(?)
java.lang.RuntimeException: io.quarkus.builder.BuildException: Build
failure: Build failed due to errors [error]: Build step
io.quarkus.devservices.keycloak.KeycloakDevServicesProcessor#startKeycloakContainer
threw an exception: java.lang.RuntimeException:
org.testcontainers.containers.ContainerLaunchException: Container startup
failed for image quay.io/keycloak/keycloak:26.1.3 at
io.quarkus.devservices.keycloak.KeycloakDevServicesProcessor.startKeycloakContainer(KeycloakDevServicesProcessor.java:250)
at
java.base/java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:732)
at
io.quarkus.deployment.ExtensionLoader$3.execute(ExtensionLoader.java:856)
at io.quarkus.builder.BuildContext.run(BuildContext.java:255) at
org.jboss.threads.ContextHandler$1.runWith(ContextHandler.java:18) at
org.jboss.threads.EnhancedQueueExecutor$Task.doRunWith(EnhancedQueueExecutor.java:2675)
at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQu
eueExecutor.java:2654) at
org.jboss.threads.EnhancedQueueExecutor.runThreadBody(EnhancedQueueExecutor.java:1627)
at
org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1594)
at java.base/java.lang.Thread.run(Thread.java:840) at
org.jboss.threads.JBossThread.run(JBossThread.java:499)Caused by:
org.testcontainers.containers.ContainerLaunchException: Container startup
failed for image quay.io/keycloak/keycloak:26.1.3 at
org.testcontainers.containers.GenericContainer.doStart(GenericContainer.java:351)
at
org.testcontainers.containers.GenericContainer.start(GenericContainer.java:322)
at
io.quarkus.devservices.keycloak.KeycloakDevServicesProcessor.lambda$startContainer$4(KeycloakDevServicesProcessor.java:421)
at java.base/java.util.Optional.orElseGet(Optional.java:364) at
io.quarkus.devservices.keycloak.KeycloakDevServicesProcessor.startContainer(KeycloakDevServicesProcessor.java:447)
at io.quarkus.devser
vices.keycloak.KeycloakDevServicesProcessor.startKeycloakContainer(KeycloakDevServicesProcessor.java:200)
... 10 moreCaused by: org.rnorth.ducttape.RetryCountExceededException:
Retry limit hit with exception at
org.rnorth.ducttape.unreliables.Unreliables.retryUntilSuccess(Unreliables.java:88)
at
org.testcontainers.containers.GenericContainer.doStart(GenericContainer.java:336)
... 15 moreCaused by:
org.testcontainers.containers.ContainerLaunchException: Could not create/start
container at
org.testcontainers.containers.GenericContainer.tryStart(GenericContainer.java:556)
at
org.testcontainers.containers.GenericContainer.lambda$doStart$0(GenericContainer.java:346)
at
org.rnorth.ducttape.unreliables.Unreliables.retryUntilSuccess(Unreliables.java:81)
... 16 moreCaused by:
org.testcontainers.containers.ContainerLaunchException: Timed out waiting for
log output matching '.*Keycloak.*started.*' at
org.testcontainers.containers.wait
.strategy.LogMessageWaitStrategy.waitUntilReady(LogMessageWaitStrategy.java:47)
at
org.testcontainers.containers.wait.strategy.AbstractWaitStrategy.waitUntilReady(AbstractWaitStrategy.java:52)
at
org.testcontainers.containers.GenericContainer.waitUntilContainerStarted(GenericContainer.java:909)
at
org.testcontainers.containers.GenericContainer.tryStart(GenericContainer.java:492)
... 18 more
https://ci-builds.apache.org/job/KIE/job/kogito/job/main/job/pullrequest_jobs/job/kogito-runtimes-pr/job/PR-4021/9/testReport/org.kie.kogito.addons.quarkus.kubernetes/ConfigValueExpanderIT/test/";>org.kie.kogito.addons.quarkus.kubernetes.ConfigValueExpanderIT.test
java.lang.RuntimeException: io.quarkus.builder.BuildException: Build
failure: Build failed due to errors [error]: Build step
io.q
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
kie-ci3 commented on PR #4021:
URL:
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#issuecomment-3400969171
**PR job** `#6` was: **UNSTABLE**
Possible explanation: This should be test failures
Reproducer
build-chain build full_downstream -f
'https://raw.githubusercontent.com/${AUTHOR:apache}/incubator-kie-kogito-pipelines/${BRANCH:main}/.ci/buildchain-config-pr-cdb.yaml'
-o 'bc' -p apache/incubator-kie-kogito-runtimes -u
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021
--skipParallelCheckout
NOTE: To install the build-chain tool, please refer to
https://github.com/kiegroup/github-action-build-chain#local-execution
Please look here:
https://ci-builds.apache.org/job/KIE/job/kogito/job/main/job/pullrequest_jobs/job/kogito-runtimes-pr/job/PR-4021/6/display/redirect
**Test results:**
- PASSED: 3644
- FAILED: 3
Those are the test failures:
https://ci-builds.apache.org/job/KIE/job/kogito/job/main/job/pullrequest_jobs/job/kogito-runtimes-pr/job/PR-4021/6/testReport/org.kie.kogito.addons.quarkus.knative.serving.customfunctions.it/KnativeServingAddonIT/___/";>org.kie.kogito.addons.quarkus.knative.serving.customfunctions.it.KnativeServingAddonIT.(?)
java.lang.RuntimeException: io.quarkus.builder.BuildException: Build
failure: Build failed due to errors [error]: Build step
io.quarkus.devservices.keycloak.KeycloakDevServicesProcessor#startKeycloakContainer
threw an exception: java.lang.RuntimeException:
org.testcontainers.containers.ContainerLaunchException: Container startup
failed for image quay.io/keycloak/keycloak:26.1.3 at
io.quarkus.devservices.keycloak.KeycloakDevServicesProcessor.startKeycloakContainer(KeycloakDevServicesProcessor.java:250)
at
java.base/java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:732)
at
io.quarkus.deployment.ExtensionLoader$3.execute(ExtensionLoader.java:856)
at io.quarkus.builder.BuildContext.run(BuildContext.java:255) at
org.jboss.threads.ContextHandler$1.runWith(ContextHandler.java:18) at
org.jboss.threads.EnhancedQueueExecutor$Task.doRunWith(EnhancedQueueExecutor.java:2675)
at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQu
eueExecutor.java:2654) at
org.jboss.threads.EnhancedQueueExecutor.runThreadBody(EnhancedQueueExecutor.java:1627)
at
org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1594)
at java.base/java.lang.Thread.run(Thread.java:840) at
org.jboss.threads.JBossThread.run(JBossThread.java:499)Caused by:
org.testcontainers.containers.ContainerLaunchException: Container startup
failed for image quay.io/keycloak/keycloak:26.1.3 at
org.testcontainers.containers.GenericContainer.doStart(GenericContainer.java:351)
at
org.testcontainers.containers.GenericContainer.start(GenericContainer.java:322)
at
io.quarkus.devservices.keycloak.KeycloakDevServicesProcessor.lambda$startContainer$4(KeycloakDevServicesProcessor.java:421)
at java.base/java.util.Optional.orElseGet(Optional.java:364) at
io.quarkus.devservices.keycloak.KeycloakDevServicesProcessor.startContainer(KeycloakDevServicesProcessor.java:447)
at io.quarkus.devser
vices.keycloak.KeycloakDevServicesProcessor.startKeycloakContainer(KeycloakDevServicesProcessor.java:200)
... 10 moreCaused by: org.rnorth.ducttape.RetryCountExceededException:
Retry limit hit with exception at
org.rnorth.ducttape.unreliables.Unreliables.retryUntilSuccess(Unreliables.java:88)
at
org.testcontainers.containers.GenericContainer.doStart(GenericContainer.java:336)
... 15 moreCaused by:
org.testcontainers.containers.ContainerLaunchException: Could not create/start
container at
org.testcontainers.containers.GenericContainer.tryStart(GenericContainer.java:556)
at
org.testcontainers.containers.GenericContainer.lambda$doStart$0(GenericContainer.java:346)
at
org.rnorth.ducttape.unreliables.Unreliables.retryUntilSuccess(Unreliables.java:81)
... 16 moreCaused by:
org.testcontainers.containers.ContainerLaunchException: Timed out waiting for
log output matching '.*Keycloak.*started.*' at
org.testcontainers.containers.wait
.strategy.LogMessageWaitStrategy.waitUntilReady(LogMessageWaitStrategy.java:47)
at
org.testcontainers.containers.wait.strategy.AbstractWaitStrategy.waitUntilReady(AbstractWaitStrategy.java:52)
at
org.testcontainers.containers.GenericContainer.waitUntilContainerStarted(GenericContainer.java:909)
at
org.testcontainers.containers.GenericContainer.tryStart(GenericContainer.java:492)
... 18 more
https://ci-builds.apache.org/job/KIE/job/kogito/job/main/job/pullrequest_jobs/job/kogito-runtimes-pr/job/PR-4021/6/testReport/org.kie.kogito.addons.quarkus.kubernetes/ConfigValueExpanderIT/test/";>org.kie.kogito.addons.quarkus.kubernetes.ConfigValueExpanderIT.test
java.lang.RuntimeException: io.quarkus.builder.BuildException: Build
failure: Build failed due to errors [error]: Build step
io.q
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
wmedvede commented on code in PR #4021:
URL:
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#discussion_r2429213999
##
quarkus/addons/jwt-parser/integration-tests/src/test/java/org/kie/kogito/addons/jwt/it/JwtParserIT.java:
##
@@ -0,0 +1,180 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.kie.kogito.addons.jwt.it;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import org.junit.jupiter.api.Test;
+import org.kie.kogito.addons.jwt.JwtTokenParser;
+
+import io.quarkus.test.junit.QuarkusIntegrationTest;
+import io.restassured.path.json.JsonPath;
+
+import jakarta.inject.Inject;
+import jakarta.ws.rs.core.HttpHeaders;
+
+import static io.restassured.RestAssured.given;
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static
org.kie.kogito.test.utils.ProcessInstancesRESTTestUtils.assertProcessInstanceHasFinished;
+import static
org.kie.kogito.test.utils.ProcessInstancesRESTTestUtils.assertProcessInstanceNotExists;
+import static
org.kie.kogito.test.utils.ProcessInstancesRESTTestUtils.newProcessInstance;
+
+@QuarkusIntegrationTest
+class JwtParserIT {
+
+@Inject
+JwtTokenParser jwtTokenParser;
+
+// Valid JWT token for testing (contains:
{"sub":"1234567890","preferred_username":"johndoe","email":"[email protected]","iat":1516239022})
+private static final String VALID_JWT_TOKEN =
+
"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiam9obmRvZSIsImVtYWlsIjoiam9obmRvZUBleGFtcGxlLmNvbSIsImlhdCI6MTUxNjIzOTAyMn0.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c";
+
+@Test
+void testJwtTokenParserInjection() {
+assertThat(jwtTokenParser).isNotNull();
+}
+
+@Test
+void testParseTokenWithNullToken() {
+assertThrows(IllegalArgumentException.class, () ->
jwtTokenParser.parseToken(null));
+}
+
+@Test
+void testParseTokenWithEmptyToken() {
+assertThrows(IllegalArgumentException.class, () ->
jwtTokenParser.parseToken(""));
+}
+
+@Test
+void testParseValidJwtToken() {
+var result = jwtTokenParser.parseToken(VALID_JWT_TOKEN);
+assertThat(result).isNotNull();
+assertThat(result.get("sub").asText()).isEqualTo("1234567890");
+
assertThat(result.get("preferred_username").asText()).isEqualTo("johndoe");
+
assertThat(result.get("email").asText()).isEqualTo("[email protected]");
+}
+
+@Test
+void testParseTokenWithBearerPrefix() {
+String tokenWithBearer = "Bearer " + VALID_JWT_TOKEN;
+var result = jwtTokenParser.parseToken(tokenWithBearer);
+assertThat(result).isNotNull();
+assertThat(result.get("sub").asText()).isEqualTo("1234567890");
+}
+
+@Test
+void testExtractUser() {
+var result = jwtTokenParser.extractUser(VALID_JWT_TOKEN);
+assertThat(result).isNotNull();
+assertThat(result.get("sub").asText()).isEqualTo("1234567890");
+
assertThat(result.get("preferred_username").asText()).isEqualTo("johndoe");
+
assertThat(result.get("email").asText()).isEqualTo("[email protected]");
+}
+
+@Test
+void testExtractSpecificClaim() {
+var result = jwtTokenParser.extractClaim(VALID_JWT_TOKEN,
"preferred_username");
+assertThat(result).isNotNull();
+assertThat(result.asText()).isEqualTo("johndoe");
+}
+
+@Test
+void testExtractUserWithInvalidToken() {
+assertThrows(RuntimeException.class, () ->
jwtTokenParser.extractUser("invalid.token.here"));
+}
+
+@Test
+void testExtractClaimWithInvalidToken() {
+assertThrows(RuntimeException.class, () ->
jwtTokenParser.extractClaim("invalid.token.here", "sub"));
+}
+
+/**
+ * End-to-end test that verifies the JWT parser works within a complete
SonataFlow workflow.
+ * This test demonstrates the feature working as requested in Issue #1899.
+ */
+@Test
+void testJwtParserWorkflowEndToEnd() {
+// Prepare workflow input
+String processInput = "{}";
+
+// Set up headers with JWT token
+Map he
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
wmedvede commented on PR #4021: URL: https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#issuecomment-3401749947 @ishanjogi89 It looks like there are some formatting errors that makes the build faill. Execute mvn clean install in the failing module, and see if the file formatting changes. 2025-10-14T12:24:37.8503269Z [ERROR] Failed to execute goal net.revelc.code.formatter:formatter-maven-plugin:2.13.0:validate (default) on project sonataflow-addons-quarkus-jwt-parser-integration-tests: File '/home/runner/work/incubator-kie-kogito-runtimes/incubator-kie-kogito-runtimes/apache_incubator-kie-kogito-runtimes/quarkus/addons/jwt-parser/integration-tests/src/test/java/org/kie/kogito/addons/jwt/it/JwtParserIT.java' has not been previously formatted. Please format file and commit before running validation! -> [Help 1] 2025-10-14T12:24:37.8508464Z org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal net.revelc.code.formatter:formatter-maven-plugin:2.13.0:validate (default) on project sonataflow-addons-quarkus-jwt-parser-integration-tests: File '/home/runner/work/incubator-kie-kogito-runtimes/incubator-kie-kogito-runtimes/apache_incubator-kie-kogito-runtimes/quarkus/addons/jwt-parser/integration-tests/src/test/java/org/kie/kogito/addons/jwt/it/JwtParserIT.java' has not been previously formatted -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] - To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
fjtirado commented on code in PR #4021:
URL:
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#discussion_r2428511040
##
quarkus/addons/jwt-parser/runtime/src/main/java/org/kie/kogito/addons/jwt/JwtTokenParser.java:
##
@@ -0,0 +1,126 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.kie.kogito.addons.jwt;
+
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.node.ObjectNode;
+
+import jakarta.enterprise.context.ApplicationScoped;
+
+/**
+ * JWT Token Parser utility for extracting claims from JWT tokens
+ * Used by SonataFlow workflows to parse JWT tokens and access claims
+ */
+@ApplicationScoped
+public class JwtTokenParser {
+
+private static final ObjectMapper OBJECT_MAPPER = new ObjectMapper();
+
+/**
+ * Parses a JWT token and returns the payload as a JsonNode
+ *
+ * @param token The JWT token string (can include "Bearer " prefix)
+ * @return JsonNode containing the JWT payload/claims
+ * @throws RuntimeException if token parsing fails
+ */
+public JsonNode parseToken(String token) {
+if (token == null || token.trim().isEmpty()) {
+throw new IllegalArgumentException("JWT token cannot be null or
empty");
+}
+
+// Remove "Bearer " prefix if present
+String cleanToken = token.startsWith("Bearer ") ? token.substring(7) :
token;
+
+try {
+// Parse JWT token without signature verification (for claim
extraction only)
+// In production, you might want to verify signatures with proper
keys
+String[] parts = cleanToken.split("\\.");
+if (parts.length != 3) {
+throw new IllegalArgumentException("Invalid JWT token format");
+}
+
+// Decode the payload (second part) using Base64
+String payload = parts[1];
+// Add padding if necessary
+while (payload.length() % 4 != 0) {
+payload += "=";
+}
+
+byte[] decodedBytes = Base64.getUrlDecoder().decode(payload);
+String decodedPayload = new String(decodedBytes,
StandardCharsets.UTF_8);
+
+// Parse the JSON payload
+JsonNode payloadJson = OBJECT_MAPPER.readTree(decodedPayload);
+
+return payloadJson;
Review Comment:
I think this block can be more concise, reuse the already existing
ObjectMapper singleto and avoid an unneeded conversion to string
```suggestion
return ObjectMapperFactory.get().readTree(
Base64.getUrlDecoder().decode(payload));
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
-
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
fjtirado commented on code in PR #4021:
URL:
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#discussion_r2392488795
##
quarkus/addons/jwt-parser/runtime/src/main/java/org/kie/kogito/addons/jwt/JwtParserTypeHandler.java:
##
@@ -0,0 +1,74 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.kie.kogito.addons.jwt;
+
+import org.jbpm.ruleflow.core.RuleFlowNodeContainerFactory;
+import org.jbpm.ruleflow.core.factory.NodeFactory;
+import org.jbpm.ruleflow.core.factory.WorkItemNodeFactory;
+import org.kie.kogito.serverless.workflow.parser.ParserContext;
+import org.kie.kogito.serverless.workflow.parser.VariableInfo;
+import org.kie.kogito.serverless.workflow.parser.types.WorkItemTypeHandler;
+
+import io.serverlessworkflow.api.Workflow;
+import io.serverlessworkflow.api.functions.FunctionDefinition;
+import io.serverlessworkflow.api.functions.FunctionRef;
+
+import static
org.kie.kogito.serverless.workflow.parser.FunctionTypeHandlerFactory.trimCustomOperation;
+
+/**
+ * Function type handler for JWT parsing operations in SonataFlow
+ * Handles custom functions with type "jwt-parser"
+ */
+public class JwtParserTypeHandler extends WorkItemTypeHandler {
+
+@Override
+public NodeFactory getActionNode(Workflow workflow, ParserContext
context,
+RuleFlowNodeContainerFactory embeddedSubProcess,
FunctionDefinition functionDef,
+FunctionRef functionRef, VariableInfo varInfo) {
+
+WorkItemNodeFactory node = buildWorkItem(embeddedSubProcess,
context, varInfo.getInputVar(), varInfo.getOutputVar())
+.name(functionDef.getName());
+
+// Parse the operation from the function definition
+String operation = trimCustomOperation(functionDef);
+if (operation != null && !operation.isEmpty()) {
+node.workParameter(JwtParserWorkItemHandler.OPERATION_PARAM,
operation);
+}
+
+return addFunctionArgs(workflow,
+fillWorkItemHandler(workflow, context, node, functionDef),
+functionRef);
+}
+
+@Override
+protected >
WorkItemNodeFactory fillWorkItemHandler(
+Workflow workflow, ParserContext context, WorkItemNodeFactory
node, FunctionDefinition functionDef) {
+
+if (functionDef.getMetadata() != null) {
+functionDef.getMetadata().forEach(node::metaData);
+}
Review Comment:
Function definition metadata should be automatically added to node metadata
If they are not, they should be added with another PR is a common
placeholder, please let me know if your test are not working after removing
these lines to do so.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
-
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
fjtirado commented on code in PR #4021:
URL:
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#discussion_r2392484587
##
quarkus/addons/jwt-parser/runtime/src/main/java/org/kie/kogito/addons/jwt/JwtParserTypeHandler.java:
##
@@ -0,0 +1,74 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.kie.kogito.addons.jwt;
+
+import org.jbpm.ruleflow.core.RuleFlowNodeContainerFactory;
+import org.jbpm.ruleflow.core.factory.NodeFactory;
+import org.jbpm.ruleflow.core.factory.WorkItemNodeFactory;
+import org.kie.kogito.serverless.workflow.parser.ParserContext;
+import org.kie.kogito.serverless.workflow.parser.VariableInfo;
+import org.kie.kogito.serverless.workflow.parser.types.WorkItemTypeHandler;
+
+import io.serverlessworkflow.api.Workflow;
+import io.serverlessworkflow.api.functions.FunctionDefinition;
+import io.serverlessworkflow.api.functions.FunctionRef;
+
+import static
org.kie.kogito.serverless.workflow.parser.FunctionTypeHandlerFactory.trimCustomOperation;
+
+/**
+ * Function type handler for JWT parsing operations in SonataFlow
+ * Handles custom functions with type "jwt-parser"
+ */
+public class JwtParserTypeHandler extends WorkItemTypeHandler {
+
+@Override
+public NodeFactory getActionNode(Workflow workflow, ParserContext
context,
+RuleFlowNodeContainerFactory embeddedSubProcess,
FunctionDefinition functionDef,
+FunctionRef functionRef, VariableInfo varInfo) {
+
+WorkItemNodeFactory node = buildWorkItem(embeddedSubProcess,
context, varInfo.getInputVar(), varInfo.getOutputVar())
+.name(functionDef.getName());
+
+// Parse the operation from the function definition
+String operation = trimCustomOperation(functionDef);
+if (operation != null && !operation.isEmpty()) {
+node.workParameter(JwtParserWorkItemHandler.OPERATION_PARAM,
operation);
+}
+
+return addFunctionArgs(workflow,
+fillWorkItemHandler(workflow, context, node, functionDef),
+functionRef);
+}
Review Comment:
getActionNode does not need to be overrriden
You can add OPERATION_PARAM in fillWorkItemHadnler method, which has the
funcitonDef that you can trim
See
https://github.com/apache/incubator-kie-kogito-runtimes/blob/main/quarkus/addons/camel/deployment/src/main/java/org/kie/kogito/addons/quarkus/camel/deployment/CamelWorkItemTypeHandler.java
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
-
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
kie-ci3 commented on PR #4021:
URL:
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#issuecomment-3219917704
**PR job** `#3` was: **UNSTABLE**
Possible explanation: This should be test failures
Reproducer
build-chain build full_downstream -f
'https://raw.githubusercontent.com/${AUTHOR:apache}/incubator-kie-kogito-pipelines/${BRANCH:main}/.ci/buildchain-config-pr-cdb.yaml'
-o 'bc' -p apache/incubator-kie-kogito-runtimes -u
https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021
--skipParallelCheckout
NOTE: To install the build-chain tool, please refer to
https://github.com/kiegroup/github-action-build-chain#local-execution
Please look here:
https://ci-builds.apache.org/job/KIE/job/kogito/job/main/job/pullrequest_jobs/job/kogito-runtimes-pr/job/PR-4021/3/display/redirect
**Test results:**
- PASSED: 3606
- FAILED: 21
Those are the test failures:
https://ci-builds.apache.org/job/KIE/job/kogito/job/main/job/pullrequest_jobs/job/kogito-runtimes-pr/job/PR-4021/3/testReport/org.kie.kogito.mongodb/KogitoProcessInstancesFactoryIT/___/";>org.kie.kogito.mongodb.KogitoProcessInstancesFactoryIT.(?)
Container startup failed for image mirror.gcr.io/library/mongo:5.0.31
https://ci-builds.apache.org/job/KIE/job/kogito/job/main/job/pullrequest_jobs/job/kogito-runtimes-pr/job/PR-4021/3/testReport/org.kie.kogito.mongodb/MongoDBProcessInstancesIT/___/";>org.kie.kogito.mongodb.MongoDBProcessInstancesIT.(?)
Container startup failed for image mirror.gcr.io/library/mongo:5.0.31
https://ci-builds.apache.org/job/KIE/job/kogito/job/main/job/pullrequest_jobs/job/kogito-runtimes-pr/job/PR-4021/3/testReport/org.kie.kogito.mongodb/PersistentProcessInstancesIT/___/";>org.kie.kogito.mongodb.PersistentProcessInstancesIT.(?)
Container startup failed for image mirror.gcr.io/library/mongo:5.0.31
https://ci-builds.apache.org/job/KIE/job/kogito/job/main/job/pullrequest_jobs/job/kogito-runtimes-pr/job/PR-4021/3/testReport/org.kie.kogito.mongodb/PersistentProcessInstancesWithLockIT/___/";>org.kie.kogito.mongodb.PersistentProcessInstancesWithLockIT.(?)
Container startup failed for image mirror.gcr.io/library/mongo:5.0.31
https://ci-builds.apache.org/job/KIE/job/kogito/job/main/job/pullrequest_jobs/job/kogito-runtimes-pr/job/PR-4021/3/testReport/org.kie.kogito.mongodb.correlation/MongoDBCorrelationServiceIT/___/";>org.kie.kogito.mongodb.correlation.MongoDBCorrelationServiceIT.(?)
Container startup failed for image mirror.gcr.io/library/mongo:5.0.31
https://ci-builds.apache.org/job/KIE/job/kogito/job/main/job/pullrequest_jobs/job/kogito-runtimes-pr/job/PR-4021/3/testReport/org.kie.kogito.mongodb.transaction/AbstractTransactionManagerIT/___/";>org.kie.kogito.mongodb.transaction.AbstractTransactionManagerIT.(?)
Container startup failed for image mirror.gcr.io/library/mongo:5.0.31
https://ci-builds.apache.org/job/KIE/job/kogito/job/main/job/pullrequest_jobs/job/kogito-runtimes-pr/job/PR-4021/3/testReport/org.kie.kogito.it/MongoDBOptimisticLockingIT/PR_check___Build_projects___testPersistence/";>PR
check / Build projects /
org.kie.kogito.it.MongoDBOptimisticLockingIT.testPersistence
java.util.concurrent.CompletionException: java.lang.RuntimeException: Unable
to start Quarkus test resource class
org.kie.kogito.testcontainers.quarkus.MongoDBQuarkusTestResource
https://ci-builds.apache.org/job/KIE/job/kogito/job/main/job/pullrequest_jobs/job/kogito-runtimes-pr/job/PR-4021/3/testReport/org.kie.kogito.it/MongoDBOptimisticLockingIT/PR_check___Build_projects___testPersistence/";>PR
check / Build projects /
org.kie.kogito.it.MongoDBOptimisticLockingIT.testPersistence
Failed to load ApplicationContext for
[WebMergedContextConfiguration@4872669f testClass =
org.kie.kogito.it.MongoDBOptimisticLockingIT, locations = [], classes =
[org.kie.kogito.it.KogitoSpringbootApplication], contextInitializerClasses =
[org.kie.kogito.testcontainers.springboot.MongoDBSpringBootTestResource],
activeProfiles = [], propertySourceDescriptors = [], propertySourceProperties =
["kogito.persistence.optimistic.lock=true",
"org.springframework.boot.test.context.SpringBootTestContextBootstrapper=true",
"server.port=0"], contextCustomizers =
[org.springframework.boot.test.context.filter.ExcludeFilterContextCustomizer@3b79fd76,
org.springframework.boot.test.json.DuplicateJsonObjectContextCustomizerFactory$DuplicateJsonObjectContextCustomizer@1863d2fe,
org.springframework.boot.test.mock.mockito.MockitoContextCustomizer@0,
org.springframework.boot.test.web.client.TestRestTemplateContextCustomizer@6986852,
org.springframework.boot.test.web.reactor.netty.DisableReactorResourceF
actoryGlobalResourcesContextCustomizerFactory$DisableReactorResourceFactoryGlobalResourcesContextCustomizerCustomizer@4f74980d,
org.springframework.boot.test.autoconfigur
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
ishanjogi89 commented on code in PR #4021: URL: https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#discussion_r2297216258 ## quarkus/addons/jwt-parser/runtime/src/main/resources/META-INF/quarkus-extension.yaml: ## @@ -0,0 +1,15 @@ +--- Review Comment: Added the missing header. ## quarkus/addons/jwt-parser/runtime/src/main/resources/META-INF/services/org.kie.kogito.serverless.workflow.parser.FunctionTypeHandler: ## @@ -0,0 +1 @@ +org.kie.kogito.addons.jwt.JwtParserTypeHandler Review Comment: Added the missing header. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] - To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
gmunozfe commented on code in PR #4021: URL: https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#discussion_r2275922036 ## quarkus/addons/jwt-parser/runtime/src/main/resources/META-INF/quarkus-extension.yaml: ## @@ -0,0 +1,15 @@ +--- Review Comment: Missing header ``` # # Licensed to the Apache Software Foundation (ASF) under one # or more contributor license agreements. See the NOTICE file # distributed with this work for additional information # regarding copyright ownership. The ASF licenses this file # to you under the Apache License, Version 2.0 (the # "License"); you may not use this file except in compliance # with the License. You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, # software distributed under the License is distributed on an # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY # KIND, either express or implied. See the License for the # specific language governing permissions and limitations # under the License. # ``` ## quarkus/addons/jwt-parser/runtime/src/main/resources/META-INF/services/org.kie.kogito.serverless.workflow.parser.FunctionTypeHandler: ## @@ -0,0 +1 @@ +org.kie.kogito.addons.jwt.JwtParserTypeHandler Review Comment: Missing header ``` # # Licensed to the Apache Software Foundation (ASF) under one # or more contributor license agreements. See the NOTICE file # distributed with this work for additional information # regarding copyright ownership. The ASF licenses this file # to you under the Apache License, Version 2.0 (the # "License"); you may not use this file except in compliance # with the License. You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, # software distributed under the License is distributed on an # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY # KIND, either express or implied. See the License for the # specific language governing permissions and limitations # under the License. # ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] - To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
ishanjogi89 commented on PR #4021: URL: https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#issuecomment-3187496394 > It closes [apache/incubator-kie-issues#1899](https://github.com/apache/incubator-kie-issues/issues/1899) not #1899 😃 My Bad. @gabriel-farache , Thanks ! :) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] - To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
Re: [PR] Issue-1899 Add JWT token parsing support for SonataFlow workflows [incubator-kie-kogito-runtimes]
gabriel-farache commented on PR #4021: URL: https://github.com/apache/incubator-kie-kogito-runtimes/pull/4021#issuecomment-3187337080 It closes https://github.com/apache/incubator-kie-issues/issues/1899 not https://github.com/apache/incubator-kie-kogito-runtimes/issues/1899 :smiley: -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] - To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
