Skip to content

Commit

Permalink
Merge pull request #34 from joonasroosalung/dev
Browse files Browse the repository at this point in the history 
feat: 497 enable reading comma separated values from issuer property
  • Loading branch information
@varmoh
varmoh authored Jul 23, 2024
2 parents f41097c + 75180d3 commit 6ab844c
Show file tree
Hide file tree
Showing 3 changed files with 14 additions and 6 deletions.
12 changes: 10 additions & 2 deletions src/main/java/ee/eesti/authentication/configuration/jwt/JwtUtils.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -97,7 +97,7 @@ public SignedJWT getSignedJWTWithClaims(UUID jwtTokenId, String subject, Map<Str

JWTClaimsSet.Builder claimsSetBuilder = new JWTClaimsSet.Builder()
.jwtID(jwtTokenId.toString())
.issuer(jwtSignatureConfig.getIssuer())
.issuer(getFirstIssuer())
.issueTime(issueDate)
.expirationTime(expirationDate)
.subject(subject);
Expand Down Expand Up @@ -229,7 +229,7 @@ public boolean isJwtTokenValid(String jwtTokenToCheck, boolean isCustomJwtToken)
if (signedJWT.getJWTClaimsSet().getJWTID() == null
|| signedJWT.getJWTClaimsSet().getExpirationTime() == null
|| signedJWT.getJWTClaimsSet().getIssueTime() == null
|| !jwtSignatureConfig.getIssuer().equals(signedJWT.getJWTClaimsSet().getIssuer())
|| !containsIssuer(signedJWT.getJWTClaimsSet().getIssuer())
) {
log.warn("some attributes of the JWT token (id:{}) are invalid", signedJWT.getJWTClaimsSet().getJWTID());
valid = false;
Expand Down Expand Up @@ -272,4 +272,12 @@ public static String removeNewlines(String in) {
return in.replaceAll("[\n\r]+"," ");
}

public String getFirstIssuer() {
return jwtSignatureConfig.getIssuer().split(",")[0];
}

public boolean containsIssuer(String tokenIssuer) {
return Set.of(jwtSignatureConfig.getIssuer().split(",")).contains(tokenIssuer);
}

}
2 changes: 1 addition & 1 deletion src/test/java/ee/eesti/authentication/configuration/jwt/JwtUtilsTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ private SignedJWT getSignedJwtFromTestKeystore(UserInfo userInfo) throws Excepti
SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.RS256),
new JWTClaimsSet.Builder()
.jwtID(UUID.randomUUID().toString())
.issuer(jwtSignatureConfig.getIssuer())
.issuer(jwtUtils.getFirstIssuer())
.issueTime(issueDate)
.expirationTime(expirationDate)
.subject(userInfo.getPersonalCode())
Expand Down
6 changes: 3 additions & 3 deletions src/test/java/ee/eesti/authentication/controller/JwtControllerTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -128,7 +128,7 @@ void testUserinfoEndpoint() throws Exception {

mvc.perform(
get("/jwt/userinfo")
.cookie(new Cookie(jwtSignatureConfig.getCookieName(), getJwtTokenString(issueTime, expirationDate, jwtSignatureConfig.getIssuer(), UUID.randomUUID().toString(), claimSetToAdd, personalCode))))
.cookie(new Cookie(jwtSignatureConfig.getCookieName(), getJwtTokenString(issueTime, expirationDate, jwtUtils.getFirstIssuer(), UUID.randomUUID().toString(), claimSetToAdd, personalCode))))
.andExpect(status().isOk())
.andExpect(jsonPath("personalCode", is(personalCode)))
.andExpect(jsonPath("firstName", is(firstName)))
Expand Down Expand Up @@ -161,7 +161,7 @@ void testVerificationProcess() throws Exception {
//Valid Token
mvc.perform(
post("/jwt/verify")
.content(getJwtTokenString(new Date(), DateUtils.addMinutes(new Date(), 30), jwtSignatureConfig.getIssuer(), UUID.randomUUID().toString(), null, personalCode)))
.content(getJwtTokenString(new Date(), DateUtils.addMinutes(new Date(), 30), jwtUtils.getFirstIssuer(), UUID.randomUUID().toString(), null, personalCode)))
.andExpect(status().isOk());

//invalid token
Expand All @@ -173,7 +173,7 @@ void testVerificationProcess() throws Exception {
//Expired token
mvc.perform(
post("/jwt/verify")
.content(getJwtTokenString(new Date(), new Date(), jwtSignatureConfig.getIssuer(), UUID.randomUUID().toString(), null, personalCode)))
.content(getJwtTokenString(new Date(), new Date(), jwtUtils.getFirstIssuer(), UUID.randomUUID().toString(), null, personalCode)))
.andExpect(status().isBadRequest());

//Invalid issuer
Expand Down

0 comments on commit 6ab844c

Please sign in to comment.