Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TOMEE-2247 - MicroProfile JWT Propagation 1.1 #173

Merged
merged 36 commits into from
Dec 10, 2018
Merged

TOMEE-2247 - MicroProfile JWT Propagation 1.1 #173

merged 36 commits into from
Dec 10, 2018

Conversation

radcortez
Copy link
Contributor

No description provided.

@jeanouii
Copy link
Contributor

jeanouii commented Dec 4, 2018

@radcortez where are we at?
There is a conflict and I'm not sure you have seen it

@radcortez
Copy link
Contributor Author

Hey @jeanouii,

This was on hold, because @jgallimore picked this up and continue the work on his own branch here:
https://github.com/jgallimore/tomee/commits/jwt-1.1

Since he is done, I'm rebasing this with his branch and push an updated PR.

Due to this:
eclipse/microprofile-jwt-auth#118

A few test cases in the TCK are failing. I believe this is an issue with the TCK itself. I think we can still test this if we implement our own tests with a separate app to expose the JWK endpoint. Me and @jgallimore discussed this on the ML and so I will be picking this up and hopefully complete the JWT 1.1 implementation work.

@jeanouii
Copy link
Contributor

jeanouii commented Dec 7, 2018

So what do we do?
Do we leave this open?

@radcortez
Copy link
Contributor Author

@jeanouii this work should now be complete. I've sent an email about this to the ML. I think we can merge it.

radcortez and others added 25 commits December 7, 2018 18:07
@radcortez
TOMEE-2247 - Update MP JWT API to 1.1.
3b717d9
@radcortez
TOMEE-2247 - Added support for MP Configuration.
458da04
@radcortez
TOMEE-2247 - Load public key from classpath Location.
2ca6e59
@radcortez
TOMEE-2247 - Fixed TCK IssValidationTest.
bb3984b
@radcortez
TOMEE-2247 - Read key from http. Test not passing yet due to hardcode…
72725a5 
…d urls.
@radcortez
TOMEE-2247 - Refactor Arquillian packaging to try to fix issues with …
3b246d3 
…war name and context root.
@radcortez
TOMEE-2247 - Simplified Arquillian packaging.
ac382e9
@radcortez
TOMEE-2247 - Removed CDI RequestScope from ConfigurableJWTAuthContext…
92994d4 
…Info.
@radcortez
TOMEE-2247 - Changed ConfigurableJWTAuthContextInfo to be an Applicat…
0cca6ac 
…ionScoped bean that loads data on application initialization.
@radcortez
TOMEE-2247 - Load public key from file Location.
52b5236
@radcortez
TOMEE-2247 - Leave Principal integration and injection for now.
424e5d9
@radcortez
TOMEE-2247 - Simplified public key reading from input stream.
66c93e8
@radcortez
TOMEE-2247 - Initial support for JWK.
e3aaa33
@radcortez
TOMEE-2247 - Support to load keys from generic Urls.
01c2fb6
@radcortez
TOMEE-2247 - Fixed test.
70de150
@radcortez
TOMEE-2247 - Ignore test temporarily.
832ff75
@radcortez
TOMEE-2247 - Initial support for JWK Set.
46934a0
@radcortez
TOMEE-2247 - Refactor to support multiple keys.
be942d5
@radcortez
TOMEE-2247 - Fixed JWK Set support.
70eb7e9
@jgallimore @radcortez
Comment this out for now
a1747db
@jgallimore @radcortez
WIP
deb17d9
@jgallimore @radcortez
WIP
33c4a48
@jgallimore @radcortez
WIP
1f1b6b3
@jgallimore @radcortez
WIP
8eb2ff3
@jgallimore @radcortez
WIP
b12492d
jgallimore and others added 11 commits December 7, 2018 18:13
@jgallimore @radcortez
Reset this back, as this looks to be the wrong approach
f305620
@jgallimore @radcortez
Make Principal returned by the CDI security service contextual. Re-in…
a72e1f3 
…state all tests. Couple of failing JWT tests to go
@jgallimore @radcortez
JSON API is part of the Java EE API jar, and this one is missing meth…
c2e9b70 
…ods we use, so excluding it from the packaging here.
@jgallimore @radcortez
Attempting to lazily load the keys
e8d3b81
@jgallimore @radcortez
Reset the port
3455fc7
@radcortez
Revert Lazy load of key. This was an attempt to load the key after th…
2cdfe22 
…e application start, but from the spec if the key is not present we need to fail with a Deployment Exception, so the key needs to be loaded eagerly.
@radcortez
TOMEE-2247 - Fixes to ConfigurableJWTAuthContextInfo. Only one key co…
b21fbde 
…nfiguration.
@radcortez
TOMEE-2247 - Fixes test. Vendor key loader clash with configuration l…
4b6162e 
…oader.
@radcortez
TOMEE-2247 - Added JWKS file load and validate Test.
9aa994e
@radcortez
TOMEE-2247 - Removed unneeded Arquillian packager. Issue was resolved…
611ca29 
… in new TCK version.
@radcortez
TOMEE-2247 - Fixed remaining tests that load key from an URL. TCK exp…
c3ad279 
…ects application to be deployed to load the key, but key load is part of the deployment, so the key endpoint cannot be part of the app being tested.
brunobat
brunobat approved these changes Dec 7, 2018
View reviewed changes
Copy link
Contributor

@brunobat brunobat left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Executed the tests in the project and the bundled TCK project and they pass

@asfgit asfgit merged commit c3ad279 into apache:master Dec 10, 2018
asfgit pushed a commit that referenced this pull request Dec 10, 2018
@jeanouii
This closes #173
7aa3e84
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@brunobat brunobat brunobat approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@radcortez @jeanouii @brunobat @asfgit @jgallimore