oltu-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From simonetrip...@apache.org
Subject svn commit: r1629832 - in /oltu/trunk/oauth-2.0/jwt/src: main/java/org/apache/oltu/oauth2/jwt/ main/java/org/apache/oltu/oauth2/jwt/io/ test/java/org/apache/oltu/oauth2/jwt/io/
Date Tue, 07 Oct 2014 09:04:09 GMT
Author: simonetripodi
Date: Tue Oct  7 09:04:08 2014
New Revision: 1629832

URL: http://svn.apache.org/r1629832
Log:
OLTU-161 - JWTClaimsSetParser fails when aud is an array

patch applied kindly provided by Stefan Bodewig


Modified:
    oltu/trunk/oauth-2.0/jwt/src/main/java/org/apache/oltu/oauth2/jwt/ClaimsSet.java
    oltu/trunk/oauth-2.0/jwt/src/main/java/org/apache/oltu/oauth2/jwt/JWT.java
    oltu/trunk/oauth-2.0/jwt/src/main/java/org/apache/oltu/oauth2/jwt/io/JWTClaimsSetParser.java
    oltu/trunk/oauth-2.0/jwt/src/main/java/org/apache/oltu/oauth2/jwt/io/JWTClaimsSetWriter.java
    oltu/trunk/oauth-2.0/jwt/src/test/java/org/apache/oltu/oauth2/jwt/io/IOTestCaseConstants.java
    oltu/trunk/oauth-2.0/jwt/src/test/java/org/apache/oltu/oauth2/jwt/io/JWTReaderTestCase.java
    oltu/trunk/oauth-2.0/jwt/src/test/java/org/apache/oltu/oauth2/jwt/io/JWTWriterTestCase.java

Modified: oltu/trunk/oauth-2.0/jwt/src/main/java/org/apache/oltu/oauth2/jwt/ClaimsSet.java
URL: http://svn.apache.org/viewvc/oltu/trunk/oauth-2.0/jwt/src/main/java/org/apache/oltu/oauth2/jwt/ClaimsSet.java?rev=1629832&r1=1629831&r2=1629832&view=diff
==============================================================================
--- oltu/trunk/oauth-2.0/jwt/src/main/java/org/apache/oltu/oauth2/jwt/ClaimsSet.java (original)
+++ oltu/trunk/oauth-2.0/jwt/src/main/java/org/apache/oltu/oauth2/jwt/ClaimsSet.java Tue Oct
 7 09:04:08 2014
@@ -18,6 +18,9 @@ package org.apache.oltu.oauth2.jwt;
 
 import static java.lang.String.format;
 
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
 import java.util.Map;
 
 import org.apache.oltu.commons.json.CustomizableEntity;
@@ -42,7 +45,7 @@ public final class ClaimsSet extends Cus
     /**
      * The {@code aud} JWT Claims Set parameter.
      */
-    private final String audience;
+    private final List<String> audiences;
 
     /**
      * The {@code exp} JWT Claims Set parameter.
@@ -71,7 +74,7 @@ public final class ClaimsSet extends Cus
 
     ClaimsSet(String issuer,
               String subject,
-              String audience,
+              List<String> audiences,
               long expirationTime,
               String notBefore,
               long issuedAt,
@@ -81,7 +84,7 @@ public final class ClaimsSet extends Cus
         super(customFields);
         this.issuer = issuer;
         this.subject = subject;
-        this.audience = audience;
+        this.audiences = audiences == null ? null : new ArrayList(audiences);
         this.expirationTime = expirationTime;
         this.notBefore = notBefore;
         this.issuedAt = issuedAt;
@@ -108,12 +111,26 @@ public final class ClaimsSet extends Cus
     }
 
     /**
-     * Returns the {@code aud} JWT Claims Set parameter.
+     * Returns the first audience of the {@code aud} JWT Claims Set
+     * parameter.
+     *
+     * <p>There may be more than one audience listed.</p>
      *
      * @return the {@code aud} JWT Claims Set parameter.
+     * @see #getAudiences
      */
     public String getAudience() {
-        return audience;
+        return getAudiences().isEmpty() ? null : audiences.get(0);
+    }
+
+    /**
+     * Returns the {@code aud} JWT Claims Set parameter.
+     *
+     * @return the {@code aud} JWT Claims Set parameter.
+     */
+    public List<String> getAudiences() {
+        return audiences == null ? Collections.emptyList()
+            : new ArrayList(audiences);
     }
 
     /**
@@ -163,8 +180,25 @@ public final class ClaimsSet extends Cus
 
     @Override
     public String toString() {
-        return format("{\"iss\": \"%s\", \"sub\": \"%s\", \"aud\": \"%s\", \"exp\": %s, \"nbf\":
\"%s\", \"iat\": %s, \"jti\": \"%s\", \"typ\": \"%s\" }",
-                      issuer, subject, audience, expirationTime, notBefore, issuedAt, jwdId,
type, super.toString());
+        return format("{\"iss\": \"%s\", \"sub\": \"%s\", \"aud\": %s, \"exp\": %s, \"nbf\":
\"%s\", \"iat\": %s, \"jti\": \"%s\", \"typ\": \"%s\" }",
+                      issuer, subject, formatAudiences(), expirationTime, notBefore, issuedAt,
jwdId, type, super.toString());
+    }
+
+    private String formatAudiences() {
+        if (audiences == null || audiences.size() < 1) {
+            // "null" for no audience at all, "single-audience" otherwise
+            return "\"" + getAudience() + "\"";
+        }
+        StringBuilder sb = new StringBuilder("[");
+        boolean first = true;
+        for (String aud : audiences) {
+            if (!first) {
+                sb.append(", ");
+            }
+            sb.append("\"").append(aud).append("\"");
+            first = false;
+        }
+        return sb.append("]").toString();
     }
 
 }

Modified: oltu/trunk/oauth-2.0/jwt/src/main/java/org/apache/oltu/oauth2/jwt/JWT.java
URL: http://svn.apache.org/viewvc/oltu/trunk/oauth-2.0/jwt/src/main/java/org/apache/oltu/oauth2/jwt/JWT.java?rev=1629832&r1=1629831&r2=1629832&view=diff
==============================================================================
--- oltu/trunk/oauth-2.0/jwt/src/main/java/org/apache/oltu/oauth2/jwt/JWT.java (original)
+++ oltu/trunk/oauth-2.0/jwt/src/main/java/org/apache/oltu/oauth2/jwt/JWT.java Tue Oct  7
09:04:08 2014
@@ -18,7 +18,10 @@ package org.apache.oltu.oauth2.jwt;
 
 import static java.lang.String.format;
 
+import java.util.Arrays;
+import java.util.ArrayList;
 import java.util.LinkedHashMap;
+import java.util.List;
 import java.util.Map;
 
 import org.apache.oltu.commons.json.CustomizableBuilder;
@@ -143,7 +146,7 @@ public class JWT {
         /**
          * The {@code aud} JWT Claims Set parameter.
          */
-        private String claimsSetAudience;
+        private List<String> claimsSetAudiences;
 
         /**
          * The {@code exp} JWT Claims Set parameter.
@@ -261,13 +264,26 @@ public class JWT {
         }
 
         /**
-         * Sets the JWT Claims Set {@code aud}.
+         * Sets the JWT Claims Set {@code aud} for a single audience.
          *
          * @param claimsSetAudience the JWT Claims Set {@code aud}.
          * @return this builder instance.
          */
         public Builder setClaimsSetAudience(String claimsSetAudience) {
-            this.claimsSetAudience = claimsSetAudience;
+            this.claimsSetAudiences = claimsSetAudience == null ? null
+                : Arrays.asList(claimsSetAudience);
+            return this;
+        }
+
+        /**
+         * Sets the JWT Claims Set {@code aud}.
+         *
+         * @param claimsSetAudiences the JWT Claims Set {@code aud}.
+         * @return this builder instance.
+         */
+        public Builder setClaimsSetAudiences(List<String> claimsSetAudiences) {
+            this.claimsSetAudiences = claimsSetAudiences == null ? null
+                : new ArrayList<String>(claimsSetAudiences);
             return this;
         }
 
@@ -364,7 +380,7 @@ public class JWT {
                            new Header(headerType, headerAlgorithm, headerContentType, headerCustomFields),
                            new ClaimsSet(claimsSetIssuer,
                                          claimsSetSubject,
-                                         claimsSetAudience,
+                                         claimsSetAudiences,
                                          claimsSetExpirationTime,
                                          claimsSetNotBefore,
                                          claimsSetIssuedAt,

Modified: oltu/trunk/oauth-2.0/jwt/src/main/java/org/apache/oltu/oauth2/jwt/io/JWTClaimsSetParser.java
URL: http://svn.apache.org/viewvc/oltu/trunk/oauth-2.0/jwt/src/main/java/org/apache/oltu/oauth2/jwt/io/JWTClaimsSetParser.java?rev=1629832&r1=1629831&r2=1629832&view=diff
==============================================================================
--- oltu/trunk/oauth-2.0/jwt/src/main/java/org/apache/oltu/oauth2/jwt/io/JWTClaimsSetParser.java
(original)
+++ oltu/trunk/oauth-2.0/jwt/src/main/java/org/apache/oltu/oauth2/jwt/io/JWTClaimsSetParser.java
Tue Oct  7 09:04:08 2014
@@ -16,6 +16,8 @@
  */
 package org.apache.oltu.oauth2.jwt.io;
 
+import java.util.ArrayList;
+import java.util.List;
 import org.apache.oltu.commons.json.CustomizableEntityReader;
 import org.apache.oltu.oauth2.jwt.JWT;
 
@@ -28,7 +30,7 @@ final class JWTClaimsSetParser extends C
     @Override
     protected <T> boolean handleProperty(String key, T value) {
         if (AUDIENCE.equals(key)) {
-            getBuilder().setClaimsSetAudience(String.valueOf(value));
+            handleAudience(value);
         } else if (EXPIRATION_TIME.equals(key)) {
             getBuilder().setClaimsSetExpirationTime(((Integer) value).longValue());
         } else if (ISSUED_AT.equals(key)) {
@@ -50,4 +52,21 @@ final class JWTClaimsSetParser extends C
         return true;
     }
 
+    private <T> void handleAudience(T value) {
+        if (value instanceof List) {
+            getBuilder().setClaimsSetAudiences((List<String>) value);
+        } else if (value instanceof Object[]) {
+            getBuilder().setClaimsSetAudiences(arrayToStringList((Object[]) value));
+        } else {
+            getBuilder().setClaimsSetAudience(String.valueOf(value));
+        }
+    }
+
+    private List<String> arrayToStringList(Object[] values) {
+        List<String> l = new ArrayList();
+        for (Object v : values) {
+            l.add(String.valueOf(v));
+        }
+        return l;
+    }
 }

Modified: oltu/trunk/oauth-2.0/jwt/src/main/java/org/apache/oltu/oauth2/jwt/io/JWTClaimsSetWriter.java
URL: http://svn.apache.org/viewvc/oltu/trunk/oauth-2.0/jwt/src/main/java/org/apache/oltu/oauth2/jwt/io/JWTClaimsSetWriter.java?rev=1629832&r1=1629831&r2=1629832&view=diff
==============================================================================
--- oltu/trunk/oauth-2.0/jwt/src/main/java/org/apache/oltu/oauth2/jwt/io/JWTClaimsSetWriter.java
(original)
+++ oltu/trunk/oauth-2.0/jwt/src/main/java/org/apache/oltu/oauth2/jwt/io/JWTClaimsSetWriter.java
Tue Oct  7 09:04:08 2014
@@ -16,6 +16,7 @@
  */
 package org.apache.oltu.oauth2.jwt.io;
 
+import java.util.List;
 import org.apache.oltu.commons.json.CustomizableEntityWriter;
 import org.apache.oltu.oauth2.jwt.ClaimsSet;
 
@@ -23,7 +24,8 @@ public final class JWTClaimsSetWriter ex
 
     @Override
     protected void handleProperties(ClaimsSet claimsSet) {
-        set(AUDIENCE, claimsSet.getAudience());
+        List<String> audiences = claimsSet.getAudiences();
+        set(AUDIENCE, audiences.size() > 1 ? audiences : claimsSet.getAudience());
         set(ISSUER, claimsSet.getIssuer());
         set(JWT_ID, claimsSet.getJwdId());
         set(NOT_BEFORE, claimsSet.getNotBefore());

Modified: oltu/trunk/oauth-2.0/jwt/src/test/java/org/apache/oltu/oauth2/jwt/io/IOTestCaseConstants.java
URL: http://svn.apache.org/viewvc/oltu/trunk/oauth-2.0/jwt/src/test/java/org/apache/oltu/oauth2/jwt/io/IOTestCaseConstants.java?rev=1629832&r1=1629831&r2=1629832&view=diff
==============================================================================
--- oltu/trunk/oauth-2.0/jwt/src/test/java/org/apache/oltu/oauth2/jwt/io/IOTestCaseConstants.java
(original)
+++ oltu/trunk/oauth-2.0/jwt/src/test/java/org/apache/oltu/oauth2/jwt/io/IOTestCaseConstants.java
Tue Oct  7 09:04:08 2014
@@ -34,4 +34,20 @@ interface IOTestCaseConstants {
                             + "7MxUgVEgh8G-Nnbk_baJ6k_3w5c1SKFamFiHHDoKLFhrt1Y8JKSuGwE02V-px4Cn0dRAQAc1IN5C"
                             + "U6wqCrYK0p-fv_fvy28";
 
+    public final String JWT_MULTIPLE_AUDIENCES = "eyJhbGciOiJSUzI1NiIsImtpZCI6ImJlMWRhMGIzNTY3YmQyNjVhMjUwO"
+                            + "ThmYmNjMmIwOWYyMTM0NWIzYTIifQ"
+                            + "."
+                            + "eyJhdWQiOlsiNzg4NzMyMzcyMDc4LmFwcHMuZ29vZ2xldXNlcmNvbnRlbnQuY29tIiwiZm9vIl0s"
+                            + "ImlzcyI6ImFjY291bnRzLmdvb2dsZS5jb20iLCJzdWIiOiIxMDY0MjI0NTMwODI0Nzk5OTg0Mjki"
+                            + "LCJleHAiOjEzNjY3MzAyMTcsImlhdCI6MTM2NjcyNjMxNywiaWQiOiIxMDY0MjI0NTMwODI0Nzk5"
+                            + "OTg0MjkiLCJ2ZXJpZmllZF9lbWFpbCI6InRydWUiLCJlbWFpbF92ZXJpZmllZCI6InRydWUiLCJj"
+                            + "aWQiOiI3ODg3MzIzNzIwNzguYXBwcy5nb29nbGV1c2VyY29udGVudC5jb20iLCJhenAiOiI3ODg3"
+                            + "MzIzNzIwNzguYXBwcy5nb29nbGV1c2VyY29udGVudC5jb20iLCJlbWFpbCI6ImFudG9uaW8uc2Fu"
+                            + "c29AZ21haWwuY29tIiwidG9rZW5faGFzaCI6IkwySTc3Z2lCTGswUlNzMHpRMVN2Q0EiLCJhdF9o"
+                            + "YXNoIjoiTDJJNzdnaUJMazBSU3MwelExU3ZDQSJ9"
+                            + "."
+                            + "XWYi5Zj1YWAMGIml_ftoAwmvW1Y7oeybLCpzQrJVuWJpS8L8Vd2TL-RTIOEVG03VA7e0_-_frNuw"
+                            + "7MxUgVEgh8G-Nnbk_baJ6k_3w5c1SKFamFiHHDoKLFhrt1Y8JKSuGwE02V-px4Cn0dRAQAc1IN5C"
+                            + "U6wqCrYK0p-fv_fvy28";
+
 }

Modified: oltu/trunk/oauth-2.0/jwt/src/test/java/org/apache/oltu/oauth2/jwt/io/JWTReaderTestCase.java
URL: http://svn.apache.org/viewvc/oltu/trunk/oauth-2.0/jwt/src/test/java/org/apache/oltu/oauth2/jwt/io/JWTReaderTestCase.java?rev=1629832&r1=1629831&r2=1629832&view=diff
==============================================================================
--- oltu/trunk/oauth-2.0/jwt/src/test/java/org/apache/oltu/oauth2/jwt/io/JWTReaderTestCase.java
(original)
+++ oltu/trunk/oauth-2.0/jwt/src/test/java/org/apache/oltu/oauth2/jwt/io/JWTReaderTestCase.java
Tue Oct  7 09:04:08 2014
@@ -18,6 +18,7 @@ package org.apache.oltu.oauth2.jwt.io;
 
 import static junit.framework.Assert.assertEquals;
 
+import java.util.Arrays;
 import org.apache.oltu.oauth2.jwt.ClaimsSet;
 import org.apache.oltu.oauth2.jwt.Header;
 import org.apache.oltu.oauth2.jwt.JWT;
@@ -47,6 +48,12 @@ public final class JWTReaderTestCase imp
     }
 
     @Test
+    public void testJWTWithMultipleAudiences() throws Exception {
+        jwt = jwtReader.read(JWT_MULTIPLE_AUDIENCES);
+        assertEquals(JWT_MULTIPLE_AUDIENCES, jwt.getRawString());
+    }
+
+    @Test
     public void testHeader() throws Exception {
         Header header = jwt.getHeader();
         assertEquals("RS256", header.getAlgorithm());
@@ -55,6 +62,19 @@ public final class JWTReaderTestCase imp
     @Test
     public void testClaimsSet() throws Exception {
         ClaimsSet claimsSet = jwt.getClaimsSet();
+        assertEquals(Arrays.asList("788732372078.apps.googleusercontent.com"), claimsSet.getAudiences());
+        assertEquals("788732372078.apps.googleusercontent.com", claimsSet.getAudience());
+        assertEquals("accounts.google.com", claimsSet.getIssuer());
+        assertEquals("106422453082479998429", claimsSet.getSubject());
+        assertEquals(1366730217, claimsSet.getExpirationTime());
+        assertEquals(1366726317, claimsSet.getIssuedAt());
+    }
+
+    @Test
+    public void testClaimsSetWithMultipleAudiences() throws Exception {
+        jwt = jwtReader.read(JWT_MULTIPLE_AUDIENCES);
+        ClaimsSet claimsSet = jwt.getClaimsSet();
+        assertEquals(Arrays.asList("788732372078.apps.googleusercontent.com", "foo"), claimsSet.getAudiences());
         assertEquals("788732372078.apps.googleusercontent.com", claimsSet.getAudience());
         assertEquals("accounts.google.com", claimsSet.getIssuer());
         assertEquals("106422453082479998429", claimsSet.getSubject());

Modified: oltu/trunk/oauth-2.0/jwt/src/test/java/org/apache/oltu/oauth2/jwt/io/JWTWriterTestCase.java
URL: http://svn.apache.org/viewvc/oltu/trunk/oauth-2.0/jwt/src/test/java/org/apache/oltu/oauth2/jwt/io/JWTWriterTestCase.java?rev=1629832&r1=1629831&r2=1629832&view=diff
==============================================================================
--- oltu/trunk/oauth-2.0/jwt/src/test/java/org/apache/oltu/oauth2/jwt/io/JWTWriterTestCase.java
(original)
+++ oltu/trunk/oauth-2.0/jwt/src/test/java/org/apache/oltu/oauth2/jwt/io/JWTWriterTestCase.java
Tue Oct  7 09:04:08 2014
@@ -18,6 +18,7 @@ package org.apache.oltu.oauth2.jwt.io;
 
 import static junit.framework.Assert.assertEquals;
 
+import java.util.Arrays;
 import org.apache.oltu.oauth2.jwt.JWT;
 import org.junit.Test;
 
@@ -50,4 +51,59 @@ public final class JWTWriterTestCase imp
         assertEquals(JWT, encodedJWT);
     }
 
+    @Test
+    public void writeSingleAudienceAsList() {
+        JWT jwt = new JWT.Builder()
+                          // header
+                          .setHeaderAlgorithm("RS256")
+                          .setHeaderCustomField("kid", "be1da0b3567bd265a25098fbcc2b09f21345b3a2")
+                          // claimset
+                          .setClaimsSetAudiences(Arrays.asList("788732372078.apps.googleusercontent.com"))
+                          .setClaimsSetIssuer("accounts.google.com")
+                          .setClaimsSetSubject("106422453082479998429")
+                          .setClaimsSetExpirationTime(1366730217)
+                          .setClaimsSetIssuedAt(1366726317)
+                          .setClaimsSetCustomField("id", "106422453082479998429")
+                          .setClaimsSetCustomField("verified_email", "true")
+                          .setClaimsSetCustomField("email_verified", "true")
+                          .setClaimsSetCustomField("cid", "788732372078.apps.googleusercontent.com")
+                          .setClaimsSetCustomField("azp", "788732372078.apps.googleusercontent.com")
+                          .setClaimsSetCustomField("email", "antonio.sanso@gmail.com")
+                          .setClaimsSetCustomField("token_hash", "L2I77giBLk0RSs0zQ1SvCA")
+                          .setClaimsSetCustomField("at_hash", "L2I77giBLk0RSs0zQ1SvCA")
+                          // signature
+                          .setSignature("XWYi5Zj1YWAMGIml_ftoAwmvW1Y7oeybLCpzQrJVuWJpS8L8Vd2TL-RTIOEVG03VA7e0_-_frNuw7MxUgVEgh8G-Nnbk_baJ6k_3w5c1SKFamFiHHDoKLFhrt1Y8JKSuGwE02V-px4Cn0dRAQAc1IN5CU6wqCrYK0p-fv_fvy28")
+                          .build();
+        String encodedJWT = new JWTWriter().write(jwt);
+        assertEquals(JWT, encodedJWT);
+    }
+
+    @Test
+    public void writeWithMultipleAudiences() {
+        JWT jwt = new JWT.Builder()
+                          // header
+                          .setHeaderAlgorithm("RS256")
+                          .setHeaderCustomField("kid", "be1da0b3567bd265a25098fbcc2b09f21345b3a2")
+                          // claimset
+                          .setClaimsSetAudiences(Arrays.asList("788732372078.apps.googleusercontent.com",
"foo"))
+                          .setClaimsSetIssuer("accounts.google.com")
+                          .setClaimsSetSubject("106422453082479998429")
+                          .setClaimsSetExpirationTime(1366730217)
+                          .setClaimsSetIssuedAt(1366726317)
+                          .setClaimsSetCustomField("id", "106422453082479998429")
+                          .setClaimsSetCustomField("verified_email", "true")
+                          .setClaimsSetCustomField("email_verified", "true")
+                          .setClaimsSetCustomField("cid", "788732372078.apps.googleusercontent.com")
+                          .setClaimsSetCustomField("azp", "788732372078.apps.googleusercontent.com")
+                          .setClaimsSetCustomField("email", "antonio.sanso@gmail.com")
+                          .setClaimsSetCustomField("token_hash", "L2I77giBLk0RSs0zQ1SvCA")
+                          .setClaimsSetCustomField("at_hash", "L2I77giBLk0RSs0zQ1SvCA")
+                          // signature
+                          .setSignature("XWYi5Zj1YWAMGIml_ftoAwmvW1Y7oeybLCpzQrJVuWJpS8L8Vd2TL-RTIOEVG03VA7e0_-_frNuw7MxUgVEgh8G-Nnbk_baJ6k_3w5c1SKFamFiHHDoKLFhrt1Y8JKSuGwE02V-px4Cn0dRAQAc1IN5CU6wqCrYK0p-fv_fvy28")
+                          .build();
+        String encodedJWT = new JWTWriter().write(jwt);
+        System.err.println(encodedJWT);
+        assertEquals(JWT_MULTIPLE_AUDIENCES, encodedJWT);
+    }
+
 }



Mime
View raw message