diff --git a/implementation/common/src/main/java/io/smallrye/jwt/util/KeyUtils.java b/implementation/common/src/main/java/io/smallrye/jwt/util/KeyUtils.java index c7f38198..e3b508b3 100644 --- a/implementation/common/src/main/java/io/smallrye/jwt/util/KeyUtils.java +++ b/implementation/common/src/main/java/io/smallrye/jwt/util/KeyUtils.java @@ -312,8 +312,7 @@ private static String getKeyStoreType(String keyStorePath, Optional keyS if (keyStoreType.isPresent()) { return keyStoreType.get().toUpperCase(); } - final String pathName = keyStorePath.toString(); - if (pathName.endsWith(".p12") || pathName.endsWith(".pkcs12") || pathName.endsWith(".pfx")) { + if (keyStorePath.endsWith(".p12") || keyStorePath.endsWith(".pkcs12") || keyStorePath.endsWith(".pfx")) { return "PKCS12"; } else { // assume jks diff --git a/implementation/jwt-auth/src/main/java/io/smallrye/jwt/SmallryeJwtUtils.java b/implementation/jwt-auth/src/main/java/io/smallrye/jwt/SmallryeJwtUtils.java index 71dc0276..5fe69311 100644 --- a/implementation/jwt-auth/src/main/java/io/smallrye/jwt/SmallryeJwtUtils.java +++ b/implementation/jwt-auth/src/main/java/io/smallrye/jwt/SmallryeJwtUtils.java @@ -67,8 +67,9 @@ public static void setContextTokenCookie(JWTAuthContextInfo contextInfo, Optiona } public static void setTokenSchemes(JWTAuthContextInfo contextInfo, String tokenSchemes) { - final List schemes = new ArrayList<>(); - for (final String s : tokenSchemes.split(",")) { + String[] splitTokenSchemes = tokenSchemes.split(","); + final List schemes = new ArrayList<>(splitTokenSchemes.length); + for (final String s : splitTokenSchemes) { schemes.add(s.trim()); } contextInfo.setTokenSchemes(schemes); diff --git a/implementation/jwt-auth/src/main/java/io/smallrye/jwt/auth/cdi/RawClaimTypeProducer.java b/implementation/jwt-auth/src/main/java/io/smallrye/jwt/auth/cdi/RawClaimTypeProducer.java index fc4f9de1..242d7219 100644 --- a/implementation/jwt-auth/src/main/java/io/smallrye/jwt/auth/cdi/RawClaimTypeProducer.java +++ b/implementation/jwt-auth/src/main/java/io/smallrye/jwt/auth/cdi/RawClaimTypeProducer.java @@ -90,7 +90,7 @@ Long getClaimAsLong(InjectionPoint ip) { JsonNumber jsonValue = (JsonNumber) value; returnValue = jsonValue.longValue(); } else { - returnValue = Long.parseLong(value.toString()); + returnValue = Long.valueOf(value.toString()); } } return returnValue; @@ -113,7 +113,7 @@ Double getClaimAsDouble(InjectionPoint ip) { JsonNumber jsonValue = (JsonNumber) value; returnValue = jsonValue.doubleValue(); } else { - returnValue = Double.parseDouble(value.toString()); + returnValue = Double.valueOf(value.toString()); } } return returnValue; @@ -135,9 +135,9 @@ Boolean getClaimAsBoolean(InjectionPoint ip) { if (value instanceof JsonValue) { final JsonValue.ValueType valueType = ((JsonValue) value).getValueType(); if (valueType.equals(JsonValue.ValueType.TRUE)) { - returnValue = true; + returnValue = Boolean.TRUE; } else if (valueType.equals(JsonValue.ValueType.FALSE)) { - returnValue = false; + returnValue = Boolean.FALSE; } } else { returnValue = Boolean.valueOf(value.toString()); diff --git a/implementation/jwt-auth/src/main/java/io/smallrye/jwt/auth/principal/DefaultJWTTokenParser.java b/implementation/jwt-auth/src/main/java/io/smallrye/jwt/auth/principal/DefaultJWTTokenParser.java index b09d44bd..e2124dd4 100644 --- a/implementation/jwt-auth/src/main/java/io/smallrye/jwt/auth/principal/DefaultJWTTokenParser.java +++ b/implementation/jwt-auth/src/main/java/io/smallrye/jwt/auth/principal/DefaultJWTTokenParser.java @@ -18,7 +18,6 @@ import static java.util.Collections.emptyList; -import java.util.LinkedHashSet; import java.util.Set; import java.util.stream.Collectors; @@ -91,19 +90,23 @@ private String decryptSignedToken(String token, JWTAuthContextInfo authContextIn } private String[] signatureAlgorithms(JWTAuthContextInfo authContextInfo) { - Set algorithms = new LinkedHashSet<>(); - for (SignatureAlgorithm keyEncAlgo : authContextInfo.getSignatureAlgorithm()) { - algorithms.add(keyEncAlgo.getAlgorithm()); + Set signatureAlgorithm = authContextInfo.getSignatureAlgorithm(); + String[] algorithms = new String[signatureAlgorithm.size()]; + int counter = 0; + for (SignatureAlgorithm keyEncAlgo : signatureAlgorithm) { + algorithms[counter++] = keyEncAlgo.getAlgorithm(); } - return algorithms.toArray(new String[] {}); + return algorithms; } private String[] encryptionAlgorithms(JWTAuthContextInfo authContextInfo) { - Set algorithms = new LinkedHashSet<>(); - for (KeyEncryptionAlgorithm keyEncAlgo : authContextInfo.getKeyEncryptionAlgorithm()) { - algorithms.add(keyEncAlgo.getAlgorithm()); + Set keyEncryptionAlgorithm = authContextInfo.getKeyEncryptionAlgorithm(); + String[] algorithms = new String[keyEncryptionAlgorithm.size()]; + int counter = 0; + for (KeyEncryptionAlgorithm keyEncAlgo : keyEncryptionAlgorithm) { + algorithms[counter++] = keyEncAlgo.getAlgorithm(); } - return algorithms.toArray(new String[] {}); + return algorithms; } private JwtContext parseClaims(String token, JWTAuthContextInfo authContextInfo, ProtectionLevel level) diff --git a/implementation/jwt-auth/src/main/java/io/smallrye/jwt/auth/principal/KeyLocationResolver.java b/implementation/jwt-auth/src/main/java/io/smallrye/jwt/auth/principal/KeyLocationResolver.java index f6f3ed92..cb8d3d30 100644 --- a/implementation/jwt-auth/src/main/java/io/smallrye/jwt/auth/principal/KeyLocationResolver.java +++ b/implementation/jwt-auth/src/main/java/io/smallrye/jwt/auth/principal/KeyLocationResolver.java @@ -66,7 +66,7 @@ public Key resolveKey(JsonWebSignature jws, List nestingContex if (theKey == null) { try { - if (httpsJwks != null && httpsJwks.getJsonWebKeys() != null && jws != null + if (httpsJwks != null && jws != null && httpsJwks.getJsonWebKeys() != null && jws.getKeyIdHeaderValue() != null) { throw PrincipalMessages.msg.unmatchedTokenKidException(); } diff --git a/implementation/jwt-auth/src/main/java/io/smallrye/jwt/config/JWTAuthContextInfoProvider.java b/implementation/jwt-auth/src/main/java/io/smallrye/jwt/config/JWTAuthContextInfoProvider.java index dd2482c4..4f62d2b5 100644 --- a/implementation/jwt-auth/src/main/java/io/smallrye/jwt/config/JWTAuthContextInfoProvider.java +++ b/implementation/jwt-auth/src/main/java/io/smallrye/jwt/config/JWTAuthContextInfoProvider.java @@ -839,7 +839,7 @@ Optional getOptionalContextInfo() { Set resolvedAlgorithm = mpJwtPublicKeyAlgorithm; if (signatureAlgorithm.isPresent()) { if (signatureAlgorithm.get().getAlgorithm().startsWith("HS")) { - if (!NONE.equals(resolvedVerifyKeyLocation) && resolvedVerifyKeyLocation == mpJwtLocation) { + if (verificationKeyLocationSet && resolvedVerifyKeyLocation == mpJwtLocation) { throw ConfigMessages.msg.hmacNotSupported(); } } else { diff --git a/implementation/jwt-build/src/main/java/io/smallrye/jwt/build/impl/JwtClaimsBuilderImpl.java b/implementation/jwt-build/src/main/java/io/smallrye/jwt/build/impl/JwtClaimsBuilderImpl.java index eaec6629..830cf1d3 100644 --- a/implementation/jwt-build/src/main/java/io/smallrye/jwt/build/impl/JwtClaimsBuilderImpl.java +++ b/implementation/jwt-build/src/main/java/io/smallrye/jwt/build/impl/JwtClaimsBuilderImpl.java @@ -350,7 +350,7 @@ private static Object prepareValue(Object value) { private static Object convertJsonValue(JsonValue jsonValue) { if (jsonValue instanceof JsonString) { String jsonString = jsonValue.toString(); - return jsonString.toString().substring(1, jsonString.length() - 1); + return jsonString.substring(1, jsonString.length() - 1); } else if (jsonValue instanceof JsonNumber) { JsonNumber jsonNumber = (JsonNumber) jsonValue; if (jsonNumber.isIntegral()) { @@ -359,9 +359,9 @@ private static Object convertJsonValue(JsonValue jsonValue) { return jsonNumber.doubleValue(); } } else if (jsonValue == JsonValue.TRUE) { - return true; + return Boolean.TRUE; } else if (jsonValue == JsonValue.FALSE) { - return false; + return Boolean.FALSE; } else { return null; } diff --git a/implementation/jwt-build/src/main/java/io/smallrye/jwt/build/impl/JwtEncryptionImpl.java b/implementation/jwt-build/src/main/java/io/smallrye/jwt/build/impl/JwtEncryptionImpl.java index c621414a..6954374d 100644 --- a/implementation/jwt-build/src/main/java/io/smallrye/jwt/build/impl/JwtEncryptionImpl.java +++ b/implementation/jwt-build/src/main/java/io/smallrye/jwt/build/impl/JwtEncryptionImpl.java @@ -191,7 +191,7 @@ private String encryptInternal(Key key) { } private boolean isRelaxKeyValidation() { - return JwtBuildUtils.getConfigProperty(JwtBuildUtils.ENC_KEY_RELAX_VALIDATION_PROPERTY, Boolean.class, false); + return JwtBuildUtils.getConfigProperty(JwtBuildUtils.ENC_KEY_RELAX_VALIDATION_PROPERTY, Boolean.class, Boolean.FALSE); } private String getConfiguredKeyEncryptionAlgorithm() { diff --git a/implementation/jwt-build/src/main/java/io/smallrye/jwt/build/impl/JwtSignatureImpl.java b/implementation/jwt-build/src/main/java/io/smallrye/jwt/build/impl/JwtSignatureImpl.java index 30cfefc3..ae657ca7 100644 --- a/implementation/jwt-build/src/main/java/io/smallrye/jwt/build/impl/JwtSignatureImpl.java +++ b/implementation/jwt-build/src/main/java/io/smallrye/jwt/build/impl/JwtSignatureImpl.java @@ -191,7 +191,7 @@ private String signInternal(Key signingKey) { } private boolean isRelaxKeyValidation() { - return JwtBuildUtils.getConfigProperty(JwtBuildUtils.SIGN_KEY_RELAX_VALIDATION_PROPERTY, Boolean.class, false); + return JwtBuildUtils.getConfigProperty(JwtBuildUtils.SIGN_KEY_RELAX_VALIDATION_PROPERTY, Boolean.class, Boolean.FALSE); } private String getConfiguredSignatureAlgorithm() { diff --git a/implementation/jwt-jaxrs/src/main/java/io/smallrye/jwt/auth/jaxrs/JWTAuthorizationFilterRegistrar.java b/implementation/jwt-jaxrs/src/main/java/io/smallrye/jwt/auth/jaxrs/JWTAuthorizationFilterRegistrar.java index fc188b65..f91c37a0 100644 --- a/implementation/jwt-jaxrs/src/main/java/io/smallrye/jwt/auth/jaxrs/JWTAuthorizationFilterRegistrar.java +++ b/implementation/jwt-jaxrs/src/main/java/io/smallrye/jwt/auth/jaxrs/JWTAuthorizationFilterRegistrar.java @@ -93,7 +93,7 @@ private Annotation getAnnotation(Annotation[] declaredAnnotations, case 0: return null; case 1: - return annotations.iterator().next(); + return annotations.get(0); default: throw JAXRSMessages.msg.duplicateJWTAnnotationsFound(annotationPlacementDescriptor.get(), annotations); }