Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

JWT Auth micro optimization #841

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
JWT Auth micro optimization
luneo7 committed Nov 15, 2024

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
commit cffd5b8b23cbfd515e95adb8d7f530d045a4f811
Original file line number Diff line number Diff line change
@@ -312,8 +312,7 @@ private static String getKeyStoreType(String keyStorePath, Optional<String> keyS
if (keyStoreType.isPresent()) {
return keyStoreType.get().toUpperCase();
}
final String pathName = keyStorePath.toString();
if (pathName.endsWith(".p12") || pathName.endsWith(".pkcs12") || pathName.endsWith(".pfx")) {
if (keyStorePath.endsWith(".p12") || keyStorePath.endsWith(".pkcs12") || keyStorePath.endsWith(".pfx")) {
return "PKCS12";
} else {
// assume jks
Original file line number Diff line number Diff line change
@@ -67,8 +67,9 @@ public static void setContextTokenCookie(JWTAuthContextInfo contextInfo, Optiona
}

public static void setTokenSchemes(JWTAuthContextInfo contextInfo, String tokenSchemes) {
final List<String> schemes = new ArrayList<>();
for (final String s : tokenSchemes.split(",")) {
String[] splitTokenSchemes = tokenSchemes.split(",");
final List<String> schemes = new ArrayList<>(splitTokenSchemes.length);
for (final String s : splitTokenSchemes) {
schemes.add(s.trim());
}
contextInfo.setTokenSchemes(schemes);
Original file line number Diff line number Diff line change
@@ -90,7 +90,7 @@ Long getClaimAsLong(InjectionPoint ip) {
JsonNumber jsonValue = (JsonNumber) value;
returnValue = jsonValue.longValue();
} else {
returnValue = Long.parseLong(value.toString());
returnValue = Long.valueOf(value.toString());
}
}
return returnValue;
@@ -113,7 +113,7 @@ Double getClaimAsDouble(InjectionPoint ip) {
JsonNumber jsonValue = (JsonNumber) value;
returnValue = jsonValue.doubleValue();
} else {
returnValue = Double.parseDouble(value.toString());
returnValue = Double.valueOf(value.toString());
}
}
return returnValue;
@@ -135,9 +135,9 @@ Boolean getClaimAsBoolean(InjectionPoint ip) {
if (value instanceof JsonValue) {
final JsonValue.ValueType valueType = ((JsonValue) value).getValueType();
if (valueType.equals(JsonValue.ValueType.TRUE)) {
returnValue = true;
returnValue = Boolean.TRUE;
} else if (valueType.equals(JsonValue.ValueType.FALSE)) {
returnValue = false;
returnValue = Boolean.FALSE;
}
} else {
returnValue = Boolean.valueOf(value.toString());
Original file line number Diff line number Diff line change
@@ -18,7 +18,6 @@

import static java.util.Collections.emptyList;

import java.util.LinkedHashSet;
import java.util.Set;
import java.util.stream.Collectors;

@@ -91,19 +90,23 @@ private String decryptSignedToken(String token, JWTAuthContextInfo authContextIn
}

private String[] signatureAlgorithms(JWTAuthContextInfo authContextInfo) {
Set<String> algorithms = new LinkedHashSet<>();
for (SignatureAlgorithm keyEncAlgo : authContextInfo.getSignatureAlgorithm()) {
algorithms.add(keyEncAlgo.getAlgorithm());
Set<SignatureAlgorithm> signatureAlgorithm = authContextInfo.getSignatureAlgorithm();
String[] algorithms = new String[signatureAlgorithm.size()];
int counter = 0;
for (SignatureAlgorithm keyEncAlgo : signatureAlgorithm) {
algorithms[counter++] = keyEncAlgo.getAlgorithm();
}
return algorithms.toArray(new String[] {});
return algorithms;
}

private String[] encryptionAlgorithms(JWTAuthContextInfo authContextInfo) {
Set<String> algorithms = new LinkedHashSet<>();
for (KeyEncryptionAlgorithm keyEncAlgo : authContextInfo.getKeyEncryptionAlgorithm()) {
algorithms.add(keyEncAlgo.getAlgorithm());
Set<KeyEncryptionAlgorithm> keyEncryptionAlgorithm = authContextInfo.getKeyEncryptionAlgorithm();
String[] algorithms = new String[keyEncryptionAlgorithm.size()];
int counter = 0;
for (KeyEncryptionAlgorithm keyEncAlgo : keyEncryptionAlgorithm) {
algorithms[counter++] = keyEncAlgo.getAlgorithm();
}
return algorithms.toArray(new String[] {});
return algorithms;
}

private JwtContext parseClaims(String token, JWTAuthContextInfo authContextInfo, ProtectionLevel level)
Original file line number Diff line number Diff line change
@@ -66,7 +66,7 @@ public Key resolveKey(JsonWebSignature jws, List<JsonWebStructure> nestingContex

if (theKey == null) {
try {
if (httpsJwks != null && httpsJwks.getJsonWebKeys() != null && jws != null
if (httpsJwks != null && jws != null && httpsJwks.getJsonWebKeys() != null
&& jws.getKeyIdHeaderValue() != null) {
throw PrincipalMessages.msg.unmatchedTokenKidException();
}
Original file line number Diff line number Diff line change
@@ -839,7 +839,7 @@ Optional<JWTAuthContextInfo> getOptionalContextInfo() {
Set<SignatureAlgorithm> resolvedAlgorithm = mpJwtPublicKeyAlgorithm;
if (signatureAlgorithm.isPresent()) {
if (signatureAlgorithm.get().getAlgorithm().startsWith("HS")) {
if (!NONE.equals(resolvedVerifyKeyLocation) && resolvedVerifyKeyLocation == mpJwtLocation) {
if (verificationKeyLocationSet && resolvedVerifyKeyLocation == mpJwtLocation) {
throw ConfigMessages.msg.hmacNotSupported();
}
} else {
Original file line number Diff line number Diff line change
@@ -350,7 +350,7 @@ private static Object prepareValue(Object value) {
private static Object convertJsonValue(JsonValue jsonValue) {
if (jsonValue instanceof JsonString) {
String jsonString = jsonValue.toString();
return jsonString.toString().substring(1, jsonString.length() - 1);
return jsonString.substring(1, jsonString.length() - 1);
} else if (jsonValue instanceof JsonNumber) {
JsonNumber jsonNumber = (JsonNumber) jsonValue;
if (jsonNumber.isIntegral()) {
@@ -359,9 +359,9 @@ private static Object convertJsonValue(JsonValue jsonValue) {
return jsonNumber.doubleValue();
}
} else if (jsonValue == JsonValue.TRUE) {
return true;
return Boolean.TRUE;
} else if (jsonValue == JsonValue.FALSE) {
return false;
return Boolean.FALSE;
} else {
return null;
}
Original file line number Diff line number Diff line change
@@ -191,7 +191,7 @@ private String encryptInternal(Key key) {
}

private boolean isRelaxKeyValidation() {
return JwtBuildUtils.getConfigProperty(JwtBuildUtils.ENC_KEY_RELAX_VALIDATION_PROPERTY, Boolean.class, false);
return JwtBuildUtils.getConfigProperty(JwtBuildUtils.ENC_KEY_RELAX_VALIDATION_PROPERTY, Boolean.class, Boolean.FALSE);
}

private String getConfiguredKeyEncryptionAlgorithm() {
Original file line number Diff line number Diff line change
@@ -191,7 +191,7 @@ private String signInternal(Key signingKey) {
}

private boolean isRelaxKeyValidation() {
return JwtBuildUtils.getConfigProperty(JwtBuildUtils.SIGN_KEY_RELAX_VALIDATION_PROPERTY, Boolean.class, false);
return JwtBuildUtils.getConfigProperty(JwtBuildUtils.SIGN_KEY_RELAX_VALIDATION_PROPERTY, Boolean.class, Boolean.FALSE);
}

private String getConfiguredSignatureAlgorithm() {
Original file line number Diff line number Diff line change
@@ -93,7 +93,7 @@ private Annotation getAnnotation(Annotation[] declaredAnnotations,
case 0:
return null;
case 1:
return annotations.iterator().next();
return annotations.get(0);
default:
throw JAXRSMessages.msg.duplicateJWTAnnotationsFound(annotationPlacementDescriptor.get(), annotations);
}