Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

PAYARA-3824 Use KeyID from JWT header to find public key in JSON Web Key Set #3799

Merged
merged 5 commits into from Jul 5, 2019

Conversation

@lreimer
Copy link
Contributor

commented Feb 26, 2019

This patch will use the KeyID kid header field (if present) from the JSON web token to find the matching public key in a JSON Web Key Set (JWKS) array. If there is no KeyID, then the first key entry will be used just like before.

Following changes:

  • I had to split parsing and verification of the JWT in JwtTokenParser.java so that I can access the JWT header without having to parse the SignedJWT twice.
  • I had to pass the obtained keyID down to the createPublicKeyFromJWKS method in order to be able to find the matching JWK.

@arjantijms arjantijms added this to the 5.192 milestone Feb 27, 2019

@arjantijms

This comment has been minimized.

Copy link
Contributor

commented Mar 5, 2019

Jenkins test please

@jGauravGupta

This comment has been minimized.

Copy link
Contributor

commented Mar 5, 2019

LGTM, Need to test with MP TCK Runner.

@smillidge smillidge added the CLA label Mar 5, 2019

@jGauravGupta

This comment has been minimized.

Copy link
Contributor

commented Mar 5, 2019

Jenkins test MicroProfile

1 similar comment
@arjantijms

This comment has been minimized.

Copy link
Contributor

commented Mar 6, 2019

Jenkins test MicroProfile

@arjantijms arjantijms assigned MeroRai and unassigned jGauravGupta Mar 6, 2019

@arjantijms

This comment has been minimized.

Copy link
Contributor

commented Mar 6, 2019

@MeroRai
Can you test with the MP TCK Runner?

@MeroRai

This comment has been minimized.

Copy link
Contributor

commented Mar 14, 2019

Pass the MircoProfile TCK on the Payara Server. Although the TCK Runner will need to be updated for this PR to pass the test. I believe @jGauravGupta already did it but it has been revert back.

@smillidge

This comment has been minimized.

Copy link
Contributor

commented Mar 16, 2019

Fixes #3795

@MeroRai MeroRai requested a review from arjantijms Mar 25, 2019

@Pandrex247

This comment has been minimized.

Copy link
Member

commented May 3, 2019

Need to make sure both repos are updated at the same time.
PR into MP TCK Runners: payara/MicroProfile-TCK-Runners#39

@Pandrex247 Pandrex247 removed this from the 5.192 milestone May 20, 2019

@Pandrex247 Pandrex247 changed the title Use KeyID from JWT header to find public key in JSON Web Key Set PAYARA-3824 Use KeyID from JWT header to find public key in JSON Web Key Set May 20, 2019

@arjantijms

This comment has been minimized.

Copy link
Contributor

commented May 27, 2019

Jenkins test please

@smillidge

This comment has been minimized.

Copy link
Contributor

commented Jun 9, 2019

jenkins test please

@AlanRoth
Copy link
Contributor

left a comment

Tested locally and passed MPTCKs with TEST-198's changes (#4054 and payara/MicroProfile-TCK-Runners#44)

@AlanRoth

This comment has been minimized.

Copy link
Contributor

commented Jul 4, 2019

jenkins test please

1 similar comment
@AlanRoth

This comment has been minimized.

Copy link
Contributor

commented Jul 4, 2019

jenkins test please

Fixed formatting errors due to merge conflicts
I apologise, it was due to trying to resolve the conflicts using GitHub, which didn't save properly.
@AlanRoth

This comment has been minimized.

Copy link
Contributor

commented Jul 4, 2019

jenkins test please

@AlanRoth AlanRoth merged commit 601701f into payara:master Jul 5, 2019

59 checks passed

Payara Quick Build and Test Quick build and test passed!
Details
security/snyk - api/payara-api/pom.xml (payara-ci) No new issues
Details
security/snyk - api/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/admin/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/admingui/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/ant-tasks/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/appclient/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/batch/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/common/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/concurrent/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/connectors/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/core/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/deployment/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/distributions/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/ejb/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/extras/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/featuresets/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/flashlight/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/grizzly/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/ha/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/installer/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/javaee-api/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/jdbc/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/jms/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/load-balancer/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/orb/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/osgi-platforms/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/packager/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/payara-appserver-modules/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/persistence/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/registration/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/resources/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/security/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/tests/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/transaction/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/web/pom.xml (payara-ci) No new issues
Details
security/snyk - appserver/webservices/pom.xml (payara-ci) No new issues
Details
security/snyk - copyright/pom.xml (payara-ci) No new issues
Details
security/snyk - nucleus/admin/pom.xml (payara-ci) No new issues
Details
security/snyk - nucleus/cluster/pom.xml (payara-ci) No new issues
Details
security/snyk - nucleus/common/pom.xml (payara-ci) No new issues
Details
security/snyk - nucleus/core/pom.xml (payara-ci) No new issues
Details
security/snyk - nucleus/deployment/pom.xml (payara-ci) No new issues
Details
security/snyk - nucleus/diagnostics/pom.xml (payara-ci) No new issues
Details
security/snyk - nucleus/distributions/pom.xml (payara-ci) No new issues
Details
security/snyk - nucleus/flashlight/pom.xml (payara-ci) No new issues
Details
security/snyk - nucleus/grizzly/pom.xml (payara-ci) No new issues
Details
security/snyk - nucleus/hk2/pom.xml (payara-ci) No new issues
Details
security/snyk - nucleus/osgi-platforms/pom.xml (payara-ci) No new issues
Details
security/snyk - nucleus/packager/pom.xml (payara-ci) No new issues
Details
security/snyk - nucleus/payara-modules/pom.xml (payara-ci) No new issues
Details
security/snyk - nucleus/pom.xml (payara-ci) No new issues
Details
security/snyk - nucleus/resources-l10n/pom.xml (payara-ci) No new issues
Details
security/snyk - nucleus/resources/pom.xml (payara-ci) No new issues
Details
security/snyk - nucleus/security/pom.xml (payara-ci) No new issues
Details
security/snyk - nucleus/test-utils/pom.xml (payara-ci) No new issues
Details
security/snyk - nucleus/tests/pom.xml (payara-ci) No new issues
Details
security/snyk - pom.xml (payara-ci) No new issues
Details
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
7 participants
You can’t perform that action at this time.