From 35b2ea7a4635eb874b553eff05259a6cf3f10f66 Mon Sep 17 00:00:00 2001 From: Maxim Balan Date: Thu, 24 Jan 2019 14:48:55 +0000 Subject: [PATCH 1/5] fixing JwtCreator to set the headers to the exisitng map instead of ovewriting it --- lib/src/main/java/com/auth0/jwt/JWTCreator.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/src/main/java/com/auth0/jwt/JWTCreator.java b/lib/src/main/java/com/auth0/jwt/JWTCreator.java index a0889876..9c295f8d 100644 --- a/lib/src/main/java/com/auth0/jwt/JWTCreator.java +++ b/lib/src/main/java/com/auth0/jwt/JWTCreator.java @@ -71,7 +71,7 @@ public static class Builder { * @return this same Builder instance. */ public Builder withHeader(Map headerClaims) { - this.headerClaims = new HashMap<>(headerClaims); + this.headerClaims.putAll(headerClaims); return this; } From 9d94214275bfdb8eaf1a171fac03bd4557b407ea Mon Sep 17 00:00:00 2001 From: Maxim Balan Date: Thu, 24 Jan 2019 16:18:59 +0000 Subject: [PATCH 2/5] adding fails safty against empty map and removing a header if it was provided with a null value in the map also added unit test for this behaviour --- .../main/java/com/auth0/jwt/JWTCreator.java | 14 +++++- .../java/com/auth0/jwt/JWTCreatorTest.java | 43 +++++++++++++++++++ 2 files changed, 56 insertions(+), 1 deletion(-) diff --git a/lib/src/main/java/com/auth0/jwt/JWTCreator.java b/lib/src/main/java/com/auth0/jwt/JWTCreator.java index 9c295f8d..b656d5f8 100644 --- a/lib/src/main/java/com/auth0/jwt/JWTCreator.java +++ b/lib/src/main/java/com/auth0/jwt/JWTCreator.java @@ -66,12 +66,24 @@ public static class Builder { /** * Add specific Claims to set as the Header. + * If provided map is null then nothing + * If provided map contains a header with null value then that header will be removed from the header claims * * @param headerClaims the values to use as Claims in the token's Header. * @return this same Builder instance. */ public Builder withHeader(Map headerClaims) { - this.headerClaims.putAll(headerClaims); + if (headerClaims == null) + return this; + + for (Map.Entry entry : headerClaims.entrySet()) { + if (entry.getValue() == null) { + this.headerClaims.remove(entry.getKey()); + } else { + this.headerClaims.put(entry.getKey(), entry.getValue()); + } + } + return this; } diff --git a/lib/src/test/java/com/auth0/jwt/JWTCreatorTest.java b/lib/src/test/java/com/auth0/jwt/JWTCreatorTest.java index ab263bad..f2a54803 100644 --- a/lib/src/test/java/com/auth0/jwt/JWTCreatorTest.java +++ b/lib/src/test/java/com/auth0/jwt/JWTCreatorTest.java @@ -53,6 +53,49 @@ public void shouldAddHeaderClaim() throws Exception { assertThat(headerJson, JsonMatcher.hasEntry("asd", 123)); } + @Test + public void shouldReturnBuilderIfNullMapIsProvided() throws Exception { + String signed = JWTCreator.init() + .withHeader(null) + .sign(Algorithm.HMAC256("secret")); + + assertThat(signed, is(notNullValue())); + } + + @Test + public void shouldOverwriteExistingIfHeadersMapContainsTheSameKey() throws Exception { + Map header = new HashMap(); + header.put("test", 456); + + String signed = JWTCreator.init() + .withClaim("test", 123) + .withHeader(header) + .sign(Algorithm.HMAC256("secret")); + + assertThat(signed, is(notNullValue())); + String[] parts = signed.split("\\."); + String headerJson = new String(Base64.decodeBase64(parts[0]), StandardCharsets.UTF_8); + assertThat(headerJson, JsonMatcher.hasEntry("test", 456)); + } + + @Test + public void shouldRemoveHeaderIfTheValueIsNull() throws Exception { + Map header = new HashMap(); + header.put("test", null); + header.put("test2", "isSet"); + + String signed = JWTCreator.init() + .withClaim("test", 123) + .withHeader(header) + .sign(Algorithm.HMAC256("secret")); + + assertThat(signed, is(notNullValue())); + String[] parts = signed.split("\\."); + String headerJson = new String(Base64.decodeBase64(parts[0]), StandardCharsets.UTF_8); + assertThat(headerJson, JsonMatcher.hasEntry("test", null)); + assertThat(headerJson, JsonMatcher.hasEntry("test2", "isSet")); + } + @Test public void shouldAddKeyId() throws Exception { String signed = JWTCreator.init() From 7e33f20e4c67815c8ae1d425fe27a6ef7d19fb50 Mon Sep 17 00:00:00 2001 From: Maxim Balan Date: Thu, 24 Jan 2019 16:20:13 +0000 Subject: [PATCH 3/5] fix method description --- lib/src/main/java/com/auth0/jwt/JWTCreator.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/src/main/java/com/auth0/jwt/JWTCreator.java b/lib/src/main/java/com/auth0/jwt/JWTCreator.java index b656d5f8..10a90df6 100644 --- a/lib/src/main/java/com/auth0/jwt/JWTCreator.java +++ b/lib/src/main/java/com/auth0/jwt/JWTCreator.java @@ -66,7 +66,7 @@ public static class Builder { /** * Add specific Claims to set as the Header. - * If provided map is null then nothing + * If provided map is null then nothing is changed * If provided map contains a header with null value then that header will be removed from the header claims * * @param headerClaims the values to use as Claims in the token's Header. From c42476df837b54c20bb5291ba4e265d057cf7914 Mon Sep 17 00:00:00 2001 From: Max Date: Tue, 5 Nov 2019 15:12:37 +0000 Subject: [PATCH 4/5] fixing pr changes request not real code change just test fixing to remove confusions in the test readability --- .../main/java/com/auth0/jwt/JWTCreator.java | 5 ++-- .../java/com/auth0/jwt/JWTCreatorTest.java | 29 +++++++++++++++---- .../test/java/com/auth0/jwt/JsonMatcher.java | 4 +++ 3 files changed, 30 insertions(+), 8 deletions(-) diff --git a/lib/src/main/java/com/auth0/jwt/JWTCreator.java b/lib/src/main/java/com/auth0/jwt/JWTCreator.java index 4ab9906f..f7f15602 100644 --- a/lib/src/main/java/com/auth0/jwt/JWTCreator.java +++ b/lib/src/main/java/com/auth0/jwt/JWTCreator.java @@ -67,14 +67,15 @@ public static class Builder { /** * Add specific Claims to set as the Header. * If provided map is null then nothing is changed - * If provided map contains a header with null value then that header will be removed from the header claims + * If provided map contains a claim with null value then that claim will be removed from the header * * @param headerClaims the values to use as Claims in the token's Header. * @return this same Builder instance. */ public Builder withHeader(Map headerClaims) { - if (headerClaims == null) + if (headerClaims == null) { return this; + } for (Map.Entry entry : headerClaims.entrySet()) { if (entry.getValue() == null) { diff --git a/lib/src/test/java/com/auth0/jwt/JWTCreatorTest.java b/lib/src/test/java/com/auth0/jwt/JWTCreatorTest.java index f2a54803..47ba0f05 100644 --- a/lib/src/test/java/com/auth0/jwt/JWTCreatorTest.java +++ b/lib/src/test/java/com/auth0/jwt/JWTCreatorTest.java @@ -1,6 +1,7 @@ package com.auth0.jwt; import com.auth0.jwt.algorithms.Algorithm; +import com.auth0.jwt.impl.PublicClaims; import com.auth0.jwt.interfaces.ECDSAKeyProvider; import com.auth0.jwt.interfaces.RSAKeyProvider; import org.apache.commons.codec.binary.Base64; @@ -65,34 +66,50 @@ public void shouldReturnBuilderIfNullMapIsProvided() throws Exception { @Test public void shouldOverwriteExistingIfHeadersMapContainsTheSameKey() throws Exception { Map header = new HashMap(); - header.put("test", 456); + header.put(PublicClaims.KEY_ID, "xyz"); String signed = JWTCreator.init() - .withClaim("test", 123) + .withKeyId("abc") .withHeader(header) .sign(Algorithm.HMAC256("secret")); assertThat(signed, is(notNullValue())); String[] parts = signed.split("\\."); String headerJson = new String(Base64.decodeBase64(parts[0]), StandardCharsets.UTF_8); - assertThat(headerJson, JsonMatcher.hasEntry("test", 456)); + assertThat(headerJson, JsonMatcher.hasEntry(PublicClaims.KEY_ID, "xyz")); + } + + @Test + public void shouldOverwriteExistingHeadersWhenSettingSameHeaderKey() throws Exception { + Map header = new HashMap(); + header.put(PublicClaims.KEY_ID, "xyz"); + + String signed = JWTCreator.init() + .withHeader(header) + .withKeyId("abc") + .sign(Algorithm.HMAC256("secret")); + + assertThat(signed, is(notNullValue())); + String[] parts = signed.split("\\."); + String headerJson = new String(Base64.decodeBase64(parts[0]), StandardCharsets.UTF_8); + assertThat(headerJson, JsonMatcher.hasEntry(PublicClaims.KEY_ID, "abc")); } @Test public void shouldRemoveHeaderIfTheValueIsNull() throws Exception { Map header = new HashMap(); - header.put("test", null); + header.put(PublicClaims.KEY_ID, null); header.put("test2", "isSet"); String signed = JWTCreator.init() - .withClaim("test", 123) + .withKeyId("test") .withHeader(header) .sign(Algorithm.HMAC256("secret")); assertThat(signed, is(notNullValue())); String[] parts = signed.split("\\."); String headerJson = new String(Base64.decodeBase64(parts[0]), StandardCharsets.UTF_8); - assertThat(headerJson, JsonMatcher.hasEntry("test", null)); + assertThat(headerJson, JsonMatcher.isNotPresent(PublicClaims.KEY_ID)); assertThat(headerJson, JsonMatcher.hasEntry("test2", "isSet")); } diff --git a/lib/src/test/java/com/auth0/jwt/JsonMatcher.java b/lib/src/test/java/com/auth0/jwt/JsonMatcher.java index f03547d4..b09ab187 100644 --- a/lib/src/test/java/com/auth0/jwt/JsonMatcher.java +++ b/lib/src/test/java/com/auth0/jwt/JsonMatcher.java @@ -68,6 +68,10 @@ public static JsonMatcher hasEntry(String key, Matcher valueMatcher) { return new JsonMatcher(key, null, valueMatcher); } + public static JsonMatcher isNotPresent(String key) { + return new JsonMatcher(key, null, null); + } + private String getStringKey(String key) { return "\"" + key + "\":"; } From bb8371797dbe1d1119890110f22c4aeb8dd60d58 Mon Sep 17 00:00:00 2001 From: Maxim Balan Date: Tue, 5 Nov 2019 16:35:20 +0000 Subject: [PATCH 5/5] Update lib/src/test/java/com/auth0/jwt/JWTCreatorTest.java Co-Authored-By: Luciano Balmaceda --- lib/src/test/java/com/auth0/jwt/JWTCreatorTest.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/src/test/java/com/auth0/jwt/JWTCreatorTest.java b/lib/src/test/java/com/auth0/jwt/JWTCreatorTest.java index 47ba0f05..05dd1e30 100644 --- a/lib/src/test/java/com/auth0/jwt/JWTCreatorTest.java +++ b/lib/src/test/java/com/auth0/jwt/JWTCreatorTest.java @@ -64,7 +64,7 @@ public void shouldReturnBuilderIfNullMapIsProvided() throws Exception { } @Test - public void shouldOverwriteExistingIfHeadersMapContainsTheSameKey() throws Exception { + public void shouldOverwriteExistingHeaderIfHeaderMapContainsTheSameKey() throws Exception { Map header = new HashMap(); header.put(PublicClaims.KEY_ID, "xyz"); @@ -417,4 +417,4 @@ public void shouldAcceptCustomArrayClaimOfTypeLong() throws Exception { String[] parts = jwt.split("\\."); assertThat(parts[1], is("eyJuYW1lIjpbMSwyLDNdfQ")); } -} \ No newline at end of file +}