loafle/openapi-generator
3
0
Fork 0
forked from loafle/openapi-generator-original
Code Pull Requests Activity

Playframework oauth small upgrade (#12332)

Browse Source 
* update surefire to newer version

* small tweak to add support for "leeway" when verifying oauth tokens.

Co-authored-by: William Cheng <wing328hk@gmail.com>
Co-authored-by: Bruno Flamand <bflamand@stingray.com>
This commit is contained in:
bflamand 2022-05-11 03:19:59 -04:00 committed by GitHub
parent 6931f15e80
commit 575b6b4330
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
13 changed files with 39 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
modules/openapi-generator/src/main/resources/JavaPlayFramework/securityApiUtils.mustache vendored
View File

@ -42,6 +42,7 @@ public class SecurityAPIUtils {
private final HashMap<String, String> tokenIntrospectEndpoints = new HashMap<>();
private final String clientId;
private final String clientSecret;
private final long leeway;
// Offline validation
private final HashMap<String, String> jwksEndpoints = new HashMap<>();
@ -54,6 +55,7 @@ public class SecurityAPIUtils {
clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : "";
clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : "";
leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3;
{{#hasOAuthMethods}}
{{#oauthMethods}}
@ -135,6 +137,7 @@ public class SecurityAPIUtils {
Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null);
tokenVerifier = JWT.require(algorithm)
.withIssuer(issuer)
.acceptLeeway(leeway)
.build();
tokenKeyId = keyId;
}

3
samples/server/petstore/java-play-framework-api-package-override/app/openapitools/SecurityAPIUtils.java
View File

@ -42,6 +42,7 @@ public class SecurityAPIUtils {
private final HashMap<String, String> tokenIntrospectEndpoints = new HashMap<>();
private final String clientId;
private final String clientSecret;
private final long leeway;
// Offline validation
private final HashMap<String, String> jwksEndpoints = new HashMap<>();
@ -54,6 +55,7 @@ public class SecurityAPIUtils {
clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : "";
clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : "";
leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3;
tokenIntrospectEndpoints.put("petstore_auth", "");
@ -127,6 +129,7 @@ public class SecurityAPIUtils {
Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null);
tokenVerifier = JWT.require(algorithm)
.withIssuer(issuer)
.acceptLeeway(leeway)
.build();
tokenKeyId = keyId;
}

3
samples/server/petstore/java-play-framework-async/app/openapitools/SecurityAPIUtils.java
View File

@ -42,6 +42,7 @@ public class SecurityAPIUtils {
private final HashMap<String, String> tokenIntrospectEndpoints = new HashMap<>();
private final String clientId;
private final String clientSecret;
private final long leeway;
// Offline validation
private final HashMap<String, String> jwksEndpoints = new HashMap<>();
@ -54,6 +55,7 @@ public class SecurityAPIUtils {
clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : "";
clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : "";
leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3;
tokenIntrospectEndpoints.put("petstore_auth", "");
@ -127,6 +129,7 @@ public class SecurityAPIUtils {
Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null);
tokenVerifier = JWT.require(algorithm)
.withIssuer(issuer)
.acceptLeeway(leeway)
.build();
tokenKeyId = keyId;
}

3
samples/server/petstore/java-play-framework-controller-only/app/openapitools/SecurityAPIUtils.java
View File

@ -42,6 +42,7 @@ public class SecurityAPIUtils {
private final HashMap<String, String> tokenIntrospectEndpoints = new HashMap<>();
private final String clientId;
private final String clientSecret;
private final long leeway;
// Offline validation
private final HashMap<String, String> jwksEndpoints = new HashMap<>();
@ -54,6 +55,7 @@ public class SecurityAPIUtils {
clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : "";
clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : "";
leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3;
tokenIntrospectEndpoints.put("petstore_auth", "");
@ -127,6 +129,7 @@ public class SecurityAPIUtils {
Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null);
tokenVerifier = JWT.require(algorithm)
.withIssuer(issuer)
.acceptLeeway(leeway)
.build();
tokenKeyId = keyId;
}

3
samples/server/petstore/java-play-framework-fake-endpoints-with-security/app/openapitools/SecurityAPIUtils.java
View File

@ -42,6 +42,7 @@ public class SecurityAPIUtils {
private final HashMap<String, String> tokenIntrospectEndpoints = new HashMap<>();
private final String clientId;
private final String clientSecret;
private final long leeway;
// Offline validation
private final HashMap<String, String> jwksEndpoints = new HashMap<>();
@ -54,6 +55,7 @@ public class SecurityAPIUtils {
clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : "";
clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : "";
leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3;
tokenIntrospectEndpoints.put("petstore_token", "https://keycloak-dev.business.stingray.com/auth/realms/CSLocal/protocol/openid-connect/token/introspect");
@ -127,6 +129,7 @@ public class SecurityAPIUtils {
Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null);
tokenVerifier = JWT.require(algorithm)
.withIssuer(issuer)
.acceptLeeway(leeway)
.build();
tokenKeyId = keyId;
}

3
samples/server/petstore/java-play-framework-fake-endpoints/app/openapitools/SecurityAPIUtils.java
View File

@ -42,6 +42,7 @@ public class SecurityAPIUtils {
private final HashMap<String, String> tokenIntrospectEndpoints = new HashMap<>();
private final String clientId;
private final String clientSecret;
private final long leeway;
// Offline validation
private final HashMap<String, String> jwksEndpoints = new HashMap<>();
@ -54,6 +55,7 @@ public class SecurityAPIUtils {
clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : "";
clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : "";
leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3;
tokenIntrospectEndpoints.put("petstore_auth", "");
@ -127,6 +129,7 @@ public class SecurityAPIUtils {
Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null);
tokenVerifier = JWT.require(algorithm)
.withIssuer(issuer)
.acceptLeeway(leeway)
.build();
tokenKeyId = keyId;
}

3
samples/server/petstore/java-play-framework-no-bean-validation/app/openapitools/SecurityAPIUtils.java
View File

@ -42,6 +42,7 @@ public class SecurityAPIUtils {
private final HashMap<String, String> tokenIntrospectEndpoints = new HashMap<>();
private final String clientId;
private final String clientSecret;
private final long leeway;
// Offline validation
private final HashMap<String, String> jwksEndpoints = new HashMap<>();
@ -54,6 +55,7 @@ public class SecurityAPIUtils {
clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : "";
clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : "";
leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3;
tokenIntrospectEndpoints.put("petstore_auth", "");
@ -127,6 +129,7 @@ public class SecurityAPIUtils {
Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null);
tokenVerifier = JWT.require(algorithm)
.withIssuer(issuer)
.acceptLeeway(leeway)
.build();
tokenKeyId = keyId;
}

3
samples/server/petstore/java-play-framework-no-exception-handling/app/openapitools/SecurityAPIUtils.java
View File

@ -42,6 +42,7 @@ public class SecurityAPIUtils {
private final HashMap<String, String> tokenIntrospectEndpoints = new HashMap<>();
private final String clientId;
private final String clientSecret;
private final long leeway;
// Offline validation
private final HashMap<String, String> jwksEndpoints = new HashMap<>();
@ -54,6 +55,7 @@ public class SecurityAPIUtils {
clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : "";
clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : "";
leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3;
tokenIntrospectEndpoints.put("petstore_auth", "");
@ -127,6 +129,7 @@ public class SecurityAPIUtils {
Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null);
tokenVerifier = JWT.require(algorithm)
.withIssuer(issuer)
.acceptLeeway(leeway)
.build();
tokenKeyId = keyId;
}

3
samples/server/petstore/java-play-framework-no-interface/app/openapitools/SecurityAPIUtils.java
View File

@ -42,6 +42,7 @@ public class SecurityAPIUtils {
private final HashMap<String, String> tokenIntrospectEndpoints = new HashMap<>();
private final String clientId;
private final String clientSecret;
private final long leeway;
// Offline validation
private final HashMap<String, String> jwksEndpoints = new HashMap<>();
@ -54,6 +55,7 @@ public class SecurityAPIUtils {
clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : "";
clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : "";
leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3;
tokenIntrospectEndpoints.put("petstore_auth", "");
@ -127,6 +129,7 @@ public class SecurityAPIUtils {
Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null);
tokenVerifier = JWT.require(algorithm)
.withIssuer(issuer)
.acceptLeeway(leeway)
.build();
tokenKeyId = keyId;
}

3
samples/server/petstore/java-play-framework-no-nullable/app/openapitools/SecurityAPIUtils.java
View File

@ -42,6 +42,7 @@ public class SecurityAPIUtils {
private final HashMap<String, String> tokenIntrospectEndpoints = new HashMap<>();
private final String clientId;
private final String clientSecret;
private final long leeway;
// Offline validation
private final HashMap<String, String> jwksEndpoints = new HashMap<>();
@ -54,6 +55,7 @@ public class SecurityAPIUtils {
clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : "";
clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : "";
leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3;
tokenIntrospectEndpoints.put("petstore_auth", "");
@ -127,6 +129,7 @@ public class SecurityAPIUtils {
Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null);
tokenVerifier = JWT.require(algorithm)
.withIssuer(issuer)
.acceptLeeway(leeway)
.build();
tokenKeyId = keyId;
}

3
samples/server/petstore/java-play-framework-no-swagger-ui/app/openapitools/SecurityAPIUtils.java
View File

@ -42,6 +42,7 @@ public class SecurityAPIUtils {
private final HashMap<String, String> tokenIntrospectEndpoints = new HashMap<>();
private final String clientId;
private final String clientSecret;
private final long leeway;
// Offline validation
private final HashMap<String, String> jwksEndpoints = new HashMap<>();
@ -54,6 +55,7 @@ public class SecurityAPIUtils {
clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : "";
clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : "";
leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3;
tokenIntrospectEndpoints.put("petstore_auth", "");
@ -127,6 +129,7 @@ public class SecurityAPIUtils {
Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null);
tokenVerifier = JWT.require(algorithm)
.withIssuer(issuer)
.acceptLeeway(leeway)
.build();
tokenKeyId = keyId;
}

3
samples/server/petstore/java-play-framework-no-wrap-calls/app/openapitools/SecurityAPIUtils.java
View File

@ -42,6 +42,7 @@ public class SecurityAPIUtils {
private final HashMap<String, String> tokenIntrospectEndpoints = new HashMap<>();
private final String clientId;
private final String clientSecret;
private final long leeway;
// Offline validation
private final HashMap<String, String> jwksEndpoints = new HashMap<>();
@ -54,6 +55,7 @@ public class SecurityAPIUtils {
clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : "";
clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : "";
leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3;
tokenIntrospectEndpoints.put("petstore_auth", "");
@ -127,6 +129,7 @@ public class SecurityAPIUtils {
Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null);
tokenVerifier = JWT.require(algorithm)
.withIssuer(issuer)
.acceptLeeway(leeway)
.build();
tokenKeyId = keyId;
}

3
samples/server/petstore/java-play-framework/app/openapitools/SecurityAPIUtils.java
View File

@ -42,6 +42,7 @@ public class SecurityAPIUtils {
private final HashMap<String, String> tokenIntrospectEndpoints = new HashMap<>();
private final String clientId;
private final String clientSecret;
private final long leeway;
// Offline validation
private final HashMap<String, String> jwksEndpoints = new HashMap<>();
@ -54,6 +55,7 @@ public class SecurityAPIUtils {
clientId = configuration.hasPath("oauth.clientId") ? configuration.getString("oauth.clientId") : "";
clientSecret = configuration.hasPath("oauth.clientSecret") ? configuration.getString("oauth.clientSecret") : "";
leeway = configuration.hasPath("oauth.leeway") ? configuration.getLong("oauth.leeway") : 3;
tokenIntrospectEndpoints.put("petstore_auth", "");
@ -127,6 +129,7 @@ public class SecurityAPIUtils {
Algorithm algorithm = Algorithm.RSA256((RSAPublicKey) publicKey, null);
tokenVerifier = JWT.require(algorithm)
.withIssuer(issuer)
.acceptLeeway(leeway)
.build();
tokenKeyId = keyId;
}