-
Notifications
You must be signed in to change notification settings - Fork 134
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make generated jwt attributes in a predictable order #1403
Make generated jwt attributes in a predictable order #1403
Conversation
Signed-off-by: liga-oz <liga.ozolina@sap.com>
Signed-off-by: liga-oz <liga.ozolina@sap.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't really like the approach to change internals of JSONObject via reflection. Are there no clean alternatives?
What problem does this PR address that PR #1338 does not? Is it an alternative or are both PRs required?
@finkmanAtSap Even thou it's a reflection I found it to be a cleaner approach than storing JSONObject under an ArrayList then sorting it and then doing some string manipulations. We could discuss here the performance gains too, but i dont thinks it plays a critical role here. PR #1338 is an alternative. |
I'm not sure if we are solving the right problem after thinking some about it: With reflection, we are introducing something that could cause more problems than this solves in my opinion. Yet, we are trying really hard to produce JWTs whose String representation is identical for the same properties. If we decide that we really do need that, I think we should use a LinkedHashMap/TreeMap to store the properties instead of a JSONObject and then use a JSON serializer that produces consistent results. JSONObject tells us it is not the right implementation to produce consistent JSONs. I think performance is very negligible here because it is just unit tests whose runtimes are dominated by other parts of the code. The objects in question are tiny data structures that are only sorted for token creation. But I understand we do not want to put too much effort on this and the reflection solution is giving us just that. I'm just scared of yet another consumer complaining because our test modules break their unit tests at one point. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Approving since it seems like the smallest change to fix it and the catch clauses should prevent it from causing any issues
Follow up PR for the #1338