Merge pull request #268 from jwtk/jwe_java_9_update

Jwe java 9 update
This commit is contained in:
Micah Silverman 2017-10-10 16:27:23 -04:00 committed by GitHub
commit 2a4082fe9a
14 changed files with 81 additions and 36 deletions

4
.gitignore vendored
View File

@ -20,3 +20,7 @@ target/
.classpath .classpath
.project .project
.settings .settings
.clover
.java-version

View File

@ -6,6 +6,7 @@ language: java
jdk: jdk:
- openjdk7 - openjdk7
- oraclejdk8 - oraclejdk8
- oraclejdk9
before_install: before_install:
- export BUILD_COVERAGE="$([ $TRAVIS_JDK_VERSION == 'oraclejdk8' ] && echo 'true')" - export BUILD_COVERAGE="$([ $TRAVIS_JDK_VERSION == 'oraclejdk8' ] && echo 'true')"

View File

@ -1,5 +1,10 @@
## Release Notes ## Release Notes
### 0.9.0
This is a minor release that includes changes to dependencies and plugins to allow for building jjwt with Java 9.
Javadocs in a few classes were updated as well to support proper linting in both Java 8 and Java 9.
### 0.8.0 ### 0.8.0
This is a minor feature enhancement, dependency version update and build update release. We switched from Jacoco to This is a minor feature enhancement, dependency version update and build update release. We switched from Jacoco to

69
pom.xml
View File

@ -25,7 +25,7 @@
<groupId>io.jsonwebtoken</groupId> <groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId> <artifactId>jjwt</artifactId>
<version>0.9.0-SNAPSHOT</version> <version>0.10.0-SNAPSHOT</version>
<name>JSON Web Token support for the JVM</name> <name>JSON Web Token support for the JVM</name>
<packaging>jar</packaging> <packaging>jar</packaging>
@ -80,7 +80,7 @@
<maven.jar.version>3.0.2</maven.jar.version> <maven.jar.version>3.0.2</maven.jar.version>
<maven.compiler.version>3.6.1</maven.compiler.version> <maven.compiler.version>3.6.1</maven.compiler.version>
<jdk.version>1.6</jdk.version> <jdk.version>1.7</jdk.version>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<buildNumber>${user.name}-${maven.build.timestamp}</buildNumber> <buildNumber>${user.name}-${maven.build.timestamp}</buildNumber>
@ -92,10 +92,11 @@
<!-- Test Dependencies: Only required for testing when building. Not required by users at runtime: --> <!-- Test Dependencies: Only required for testing when building. Not required by users at runtime: -->
<groovy.version>2.4.11</groovy.version> <groovy.version>2.4.11</groovy.version>
<logback.version>1.2.3</logback.version> <logback.version>1.2.3</logback.version>
<easymock.version>3.4</easymock.version> <easymock.version>3.5</easymock.version>
<junit.version>4.12</junit.version> <junit.version>4.12</junit.version>
<powermock.version>1.6.6</powermock.version> <powermock.version>2.0.0-beta.5</powermock.version> <!-- necessary for Java 9 support -->
<failsafe.plugin.version>2.19.1</failsafe.plugin.version> <failsafe.plugin.version>2.20.1</failsafe.plugin.version>
<surefire.plugin.version>2.20.1</surefire.plugin.version>
<clover.version>4.2.0</clover.version> <clover.version>4.2.0</clover.version>
</properties> </properties>
@ -267,10 +268,16 @@
</dependency> </dependency>
</dependencies> </dependencies>
</plugin> </plugin>
<!-- Override OSS parent to support Java 9. Doesn't hurt Java 8 -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<version>${surefire.plugin.version}</version>
</plugin>
<plugin> <plugin>
<groupId>org.apache.maven.plugins</groupId> <groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-failsafe-plugin</artifactId> <artifactId>maven-failsafe-plugin</artifactId>
<version>2.20</version> <version>${failsafe.plugin.version}</version>
<configuration> <configuration>
<includes> <includes>
<include>**/*IT.java</include> <include>**/*IT.java</include>
@ -302,10 +309,10 @@
<!-- leaving out lang as it mostly comes from other sources --> <!-- leaving out lang as it mostly comes from other sources -->
<exclude>io/jsonwebtoken/lang/*</exclude> <exclude>io/jsonwebtoken/lang/*</exclude>
</excludes> </excludes>
<methodPercentage>100%</methodPercentage> <methodPercentage>95%</methodPercentage>
<statementPercentage>100%</statementPercentage> <statementPercentage>92.5%</statementPercentage>
<conditionalPercentage>100%</conditionalPercentage> <conditionalPercentage>94.4%</conditionalPercentage>
<targetPercentage>100%</targetPercentage> <targetPercentage>93.3</targetPercentage>
</configuration> </configuration>
<executions> <executions>
<execution> <execution>
@ -363,6 +370,7 @@
</instructions> </instructions>
</configuration> </configuration>
</plugin> </plugin>
<!-- Temporarily host coveralls SNAPSHOT with clover support locally --> <!-- Temporarily host coveralls SNAPSHOT with clover support locally -->
<plugin> <plugin>
<groupId>org.jwtk.coveralls</groupId> <groupId>org.jwtk.coveralls</groupId>
@ -370,19 +378,32 @@
<version>4.4.0</version> <version>4.4.0</version>
</plugin> </plugin>
<!-- Temporarily host coveralls SNAPSHOT with clover support locally --> <!-- Temporarily host coveralls SNAPSHOT with clover support locally -->
<!-- Override OSS parent to support Java 9 -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<version>2.10.4</version>
<executions>
<execution>
<id>attach-javadocs</id>
<goals>
<goal>jar</goal>
</goals>
</execution>
</executions>
<dependencies>
<!-- Workaround for Java 9 -->
<dependency>
<groupId>commons-lang</groupId>
<artifactId>commons-lang</artifactId>
<version>2.6</version>
</dependency>
</dependencies>
</plugin>
</plugins> </plugins>
</build> </build>
<profiles> <profiles>
<profile>
<id>jdk8</id>
<activation>
<jdk>1.8</jdk>
</activation>
<properties>
<!-- Turn off JDK 8's lint checks: -->
<additionalparam>-Xdoclint:none</additionalparam>
</properties>
</profile>
<profile> <profile>
<id>sign</id> <id>sign</id>
<build> <build>
@ -433,6 +454,14 @@
</goals> </goals>
</execution> </execution>
</executions> </executions>
<dependencies>
<!-- Workaround for Java 9 -->
<dependency>
<groupId>commons-lang</groupId>
<artifactId>commons-lang</artifactId>
<version>2.6</version>
</dependency>
</dependencies>
</plugin> </plugin>
</plugins> </plugins>
</build> </build>

View File

@ -31,7 +31,7 @@ import java.util.Map;
* claims.{@link Map#put(Object, Object) put}("someKey", "someValue"); * claims.{@link Map#put(Object, Object) put}("someKey", "someValue");
* </pre> * </pre>
* *
* <h4>Creation</h4> * <h3>Creation</h3>
* *
* <p>It is easiest to create a {@code Claims} instance by calling one of the * <p>It is easiest to create a {@code Claims} instance by calling one of the
* {@link Jwts#claims() JWTs.claims()} factory methods.</p> * {@link Jwts#claims() JWTs.claims()} factory methods.</p>

View File

@ -24,7 +24,7 @@ public final class CompressionCodecs {
/** /**
* Codec implementing the <a href="https://en.wikipedia.org/wiki/Gzip">gzip</a> compression algorithm. * Codec implementing the <a href="https://en.wikipedia.org/wiki/Gzip">gzip</a> compression algorithm.
* <h5>Compatibility Warning</h5> * <h3>Compatibility Warning</h3>
* <p><b>This is not a standard JWA compression algorithm</b>. Be sure to use this only when you are confident * <p><b>This is not a standard JWA compression algorithm</b>. Be sure to use this only when you are confident
* that all parties accessing the token support the gzip algorithm.</p> * that all parties accessing the token support the gzip algorithm.</p>
* <p>If you're concerned about compatibility, the {@link #DEFLATE DEFLATE} code is JWA standards-compliant.</p> * <p>If you're concerned about compatibility, the {@link #DEFLATE DEFLATE} code is JWA standards-compliant.</p>

View File

@ -30,7 +30,7 @@ import java.util.Map;
* header.{@link Map#put(Object, Object) put}("headerParamName", "headerParamValue"); * header.{@link Map#put(Object, Object) put}("headerParamName", "headerParamValue");
* </pre> * </pre>
* *
* <h4>Creation</h4> * <h3>Creation</h3>
* *
* <p>It is easiest to create a {@code Header} instance by calling one of the * <p>It is easiest to create a {@code Header} instance by calling one of the
* {@link Jwts#header() JWTs.header()} factory methods.</p> * {@link Jwts#header() JWTs.header()} factory methods.</p>
@ -113,7 +113,7 @@ public interface Header<T extends Header<T>> extends Map<String,Object> {
* Returns the JWT <a href="https://tools.ietf.org/html/rfc7516#section-4.1.3"><code>zip</code></a> * Returns the JWT <a href="https://tools.ietf.org/html/rfc7516#section-4.1.3"><code>zip</code></a>
* (Compression Algorithm) header parameter value or {@code null} if not present. * (Compression Algorithm) header parameter value or {@code null} if not present.
* *
* <h5>Compatiblity Note</h5> * <h3>Compatiblity Note</h3>
* *
* <p>While the JWT family of specifications only defines the <code>zip</code> header in the JWE * <p>While the JWT family of specifications only defines the <code>zip</code> header in the JWE
* (JSON Web Encryption) specification, JJWT will also support compression for JWS as well if you choose to use it. * (JSON Web Encryption) specification, JJWT will also support compression for JWS as well if you choose to use it.
@ -130,8 +130,12 @@ public interface Header<T extends Header<T>> extends Map<String,Object> {
* Sets the JWT <a href="https://tools.ietf.org/html/rfc7516#section-4.1.3"><code>zip</code></a> * Sets the JWT <a href="https://tools.ietf.org/html/rfc7516#section-4.1.3"><code>zip</code></a>
* (Compression Algorithm) header parameter value. A {@code null} value will remove * (Compression Algorithm) header parameter value. A {@code null} value will remove
* the property from the JSON map. * the property from the JSON map.
* <p>
* <p>The compression algorithm is NOT part of the <a href="https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-25">JWT specification</a>
* and must be used carefully since, is not expected that other libraries (including previous versions of this one)
* be able to deserialize a compressed JTW body correctly. </p>
* *
* <h5>Compatiblity Note</h5> * <h3>Compatiblity Note</h3>
* *
* <p>While the JWT family of specifications only defines the <code>zip</code> header in the JWE * <p>While the JWT family of specifications only defines the <code>zip</code> header in the JWE
* (JSON Web Encryption) specification, JJWT will also support compression for JWS as well if you choose to use it. * (JSON Web Encryption) specification, JJWT will also support compression for JWS as well if you choose to use it.

View File

@ -368,7 +368,7 @@ public interface JwtBuilder extends ClaimsMutator<JwtBuilder> {
* can be useful. For example, when embedding JWTs in URLs, some browsers may not support URLs longer than a * can be useful. For example, when embedding JWTs in URLs, some browsers may not support URLs longer than a
* certain length. Using compression can help ensure the compact JWT fits within that length. However, NOTE:</p> * certain length. Using compression can help ensure the compact JWT fits within that length. However, NOTE:</p>
* *
* <h5>Compatibility Warning</h5> * <h3>Compatibility Warning</h3>
* *
* <p>The JWT family of specifications defines compression only for JWE (JSON Web Encryption) * <p>The JWT family of specifications defines compression only for JWE (JSON Web Encryption)
* tokens. Even so, JJWT will also support compression for JWS tokens as well if you choose to use it. * tokens. Even so, JJWT will also support compression for JWS tokens as well if you choose to use it.

View File

@ -228,10 +228,10 @@ public interface JwtParser {
* Sets the {@link CompressionCodecResolver} used to acquire the {@link CompressionCodec} that should be used to * Sets the {@link CompressionCodecResolver} used to acquire the {@link CompressionCodec} that should be used to
* decompress the JWT body. If the parsed JWT is not compressed, this resolver is not used. * decompress the JWT body. If the parsed JWT is not compressed, this resolver is not used.
* <p><b>NOTE:</b> Compression is not defined by the JWT Specification, and it is not expected that other libraries * <p><b>NOTE:</b> Compression is not defined by the JWT Specification, and it is not expected that other libraries
* (including JJWT versions < 0.6.0) are able to consume a compressed JWT body correctly. This method is only * (including JJWT versions &lt; 0.6.0) are able to consume a compressed JWT body correctly. This method is only
* useful if the compact JWT was compressed with JJWT >= 0.6.0 or another library that you know implements * useful if the compact JWT was compressed with JJWT &gt;= 0.6.0 or another library that you know implements
* the same behavior.</p> * the same behavior.</p>
* <h5>Default Support</h5> * <h3>Default Support</h3>
* <p>JJWT's default {@link JwtParser} implementation supports both the * <p>JJWT's default {@link JwtParser} implementation supports both the
* {@link io.jsonwebtoken.impl.compression.DeflateCompressionCodec DEFLATE} * {@link io.jsonwebtoken.impl.compression.DeflateCompressionCodec DEFLATE}
* and {@link io.jsonwebtoken.impl.compression.GzipCompressionCodec GZIP} algorithms by default - you do not need to * and {@link io.jsonwebtoken.impl.compression.GzipCompressionCodec GZIP} algorithms by default - you do not need to

View File

@ -130,6 +130,7 @@ public enum SignatureAlgorithm {
* following table: * following table:
* *
* <table> * <table>
* <caption>Crypto Family</caption>
* <thead> * <thead>
* <tr> * <tr>
* <th>SignatureAlgorithm</th> * <th>SignatureAlgorithm</th>

View File

@ -38,7 +38,7 @@ import java.security.Key;
* *
* <p>A {@code SigningKeyResolver} is invoked once during parsing before the signature is verified.</p> * <p>A {@code SigningKeyResolver} is invoked once during parsing before the signature is verified.</p>
* *
* <h4>SigningKeyResolverAdapter</h4> * <h3>SigningKeyResolverAdapter</h3>
* *
* <p>If you only need to resolve a signing key for a particular JWS (either a plaintext or Claims JWS), consider using * <p>If you only need to resolve a signing key for a particular JWS (either a plaintext or Claims JWS), consider using
* the {@link io.jsonwebtoken.SigningKeyResolverAdapter} and overriding only the method you need to support instead of * the {@link io.jsonwebtoken.SigningKeyResolverAdapter} and overriding only the method you need to support instead of

View File

@ -67,7 +67,7 @@ public abstract class MacProvider extends SignatureProvider {
* according to the specified {@code SignatureAlgorithm} using the specified SecureRandom number generator. This * according to the specified {@code SignatureAlgorithm} using the specified SecureRandom number generator. This
* implementation returns secure-random key sizes as follows: * implementation returns secure-random key sizes as follows:
* *
* <table> <thead> <tr> <th>Signature Algorithm</th> <th>Generated Key Size</th> </tr> </thead> <tbody> <tr> * <table> <caption>Key Sizes</caption> <thead> <tr> <th>Signature Algorithm</th> <th>Generated Key Size</th> </tr> </thead> <tbody> <tr>
* <td>HS256</td> <td>256 bits (32 bytes)</td> </tr> <tr> <td>HS384</td> <td>384 bits (48 bytes)</td> </tr> <tr> * <td>HS256</td> <td>256 bits (32 bytes)</td> </tr> <tr> <td>HS384</td> <td>384 bits (48 bytes)</td> </tr> <tr>
* <td>HS512</td> <td>512 bits (64 bytes)</td> </tr> </tbody> </table> * <td>HS512</td> <td>512 bits (64 bytes)</td> </tr> </tbody> </table>
* *

View File

@ -18,10 +18,11 @@ public interface SerializationCodec {
/** /**
* Deserialize a {@code byte[]} to an {@code object} of an specific {@code type} * Deserialize a {@code byte[]} to an {@code object} of an specific {@code type}
*
* <pre> * <pre>
* bytes[] serialized = ... * bytes[] serialized = ...
* Map instance = serializationCodec.deserialize(serialized, Map.class); * Map instance = serializationCodec.deserialize(serialized, Map.class);
* <pre> * </pre>
* *
* @param bytes of the serialized object. * @param bytes of the serialized object.
* @param targetClass of the instance to return. * @param targetClass of the instance to return.

View File

@ -438,7 +438,7 @@ public final class Strings {
* Quote the given String with single quotes. * Quote the given String with single quotes.
* @param str the input String (e.g. "myString") * @param str the input String (e.g. "myString")
* @return the quoted String (e.g. "'myString'"), * @return the quoted String (e.g. "'myString'"),
* or <code>null<code> if the input was <code>null</code> * or <code>null</code> if the input was <code>null</code>
*/ */
public static String quote(String str) { public static String quote(String str) {
return (str != null ? "'" + str + "'" : null); return (str != null ? "'" + str + "'" : null);
@ -513,7 +513,7 @@ public final class Strings {
/** /**
* Extract the filename from the given path, * Extract the filename from the given path,
* e.g. "mypath/myfile.txt" -> "myfile.txt". * e.g. "mypath/myfile.txt" -&gt; "myfile.txt".
* @param path the file path (may be <code>null</code>) * @param path the file path (may be <code>null</code>)
* @return the extracted filename, or <code>null</code> if none * @return the extracted filename, or <code>null</code> if none
*/ */
@ -527,7 +527,7 @@ public final class Strings {
/** /**
* Extract the filename extension from the given path, * Extract the filename extension from the given path,
* e.g. "mypath/myfile.txt" -> "txt". * e.g. "mypath/myfile.txt" -&gt; "txt".
* @param path the file path (may be <code>null</code>) * @param path the file path (may be <code>null</code>)
* @return the extracted filename extension, or <code>null</code> if none * @return the extracted filename extension, or <code>null</code> if none
*/ */
@ -548,7 +548,7 @@ public final class Strings {
/** /**
* Strip the filename extension from the given path, * Strip the filename extension from the given path,
* e.g. "mypath/myfile.txt" -> "mypath/myfile". * e.g. "mypath/myfile.txt" -&gt; "mypath/myfile".
* @param path the file path (may be <code>null</code>) * @param path the file path (may be <code>null</code>)
* @return the path with stripped filename extension, * @return the path with stripped filename extension,
* or <code>null</code> if none * or <code>null</code> if none