Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Do not force mp.jwt.verify.publickey.location to be a build time property #23421

Merged
merged 1 commit into from
Feb 3, 2022
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
@@ -1,9 +1,11 @@
package io.quarkus.smallrye.jwt.deployment;

import java.util.HashSet;
import java.util.NoSuchElementException;
import java.util.Optional;
import java.util.Set;
import java.util.function.BooleanSupplier;
import java.util.function.Supplier;

import org.eclipse.microprofile.config.Config;
import org.eclipse.microprofile.config.ConfigProvider;
Expand All @@ -30,13 +32,15 @@
import io.quarkus.deployment.builditem.FeatureBuildItem;
import io.quarkus.deployment.builditem.nativeimage.NativeImageResourceBuildItem;
import io.quarkus.deployment.builditem.nativeimage.ReflectiveClassBuildItem;
import io.quarkus.deployment.pkg.steps.NativeBuild;
import io.quarkus.security.deployment.JCAProviderBuildItem;
import io.quarkus.smallrye.jwt.runtime.auth.JWTAuthMechanism;
import io.quarkus.smallrye.jwt.runtime.auth.JsonWebTokenCredentialProducer;
import io.quarkus.smallrye.jwt.runtime.auth.JwtPrincipalProducer;
import io.quarkus.smallrye.jwt.runtime.auth.MpJwtValidator;
import io.quarkus.smallrye.jwt.runtime.auth.RawOptionalClaimCreator;
import io.quarkus.vertx.http.deployment.SecurityInformationBuildItem;
import io.smallrye.config.Expressions;
import io.smallrye.jwt.algorithm.KeyEncryptionAlgorithm;
import io.smallrye.jwt.algorithm.SignatureAlgorithm;
import io.smallrye.jwt.auth.cdi.ClaimValueProducer;
Expand Down Expand Up @@ -115,16 +119,30 @@ FeatureBuildItem feature() {
*
* @return NativeImageResourceBuildItem
*/
@BuildStep
@BuildStep(onlyIf = NativeBuild.class)
NativeImageResourceBuildItem registerNativeImageResources() {
final Config config = ConfigProvider.getConfig();
Optional<String> publicKeyLocationOpt = config.getOptionalValue("mp.jwt.verify.publickey.location", String.class);
if (publicKeyLocationOpt.isPresent()) {
final String publicKeyLocation = publicKeyLocationOpt.get();
if (publicKeyLocation.indexOf(':') < 0 || publicKeyLocation.startsWith("classpath:")) {
log.infof("Adding %s to native image", publicKeyLocation);
return new NativeImageResourceBuildItem(publicKeyLocation);
try {
Optional<String> publicKeyLocationOpt = config.getOptionalValue("mp.jwt.verify.publickey.location", String.class);
if (publicKeyLocationOpt.isPresent()) {
final String publicKeyLocation = publicKeyLocationOpt.get();
if (publicKeyLocation.indexOf(':') < 0 || publicKeyLocation.startsWith("classpath:")) {
log.infof("Adding %s to native image", publicKeyLocation);
return new NativeImageResourceBuildItem(publicKeyLocation);
}
}
} catch (NoSuchElementException e) {
// The Config may contain expansion variables. Don't fail in this case because the config is not build time.
// The user will have to provide the config for runtime and register the resource manually
String publicKeyRawValue = Expressions.withoutExpansion(new Supplier<String>() {
@Override
public String get() {
return config.getConfigValue("mp.jwt.verify.publickey.location").getRawValue();
}
});
log.warnf("Cannot determine %s of mp.jwt.verify.publickey.location to register with the native image",
publicKeyRawValue);
return null;
}
return null;
}
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
package io.quarkus.jwt.test;

import java.util.Collections;
import java.util.List;
import java.util.Map;

import org.eclipse.microprofile.config.spi.ConfigSource;

import io.smallrye.config.ConfigSourceContext;
import io.smallrye.config.ConfigSourceFactory;
import io.smallrye.config.ConfigValue;
import io.smallrye.config.common.MapBackedConfigSource;

public class PublicKeyLocationBuildTimeConfigSourceFactory implements ConfigSourceFactory {
@Override
public Iterable<ConfigSource> getConfigSources(final ConfigSourceContext context) {
// This property is only available in runtime.
ConfigValue value = context.getValue("quarkus.uuid");
if (value == null || value.getValue() == null) {
return List.of(new MapBackedConfigSource(PublicKeyLocationBuildTimeConfigSourceFactory.class.getName(),
Map.of("mp.jwt.verify.publickey.location", "${invalid}"), 1000) {
});
}
return Collections.emptyList();
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
package io.quarkus.jwt.test;

import static org.junit.jupiter.api.Assertions.assertEquals;

import java.util.logging.Level;

import javax.inject.Inject;

import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.RegisterExtension;

import io.quarkus.test.QuarkusUnitTest;
import io.smallrye.config.ConfigSourceFactory;
import io.smallrye.config.SmallRyeConfig;

public class PublicKeyLocationConfigTest {
@RegisterExtension
static final QuarkusUnitTest TEST = new QuarkusUnitTest().withApplicationRoot((jar) -> jar.addAsResource("publicKey.pem")
.addClass(PublicKeyLocationBuildTimeConfigSourceFactory.class)
.addAsServiceProvider(ConfigSourceFactory.class, PublicKeyLocationBuildTimeConfigSourceFactory.class))
.overrideConfigKey("mp.jwt.verify.publickey.location", "publicKey.pem")
.overrideConfigKey("quarkus.package.type", "native")
.setLogRecordPredicate(record -> record.getLevel().intValue() >= Level.WARNING.intValue())
.assertLogRecords(logRecords -> {
assertEquals("Cannot determine %s of mp.jwt.verify.publickey.location to register with the native image",
logRecords.get(0).getMessage());
});

@Inject
SmallRyeConfig config;

@Test
void config() {
assertEquals("publicKey.pem", config.getRawValue("mp.jwt.verify.publickey.location"));
}
}