Issue #20 added url constructor to JwkProviderBuilder #22
Conversation
|
Thanks for the contribution!
Regarding this, the |
|
@lbalmaceda thanks for the review!
|
|
When can we have this on Maven Central? |
| * @param domain domain where to look for the jwks.json file | ||
| * Creates a provider that loads from the given domain's well-known directory. | ||
| * <br>If the protocol (http or https) is not provided then https is used by default | ||
| * (some.domain -> "https://" + some.domain + {@value #WELL_KNOWN_JWKS_PATH}). |
There was a problem hiding this comment.
- use {DOMAIN} instead of "some.domain". You can also say something like
"for example, when -domain- is -acme.com- the jwks url that will be used is -https://acme.com/.well-known/jwks.json" - don't mention the constant. Use "/.well-known/jwks.json" instead, since the constant is package private anyway and users won't see it.
There was a problem hiding this comment.
the JavaDoc fixed and alligned with JwkProviderBuilder(String)
| import static org.hamcrest.Matchers.instanceOf; | ||
| import static org.hamcrest.Matchers.notNullValue; | ||
| import static com.auth0.jwk.UrlJwkProvider.WELL_KNOWN_JWKS_PATH; | ||
| import static org.hamcrest.Matchers.*; |
There was a problem hiding this comment.
Probably better to import the required ones only
There was a problem hiding this comment.
Agree, safer, fixed
| @@ -21,35 +21,24 @@ | |||
| public ExpectedException expectedException = ExpectedException.none(); | |||
|
|
|||
| @Before | |||
| public void setUp() throws Exception { | |||
| public void setUp() { | |||
There was a problem hiding this comment.
This whole "before" method is no longer being used generically. It's only used in shouldReturnSingleJwkById. Feel free to remove this and the provider field.
There was a problem hiding this comment.
Made some cleanup
| /** | ||
| * Jwk provider that loads them from a {@link URL} | ||
| */ | ||
| @SuppressWarnings("WeakerAccess") | ||
| public class UrlJwkProvider implements JwkProvider { | ||
|
|
||
| static final String WELL_KNOWN_JWKS_PATH = "/.well-known/jwks.json"; |
There was a problem hiding this comment.
please add a comment above
//visible for testing
There was a problem hiding this comment.
Used @VisibleForTesting from Guava instead
| } | ||
|
|
||
| try { | ||
| final URL url = new URL(domain); | ||
| return new URL(url, "/.well-known/jwks.json"); | ||
| return new URL(url, WELL_KNOWN_JWKS_PATH); | ||
| } catch (MalformedURLException e) { | ||
| throw new IllegalArgumentException("Invalid jwks uri", e); |
There was a problem hiding this comment.
This line hasn't been tested. Telling by the docs it will throw "if no protocol is specified, or an unknown protocol is found, or spec is null."
- being "protocol" part of the URL (first param) and
- being "spec" the well-known constant, which is never null.
So protocol could be any of http, https, ftp, file, and jar. We are adding https if the domain doesn't begin with http, so those 2 protocols are covered. And because we're enforcing any of those 2, this should be a valid value too. I don't see how to trick our logic in a test to make it fail in this line. If you happen to find something, feel free to add it. But don't worry if you can't that's OK anyway and we should catch it here. (which again, should never be called).
There was a problem hiding this comment.
covered with a test with "httptest://..."
| @@ -35,6 +38,26 @@ public JwkProviderBuilder(String domain) { | |||
| this.bucket = new BucketImpl(10, 1, TimeUnit.MINUTES); | |||
| } | |||
|
|
|||
| /** | |||
| * Creates a new Builder with a domain where to look for the jwks. | |||
| * It can be a url link 'https://samples.auth0.com' or just a domain 'samples.auth0.com'. | |||
There was a problem hiding this comment.
You should mention that this method appends the default jwks path to the given string domain
| @@ -122,4 +121,10 @@ public void shouldUseOnlyDomain() { | |||
| String actualJwksUrl = new UrlJwkProvider(domainWithSubPath).url.toString(); | |||
| assertThat(actualJwksUrl, equalTo("https://" + domain + WELL_KNOWN_JWKS_PATH)); | |||
| } | |||
|
|
|||
| @Test(expected = IllegalArgumentException.class) | |||
There was a problem hiding this comment.
Please use the other syntax so we have everything the same.
expectedException.expect(IllegalArgumentException.class);
|
@cocojoe I really like this to be merged. Can I have your blessing? |
|
@lbalmaceda If you're happy, I'm happy. |
|
I accidently made a comment fix and then reverted it. In order to keep the history cleaner, I can rebase. What do you think? |
|
As you want, I can also "squash and merge" and keep 1 single commit for the entire PR. No worries. I'll merge this one and try to release by tomorrow. |
|
Removed those two |
URLconstructor added toJwkProviderBuilder, which allows to customize the url to get JWKS. Before, it could only be<domain>/.well-known/jwks.json, now it can be<domain>/sub/path/.well-known/jwks.jsonIllegalStateExceptionis thrown, so the behavior is similar to theStringconstructorJwkProviderBuilder.normalizeDomaintoUrlJwkProviderkeeping the same behavior