Support to add objects (primitive and collection) as claims in token … #318
Conversation
|
@lbalmaceda can you please review this request ! We've a requirement for this and I guess many also have. Thank you. |
|
Same here. Need to claim an array and an object. |
|
Hey @complanboy2 - a method that allows to add an array of objects is missing. I.e. jwt.withArrayClaim(name, arrayOfMaps); I have in an existing system I need to check interoperability with. SORRY MY BAD, the following works just fine: Then, with the modification of adding Map.class that I described on the review page, I was able to generate and decode the following test payload: |
| static { | ||
| SUPPORTED_ARRAY_TYPES.addAll(Arrays.asList(Integer[].class, Long[].class, String[].class)); | ||
| SUPPORTED_TYPES.addAll( | ||
| Arrays.asList(String.class, Integer.class, Double.class, Long.class, Date.class, Boolean.class)); |
There was a problem hiding this comment.
To support objects of objects in claims, I suggest to add Map.class to SUPPORTED_TYPES.
Then below, in the isValidClaimsValue, you'd need to modify the check as
for(Class typ: SUPPORTED_TYPES) {
if( typ.isAssignableFrom(clazz) ) return true;
}
return false;
instead of just
return SUPPORTED_TYPES.contains(clazz);
That works, I have tested it for both generation and decoding.
There was a problem hiding this comment.
You are right, it works with Object of Objects if we add Map.class. I'm not sure second level objects of non-primitive (other than mentioned supported types) will be allowed in this lib.
I agree that it will greatly help to construt complex/custom JWT's with that support. For now, I try to keep this PR as it is unless someone from library second this addition. Thank you.
There was a problem hiding this comment.
Sure. For the time being, I'm using a modified lib built from your branch because I need to deal with nested objects coming from outside authorization service - today. When your code is merged, I'll try and push for nested objects, with a separate merge request.
| } | ||
|
|
||
| private static boolean validateClaim(Collection<Object> values) { | ||
| if (values == null || values.isEmpty()) { |
There was a problem hiding this comment.
values.isEmpty() - does it mean I cannot have a claim with an empty object, like this:
"warnings": {}
I don't think it is right then. This is a totally valid claim.
Same for empty array claim:
"alternative_identities": []
There was a problem hiding this comment.
Agree, removed the empty check and keeping the null check as the library also enforces it.
| return true; | ||
| } | ||
| return SUPPORTED_TYPES.contains(clazz); | ||
| } |
There was a problem hiding this comment.
I suggest, instead of returning boolean, throw IllegalArgumentException for bad claim classes right from here.
The benefit is that you can provide the class and value of the offending claim right in the exception message, which GREATLY simplifies the troubleshooting.
There was a problem hiding this comment.
Good one, I've updated the PR.
Thank you.
|
@lbalmaceda , can you review it please ! we've a dependency and waiting for this to be merged, thank you in advance. |
|
Please review and merge it. We are waiting it for our project as well! |
|
👋 Thanks for the contribution so far. I'm happy to review this on my free time but currently this is not a priority. As mentioned in several other related issues and PRs we do like to have this feature available sometime soon 👍 |
@lbalmaceda Thank you for the note. Hope you will review soon (y) |
|
+1 Waiting for a review and merge |
|
@lbalmaceda Gentle reminder sir for the code review . Gentle Reminder.. It's been so long since this PR is opened. Many are waiting. Please have prioritize this review. Thank you. |
|
+1 Waiting for review and merge. |
|
I'm also hoping this will get reviewed and merged soon 🤞 |
|
We're waiting for this feature as well and would greatly appreciate the time you take to do review this PR. |
|
@luisrudge @lbalmaceda please merge this or #282 and other claim-related pull-requests. Would it help if we opened a support case? |
|
@lbalmaceda just checking if there are plans to merge this ! thanks |
|
Apologies for taking so long to review this. Currently the team focus is on a higher priority task and I cannot leave you the thorough review I would like to. Remember we do want to add this feature so eventually we'll come back to this PR. |
Thank you @lbalmaceda , Hope this will get merge sometime soon (Y) |
|
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. If you have not received a response for our team (apologies for the delay) and this is still a blocker, please reply with additional information or just a ping. Thank you for your contribution! 🙇♂️ |
|
@complanboy2 we're working on reviewing and merging the other PR that adds this same feature. I'll close this one now so we can focus on that one. Thanks for the time you spent on this, though. |
|
Great @lbalmaceda , thx. |
…payload
As requested @gustavoamigo we are giving support to add objects if primitive and collection types as claim in token payload.
Followed the suggestion by @lbalmaceda to make this change.
#164 (comment)
This PR is in continution to the old PR #289 which was accidentally closed. Please continue the review, thank you.