This is an automated email from the git hooks/post-receive script. New commit to branch refonte-rest in repository coselmar. See https://gitlab.nuiton.org/codelutin/coselmar.git commit 6e0a1403e72d6a78441ee55e026a3b8b3f6dbfef Author: Yannick Martel <martel@©odelutin.com> Date: Tue Jun 4 18:10:13 2019 +0200 upgrade jwt lib --- .../fr/ifremer/coselmar/beans/UserWebToken.java | 21 +++++ .../services/CoselmarWebServiceSupport.java | 92 +++------------------- .../coselmar/services/v1/DocumentsWebService.java | 14 ++-- .../coselmar/services/v1/QuestionsWebService.java | 49 ++++++------ .../coselmar/services/v1/UsersWebService.java | 29 ++++--- .../services/AbstractCoselmarWebServiceTest.java | 5 ++ .../coselmar/services/QuestionsWebServiceTest.java | 13 +-- .../coselmar/services/UsersWebServiceTest.java | 7 +- pom.xml | 2 +- 9 files changed, 96 insertions(+), 136 deletions(-) diff --git a/coselmar-rest/src/main/java/fr/ifremer/coselmar/beans/UserWebToken.java b/coselmar-rest/src/main/java/fr/ifremer/coselmar/beans/UserWebToken.java index e39de60..aaed87a 100644 --- a/coselmar-rest/src/main/java/fr/ifremer/coselmar/beans/UserWebToken.java +++ b/coselmar-rest/src/main/java/fr/ifremer/coselmar/beans/UserWebToken.java @@ -24,6 +24,10 @@ package fr.ifremer.coselmar.beans; * #L% */ +import com.auth0.jwt.JWT; +import com.auth0.jwt.JWTCreator; +import com.auth0.jwt.interfaces.DecodedJWT; + import java.io.Serializable; import java.util.HashMap; import java.util.Map; @@ -57,6 +61,13 @@ public class UserWebToken implements Serializable { this.role = ((String) claims.get(CLAIMS_ROLE)).toUpperCase(); } + public UserWebToken(DecodedJWT decodedJWT) { + this.userId = decodedJWT.getClaim(CLAIMS_USER_ID).asString(); + this.firstName = decodedJWT.getClaim(CLAIMS_FIRST_NAME).asString(); + this.lastName = decodedJWT.getClaim(CLAIMS_LAST_NAME).asString(); + this.role = decodedJWT.getClaim(CLAIMS_ROLE).asString().toUpperCase(); + } + public String getUserId() { return userId; } @@ -109,4 +120,14 @@ public class UserWebToken implements Serializable { return claims; } + public static JWTCreator.Builder toJwtClaimBuilder(String userId, String firstName, String lastName, String role) { + + JWTCreator.Builder jwtClaimBuilder = JWT.create() + .withClaim(CLAIMS_USER_ID, userId) + .withClaim(CLAIMS_FIRST_NAME, firstName) + .withClaim(CLAIMS_LAST_NAME, lastName) + .withClaim(CLAIMS_ROLE, role.toUpperCase()); + return jwtClaimBuilder; + } + } diff --git a/coselmar-rest/src/main/java/fr/ifremer/coselmar/services/CoselmarWebServiceSupport.java b/coselmar-rest/src/main/java/fr/ifremer/coselmar/services/CoselmarWebServiceSupport.java index 87f1d8d..0db64f5 100644 --- a/coselmar-rest/src/main/java/fr/ifremer/coselmar/services/CoselmarWebServiceSupport.java +++ b/coselmar-rest/src/main/java/fr/ifremer/coselmar/services/CoselmarWebServiceSupport.java @@ -24,10 +24,12 @@ package fr.ifremer.coselmar.services; * #L% */ +import com.auth0.jwt.JWT; import com.auth0.jwt.JWTVerifier; -import com.auth0.jwt.JWTVerifyException; +import com.auth0.jwt.algorithms.Algorithm; +import com.auth0.jwt.exceptions.JWTVerificationException; +import com.auth0.jwt.interfaces.DecodedJWT; import fr.ifremer.coselmar.beans.UserWebToken; -import fr.ifremer.coselmar.exceptions.CoselmarTechnicalException; import fr.ifremer.coselmar.persistence.CoselmarPersistenceContext; import fr.ifremer.coselmar.persistence.entity.CoselmarUser; import fr.ifremer.coselmar.services.errors.InvalidCredentialException; @@ -36,12 +38,6 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.nuiton.topia.persistence.TopiaNoResultException; -import java.io.IOException; -import java.security.InvalidKeyException; -import java.security.NoSuchAlgorithmException; -import java.security.SignatureException; -import java.util.Map; - /** * @author ymartel <martel@codelutin.com> */ @@ -52,66 +48,15 @@ public abstract class CoselmarWebServiceSupport implements CoselmarService { private CoselmarServicesContext servicesContext; + protected Algorithm getJwtAlgorithm(CoselmarServicesContext servicesContext) { + return Algorithm.HMAC384(servicesContext.getCoselmarServicesConfig().getWebSecurityKey()); + } + @Override public void setServicesContext(CoselmarServicesContext servicesContext) { this.servicesContext = servicesContext; } - /** - * Check the authorization code. - * Get the token from the authorization and reconstitute JWT user token. - * - * @param authorization : authorization containing the encoding token - * @return corresponding {@link fr.ifremer.coselmar.beans.UserWebToken} - * - * @throws InvalidCredentialException if token is not valid. - * - * @Deprecated since 0.8 : prefer use {@link #checkUserAuthentication(CoselmarServicesContext, String)} that also check user validity. - */ - @Deprecated - protected UserWebToken checkAuthentication(String authorization) throws InvalidCredentialException { - try { - - String webSecurityKey = CoselmarServicesApplicationContext.getInstance().getApplicationConfig().getWebSecurityKey(); - JWTVerifier jwtVerifier = new JWTVerifier(webSecurityKey, "audience"); - - String token = StringUtils.replace(authorization, "Bearer ", ""); - Map<String, Object> claims = jwtVerifier.verify(token); - UserWebToken userWebToken = new UserWebToken(claims); - return userWebToken; - - } catch (NoSuchAlgorithmException|InvalidKeyException|IOException e) { - // This should not happened or this is really exceptional ! - if (log.isErrorEnabled()) { - log.error("Error during JWT verification : wrong Algorithm !", e); - } - throw new CoselmarTechnicalException(e); - - } catch (SignatureException e) { - // Invalid Signature ! It's a Fake ! - if (log.isErrorEnabled()) { - log.error("Error during JWT verification : bad signature!", e); - } - throw new InvalidCredentialException("Error with signature"); - - } catch (JWTVerifyException e) { - // Error during Payload verification - if (log.isErrorEnabled()) { - log.error("Error during JWT verification : bad claims!", e); - } - throw new InvalidCredentialException("Error with claims"); - - } catch (IllegalStateException e) { - // No token set - if (log.isErrorEnabled()) { - log.error("Error during JWT verification : no token!", e); - } - throw new InvalidCredentialException("Seems no user connected"); - - } - - } - /** * Check the authorization code. * Get the token from the authorization and reconstitute JWT user token. @@ -126,11 +71,10 @@ public abstract class CoselmarWebServiceSupport implements CoselmarService { protected CoselmarUser checkUserAuthentication(CoselmarServicesContext servicesContext, String authorization) throws InvalidCredentialException { try { - String webSecurityKey = CoselmarServicesApplicationContext.getInstance().getApplicationConfig().getWebSecurityKey(); - JWTVerifier jwtVerifier = new JWTVerifier(webSecurityKey, "audience"); + JWTVerifier jwtVerifier = JWT.require(getJwtAlgorithm(servicesContext)).build(); String token = StringUtils.replace(authorization, "Bearer ", ""); - Map<String, Object> claims = jwtVerifier.verify(token); + DecodedJWT claims = jwtVerifier.verify(token); UserWebToken userWebToken = new UserWebToken(claims); // check user still exist @@ -139,21 +83,7 @@ public abstract class CoselmarWebServiceSupport implements CoselmarService { return coselmarUser; - } catch (NoSuchAlgorithmException|InvalidKeyException|IOException e) { - // This should not happened or this is really exceptional ! - if (log.isErrorEnabled()) { - log.error("Error during JWT verification : wrong Algorithm !", e); - } - throw new CoselmarTechnicalException(e); - - } catch (SignatureException e) { - // Invalid Signature ! It's a Fake ! - if (log.isErrorEnabled()) { - log.error("Error during JWT verification : bad signature!", e); - } - throw new InvalidCredentialException("Error with signature"); - - } catch (JWTVerifyException e) { + } catch (JWTVerificationException e) { // Error during Payload verification if (log.isErrorEnabled()) { log.error("Error during JWT verification : bad claims!", e); diff --git a/coselmar-rest/src/main/java/fr/ifremer/coselmar/services/v1/DocumentsWebService.java b/coselmar-rest/src/main/java/fr/ifremer/coselmar/services/v1/DocumentsWebService.java index b84ad05..4ea5141 100644 --- a/coselmar-rest/src/main/java/fr/ifremer/coselmar/services/v1/DocumentsWebService.java +++ b/coselmar-rest/src/main/java/fr/ifremer/coselmar/services/v1/DocumentsWebService.java @@ -395,13 +395,16 @@ public class DocumentsWebService extends CoselmarWebServiceSupport { MultipartFormDataInput uploadFile) throws InvalidCredentialException, UnauthorizedException { // Check authentication - UserWebToken userWebToken = checkAuthentication(authorization); + CoselmarUser userWebToken = checkUserAuthentication(servicesContext, authorization); // Only Expert or Supervisor can add document - String userRole = userWebToken.getRole(); - if (!DOCUMENT_CREATE_ALLOWED_USER_ROLES.contains(userRole.toUpperCase())) { + CoselmarUserRole userRole = userWebToken.getRole(); + CoselmarPersistenceContext persistenceContext = servicesContext.getPersistenceContext(); + String userShortId = getShortIdFromFull(persistenceContext, userWebToken.getTopiaId()); + + if (!DOCUMENT_CREATE_ALLOWED_USER_ROLES.contains(userRole.name().toUpperCase())) { String message = String.format("User %s %s ('%s') is not allowed to add document", - userWebToken.getFirstName(), userWebToken.getLastName(), userWebToken.getUserId()); + userWebToken.getFirstname(), userWebToken.getName(), userShortId); if (log.isWarnEnabled()) { log.warn(message); } @@ -411,8 +414,7 @@ public class DocumentsWebService extends CoselmarWebServiceSupport { Preconditions.checkNotNull(document); // retrieve user who will be assigned as document owner - CoselmarPersistenceContext persistenceContext = servicesContext.getPersistenceContext(); - String fullId = getFullUserIdFromShort(persistenceContext, userWebToken.getUserId()); + String fullId = userWebToken.getTopiaId(); CoselmarUser owner; try { diff --git a/coselmar-rest/src/main/java/fr/ifremer/coselmar/services/v1/QuestionsWebService.java b/coselmar-rest/src/main/java/fr/ifremer/coselmar/services/v1/QuestionsWebService.java index 60b5689..d039474 100644 --- a/coselmar-rest/src/main/java/fr/ifremer/coselmar/services/v1/QuestionsWebService.java +++ b/coselmar-rest/src/main/java/fr/ifremer/coselmar/services/v1/QuestionsWebService.java @@ -117,14 +117,16 @@ public class QuestionsWebService extends CoselmarWebServiceSupport { @FormParam("question") QuestionBean question) throws InvalidCredentialException, UnauthorizedException { // Check authentication - UserWebToken userWebToken = checkAuthentication(authorization); + CoselmarUser userWebToken = checkUserAuthentication(servicesContext, authorization); // Only Supervisor can add question - String userRole = userWebToken.getRole(); + CoselmarUserRole userRole = userWebToken.getRole(); - if (!StringUtils.equalsIgnoreCase(CoselmarUserRole.SUPERVISOR.name(), userRole)) { + CoselmarPersistenceContext persistenceContext = servicesContext.getPersistenceContext(); + String userShortId = getShortIdFromFull(persistenceContext, userWebToken.getTopiaId()); + if (!CoselmarUserRole.SUPERVISOR.equals(userRole)) { String message = String.format("User %s %s ('%s') is not allowed to add question", - userWebToken.getFirstName(), userWebToken.getLastName(), userWebToken.getUserId()); + userWebToken.getFirstname(), userWebToken.getName(), userShortId); if (log.isWarnEnabled()) { log.warn(message); } @@ -132,9 +134,8 @@ public class QuestionsWebService extends CoselmarWebServiceSupport { } - CoselmarPersistenceContext persistenceContext = servicesContext.getPersistenceContext(); // retrieve user who will be assigned as question supervisor - String fullId = getFullUserIdFromShort(persistenceContext, userWebToken.getUserId()); + String fullId = userWebToken.getTopiaId(); CoselmarUser supervisor; try { @@ -383,24 +384,25 @@ public class QuestionsWebService extends CoselmarWebServiceSupport { @PathParam("questionId") String questionId) throws InvalidCredentialException, UnauthorizedException { // Check authentication - UserWebToken userWebToken = checkAuthentication(authorization); + CoselmarUser userWebToken = checkUserAuthentication(servicesContext, authorization); // Only Supervisor can delete question - String userRole = userWebToken.getRole(); + CoselmarUserRole userRole = userWebToken.getRole(); - if (!StringUtils.equalsIgnoreCase(CoselmarUserRole.SUPERVISOR.name(), userRole) - && !StringUtils.equalsIgnoreCase(CoselmarUserRole.ADMIN.name(), userRole)) { + CoselmarPersistenceContext persistenceContext = servicesContext.getPersistenceContext(); + String userShortId = getShortIdFromFull(persistenceContext, userWebToken.getTopiaId()); + + if (!CoselmarUserRole.SUPERVISOR.equals(userRole) + && !CoselmarUserRole.ADMIN.equals(userRole)) { String message = String.format("User %s %s ('%s') is not allowed to delete question", - userWebToken.getFirstName(), userWebToken.getLastName(), userWebToken.getUserId()); + userWebToken.getFirstname(), userWebToken.getName(), userShortId); if (log.isWarnEnabled()) { log.warn(message); } throw new UnauthorizedException(message); } - - CoselmarPersistenceContext persistenceContext = servicesContext.getPersistenceContext(); - String fullUserId = getFullIdFromShort(persistenceContext, CoselmarUser.class, userWebToken.getUserId()); + String fullUserId = userWebToken.getTopiaId(); try { persistenceContext.getCoselmarUserDao().forTopiaIdEquals(fullUserId).findUnique(); @@ -533,26 +535,27 @@ public class QuestionsWebService extends CoselmarWebServiceSupport { DocumentBean[] documents) throws InvalidCredentialException, UnauthorizedException { // Check authentication - UserWebToken userWebToken = checkAuthentication(authorization); + CoselmarUser userWebToken = checkUserAuthentication(servicesContext, authorization); // Only Supervisor can add documents - String userRole = userWebToken.getRole(); + CoselmarUserRole userRole = userWebToken.getRole(); + + CoselmarPersistenceContext persistenceContext = servicesContext.getPersistenceContext(); + String userShortId = getShortIdFromFull(persistenceContext, userWebToken.getTopiaId()); - if (!StringUtils.equalsIgnoreCase(CoselmarUserRole.SUPERVISOR.name(), userRole) - && !StringUtils.equalsIgnoreCase(CoselmarUserRole.ADMIN.name(), userRole) - && !StringUtils.equalsIgnoreCase(CoselmarUserRole.EXPERT.name(), userRole)) { + if (!CoselmarUserRole.SUPERVISOR.equals(userRole) + && !CoselmarUserRole.ADMIN.equals(userRole) + && !CoselmarUserRole.EXPERT.equals(userRole)) { String message = String.format("User %s %s ('%s') is not allowed to add document", - userWebToken.getFirstName(), userWebToken.getLastName(), userWebToken.getUserId()); + userWebToken.getFirstname(), userWebToken.getName(), userShortId); if (log.isWarnEnabled()) { log.warn(message); } throw new UnauthorizedException(message); } - - CoselmarPersistenceContext persistenceContext = servicesContext.getPersistenceContext(); - String fullUserId = getFullIdFromShort(persistenceContext, CoselmarUser.class, userWebToken.getUserId()); + String fullUserId = userWebToken.getTopiaId(); CoselmarUser currentUser; try { diff --git a/coselmar-rest/src/main/java/fr/ifremer/coselmar/services/v1/UsersWebService.java b/coselmar-rest/src/main/java/fr/ifremer/coselmar/services/v1/UsersWebService.java index 1a8e2dd..bfa26b3 100644 --- a/coselmar-rest/src/main/java/fr/ifremer/coselmar/services/v1/UsersWebService.java +++ b/coselmar-rest/src/main/java/fr/ifremer/coselmar/services/v1/UsersWebService.java @@ -24,8 +24,8 @@ package fr.ifremer.coselmar.services.v1; * #L% */ -import com.auth0.jwt.Algorithm; -import com.auth0.jwt.JWTSigner; +import com.auth0.jwt.JWTCreator; +import com.auth0.jwt.algorithms.Algorithm; import com.github.mustachejava.DefaultMustacheFactory; import com.github.mustachejava.Mustache; import com.github.mustachejava.MustacheException; @@ -155,11 +155,11 @@ public class UsersWebService extends CoselmarWebServiceSupport { @QueryParam("search") UserSearchBean search) throws InvalidCredentialException, UnauthorizedException { // Check authentication - UserWebToken userWebToken = checkAuthentication(authorization); + CoselmarUser userWebToken = checkUserAuthentication(servicesContext, authorization); // Who is allowed here ? Admin and user himself - if (!StringUtils.equals(userWebToken.getRole(), CoselmarUserRole.ADMIN.name()) - && !StringUtils.equals(userWebToken.getRole(), CoselmarUserRole.SUPERVISOR.name())) { + if (!CoselmarUserRole.ADMIN.equals(userWebToken.getRole()) + && !CoselmarUserRole.SUPERVISOR.equals(userWebToken.getRole())) { if (log.isDebugEnabled()) { String message = String.format("A non admin, non supervisor user is trying to access users list"); log.debug(message); @@ -320,10 +320,10 @@ public class UsersWebService extends CoselmarWebServiceSupport { UserBean user) throws InvalidCredentialException, UnauthorizedException, InvalidParameterException, TopiaNoResultException, MailAlreadyExistingException { // Check authentication - UserWebToken userWebToken = checkAuthentication(authorization); + CoselmarUser userWebToken = checkUserAuthentication(servicesContext, authorization); - boolean isAdmin = StringUtils.equals(userWebToken.getRole(), CoselmarUserRole.ADMIN.name()); - boolean isSupervisor4Client = StringUtils.equals(userWebToken.getRole(), CoselmarUserRole.SUPERVISOR.name()) && StringUtils.equals(user.getRole(), CoselmarUserRole.CLIENT.name()); + boolean isAdmin = CoselmarUserRole.ADMIN.equals(userWebToken.getRole()); + boolean isSupervisor4Client = CoselmarUserRole.SUPERVISOR.equals(userWebToken.getRole()) && StringUtils.equals(CoselmarUserRole.CLIENT.name(), user.getRole()); String askedUserId = user.getId(); if (StringUtils.isBlank(askedUserId)) { @@ -336,7 +336,8 @@ public class UsersWebService extends CoselmarWebServiceSupport { } // Who is allowed here ? Admin and user himself only and Supervisor if it is a "client" type user - if (!isAdmin && !StringUtils.equals(userWebToken.getUserId(), askedUserId) && !isSupervisor4Client) { + String userShortId = getShortIdFromFull(servicesContext.getPersistenceContext(), userWebToken.getTopiaId()); + if (!isAdmin && !StringUtils.equals(userShortId, askedUserId) && !isSupervisor4Client) { if (log.isDebugEnabled()) { String message = String.format("A non admin user try to modify account details with shortId '%s'", askedUserId); log.debug(message); @@ -441,13 +442,11 @@ public class UsersWebService extends CoselmarWebServiceSupport { checkPassword(servicesContext, user.getPassword(), salt, password); // return a Json Web Token for authentication - JWTSigner jwtSigner = new JWTSigner(servicesContext.getCoselmarServicesConfig().getWebSecurityKey()); - JWTSigner.Options signerOption = new JWTSigner.Options(); - signerOption.setAlgorithm(Algorithm.HS384); - String shortId = getShortIdFromFull(servicesContext.getPersistenceContext(), user.getTopiaId()); - Map<String, Object> claims = UserWebToken.toJwtClaims(shortId, user.getFirstname(), user.getName(), user.getRole().name()); - String webToken = jwtSigner.sign(claims, signerOption); + JWTCreator.Builder jwtBuilder = UserWebToken.toJwtClaimBuilder(shortId, user.getFirstname(), user.getName(), user.getRole().name()); + + Algorithm jwtAlgorithm = getJwtAlgorithm(servicesContext); + String webToken = jwtBuilder.sign(jwtAlgorithm); return ImmutableMap.of("jwt", webToken); diff --git a/coselmar-rest/src/test/java/fr/ifremer/coselmar/services/AbstractCoselmarWebServiceTest.java b/coselmar-rest/src/test/java/fr/ifremer/coselmar/services/AbstractCoselmarWebServiceTest.java index 1c4b9d5..1becab0 100644 --- a/coselmar-rest/src/test/java/fr/ifremer/coselmar/services/AbstractCoselmarWebServiceTest.java +++ b/coselmar-rest/src/test/java/fr/ifremer/coselmar/services/AbstractCoselmarWebServiceTest.java @@ -24,6 +24,7 @@ package fr.ifremer.coselmar.services; * #L% */ +import com.auth0.jwt.algorithms.Algorithm; import fr.ifremer.coselmar.persistence.CoselmarPersistenceContext; import io.undertow.Undertow; import org.apache.commons.logging.Log; @@ -50,6 +51,10 @@ public class AbstractCoselmarWebServiceTest { private static UndertowJaxrsServer server; + protected Algorithm getJwtAlgorithm(CoselmarServicesContext servicesContext) { + return Algorithm.HMAC384(servicesContext.getCoselmarServicesConfig().getWebSecurityKey()); + } + @Before public void startServer() throws Exception { diff --git a/coselmar-rest/src/test/java/fr/ifremer/coselmar/services/QuestionsWebServiceTest.java b/coselmar-rest/src/test/java/fr/ifremer/coselmar/services/QuestionsWebServiceTest.java index fdbb835..e6c2369 100644 --- a/coselmar-rest/src/test/java/fr/ifremer/coselmar/services/QuestionsWebServiceTest.java +++ b/coselmar-rest/src/test/java/fr/ifremer/coselmar/services/QuestionsWebServiceTest.java @@ -24,7 +24,9 @@ package fr.ifremer.coselmar.services; * #L% */ +import com.auth0.jwt.JWT; import com.auth0.jwt.JWTVerifier; +import com.auth0.jwt.interfaces.DecodedJWT; import com.fasterxml.jackson.core.type.TypeReference; import com.fasterxml.jackson.databind.ObjectMapper; import com.google.common.collect.Sets; @@ -318,8 +320,7 @@ public class QuestionsWebServiceTest extends AbstractCoselmarWebServiceTest { @Test public void testSearchUserQuestions() throws Exception { - String webSecurityKey = getServiceContext().getCoselmarServicesConfig().getWebSecurityKey(); - JWTVerifier jwtVerifier = new JWTVerifier(webSecurityKey, "audience"); + JWTVerifier jwtVerifier = JWT.require(getJwtAlgorithm(getServiceContext())).build(); Client client = ClientBuilder.newClient(); @@ -339,8 +340,8 @@ public class QuestionsWebServiceTest extends AbstractCoselmarWebServiceTest { Map<String, String> loginJson = gson.fromJson(loginContent, Map.class); String expertToken = loginJson.get("jwt"); - Map<String, Object> expertMap = jwtVerifier.verify(expertToken); - String expertId = (String) expertMap.get("userId"); + DecodedJWT expertJwt = jwtVerifier.verify(expertToken); + String expertId = expertJwt.getClaim("userId").asString(); //First : login ! loginForm = new Form() @@ -355,8 +356,8 @@ public class QuestionsWebServiceTest extends AbstractCoselmarWebServiceTest { loginJson = gson.fromJson(loginContent, Map.class); String supervisorToken = loginJson.get("jwt"); - Map<String, Object> supervisorMap = jwtVerifier.verify(supervisorToken); - String supervisorId = (String) supervisorMap.get("userId"); + DecodedJWT supervisorJwt = jwtVerifier.verify(supervisorToken); + String supervisorId = supervisorJwt.getClaim("userId").asString(); // Create first document diff --git a/coselmar-rest/src/test/java/fr/ifremer/coselmar/services/UsersWebServiceTest.java b/coselmar-rest/src/test/java/fr/ifremer/coselmar/services/UsersWebServiceTest.java index 8c6e71d..d9535dd 100644 --- a/coselmar-rest/src/test/java/fr/ifremer/coselmar/services/UsersWebServiceTest.java +++ b/coselmar-rest/src/test/java/fr/ifremer/coselmar/services/UsersWebServiceTest.java @@ -24,6 +24,7 @@ package fr.ifremer.coselmar.services; * #L% */ +import com.auth0.jwt.JWT; import com.auth0.jwt.JWTVerifier; import com.google.gson.Gson; import fr.ifremer.coselmar.beans.UserBean; @@ -76,8 +77,7 @@ public class UsersWebServiceTest extends AbstractCoselmarWebServiceTest { Gson gson = new Gson(); Map<String, String> map = gson.fromJson(loginContent, Map.class); - String webSecurityKey = getServiceContext().getCoselmarServicesConfig().getWebSecurityKey(); - JWTVerifier jwtVerifier = new JWTVerifier(webSecurityKey, "audience"); + JWTVerifier jwtVerifier = JWT.require(getJwtAlgorithm(getServiceContext())).build(); String token = map.get("jwt"); jwtVerifier.verify(token); @@ -133,8 +133,7 @@ public class UsersWebServiceTest extends AbstractCoselmarWebServiceTest { Map<String, String> newUserLoginMap = gson.fromJson(loginContent, Map.class); - String webSecurityKey = getServiceContext().getCoselmarServicesConfig().getWebSecurityKey(); - JWTVerifier jwtVerifier = new JWTVerifier(webSecurityKey, "audience"); + JWTVerifier jwtVerifier = JWT.require(getJwtAlgorithm(getServiceContext())).build(); String token = newUserLoginMap.get("jwt"); jwtVerifier.verify(token); diff --git a/pom.xml b/pom.xml index e3f0315..2ac4389 100644 --- a/pom.xml +++ b/pom.xml @@ -148,7 +148,7 @@ <jqueryVersion>2.1.4</jqueryVersion> <fontAwesomeVersion>4.5.0</fontAwesomeVersion> - <java-jwt.version>2.1.0</java-jwt.version> + <java-jwt.version>3.8.1</java-jwt.version> <gson.version>2.5</gson.version> <guava.version>19.0-rc3</guava.version> <junit.version>4.12</junit.version> -- To stop receiving notification emails like this one, please contact codelutin.com SCM administrator <admin+scm@codelutin.com>.