Skip to content

Commit

Permalink
Merge pull request #23421 from radcortez/fix-16099
Browse files Browse the repository at this point in the history
Do not force mp.jwt.verify.publickey.location to be a build time property
  • Loading branch information
sberyozkin authored Feb 3, 2022
2 parents 228b115 + 2f8a105 commit 04868bb
Show file tree
Hide file tree
Showing 3 changed files with 87 additions and 7 deletions.
Original file line number Diff line number Diff line change
@@ -1,9 +1,11 @@
package io.quarkus.smallrye.jwt.deployment;

import java.util.HashSet;
import java.util.NoSuchElementException;
import java.util.Optional;
import java.util.Set;
import java.util.function.BooleanSupplier;
import java.util.function.Supplier;

import org.eclipse.microprofile.config.Config;
import org.eclipse.microprofile.config.ConfigProvider;
Expand All @@ -30,13 +32,15 @@
import io.quarkus.deployment.builditem.FeatureBuildItem;
import io.quarkus.deployment.builditem.nativeimage.NativeImageResourceBuildItem;
import io.quarkus.deployment.builditem.nativeimage.ReflectiveClassBuildItem;
import io.quarkus.deployment.pkg.steps.NativeBuild;
import io.quarkus.security.deployment.JCAProviderBuildItem;
import io.quarkus.smallrye.jwt.runtime.auth.JWTAuthMechanism;
import io.quarkus.smallrye.jwt.runtime.auth.JsonWebTokenCredentialProducer;
import io.quarkus.smallrye.jwt.runtime.auth.JwtPrincipalProducer;
import io.quarkus.smallrye.jwt.runtime.auth.MpJwtValidator;
import io.quarkus.smallrye.jwt.runtime.auth.RawOptionalClaimCreator;
import io.quarkus.vertx.http.deployment.SecurityInformationBuildItem;
import io.smallrye.config.Expressions;
import io.smallrye.jwt.algorithm.KeyEncryptionAlgorithm;
import io.smallrye.jwt.algorithm.SignatureAlgorithm;
import io.smallrye.jwt.auth.cdi.ClaimValueProducer;
Expand Down Expand Up @@ -115,16 +119,30 @@ FeatureBuildItem feature() {
*
* @return NativeImageResourceBuildItem
*/
@BuildStep
@BuildStep(onlyIf = NativeBuild.class)
NativeImageResourceBuildItem registerNativeImageResources() {
final Config config = ConfigProvider.getConfig();
Optional<String> publicKeyLocationOpt = config.getOptionalValue("mp.jwt.verify.publickey.location", String.class);
if (publicKeyLocationOpt.isPresent()) {
final String publicKeyLocation = publicKeyLocationOpt.get();
if (publicKeyLocation.indexOf(':') < 0 || publicKeyLocation.startsWith("classpath:")) {
log.infof("Adding %s to native image", publicKeyLocation);
return new NativeImageResourceBuildItem(publicKeyLocation);
try {
Optional<String> publicKeyLocationOpt = config.getOptionalValue("mp.jwt.verify.publickey.location", String.class);
if (publicKeyLocationOpt.isPresent()) {
final String publicKeyLocation = publicKeyLocationOpt.get();
if (publicKeyLocation.indexOf(':') < 0 || publicKeyLocation.startsWith("classpath:")) {
log.infof("Adding %s to native image", publicKeyLocation);
return new NativeImageResourceBuildItem(publicKeyLocation);
}
}
} catch (NoSuchElementException e) {
// The Config may contain expansion variables. Don't fail in this case because the config is not build time.
// The user will have to provide the config for runtime and register the resource manually
String publicKeyRawValue = Expressions.withoutExpansion(new Supplier<String>() {
@Override
public String get() {
return config.getConfigValue("mp.jwt.verify.publickey.location").getRawValue();
}
});
log.warnf("Cannot determine %s of mp.jwt.verify.publickey.location to register with the native image",
publicKeyRawValue);
return null;
}
return null;
}
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
package io.quarkus.jwt.test;

import java.util.Collections;
import java.util.List;
import java.util.Map;

import org.eclipse.microprofile.config.spi.ConfigSource;

import io.smallrye.config.ConfigSourceContext;
import io.smallrye.config.ConfigSourceFactory;
import io.smallrye.config.ConfigValue;
import io.smallrye.config.common.MapBackedConfigSource;

public class PublicKeyLocationBuildTimeConfigSourceFactory implements ConfigSourceFactory {
@Override
public Iterable<ConfigSource> getConfigSources(final ConfigSourceContext context) {
// This property is only available in runtime.
ConfigValue value = context.getValue("quarkus.uuid");
if (value == null || value.getValue() == null) {
return List.of(new MapBackedConfigSource(PublicKeyLocationBuildTimeConfigSourceFactory.class.getName(),
Map.of("mp.jwt.verify.publickey.location", "${invalid}"), 1000) {
});
}
return Collections.emptyList();
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
package io.quarkus.jwt.test;

import static org.junit.jupiter.api.Assertions.assertEquals;

import java.util.logging.Level;

import javax.inject.Inject;

import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.RegisterExtension;

import io.quarkus.test.QuarkusUnitTest;
import io.smallrye.config.ConfigSourceFactory;
import io.smallrye.config.SmallRyeConfig;

public class PublicKeyLocationConfigTest {
@RegisterExtension
static final QuarkusUnitTest TEST = new QuarkusUnitTest().withApplicationRoot((jar) -> jar.addAsResource("publicKey.pem")
.addClass(PublicKeyLocationBuildTimeConfigSourceFactory.class)
.addAsServiceProvider(ConfigSourceFactory.class, PublicKeyLocationBuildTimeConfigSourceFactory.class))
.overrideConfigKey("mp.jwt.verify.publickey.location", "publicKey.pem")
.overrideConfigKey("quarkus.package.type", "native")
.setLogRecordPredicate(record -> record.getLevel().intValue() >= Level.WARNING.intValue())
.assertLogRecords(logRecords -> {
assertEquals("Cannot determine %s of mp.jwt.verify.publickey.location to register with the native image",
logRecords.get(0).getMessage());
});

@Inject
SmallRyeConfig config;

@Test
void config() {
assertEquals("publicKey.pem", config.getRawValue("mp.jwt.verify.publickey.location"));
}
}

0 comments on commit 04868bb

Please sign in to comment.