generated from cuioss/cui-java-module-template
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Adding Module for token-handling (#60)
* Fixing redundant formatted call * Adding portal-authentication.-token module * Fixing maven-build
- Loading branch information
Showing
28 changed files
with
1,090 additions
and
51 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
28 changes: 28 additions & 0 deletions
28
modules/authentication/portal-authentication-token/README.adoc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,28 @@ | ||
| = portal-authentication-token | ||
|
|
||
| == What is it? | ||
| Provides some convenience structures for dealing with JTW-Token. | ||
|
|
||
| It is essentially a wrapper around the types from io.smallrye:smallrye-jwt. | ||
|
|
||
| The core functionality is the simplified configuration of checking the signature of a given token, by looking up the corresponding public-keys from an oauth-server, tested with keycloak. | ||
|
|
||
| == Maven Coordinates | ||
|
|
||
| [source, xml] | ||
| ---- | ||
| <dependency> | ||
| <groupId>de.cuioss.portal.authentication</groupId> | ||
| <artifactId>portal-authentication-token</artifactId> | ||
| </dependency> | ||
| ---- | ||
|
|
||
| == Usage | ||
|
|
||
| The central objects are: | ||
|
|
||
| * link:src/main/java/de/cuioss/portal/authentication/token/JwksAwareTokenParser.java[Configuration of the io.smallrye.jwt.auth.principal.JWTParser] | ||
|
|
||
| * link:src/main/java/de/cuioss/portal/authentication/token/ParsedAccessToken.java[ParsedAccessToken] | ||
|
|
||
| * link:src/main/java/de/cuioss/portal/authentication/token/ParsedIdToken.java[ParsedIdToken] |
68 changes: 68 additions & 0 deletions
68
modules/authentication/portal-authentication-token/pom.xml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,68 @@ | ||
| <?xml version="1.0" encoding="UTF-8"?> | ||
| <project xmlns="http://maven.apache.org/POM/4.0.0" | ||
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | ||
| xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> | ||
| <modelVersion>4.0.0</modelVersion> | ||
| <parent> | ||
| <groupId>de.cuioss.portal.authentication</groupId> | ||
| <artifactId>authentication</artifactId> | ||
| <version>1.1.0-SNAPSHOT</version> | ||
| </parent> | ||
| <artifactId>portal.authentication.token</artifactId> | ||
| <properties> | ||
| <version.smallrye-jwt>4.5.2</version.smallrye-jwt> | ||
| <version.parsson>1.1.6</version.parsson> | ||
| </properties> | ||
| <dependencyManagement> | ||
| <dependencies> | ||
| <dependency> | ||
| <groupId>io.smallrye</groupId> | ||
| <artifactId>smallrye-jwt</artifactId> | ||
| <version>${version.smallrye-jwt}</version> | ||
| </dependency> | ||
| <!-- Test --> | ||
| <dependency> | ||
| <groupId>io.smallrye</groupId> | ||
| <artifactId>smallrye-jwt-build</artifactId> | ||
| <version>${version.smallrye-jwt}</version> | ||
| <scope>test</scope> | ||
| </dependency> | ||
| <!-- Implementation of jakarta.json-api--> | ||
| <dependency> | ||
| <groupId>org.eclipse.parsson</groupId> | ||
| <artifactId>parsson</artifactId> | ||
| <version>${version.parsson}</version> | ||
| <scope>test</scope> | ||
| </dependency> | ||
| </dependencies> | ||
| </dependencyManagement> | ||
| <dependencies> | ||
| <dependency> | ||
| <groupId>jakarta.json</groupId> | ||
| <artifactId>jakarta.json-api</artifactId> | ||
| </dependency> | ||
| <dependency> | ||
| <groupId>io.smallrye</groupId> | ||
| <artifactId>smallrye-jwt</artifactId> | ||
| </dependency> | ||
| <!-- Test --> | ||
| <dependency> | ||
| <groupId>io.smallrye</groupId> | ||
| <artifactId>smallrye-jwt-build</artifactId> | ||
| </dependency> | ||
| <dependency> | ||
| <groupId>de.cuioss.portal.test</groupId> | ||
| <artifactId>portal-core-unit-testing</artifactId> | ||
| </dependency> | ||
| <dependency> | ||
| <groupId>com.squareup.okhttp3</groupId> | ||
| <artifactId>mockwebserver3-junit5</artifactId> | ||
| </dependency> | ||
| <!-- Implementation of jakarta.json-api--> | ||
| <dependency> | ||
| <groupId>org.eclipse.parsson</groupId> | ||
| <artifactId>parsson</artifactId> | ||
| <scope>test</scope> | ||
| </dependency> | ||
| </dependencies> | ||
| </project> |
43 changes: 43 additions & 0 deletions
43
...ation-token/src/main/java/de/cuioss/portal/authentication/token/JwksAwareTokenParser.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,43 @@ | ||
| package de.cuioss.portal.authentication.token; | ||
|
|
||
| import de.cuioss.tools.logging.CuiLogger; | ||
| import io.smallrye.jwt.auth.principal.DefaultJWTParser; | ||
| import io.smallrye.jwt.auth.principal.JWTAuthContextInfo; | ||
| import io.smallrye.jwt.auth.principal.JWTParser; | ||
| import lombok.EqualsAndHashCode; | ||
| import lombok.Getter; | ||
| import lombok.NonNull; | ||
| import lombok.ToString; | ||
| import lombok.experimental.Delegate; | ||
|
|
||
| /** | ||
| * Variant of {@link JWTParser} that will be configured for remote loading of the public-keys. | ||
| * They are needed to verify the signature or the token. | ||
| * | ||
| * @author Oliver Wolff | ||
| */ | ||
| @ToString | ||
| @EqualsAndHashCode | ||
| public class JwksAwareTokenParser implements JWTParser { | ||
|
|
||
| private static final CuiLogger LOGGER = new CuiLogger(JwksAwareTokenParser.class); | ||
|
|
||
| @Delegate | ||
| private final JWTParser tokenParser; | ||
|
|
||
| @Getter | ||
| private final String jwksIssuer; | ||
|
|
||
| public JwksAwareTokenParser(@NonNull String jwksEndpoint, @NonNull Integer jwksRefreshIntervall, @NonNull String jwksIssuer) { | ||
| this.jwksIssuer = jwksIssuer; | ||
| LOGGER.info(LogMessages.CONFIGURED_JWKS.format(jwksEndpoint, jwksRefreshIntervall, jwksIssuer)); | ||
| JWTAuthContextInfo contextInfo = new JWTAuthContextInfo(); | ||
| contextInfo.setPublicKeyLocation(jwksEndpoint); | ||
| contextInfo.setJwksRefreshInterval(jwksRefreshIntervall); | ||
| contextInfo.setIssuedBy(jwksIssuer); | ||
| LOGGER.debug("Successfully configured JWTAuthContextInfo: %s", contextInfo); | ||
| tokenParser = new DefaultJWTParser(contextInfo); | ||
| } | ||
|
|
||
|
|
||
| } |
19 changes: 19 additions & 0 deletions
19
...authentication-token/src/main/java/de/cuioss/portal/authentication/token/LogMessages.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,19 @@ | ||
| package de.cuioss.portal.authentication.token; | ||
|
|
||
| import de.cuioss.tools.logging.LogRecord; | ||
| import de.cuioss.tools.logging.LogRecordModel; | ||
| import lombok.experimental.UtilityClass; | ||
|
|
||
| @UtilityClass | ||
| class LogMessages { | ||
|
|
||
| static final String PREFIX = "Portal"; | ||
|
|
||
| // Info-Level | ||
| static final LogRecord CONFIGURED_JWKS = LogRecordModel.builder().prefix(PREFIX).identifier(120).template("Initializing JWKS lookup, jwks-endpoint='%s', refresh-interval='%s', issuer = '%s'").build(); | ||
|
|
||
| // WARN-LEVEL | ||
| static final LogRecord TOKEN_IS_EMPTY = LogRecordModel.builder().prefix(PREFIX).identifier(120).template("The given token was empty").build(); | ||
| static final LogRecord COULD_NOT_PARSE_TOKEN = LogRecordModel.builder().prefix(PREFIX).identifier(121).template("Unable to parse token due to ParseException").build(); | ||
| static final LogRecord COULD_NOT_PARSE_TOKEN_TRACE = LogRecordModel.builder().prefix(PREFIX).identifier(121).template("Offending token '{}'").build(); | ||
| } |
Oops, something went wrong.