From e5c43ec9e577b146d037206613cc5d8112a1038d Mon Sep 17 00:00:00 2001 From: William Cheng Date: Sat, 25 Sep 2021 14:09:29 +0800 Subject: [PATCH 1/2] update surefire to newer version --- pom.xml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 8bf0f19b74c9..2709447e131f 100644 --- a/pom.xml +++ b/pom.xml @@ -226,6 +226,7 @@ ${surefire-version} true + 120 false none:none org.testng:testng @@ -1616,7 +1617,7 @@ 1.14 4.1.2 7.1.0 - 3.0.0-M3 + 3.0.0-M5 0.9.10 3.6.28 0.8.5 From bee1f5d8cf2014b57cd436c830d0302f1e2d384c Mon Sep 17 00:00:00 2001 From: Bruno Flamand Date: Tue, 10 May 2022 12:03:42 -0400 Subject: [PATCH 2/2] small tweak to add support for "leeway" when verifying oauth tokens. --- .../main/resources/JavaPlayFramework/securityApiUtils.mustache | 3 +++ .../app/openapitools/SecurityAPIUtils.java | 3 +++ .../app/openapitools/SecurityAPIUtils.java | 3 +++ .../app/openapitools/SecurityAPIUtils.java | 3 +++ .../app/openapitools/SecurityAPIUtils.java | 3 +++ .../app/openapitools/SecurityAPIUtils.java | 3 +++ .../app/openapitools/SecurityAPIUtils.java | 3 +++ .../app/openapitools/SecurityAPIUtils.java | 3 +++ .../app/openapitools/SecurityAPIUtils.java | 3 +++ .../app/openapitools/SecurityAPIUtils.java | 3 +++ .../app/openapitools/SecurityAPIUtils.java | 3 +++ .../app/openapitools/SecurityAPIUtils.java | 3 +++ .../java-play-framework/app/openapitools/SecurityAPIUtils.java | 3 +++ 13 files changed, 39 insertions(+) diff --git a/modules/openapi-generator/src/main/resources/JavaPlayFramework/securityApiUtils.mustache b/modules/openapi-generator/src/main/resources/JavaPlayFramework/securityApiUtils.mustache index 4e0fa1091256..3ab86bfd0344 100644 --- a/modules/openapi-generator/src/main/resources/JavaPlayFramework/securityApiUtils.mustache +++ b/modules/openapi-generator/src/main/resources/JavaPlayFramework/securityApiUtils.mustache @@ -42,6 +42,7 @@ public class SecurityAPIUtils { private final HashMap tokenIntrospectEndpoints = new HashMap<>(); private final String clientId; private final String clientSecret; + private final long leeway; // Offline validation private final HashMap jwksEndpoints = new HashMap<>(); @@ -54,6 +55,7 @@ public class SecurityAPIUtils { clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : ""; clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : ""; + leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3; {{#hasOAuthMethods}} {{#oauthMethods}} @@ -135,6 +137,7 @@ public class SecurityAPIUtils { Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null); tokenVerifier = JWT.require(algorithm) .withIssuer(issuer) + .acceptLeeway(leeway) .build(); tokenKeyId = keyId; } diff --git a/samples/server/petstore/java-play-framework-api-package-override/app/openapitools/SecurityAPIUtils.java b/samples/server/petstore/java-play-framework-api-package-override/app/openapitools/SecurityAPIUtils.java index 6ea699069b1a..a0fdbc946ff3 100644 --- a/samples/server/petstore/java-play-framework-api-package-override/app/openapitools/SecurityAPIUtils.java +++ b/samples/server/petstore/java-play-framework-api-package-override/app/openapitools/SecurityAPIUtils.java @@ -42,6 +42,7 @@ public class SecurityAPIUtils { private final HashMap tokenIntrospectEndpoints = new HashMap<>(); private final String clientId; private final String clientSecret; + private final long leeway; // Offline validation private final HashMap jwksEndpoints = new HashMap<>(); @@ -54,6 +55,7 @@ public class SecurityAPIUtils { clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : ""; clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : ""; + leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3; tokenIntrospectEndpoints.put("petstore_auth", ""); @@ -127,6 +129,7 @@ public boolean isTokenValidByOfflineCheck(String bearerToken, String securityMet Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null); tokenVerifier = JWT.require(algorithm) .withIssuer(issuer) + .acceptLeeway(leeway) .build(); tokenKeyId = keyId; } diff --git a/samples/server/petstore/java-play-framework-async/app/openapitools/SecurityAPIUtils.java b/samples/server/petstore/java-play-framework-async/app/openapitools/SecurityAPIUtils.java index 6ea699069b1a..a0fdbc946ff3 100644 --- a/samples/server/petstore/java-play-framework-async/app/openapitools/SecurityAPIUtils.java +++ b/samples/server/petstore/java-play-framework-async/app/openapitools/SecurityAPIUtils.java @@ -42,6 +42,7 @@ public class SecurityAPIUtils { private final HashMap tokenIntrospectEndpoints = new HashMap<>(); private final String clientId; private final String clientSecret; + private final long leeway; // Offline validation private final HashMap jwksEndpoints = new HashMap<>(); @@ -54,6 +55,7 @@ public class SecurityAPIUtils { clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : ""; clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : ""; + leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3; tokenIntrospectEndpoints.put("petstore_auth", ""); @@ -127,6 +129,7 @@ public boolean isTokenValidByOfflineCheck(String bearerToken, String securityMet Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null); tokenVerifier = JWT.require(algorithm) .withIssuer(issuer) + .acceptLeeway(leeway) .build(); tokenKeyId = keyId; } diff --git a/samples/server/petstore/java-play-framework-controller-only/app/openapitools/SecurityAPIUtils.java b/samples/server/petstore/java-play-framework-controller-only/app/openapitools/SecurityAPIUtils.java index 6ea699069b1a..a0fdbc946ff3 100644 --- a/samples/server/petstore/java-play-framework-controller-only/app/openapitools/SecurityAPIUtils.java +++ b/samples/server/petstore/java-play-framework-controller-only/app/openapitools/SecurityAPIUtils.java @@ -42,6 +42,7 @@ public class SecurityAPIUtils { private final HashMap tokenIntrospectEndpoints = new HashMap<>(); private final String clientId; private final String clientSecret; + private final long leeway; // Offline validation private final HashMap jwksEndpoints = new HashMap<>(); @@ -54,6 +55,7 @@ public class SecurityAPIUtils { clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : ""; clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : ""; + leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3; tokenIntrospectEndpoints.put("petstore_auth", ""); @@ -127,6 +129,7 @@ public boolean isTokenValidByOfflineCheck(String bearerToken, String securityMet Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null); tokenVerifier = JWT.require(algorithm) .withIssuer(issuer) + .acceptLeeway(leeway) .build(); tokenKeyId = keyId; } diff --git a/samples/server/petstore/java-play-framework-fake-endpoints-with-security/app/openapitools/SecurityAPIUtils.java b/samples/server/petstore/java-play-framework-fake-endpoints-with-security/app/openapitools/SecurityAPIUtils.java index 59eb09ed43dd..e2b1202cdb2a 100644 --- a/samples/server/petstore/java-play-framework-fake-endpoints-with-security/app/openapitools/SecurityAPIUtils.java +++ b/samples/server/petstore/java-play-framework-fake-endpoints-with-security/app/openapitools/SecurityAPIUtils.java @@ -42,6 +42,7 @@ public class SecurityAPIUtils { private final HashMap tokenIntrospectEndpoints = new HashMap<>(); private final String clientId; private final String clientSecret; + private final long leeway; // Offline validation private final HashMap jwksEndpoints = new HashMap<>(); @@ -54,6 +55,7 @@ public class SecurityAPIUtils { clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : ""; clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : ""; + leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3; tokenIntrospectEndpoints.put("petstore_token", "https://keycloak-dev.business.stingray.com/auth/realms/CSLocal/protocol/openid-connect/token/introspect"); @@ -127,6 +129,7 @@ public boolean isTokenValidByOfflineCheck(String bearerToken, String securityMet Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null); tokenVerifier = JWT.require(algorithm) .withIssuer(issuer) + .acceptLeeway(leeway) .build(); tokenKeyId = keyId; } diff --git a/samples/server/petstore/java-play-framework-fake-endpoints/app/openapitools/SecurityAPIUtils.java b/samples/server/petstore/java-play-framework-fake-endpoints/app/openapitools/SecurityAPIUtils.java index 6ea699069b1a..a0fdbc946ff3 100644 --- a/samples/server/petstore/java-play-framework-fake-endpoints/app/openapitools/SecurityAPIUtils.java +++ b/samples/server/petstore/java-play-framework-fake-endpoints/app/openapitools/SecurityAPIUtils.java @@ -42,6 +42,7 @@ public class SecurityAPIUtils { private final HashMap tokenIntrospectEndpoints = new HashMap<>(); private final String clientId; private final String clientSecret; + private final long leeway; // Offline validation private final HashMap jwksEndpoints = new HashMap<>(); @@ -54,6 +55,7 @@ public class SecurityAPIUtils { clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : ""; clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : ""; + leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3; tokenIntrospectEndpoints.put("petstore_auth", ""); @@ -127,6 +129,7 @@ public boolean isTokenValidByOfflineCheck(String bearerToken, String securityMet Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null); tokenVerifier = JWT.require(algorithm) .withIssuer(issuer) + .acceptLeeway(leeway) .build(); tokenKeyId = keyId; } diff --git a/samples/server/petstore/java-play-framework-no-bean-validation/app/openapitools/SecurityAPIUtils.java b/samples/server/petstore/java-play-framework-no-bean-validation/app/openapitools/SecurityAPIUtils.java index 6ea699069b1a..a0fdbc946ff3 100644 --- a/samples/server/petstore/java-play-framework-no-bean-validation/app/openapitools/SecurityAPIUtils.java +++ b/samples/server/petstore/java-play-framework-no-bean-validation/app/openapitools/SecurityAPIUtils.java @@ -42,6 +42,7 @@ public class SecurityAPIUtils { private final HashMap tokenIntrospectEndpoints = new HashMap<>(); private final String clientId; private final String clientSecret; + private final long leeway; // Offline validation private final HashMap jwksEndpoints = new HashMap<>(); @@ -54,6 +55,7 @@ public class SecurityAPIUtils { clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : ""; clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : ""; + leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3; tokenIntrospectEndpoints.put("petstore_auth", ""); @@ -127,6 +129,7 @@ public boolean isTokenValidByOfflineCheck(String bearerToken, String securityMet Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null); tokenVerifier = JWT.require(algorithm) .withIssuer(issuer) + .acceptLeeway(leeway) .build(); tokenKeyId = keyId; } diff --git a/samples/server/petstore/java-play-framework-no-exception-handling/app/openapitools/SecurityAPIUtils.java b/samples/server/petstore/java-play-framework-no-exception-handling/app/openapitools/SecurityAPIUtils.java index 6ea699069b1a..a0fdbc946ff3 100644 --- a/samples/server/petstore/java-play-framework-no-exception-handling/app/openapitools/SecurityAPIUtils.java +++ b/samples/server/petstore/java-play-framework-no-exception-handling/app/openapitools/SecurityAPIUtils.java @@ -42,6 +42,7 @@ public class SecurityAPIUtils { private final HashMap tokenIntrospectEndpoints = new HashMap<>(); private final String clientId; private final String clientSecret; + private final long leeway; // Offline validation private final HashMap jwksEndpoints = new HashMap<>(); @@ -54,6 +55,7 @@ public class SecurityAPIUtils { clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : ""; clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : ""; + leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3; tokenIntrospectEndpoints.put("petstore_auth", ""); @@ -127,6 +129,7 @@ public boolean isTokenValidByOfflineCheck(String bearerToken, String securityMet Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null); tokenVerifier = JWT.require(algorithm) .withIssuer(issuer) + .acceptLeeway(leeway) .build(); tokenKeyId = keyId; } diff --git a/samples/server/petstore/java-play-framework-no-interface/app/openapitools/SecurityAPIUtils.java b/samples/server/petstore/java-play-framework-no-interface/app/openapitools/SecurityAPIUtils.java index 6ea699069b1a..a0fdbc946ff3 100644 --- a/samples/server/petstore/java-play-framework-no-interface/app/openapitools/SecurityAPIUtils.java +++ b/samples/server/petstore/java-play-framework-no-interface/app/openapitools/SecurityAPIUtils.java @@ -42,6 +42,7 @@ public class SecurityAPIUtils { private final HashMap tokenIntrospectEndpoints = new HashMap<>(); private final String clientId; private final String clientSecret; + private final long leeway; // Offline validation private final HashMap jwksEndpoints = new HashMap<>(); @@ -54,6 +55,7 @@ public class SecurityAPIUtils { clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : ""; clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : ""; + leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3; tokenIntrospectEndpoints.put("petstore_auth", ""); @@ -127,6 +129,7 @@ public boolean isTokenValidByOfflineCheck(String bearerToken, String securityMet Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null); tokenVerifier = JWT.require(algorithm) .withIssuer(issuer) + .acceptLeeway(leeway) .build(); tokenKeyId = keyId; } diff --git a/samples/server/petstore/java-play-framework-no-nullable/app/openapitools/SecurityAPIUtils.java b/samples/server/petstore/java-play-framework-no-nullable/app/openapitools/SecurityAPIUtils.java index 6ea699069b1a..a0fdbc946ff3 100644 --- a/samples/server/petstore/java-play-framework-no-nullable/app/openapitools/SecurityAPIUtils.java +++ b/samples/server/petstore/java-play-framework-no-nullable/app/openapitools/SecurityAPIUtils.java @@ -42,6 +42,7 @@ public class SecurityAPIUtils { private final HashMap tokenIntrospectEndpoints = new HashMap<>(); private final String clientId; private final String clientSecret; + private final long leeway; // Offline validation private final HashMap jwksEndpoints = new HashMap<>(); @@ -54,6 +55,7 @@ public class SecurityAPIUtils { clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : ""; clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : ""; + leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3; tokenIntrospectEndpoints.put("petstore_auth", ""); @@ -127,6 +129,7 @@ public boolean isTokenValidByOfflineCheck(String bearerToken, String securityMet Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null); tokenVerifier = JWT.require(algorithm) .withIssuer(issuer) + .acceptLeeway(leeway) .build(); tokenKeyId = keyId; } diff --git a/samples/server/petstore/java-play-framework-no-swagger-ui/app/openapitools/SecurityAPIUtils.java b/samples/server/petstore/java-play-framework-no-swagger-ui/app/openapitools/SecurityAPIUtils.java index 6ea699069b1a..a0fdbc946ff3 100644 --- a/samples/server/petstore/java-play-framework-no-swagger-ui/app/openapitools/SecurityAPIUtils.java +++ b/samples/server/petstore/java-play-framework-no-swagger-ui/app/openapitools/SecurityAPIUtils.java @@ -42,6 +42,7 @@ public class SecurityAPIUtils { private final HashMap tokenIntrospectEndpoints = new HashMap<>(); private final String clientId; private final String clientSecret; + private final long leeway; // Offline validation private final HashMap jwksEndpoints = new HashMap<>(); @@ -54,6 +55,7 @@ public class SecurityAPIUtils { clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : ""; clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : ""; + leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3; tokenIntrospectEndpoints.put("petstore_auth", ""); @@ -127,6 +129,7 @@ public boolean isTokenValidByOfflineCheck(String bearerToken, String securityMet Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null); tokenVerifier = JWT.require(algorithm) .withIssuer(issuer) + .acceptLeeway(leeway) .build(); tokenKeyId = keyId; } diff --git a/samples/server/petstore/java-play-framework-no-wrap-calls/app/openapitools/SecurityAPIUtils.java b/samples/server/petstore/java-play-framework-no-wrap-calls/app/openapitools/SecurityAPIUtils.java index 6ea699069b1a..a0fdbc946ff3 100644 --- a/samples/server/petstore/java-play-framework-no-wrap-calls/app/openapitools/SecurityAPIUtils.java +++ b/samples/server/petstore/java-play-framework-no-wrap-calls/app/openapitools/SecurityAPIUtils.java @@ -42,6 +42,7 @@ public class SecurityAPIUtils { private final HashMap tokenIntrospectEndpoints = new HashMap<>(); private final String clientId; private final String clientSecret; + private final long leeway; // Offline validation private final HashMap jwksEndpoints = new HashMap<>(); @@ -54,6 +55,7 @@ public class SecurityAPIUtils { clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : ""; clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : ""; + leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3; tokenIntrospectEndpoints.put("petstore_auth", ""); @@ -127,6 +129,7 @@ public boolean isTokenValidByOfflineCheck(String bearerToken, String securityMet Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null); tokenVerifier = JWT.require(algorithm) .withIssuer(issuer) + .acceptLeeway(leeway) .build(); tokenKeyId = keyId; } diff --git a/samples/server/petstore/java-play-framework/app/openapitools/SecurityAPIUtils.java b/samples/server/petstore/java-play-framework/app/openapitools/SecurityAPIUtils.java index 6ea699069b1a..a0fdbc946ff3 100644 --- a/samples/server/petstore/java-play-framework/app/openapitools/SecurityAPIUtils.java +++ b/samples/server/petstore/java-play-framework/app/openapitools/SecurityAPIUtils.java @@ -42,6 +42,7 @@ public class SecurityAPIUtils { private final HashMap tokenIntrospectEndpoints = new HashMap<>(); private final String clientId; private final String clientSecret; + private final long leeway; // Offline validation private final HashMap jwksEndpoints = new HashMap<>(); @@ -54,6 +55,7 @@ public class SecurityAPIUtils { clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : ""; clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : ""; + leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3; tokenIntrospectEndpoints.put("petstore_auth", ""); @@ -127,6 +129,7 @@ public boolean isTokenValidByOfflineCheck(String bearerToken, String securityMet Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null); tokenVerifier = JWT.require(algorithm) .withIssuer(issuer) + .acceptLeeway(leeway) .build(); tokenKeyId = keyId; }