Skip to content

Commit

Permalink
Merge pull request #5803 from jGauravGupta/FISH-6084-4
Browse files Browse the repository at this point in the history 
FISH-6084 Upgrade Jakarta Security to 3.0
  • Loading branch information
@Pandrex247
Pandrex247 committed Jun 21, 2022
2 parents 7b199b6 + b979210 commit 0b2bf2f
Show file tree
Hide file tree
Showing 9 changed files with 462 additions and 8 deletions.
5 changes: 5 additions & 0 deletions api/payara-bom/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -569,6 +569,11 @@
<artifactId>jakarta.security.enterprise</artifactId>
<version>${jakarta.security.enterprise.version}</version>
</dependency>
<dependency>
<groupId>org.glassfish.soteria</groupId>
<artifactId>soteria.spi.bean.decorator.weld</artifactId>
<version>${jakarta.security.enterprise.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.persistence</groupId>
<artifactId>org.eclipse.persistence.core</artifactId>
Expand Down
177 changes: 173 additions & 4 deletions appserver/packager/external/jakarta-ee9-shim/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -96,7 +96,29 @@

<dependency>
<groupId>jakarta.servlet.jsp.jstl</groupId>
<artifactId>jakarta.servlet.jsp.jstl-api</artifactId>
<artifactId>jakarta.servlet.jsp.jstl-api</artifactId>
<scope>provided</scope>
</dependency>

<dependency>
<groupId>jakarta.authentication</groupId>
<artifactId>jakarta.authentication-api</artifactId>
<scope>provided</scope>
</dependency>

<dependency>
<groupId>jakarta.security.enterprise</groupId>
<artifactId>jakarta.security.enterprise-api</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.glassfish.soteria</groupId>
<artifactId>jakarta.security.enterprise</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.jboss.weld</groupId>
<artifactId>weld-osgi-bundle</artifactId>
<scope>provided</scope>
</dependency>
</dependencies>
Expand Down Expand Up @@ -127,8 +149,10 @@
jakarta.xml.bind-api,
jakarta.security.auth.message-api,
com.sun.xml.bind.jaxb-osgi,
jakarta.servlet.jsp.jstl-api

jakarta.servlet.jsp.jstl-api,
jakarta.security.enterprise-api,
org.glassfish.jakarta.security.enterprise,
org.jboss.weld.osgi-bundle
</Require-Bundle>
<!-- Manually specify the shim versions of packages to be exported via this bundle -->
<!-- Note the "shortened" syntax here: For every API the packages are delimited with
Expand Down Expand Up @@ -263,7 +287,152 @@
jakarta.servlet.jsp.jstl.core;
jakarta.servlet.jsp.jstl.tlv;
jakarta.servlet.jsp.jstl.sql;
jakarta.servlet.jsp.jstl.fmt;version="2.0.0";shim="true"

jakarta.servlet.jsp.jstl.fmt;version="2.0.0";shim="true",

jakarta.security.auth.message.callback;
jakarta.security.auth.message.config;
jakarta.security.auth.message.module;
jakarta.security.auth.message;version="2.0.0";shim="true",

jakarta.security.enterprise;
jakarta.security.enterprise.authentication.mechanism.http;
jakarta.security.enterprise.authentication.mechanism.http.openid;
jakarta.security.enterprise.credential;
jakarta.security.enterprise.identitystore;
jakarta.security.enterprise.identitystore.openid;version="2.0.0";shim="true",

org.glassfish.soteria;
org.glassfish.soteria.authorization;
org.glassfish.soteria.authorization.spi;
org.glassfish.soteria.authorization.spi.impl;
org.glassfish.soteria.cdi;
org.glassfish.soteria.cdi.spi;
org.glassfish.soteria.cdi.spi.impl;
org.glassfish.soteria.identitystores;
org.glassfish.soteria.identitystores.annotation;
org.glassfish.soteria.identitystores.hash;
org.glassfish.soteria.mechanisms;
org.glassfish.soteria.mechanisms.jaspic;
org.glassfish.soteria.mechanisms.openid;
org.glassfish.soteria.mechanisms.openid.controller;
org.glassfish.soteria.mechanisms.openid.domain;
org.glassfish.soteria.servlet;version="2.0.1";shim="true",

<!-- Required by org.glassfish.soteria.spi.bean.decorator.weld-->
org.jboss.weld;
org.jboss.weld.annotated;
org.jboss.weld.annotated.enhanced;
org.jboss.weld.annotated.enhanced.jlr;
org.jboss.weld.annotated.runtime;
org.jboss.weld.annotated.slim;
org.jboss.weld.annotated.slim.backed;
org.jboss.weld.annotated.slim.unbacked;
org.jboss.weld.bean;
org.jboss.weld.bean.attributes;
org.jboss.weld.bean.builtin;
org.jboss.weld.bean.builtin.ee;
org.jboss.weld.bean.interceptor;
org.jboss.weld.bean.proxy;
org.jboss.weld.bean.proxy.util;
org.jboss.weld.bootstrap;
org.jboss.weld.bootstrap.api;
org.jboss.weld.bootstrap.api.helpers;
org.jboss.weld.bootstrap.enablement;
org.jboss.weld.bootstrap.event;
org.jboss.weld.bootstrap.events;
org.jboss.weld.bootstrap.events.configurator;
org.jboss.weld.bootstrap.spi;
org.jboss.weld.bootstrap.spi.helpers;
org.jboss.weld.config;
org.jboss.weld.configuration.spi;
org.jboss.weld.configuration.spi.helpers;
org.jboss.weld.config;
org.jboss.weld.configuration.spi;
org.jboss.weld.configuration.spi.helpers;
org.jboss.weld.construction.api;
org.jboss.weld.context;
org.jboss.weld.context.activator;
org.jboss.weld.context.api;
org.jboss.weld.context.bound;
org.jboss.weld.context.ejb;
org.jboss.weld.context.http;
org.jboss.weld.context.unbound;
org.jboss.weld.contexts;
org.jboss.weld.contexts.activator;
org.jboss.weld.contexts.beanstore;
org.jboss.weld.contexts.bound;
org.jboss.weld.contexts.cache;
org.jboss.weld.contexts.conversation;
org.jboss.weld.contexts.unbound;
org.jboss.weld.ejb.api;
org.jboss.weld.ejb.spi;
org.jboss.weld.ejb.spi.helpers;
org.jboss.weld.event;
org.jboss.weld.events;
org.jboss.weld.exceptions;
org.jboss.weld.executor;
org.jboss.weld.inject;
org.jboss.weld.injection;
org.jboss.weld.injection.attributes;
org.jboss.weld.injection.producer;
org.jboss.weld.injection.spi;
org.jboss.weld.injection.spi.helpers;
org.jboss.weld.interceptor;
org.jboss.weld.interceptor.builder;
org.jboss.weld.interceptor.proxy;
org.jboss.weld.interceptor.reader;
org.jboss.weld.interceptor.spi.metadata;
org.jboss.weld.interceptor.spi.model;
org.jboss.weld.interceptor.util;
org.jboss.weld.interceptor.util.proxy;
org.jboss.weld.literal;
org.jboss.weld.logging;
org.jboss.weld.manager;
org.jboss.weld.manager.api;
org.jboss.weld.metadata;
org.jboss.weld.metadata.cache;
org.jboss.weld.module;
org.jboss.weld.module.ejb;
org.jboss.weld.module.ejb.context;
org.jboss.weld.module.ejb.context.beanstore;
org.jboss.weld.module.jsf;
org.jboss.weld.module.jsf.servlet;
org.jboss.weld.module.jta;
org.jboss.weld.module.web;
org.jboss.weld.module.web.context.beanstore.http;
org.jboss.weld.module.web.context.http;
org.jboss.weld.module.web.el;
org.jboss.weld.module.web.logging;
org.jboss.weld.module.web.servlet;
org.jboss.weld.module.web.util.el;
org.jboss.weld.module.web.util.servlet;
org.jboss.weld.persistence;
org.jboss.weld.probe;
org.jboss.weld.proxy;
org.jboss.weld.resolution;
org.jboss.weld.resources;
org.jboss.weld.resources.spi;
org.jboss.weld.resources.spi.helpers;
org.jboss.weld.security;
org.jboss.weld.security.spi;
org.jboss.weld.serialization;
org.jboss.weld.serialization.spi;
org.jboss.weld.serialization.spi.helpers;
org.jboss.weld.servlet.api;
org.jboss.weld.servlet.api.helpers;
org.jboss.weld.servlet.spi;
org.jboss.weld.servlet.spi.helpers;
org.jboss.weld.transaction.spi;
org.jboss.weld.util;
org.jboss.weld.util.annotated;
org.jboss.weld.util.bean;
org.jboss.weld.util.bytecode;
org.jboss.weld.util.cache;
org.jboss.weld.util.collections;
org.jboss.weld.util.reflection;
org.jboss.weld.ws;
org.jboss.weld.xml;version="5.0";shim="true"

<!-- Minimal version of shim for MP 5.0. -->
<!-- TODO: This is only thing that should remain in final release -->
Expand Down
5 changes: 5 additions & 0 deletions appserver/packager/glassfish-web/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -257,6 +257,11 @@
<groupId>org.glassfish.soteria</groupId>
<artifactId>jakarta.security.enterprise</artifactId>
</dependency>
<dependency>
<groupId>org.glassfish.soteria</groupId>
<artifactId>soteria.spi.bean.decorator.weld</artifactId>
<version>${jakarta.security.enterprise.version}</version>
</dependency>
<dependency>
<groupId>jakarta.el</groupId>
<artifactId>jakarta.el-api</artifactId>
Expand Down
2 changes: 1 addition & 1 deletion appserver/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -90,7 +90,7 @@
<jaxr.version>JAXR_RA_20091012</jaxr.version>
<rest.monitoring.version>1.0.0-Beta</rest.monitoring.version>

<nimbus-jose-jwt.version>9.8.1</nimbus-jose-jwt.version>
<nimbus-jose-jwt.version>9.23</nimbus-jose-jwt.version>
<accessors-smart.version>2.4.2.payara-p1</accessors-smart.version>
<json-smart.version>2.4.8</json-smart.version>
<reactor-core.version>3.4.4</reactor-core.version>
Expand Down
1 change: 0 additions & 1 deletion ...provider-framework/src/main/java/com/sun/jaspic/config/factory/BaseAuthConfigFactory.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,6 @@
import java.security.AccessController;
import java.security.PrivilegedAction;
import static org.glassfish.soteria.Utils.isEmpty;
import org.glassfish.soteria.mechanisms.jaspic.DefaultAuthConfigProvider;

/**
* This class implements methods in the abstract class AuthConfigFactory.
Expand Down
116 changes: 116 additions & 0 deletions ...ider-framework/src/main/java/com/sun/jaspic/config/factory/DefaultAuthConfigProvider.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,116 @@
/*
* Copyright (c) 2015, 2020 Oracle and/or its affiliates. All rights reserved.
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v. 2.0, which is available at
* http://www.eclipse.org/legal/epl-2.0.
*
* This Source Code may also be made available under the following Secondary
* Licenses when the conditions for such availability set forth in the
* Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
* version 2 with the GNU Classpath Exception, which is available at
* https://www.gnu.org/software/classpath/license.html.
*
* SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
*/

package com.sun.jaspic.config.factory;

import java.util.Map;

import javax.security.auth.callback.CallbackHandler;
import jakarta.security.auth.message.AuthException;
import jakarta.security.auth.message.config.AuthConfigFactory;
import jakarta.security.auth.message.config.AuthConfigProvider;
import jakarta.security.auth.message.config.ClientAuthConfig;
import jakarta.security.auth.message.config.ServerAuthConfig;
import jakarta.security.auth.message.config.ServerAuthContext;
import jakarta.security.auth.message.module.ServerAuthModule;

/**
* This class functions as a kind of factory-factory for {@link ServerAuthConfig} instances, which are by themselves factories
* for {@link ServerAuthContext} instances, which are delegates for the actual {@link ServerAuthModule} (SAM) that we're after.
*
* @author Arjan Tijms
*/
public class DefaultAuthConfigProvider implements AuthConfigProvider {

private static final String CALLBACK_HANDLER_PROPERTY_NAME = "authconfigprovider.client.callbackhandler";

private Map<String, String> providerProperties;
private ServerAuthModule sam;

public DefaultAuthConfigProvider(ServerAuthModule sam) {
this.sam = sam;
}

/**
* Constructor with signature and implementation that's required by API.
*
* @param properties provider properties
* @param factory the auth config factory
*/
public DefaultAuthConfigProvider(Map<String, String> properties, AuthConfigFactory factory) {
this.providerProperties = properties;

// API requires self registration if factory is provided. Not clear
// where the "layer" (2nd parameter)
// and especially "appContext" (3rd parameter) values have to come from
// at this place.
if (factory != null) {
// If this method ever gets called, it may throw a SecurityException.
// Don't bother with a PrivilegedAction as we don't expect to ever be
// constructed this way.
factory.registerConfigProvider(this, null, null, "Auto registration");
}
}

/**
* The actual factory method that creates the factory used to eventually obtain the delegate for a SAM.
*/
@Override
public ServerAuthConfig getServerAuthConfig(
String layer, String appContext, CallbackHandler handler)
throws AuthException, SecurityException {
return new DefaultServerAuthConfig(
layer, appContext,
handler == null ? createDefaultCallbackHandler() : handler,
providerProperties, sam
);
}

@Override
public ClientAuthConfig getClientAuthConfig(
String layer, String appContext, CallbackHandler handler)
throws AuthException, SecurityException {
return null;
}

@Override
public void refresh() {
}

/**
* Creates a default callback handler via the system property
* "authconfigprovider.client.callbackhandler", as seemingly required by the
* API (API uses wording "may" create default handler). TODO: Isn't
* "authconfigprovider.client.callbackhandler" JBoss specific?
*
* @return
* @throws AuthException
*/
private CallbackHandler createDefaultCallbackHandler() throws AuthException {
String callBackClassName = System.getProperty(CALLBACK_HANDLER_PROPERTY_NAME);

if (callBackClassName == null) {
throw new AuthException("No default handler set via system property: " + CALLBACK_HANDLER_PROPERTY_NAME);
}

try {
return (CallbackHandler) Thread.currentThread().getContextClassLoader().loadClass(callBackClassName).newInstance();
} catch (Exception e) {
throw new AuthException(e.getMessage());
}
}

}
Loading

0 comments on commit 0b2bf2f

Please sign in to comment.