honeymoose/jjwt
1
0
Fork 0
mirror of https://github.com/jwtk/jjwt.git synced 2025-02-26 17:17:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #249 from jwtk/jwe_tidy

Browse Source 
Minor punctuation and sentence structure updates. Changed Json to JSON per spec.
This commit is contained in:
Micah Silverman 2017-09-02 17:49:20 -04:00 committed by GitHub
commit 9fc589630c
10 changed files with 85 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
.travis.yml
View File

@ -1,13 +1,19 @@
# https://travis-ci.org/jwtk/jjwt
language: java
dist: trusty
sudo: required
language: java
jdk:
- oraclejdk7
- openjdk7
- oraclejdk8
before_install:
- export BUILD_COVERAGE="$([ $TRAVIS_JDK_VERSION == 'oraclejdk8' ] && echo 'true')"
install: echo "No need to run mvn install -DskipTests then mvn install. Running mvn install."
script: mvn install
after_success:
- test -z "$BUILD_COVERAGE" || mvn clean test jacoco:report coveralls:report

4
README.md
View File

@ -193,9 +193,9 @@ try {
// we get here if the required claim is not present
} catch (IncorrectClaimException) {
} catch (IncorrectClaimException e) {
// we get here if ther required claim has the wrong value
// we get here if the required claim has the wrong value
}
```

32
pom.xml
View File

@ -55,23 +55,23 @@
<properties>
<maven.jar.version>3.0.2</maven.jar.version>
<maven.compiler.version>3.5.1</maven.compiler.version>
<maven.compiler.version>3.6.1</maven.compiler.version>
<jdk.version>1.6</jdk.version>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<buildNumber>${user.name}-${maven.build.timestamp}</buildNumber>
<jackson.version>2.8.2</jackson.version>
<jackson.version>2.8.9</jackson.version>
<!-- Optional Runtime Dependencies: -->
<bouncycastle.version>1.55</bouncycastle.version>
<bouncycastle.version>1.56</bouncycastle.version>
<!-- Test Dependencies: Only required for testing when building. Not required by users at runtime: -->
<groovy.version>2.4.7</groovy.version>
<logback.version>1.1.7</logback.version>
<groovy.version>2.4.11</groovy.version>
<logback.version>1.2.3</logback.version>
<easymock.version>3.4</easymock.version>
<junit.version>4.12</junit.version>
<powermock.version>1.6.5</powermock.version>
<powermock.version>1.6.6</powermock.version>
<failsafe.plugin.version>2.19.1</failsafe.plugin.version>
</properties>
@ -159,7 +159,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-enforcer-plugin</artifactId>
<version>1.3.1</version>
<version>1.4.1</version>
<executions>
<execution>
<id>enforce-banned-dependencies</id>
@ -247,7 +247,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-failsafe-plugin</artifactId>
<version>2.17</version>
<version>2.20</version>
<configuration>
<includes>
<include>**/*IT.java</include>
@ -272,7 +272,7 @@
<plugin>
<groupId>org.jacoco</groupId>
<artifactId>jacoco-maven-plugin</artifactId>
<version>0.7.6.201602180812</version>
<version>0.7.9</version>
<configuration>
<excludes>
<exclude>**/io/jsonwebtoken/lang/*</exclude>
@ -290,12 +290,12 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-release-plugin</artifactId>
<version>2.5</version>
<version>2.5.3</version>
<dependencies>
<dependency>
<groupId>org.apache.maven.scm</groupId>
<artifactId>maven-scm-provider-gitexe</artifactId>
<version>1.9</version>
<version>1.9.5</version>
</dependency>
</dependencies>
<configuration>
@ -308,7 +308,7 @@
<plugin>
<groupId>org.apache.felix</groupId>
<artifactId>maven-bundle-plugin</artifactId>
<version>3.0.1</version>
<version>3.3.0</version>
<extensions>true</extensions>
<executions>
<execution>
@ -334,7 +334,7 @@
<plugin>
<groupId>org.eluder.coveralls</groupId>
<artifactId>coveralls-maven-plugin</artifactId>
<version>4.0.0</version>
<version>4.3.0</version>
</plugin>
</plugins>
</build>
@ -356,7 +356,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<version>1.5</version>
<version>1.6</version>
<executions>
<execution>
<id>sign-artifacts</id>
@ -377,7 +377,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-source-plugin</artifactId>
<version>2.3</version>
<version>3.0.1</version>
<executions>
<execution>
<id>attach-sources</id>
@ -390,7 +390,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<version>2.9.1</version>
<version>2.10.4</version>
<executions>
<execution>
<id>attach-javadocs</id>

23
src/main/java/io/jsonwebtoken/Header.java
View File

@ -115,11 +115,11 @@ public interface Header<T extends Header<T>> extends Map<String,Object> {
*
* <h5>Compatiblity Note</h5>
*
* <p>While the JWT family of specifications only defines the <code>zip</code> header in the JWE (Json Web Encryption)
* specification, JJWT will also support compression for JWS as well if you choose to use it. However,
* be aware that <b>if you use
* compression when creating a JWS token, other libraries may not be able to parse the JWS</b>. Compression when
* creating JWE tokens however should be universally accepted for any library that supports JWE.</p>
* <p>While the JWT family of specifications only defines the <code>zip</code> header in the JWE
* (JSON Web Encryption) specification, JJWT will also support compression for JWS as well if you choose to use it.
* However, be aware that <b>if you use compression when creating a JWS token, other libraries may not be able to
* parse the JWS</b>. However, compression when creating JWE tokens should be universally accepted for any library
* that supports JWE.</p>
*
* @return the {@code zip} header parameter value or {@code null} if not present.
* @since 0.6.0
@ -133,13 +133,14 @@ public interface Header<T extends Header<T>> extends Map<String,Object> {
*
* <h5>Compatiblity Note</h5>
*
* <p>While the JWT family of specifications only defines the <code>zip</code> header in the JWE (Json Web Encryption)
* specification, JJWT will also support compression for JWS as well if you choose to use it. However,
* be aware that <b>if you use
* compression when creating a JWS token, other libraries may not be able to parse the JWS</b>. Compression when
* creating JWE tokens however should be universally accepted for any library that supports JWE.</p>
* <p>While the JWT family of specifications only defines the <code>zip</code> header in the JWE
* (JSON Web Encryption) specification, JJWT will also support compression for JWS as well if you choose to use it.
* However, be aware that <b>if you use compression when creating a JWS token, other libraries may not be able to
* parse the JWS</b>. However, Compression when creating JWE tokens should be universally accepted for any library
* that supports JWE.</p>
*
* @param zip the JWT compression algorithm {@code zip} value or {@code null} to remove the property from the JSON map.
* @param zip the JWT compression algorithm {@code zip} value or {@code null} to remove the property from the
* JSON map.
* @since 0.6.0
*/
T setCompressionAlgorithm(String zip);

16
src/main/java/io/jsonwebtoken/JwtBuilder.java
View File

@ -101,6 +101,18 @@ public interface JwtBuilder extends ClaimsMutator<JwtBuilder> {
*/
JwtBuilder setClaims(Map<String, Object> claims);
/**
* Adds all given name/value pairs to the JSON Claims in the payload. If a Claims instance does not yet exist at the
* time this method is called, one will be created automatically before applying the name/value pairs.
*
* <p>The payload and claims properties are mutually exclusive - only one of the two may be used.</p>
*
* @param claims the JWT claims to be added to the JWT body.
* @return the builder for method chaining.
* @since 0.8
*/
JwtBuilder addClaims(Map<String, Object> claims);
/**
* Sets the JWT Claims <a href="https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-25#section-4.1.1">
* <code>iss</code></a> (issuer) value. A {@code null} value will remove the property from the Claims.
@ -358,10 +370,10 @@ public interface JwtBuilder extends ClaimsMutator<JwtBuilder> {
*
* <h5>Compatibility Warning</h5>
*
* <p>The JWT family of specifications defines compression only for JWE (Json Web Encryption)
* <p>The JWT family of specifications defines compression only for JWE (JSON Web Encryption)
* tokens. Even so, JJWT will also support compression for JWS tokens as well if you choose to use it.
* However, be aware that <b>if you use compression when creating a JWS token, other libraries may not be able to
* parse that JWS token</b>. When using compression for JWS tokens, be sure that that all parties accessing the
* parse that JWS token</b>. When using compression for JWS tokens, be sure that that all parties accessing the
* JWS token support compression for JWS.</p>
*
* <p>Compression when creating JWE tokens however should be universally accepted for any

3
src/main/java/io/jsonwebtoken/JwtParser.java
View File

@ -187,9 +187,6 @@ public interface JwtParser {
* (as the {@code alg} header parameter).</p>
* <p>
* <p>This method overwrites any previously set key.</p>
* <p>
* <p>This is a convenience method: the string argument is first BASE64-decoded to a byte array and this resulting
* byte array is used to invoke {@link #setSigningKey(byte[])}.</p>
*
* @param key the algorithm-specific signature verification key to use to validate any discovered JWS digital
* signature.

15
src/main/java/io/jsonwebtoken/impl/DefaultJwtBuilder.java
View File

@ -17,14 +17,7 @@ package io.jsonwebtoken.impl;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.CompressionCodec;
import io.jsonwebtoken.Header;
import io.jsonwebtoken.JwsHeader;
import io.jsonwebtoken.JwtBuilder;
import io.jsonwebtoken.JwtParser;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.*;
import io.jsonwebtoken.impl.crypto.DefaultJwtSigner;
import io.jsonwebtoken.impl.crypto.JwtSigner;
import io.jsonwebtoken.lang.Assert;
@ -148,6 +141,12 @@ public class DefaultJwtBuilder implements JwtBuilder {
return this;
}
@Override
public JwtBuilder addClaims(Map<String, Object> claims) {
ensureClaims().putAll(claims);
return this;
}
@Override
public JwtBuilder setIssuer(String iss) {
if (Strings.hasText(iss)) {

7
src/main/java/io/jsonwebtoken/impl/crypto/EllipticCurveSigner.java
View File

@ -19,6 +19,7 @@ import java.security.InvalidKeyException;
import java.security.Key;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.interfaces.ECKey;
import java.security.interfaces.ECPrivateKey;
import io.jsonwebtoken.JwtException;
@ -29,9 +30,9 @@ public class EllipticCurveSigner extends EllipticCurveProvider implements Signer
public EllipticCurveSigner(SignatureAlgorithm alg, Key key) {
super(alg, key);
if (!(key instanceof ECPrivateKey)) {
String msg = "Elliptic Curve signatures must be computed using an ECPrivateKey. The specified key of " +
"type " + key.getClass().getName() + " is not an ECPrivateKey.";
if (!(key instanceof PrivateKey && key instanceof ECKey)) {
String msg = "Elliptic Curve signatures must be computed using an EC PrivateKey. The specified key of " +
"type " + key.getClass().getName() + " is not an EC PrivateKey.";
throw new IllegalArgumentException(msg);
}
}

20
src/test/groovy/io/jsonwebtoken/impl/DefaultJwtBuilderTest.groovy
View File

@ -74,6 +74,26 @@ class DefaultJwtBuilderTest {
assertSame b.claims, c
}
@Test
void testAddClaims() {
def b = new DefaultJwtBuilder()
def c = Jwts.claims([initial: 'initial'])
b.setClaims(c)
def c2 = [foo: 'bar', baz: 'buz']
b.addClaims(c2)
assertEquals 'initial', b.claims.get('initial')
assertEquals 'bar', b.claims.get('foo')
}
@Test
void testAddClaimsWithoutInitializing() {
def b = new DefaultJwtBuilder()
def c = [foo: 'bar', baz: 'buz']
b.addClaims(c)
assertNotNull b.claims
assertEquals b.claims, c
}
@Test
void testClaim() {
def b = new DefaultJwtBuilder()

4
src/test/groovy/io/jsonwebtoken/impl/crypto/EllipticCurveSignerTest.groovy
View File

@ -46,8 +46,8 @@ class EllipticCurveSignerTest {
new EllipticCurveSigner(SignatureAlgorithm.ES256, key);
fail('EllipticCurveSigner should reject non ECPrivateKey instances.')
} catch (IllegalArgumentException expected) {
assertEquals expected.message, "Elliptic Curve signatures must be computed using an ECPrivateKey. The specified key of " +
"type " + key.getClass().getName() + " is not an ECPrivateKey.";
assertEquals expected.message, "Elliptic Curve signatures must be computed using an EC PrivateKey. The specified key of " +
"type " + key.getClass().getName() + " is not an EC PrivateKey.";
}
}