Playframework oauth small upgrade (#12332)

* update surefire to newer version * small tweak to add support for "leeway" when verifying oauth tokens. Co-authored-by: William Cheng <wing328hk@gmail.com> Co-authored-by: Bruno Flamand <bflamand@stingray.com>
2022-05-11 03:19:59 -04:00 · 2022-05-11 03:19:59 -04:00 · 575b6b4330
commit 575b6b4330
parent 6931f15e80
13 changed files with 39 additions and 0 deletions
--- a/modules/openapi-generator/src/main/resources/JavaPlayFramework/securityApiUtils.mustache
+++ b/modules/openapi-generator/src/main/resources/JavaPlayFramework/securityApiUtils.mustache
@ -42,6 +42,7 @@ public class SecurityAPIUtils {
    private final HashMap<String, String> tokenIntrospectEndpoints = new HashMap<>();
    private final String clientId;
    private final String clientSecret;
    private final long leeway;
    // Offline validation
    private final HashMap<String, String> jwksEndpoints = new HashMap<>();
@ -54,6 +55,7 @@ public class SecurityAPIUtils {
        clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : "";
        clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : "";
        leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3;
 {{#hasOAuthMethods}}
 {{#oauthMethods}}
@ -135,6 +137,7 @@ public class SecurityAPIUtils {
                Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null);
                tokenVerifier = JWT.require(algorithm)
                        .withIssuer(issuer)
                        .acceptLeeway(leeway)
                        .build();
                tokenKeyId = keyId;
            }
--- a/samples/server/petstore/java-play-framework-api-package-override/app/openapitools/SecurityAPIUtils.java
+++ b/samples/server/petstore/java-play-framework-api-package-override/app/openapitools/SecurityAPIUtils.java
@ -42,6 +42,7 @@ public class SecurityAPIUtils {
    private final HashMap<String, String> tokenIntrospectEndpoints = new HashMap<>();
    private final String clientId;
    private final String clientSecret;
    private final long leeway;
    // Offline validation
    private final HashMap<String, String> jwksEndpoints = new HashMap<>();
@ -54,6 +55,7 @@ public class SecurityAPIUtils {
        clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : "";
        clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : "";
        leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3;
        tokenIntrospectEndpoints.put("petstore_auth", "");
@ -127,6 +129,7 @@ public class SecurityAPIUtils {
                Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null);
                tokenVerifier = JWT.require(algorithm)
                        .withIssuer(issuer)
                        .acceptLeeway(leeway)
                        .build();
                tokenKeyId = keyId;
            }
--- a/samples/server/petstore/java-play-framework-async/app/openapitools/SecurityAPIUtils.java
+++ b/samples/server/petstore/java-play-framework-async/app/openapitools/SecurityAPIUtils.java
@ -42,6 +42,7 @@ public class SecurityAPIUtils {
    private final HashMap<String, String> tokenIntrospectEndpoints = new HashMap<>();
    private final String clientId;
    private final String clientSecret;
    private final long leeway;
    // Offline validation
    private final HashMap<String, String> jwksEndpoints = new HashMap<>();
@ -54,6 +55,7 @@ public class SecurityAPIUtils {
        clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : "";
        clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : "";
        leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3;
        tokenIntrospectEndpoints.put("petstore_auth", "");
@ -127,6 +129,7 @@ public class SecurityAPIUtils {
                Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null);
                tokenVerifier = JWT.require(algorithm)
                        .withIssuer(issuer)
                        .acceptLeeway(leeway)
                        .build();
                tokenKeyId = keyId;
            }
--- a/samples/server/petstore/java-play-framework-controller-only/app/openapitools/SecurityAPIUtils.java
+++ b/samples/server/petstore/java-play-framework-controller-only/app/openapitools/SecurityAPIUtils.java
@ -42,6 +42,7 @@ public class SecurityAPIUtils {
    private final HashMap<String, String> tokenIntrospectEndpoints = new HashMap<>();
    private final String clientId;
    private final String clientSecret;
    private final long leeway;
    // Offline validation
    private final HashMap<String, String> jwksEndpoints = new HashMap<>();
@ -54,6 +55,7 @@ public class SecurityAPIUtils {
        clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : "";
        clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : "";
        leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3;
        tokenIntrospectEndpoints.put("petstore_auth", "");
@ -127,6 +129,7 @@ public class SecurityAPIUtils {
                Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null);
                tokenVerifier = JWT.require(algorithm)
                        .withIssuer(issuer)
                        .acceptLeeway(leeway)
                        .build();
                tokenKeyId = keyId;
            }
--- a/samples/server/petstore/java-play-framework-fake-endpoints-with-security/app/openapitools/SecurityAPIUtils.java
+++ b/samples/server/petstore/java-play-framework-fake-endpoints-with-security/app/openapitools/SecurityAPIUtils.java
@ -42,6 +42,7 @@ public class SecurityAPIUtils {
    private final HashMap<String, String> tokenIntrospectEndpoints = new HashMap<>();
    private final String clientId;
    private final String clientSecret;
    private final long leeway;
    // Offline validation
    private final HashMap<String, String> jwksEndpoints = new HashMap<>();
@ -54,6 +55,7 @@ public class SecurityAPIUtils {
        clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : "";
        clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : "";
        leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3;
        tokenIntrospectEndpoints.put("petstore_token", "https://keycloak-dev.business.stingray.com/auth/realms/CSLocal/protocol/openid-connect/token/introspect");
@ -127,6 +129,7 @@ public class SecurityAPIUtils {
                Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null);
                tokenVerifier = JWT.require(algorithm)
                        .withIssuer(issuer)
                        .acceptLeeway(leeway)
                        .build();
                tokenKeyId = keyId;
            }
--- a/samples/server/petstore/java-play-framework-fake-endpoints/app/openapitools/SecurityAPIUtils.java
+++ b/samples/server/petstore/java-play-framework-fake-endpoints/app/openapitools/SecurityAPIUtils.java
@ -42,6 +42,7 @@ public class SecurityAPIUtils {
    private final HashMap<String, String> tokenIntrospectEndpoints = new HashMap<>();
    private final String clientId;
    private final String clientSecret;
    private final long leeway;
    // Offline validation
    private final HashMap<String, String> jwksEndpoints = new HashMap<>();
@ -54,6 +55,7 @@ public class SecurityAPIUtils {
        clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : "";
        clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : "";
        leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3;
        tokenIntrospectEndpoints.put("petstore_auth", "");
@ -127,6 +129,7 @@ public class SecurityAPIUtils {
                Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null);
                tokenVerifier = JWT.require(algorithm)
                        .withIssuer(issuer)
                        .acceptLeeway(leeway)
                        .build();
                tokenKeyId = keyId;
            }
--- a/samples/server/petstore/java-play-framework-no-bean-validation/app/openapitools/SecurityAPIUtils.java
+++ b/samples/server/petstore/java-play-framework-no-bean-validation/app/openapitools/SecurityAPIUtils.java
@ -42,6 +42,7 @@ public class SecurityAPIUtils {
    private final HashMap<String, String> tokenIntrospectEndpoints = new HashMap<>();
    private final String clientId;
    private final String clientSecret;
    private final long leeway;
    // Offline validation
    private final HashMap<String, String> jwksEndpoints = new HashMap<>();
@ -54,6 +55,7 @@ public class SecurityAPIUtils {
        clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : "";
        clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : "";
        leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3;
        tokenIntrospectEndpoints.put("petstore_auth", "");
@ -127,6 +129,7 @@ public class SecurityAPIUtils {
                Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null);
                tokenVerifier = JWT.require(algorithm)
                        .withIssuer(issuer)
                        .acceptLeeway(leeway)
                        .build();
                tokenKeyId = keyId;
            }
--- a/samples/server/petstore/java-play-framework-no-exception-handling/app/openapitools/SecurityAPIUtils.java
+++ b/samples/server/petstore/java-play-framework-no-exception-handling/app/openapitools/SecurityAPIUtils.java
@ -42,6 +42,7 @@ public class SecurityAPIUtils {
    private final HashMap<String, String> tokenIntrospectEndpoints = new HashMap<>();
    private final String clientId;
    private final String clientSecret;
    private final long leeway;
    // Offline validation
    private final HashMap<String, String> jwksEndpoints = new HashMap<>();
@ -54,6 +55,7 @@ public class SecurityAPIUtils {
        clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : "";
        clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : "";
        leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3;
        tokenIntrospectEndpoints.put("petstore_auth", "");
@ -127,6 +129,7 @@ public class SecurityAPIUtils {
                Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null);
                tokenVerifier = JWT.require(algorithm)
                        .withIssuer(issuer)
                        .acceptLeeway(leeway)
                        .build();
                tokenKeyId = keyId;
            }
--- a/samples/server/petstore/java-play-framework-no-interface/app/openapitools/SecurityAPIUtils.java
+++ b/samples/server/petstore/java-play-framework-no-interface/app/openapitools/SecurityAPIUtils.java
@ -42,6 +42,7 @@ public class SecurityAPIUtils {
    private final HashMap<String, String> tokenIntrospectEndpoints = new HashMap<>();
    private final String clientId;
    private final String clientSecret;
    private final long leeway;
    // Offline validation
    private final HashMap<String, String> jwksEndpoints = new HashMap<>();
@ -54,6 +55,7 @@ public class SecurityAPIUtils {
        clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : "";
        clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : "";
        leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3;
        tokenIntrospectEndpoints.put("petstore_auth", "");
@ -127,6 +129,7 @@ public class SecurityAPIUtils {
                Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null);
                tokenVerifier = JWT.require(algorithm)
                        .withIssuer(issuer)
                        .acceptLeeway(leeway)
                        .build();
                tokenKeyId = keyId;
            }
--- a/samples/server/petstore/java-play-framework-no-nullable/app/openapitools/SecurityAPIUtils.java
+++ b/samples/server/petstore/java-play-framework-no-nullable/app/openapitools/SecurityAPIUtils.java
@ -42,6 +42,7 @@ public class SecurityAPIUtils {
    private final HashMap<String, String> tokenIntrospectEndpoints = new HashMap<>();
    private final String clientId;
    private final String clientSecret;
    private final long leeway;
    // Offline validation
    private final HashMap<String, String> jwksEndpoints = new HashMap<>();
@ -54,6 +55,7 @@ public class SecurityAPIUtils {
        clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : "";
        clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : "";
        leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3;
        tokenIntrospectEndpoints.put("petstore_auth", "");
@ -127,6 +129,7 @@ public class SecurityAPIUtils {
                Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null);
                tokenVerifier = JWT.require(algorithm)
                        .withIssuer(issuer)
                        .acceptLeeway(leeway)
                        .build();
                tokenKeyId = keyId;
            }
--- a/samples/server/petstore/java-play-framework-no-swagger-ui/app/openapitools/SecurityAPIUtils.java
+++ b/samples/server/petstore/java-play-framework-no-swagger-ui/app/openapitools/SecurityAPIUtils.java
@ -42,6 +42,7 @@ public class SecurityAPIUtils {
    private final HashMap<String, String> tokenIntrospectEndpoints = new HashMap<>();
    private final String clientId;
    private final String clientSecret;
    private final long leeway;
    // Offline validation
    private final HashMap<String, String> jwksEndpoints = new HashMap<>();
@ -54,6 +55,7 @@ public class SecurityAPIUtils {
        clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : "";
        clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : "";
        leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3;
        tokenIntrospectEndpoints.put("petstore_auth", "");
@ -127,6 +129,7 @@ public class SecurityAPIUtils {
                Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null);
                tokenVerifier = JWT.require(algorithm)
                        .withIssuer(issuer)
                        .acceptLeeway(leeway)
                        .build();
                tokenKeyId = keyId;
            }
--- a/samples/server/petstore/java-play-framework-no-wrap-calls/app/openapitools/SecurityAPIUtils.java
+++ b/samples/server/petstore/java-play-framework-no-wrap-calls/app/openapitools/SecurityAPIUtils.java
@ -42,6 +42,7 @@ public class SecurityAPIUtils {
    private final HashMap<String, String> tokenIntrospectEndpoints = new HashMap<>();
    private final String clientId;
    private final String clientSecret;
    private final long leeway;
    // Offline validation
    private final HashMap<String, String> jwksEndpoints = new HashMap<>();
@ -54,6 +55,7 @@ public class SecurityAPIUtils {
        clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : "";
        clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : "";
        leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3;
        tokenIntrospectEndpoints.put("petstore_auth", "");
@ -127,6 +129,7 @@ public class SecurityAPIUtils {
                Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null);
                tokenVerifier = JWT.require(algorithm)
                        .withIssuer(issuer)
                        .acceptLeeway(leeway)
                        .build();
                tokenKeyId = keyId;
            }
--- a/samples/server/petstore/java-play-framework/app/openapitools/SecurityAPIUtils.java
+++ b/samples/server/petstore/java-play-framework/app/openapitools/SecurityAPIUtils.java
@ -42,6 +42,7 @@ public class SecurityAPIUtils {
    private final HashMap<String, String> tokenIntrospectEndpoints = new HashMap<>();
    private final String clientId;
    private final String clientSecret;
    private final long leeway;
    // Offline validation
    private final HashMap<String, String> jwksEndpoints = new HashMap<>();
@ -54,6 +55,7 @@ public class SecurityAPIUtils {
        clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : "";
        clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : "";
        leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3;
        tokenIntrospectEndpoints.put("petstore_auth", "");
@ -127,6 +129,7 @@ public class SecurityAPIUtils {
                Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null);
                tokenVerifier = JWT.require(algorithm)
                        .withIssuer(issuer)
                        .acceptLeeway(leeway)
                        .build();
                tokenKeyId = keyId;
            }