Skip to content

Commit

Permalink
Merge branch 'wildfly-security:2.x' into ELY-2480
Browse files Browse the repository at this point in the history
  • Loading branch information
Dkafetzis authored Nov 14, 2024
2 parents a75c959 + 25853e4 commit c6edd87
Show file tree
Hide file tree
Showing 148 changed files with 1,815 additions and 521 deletions.
2 changes: 2 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,8 @@ target
nbactions.xml
nb-configuration.xml
catalog.xml
# Ignore VSCode Files
.vscode
#
maven-ant-tasks.jar
test-output
Expand Down
23 changes: 22 additions & 1 deletion CONTRIBUTING.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,10 @@ Welcome to the WildFly Elytron project! We welcome contributions from the commun
- [Good First Issues](#good-first-issues)
- [Setting up your Developer Environment](#setting-up-your-developer-environment)
- [Contributing Guidelines](#contributing-guidelines)
- [Testing](#testing)
- [Pull Request Process](#pull-request-process)
- [Documentation](#documentation)
- [FAQ for New Contributors](#faq-for-new-contributors)
- [Community](#community)


Expand Down Expand Up @@ -92,8 +96,18 @@ The generated report is at `target/site/clover` and to access it start by openin

For more information, including details on how WildFly Elytron is integrated in WildFly Core and WildFly, check out our [developer guide](https://wildfly-security.github.io/wildfly-elytron/getting-started-for-developers/).


## Contributing Guidelines

### Testing
Ensure that your changes are thoroughly tested before submitting a pull request. Follow these testing guidelines:

- Run the existing unit tests using Maven: `mvn clean test`
- Include new unit tests for your code changes.

If applicable, provide instructions on how to run integration tests or any additional testing procedures.

### Pull Request Process
When submitting a PR, please keep the following guidelines in mind:

1. In general, it's good practice to squash all of your commits into a single commit. For larger changes, it's ok to have multiple meaningful commits. If you need help with squashing your commits, feel free to ask us how to do this on your pull request. We're more than happy to help!
Expand All @@ -104,6 +118,13 @@ When submitting a PR, please keep the following guidelines in mind:

For an example of a properly formatted PR, take a look at https://github.com/wildfly-security/wildfly-elytron/pull/1532

### Documentation
Contributors are encouraged to keep documentation up-to-date along with code changes. If your changes impact user-facing features, update the relevant documentation files in directory.
Community documentation can be found in the [wildfly repository](https://github.com/wildfly/wildfly/tree/main/docs)

## FAQ for New Contributors
Check out our [Frequently Asked Questions](https://fjuma.github.io/wildfly-elytron/blog/frequently-asked-questions-new-contributors/) for New Contributors.

## Code Reviews

All submissions, including submissions by project members, need to be reviewed by at least two WildFly Elytron committers before being merged.
Expand All @@ -117,4 +138,4 @@ your PR directly against the relevant maintenance branch. Once a fix for a maint
merge the maintenance branch to the upstream branch to ensure changes are kept in sync.

## Community
For more information on how to get involved with WildFly Elytron, check out our [community](https://wildfly-security.github.io/wildfly-elytron/community/) page.
For more information on how to get involved with WildFly Elytron, check out our [community](https://wildfly-security.github.io/wildfly-elytron/community/) page.
2 changes: 1 addition & 1 deletion asn1/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@
<parent>
<groupId>org.wildfly.security</groupId>
<artifactId>wildfly-elytron-parent</artifactId>
<version>2.5.2.CR1-SNAPSHOT</version>
<version>2.6.1.CR1-SNAPSHOT</version>
</parent>

<modelVersion>4.0.0</modelVersion>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -470,7 +470,7 @@ public void writeEncoded(byte[] encoded) {

@Override
public void flush() {
while (states.size() != 0) {
while (!states.isEmpty()) {
EncoderState lastState = states.peekLast();
if (lastState.getTag() == SEQUENCE_TYPE) {
endSequence();
Expand Down
2 changes: 1 addition & 1 deletion audit/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@
<parent>
<groupId>org.wildfly.security</groupId>
<artifactId>wildfly-elytron-parent</artifactId>
<version>2.5.2.CR1-SNAPSHOT</version>
<version>2.6.1.CR1-SNAPSHOT</version>
</parent>

<modelVersion>4.0.0</modelVersion>
Expand Down
2 changes: 1 addition & 1 deletion auth/base/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@
<parent>
<groupId>org.wildfly.security</groupId>
<artifactId>wildfly-elytron-parent</artifactId>
<version>2.5.2.CR1-SNAPSHOT</version>
<version>2.6.1.CR1-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>

Expand Down
2 changes: 1 addition & 1 deletion auth/client/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@
<parent>
<groupId>org.wildfly.security</groupId>
<artifactId>wildfly-elytron-parent</artifactId>
<version>2.5.2.CR1-SNAPSHOT</version>
<version>2.6.1.CR1-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -3466,7 +3466,7 @@ static CredentialSource parseLocalKerberos(ConfigurationXMLStreamReader reader)
default: throw reader.unexpectedAttribute(i);
}
}
if (mechanismOids.size() == 0) {
if (mechanismOids.isEmpty()) {
mechanismOids.add(GSSCredentialSecurityFactory.KERBEROS_V5);
mechanismOids.add(GSSCredentialSecurityFactory.SPNEGO);
}
Expand Down Expand Up @@ -3649,6 +3649,9 @@ protected AbstractLoadingKeyStoreFactory(final ExceptionSupplier<KeyStore, Confi
public KeyStore get() throws ConfigXMLParseException {
try {
KeyStore keyStore = delegateFactory.get();
if (passwordFactory == null || passwordFactory.get() == null) {
xmlLog.noKeystorePasswordSpecified(location);
}
try (InputStream fis = createStream()) {
keyStore.load(fis, passwordFactory == null ? null : passwordFactory.get());
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@

package org.wildfly.security.auth.client._private;

import static org.jboss.logging.Logger.Level.INFO;
import static org.jboss.logging.Logger.Level.WARN;

import java.io.IOException;
Expand Down Expand Up @@ -129,6 +130,10 @@ ConfigXMLParseException xmlDuplicateAuthenticationConfigurationName(String name,
ConfigXMLParseException xmlInvalidKeyStoreEntryType(@Param Location location, String alias, Class<?> expectedClass,
Class<?> actualClass);

@LogMessage(level = INFO)
@Message(id = 1138, value = "No Keystore password specified \"%s\"")
void noKeystorePasswordSpecified(Location location);

@Message(id = 1139, value = "Failed to create credential store")
ConfigXMLParseException xmlFailedToCreateCredentialStore(@Param Location location, @Cause Throwable cause);

Expand Down
2 changes: 1 addition & 1 deletion auth/realm/base/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@
<parent>
<groupId>org.wildfly.security</groupId>
<artifactId>wildfly-elytron-parent</artifactId>
<version>2.5.2.CR1-SNAPSHOT</version>
<version>2.6.1.CR1-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -79,18 +79,14 @@ public AggregateSecurityRealm(final SecurityRealm authenticationRealm, Function<
public RealmIdentity getRealmIdentity(final Evidence evidence) throws RealmUnavailableException {
boolean ok = false;
final RealmIdentity authenticationIdentity = authenticationRealm.getRealmIdentity(evidence);
if (authenticationIdentity.exists()) {
log.tracef("Authentication identity for principal [%s] found.", evidence.getDecodedPrincipal());
}
log.tracef("Authentication identity for principal [%s] obtained.", evidence.getDecodedPrincipal());
final RealmIdentity[] authorizationIdentities = new RealmIdentity[authorizationRealms.length];
try {
for (int i = 0; i < authorizationIdentities.length; i++) {
SecurityRealm authorizationRealm = authorizationRealms[i];
authorizationIdentities[i] = (authorizationRealm == authenticationRealm) ? authenticationIdentity
: getAuthorizationIdentity(authorizationRealm, evidence, principalTransformer, authenticationIdentity);
if (authorizationIdentities[i].exists()) {
log.tracef("Authorization identity for principal [%s] found.", evidence.getDecodedPrincipal());
}
log.tracef("Authorization identity for principal [%s] obtained.", evidence.getDecodedPrincipal());
}

final Identity identity = new Identity(authenticationIdentity, authorizationIdentities);
Expand All @@ -111,9 +107,7 @@ public RealmIdentity getRealmIdentity(final Evidence evidence) throws RealmUnava
public RealmIdentity getRealmIdentity(final Principal principal) throws RealmUnavailableException {
boolean ok = false;
final RealmIdentity authenticationIdentity = authenticationRealm.getRealmIdentity(principal);
if (authenticationIdentity.exists()) {
log.tracef("Authentication identity for principal [%s] found.", principal);
}
log.tracef("Authentication identity for principal [%s] obtained.", principal);
Principal authorizationPrincipal = principal;
if (principalTransformer != null) {
authorizationPrincipal = principalTransformer.apply(authorizationPrincipal);
Expand All @@ -125,9 +119,7 @@ public RealmIdentity getRealmIdentity(final Principal principal) throws RealmUna
for (int i = 0; i < authorizationIdentities.length; i++) {
SecurityRealm authorizationRealm = authorizationRealms[i];
authorizationIdentities[i] = (authorizationRealm == authenticationRealm) && (principalTransformer == null) ? authenticationIdentity : authorizationRealm.getRealmIdentity(authorizationPrincipal);
if (authorizationIdentities[i].exists()) {
log.tracef("Authorization identity for principal [%s] found.", principal);
}
log.tracef("Authorization identity for principal [%s] obtained.", principal);
}

final Identity identity = new Identity(authenticationIdentity, authorizationIdentities);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@
* A utility class to utilize methods from the {@code FileSystemSecurityRealm} class for the Elytron Tool.
*
* @author <a href="mailto:[email protected]">Ashpan Raskar</a>
* @author <a href="mailto:carodrig@redhat.com">Cameron Rodriguez</a>
* @author <a href="mailto:jrodri@redhat.com">Jessica Rodriguez</a>
*/
public class FileSystemRealmUtil {

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -275,8 +275,7 @@ private static X509Certificate populateCertificateChain() throws Exception {

builder.setSignatureAlgorithmName("SHA256withRSA");
builder.setPublicKey(keyPair.getPublic());
final X509Certificate orderedCertificate = builder.build();
return orderedCertificate;
return builder.build();
}

private Path getRootPath(String path, boolean deleteIfExists) throws Exception {
Expand Down
2 changes: 1 addition & 1 deletion auth/realm/jdbc/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@
<parent>
<groupId>org.wildfly.security</groupId>
<artifactId>wildfly-elytron-parent</artifactId>
<version>2.5.2.CR1-SNAPSHOT</version>
<version>2.6.1.CR1-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>

Expand Down
2 changes: 1 addition & 1 deletion auth/realm/ldap/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@
<parent>
<groupId>org.wildfly.security</groupId>
<artifactId>wildfly-elytron-parent</artifactId>
<version>2.5.2.CR1-SNAPSHOT</version>
<version>2.6.1.CR1-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>

Expand Down
4 changes: 2 additions & 2 deletions auth/realm/token/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@
<parent>
<groupId>org.wildfly.security</groupId>
<artifactId>wildfly-elytron-parent</artifactId>
<version>2.5.2.CR1-SNAPSHOT</version>
<version>2.6.1.CR1-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>

Expand Down Expand Up @@ -85,7 +85,7 @@

<!--Test scope-->
<dependency>
<groupId>org.glassfish</groupId>
<groupId>org.eclipse.parsson</groupId>
<artifactId>jakarta.json</artifactId>
<scope>test</scope>
</dependency>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,10 @@
import java.util.Arrays;
import java.util.function.Function;

import static org.junit.Assert.*;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNull;

/**
* @author <a href="mailto:[email protected]">Pedro Igor</a>
Expand Down
2 changes: 1 addition & 1 deletion auth/server/base/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@
<parent>
<groupId>org.wildfly.security</groupId>
<artifactId>wildfly-elytron-parent</artifactId>
<version>2.5.2.CR1-SNAPSHOT</version>
<version>2.6.1.CR1-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>

Expand Down
2 changes: 1 addition & 1 deletion auth/server/deprecated/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@
<parent>
<groupId>org.wildfly.security</groupId>
<artifactId>wildfly-elytron-parent</artifactId>
<version>2.5.2.CR1-SNAPSHOT</version>
<version>2.6.1.CR1-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@
* {@link HttpServerAuthenticationMechanismFactory} for obtaining configured mechanisms.
*
* @author <a href="mailto:[email protected]">Darran Lofthouse</a>
* @deprecated Use {@link org.wildfly.security.auth.server.http.HttpAuthenticationFactory} instead
* @deprecated Use {@link org.wildfly.security.auth.server.http.HttpAuthenticationFactory org.wildfly.security.auth.server.http.HttpAuthenticationFactory} instead
*/
@Deprecated
public final class HttpAuthenticationFactory extends AbstractMechanismAuthenticationFactory<HttpServerAuthenticationMechanism, HttpServerAuthenticationMechanismFactory, HttpAuthenticationException> {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@
* A SASL server factory configuration.
*
* @author <a href="mailto:[email protected]">David M. Lloyd</a>
* @deprecated Use {@link org.wildfly.security.auth.server.sasl.SaslAuthenticationFactory} instead
* @deprecated Use {@link org.wildfly.security.auth.server.sasl.SaslAuthenticationFactory org.wildfly.security.auth.server.sasl.SaslAuthenticationFactory} instead
*/
@Deprecated
public final class SaslAuthenticationFactory extends AbstractMechanismAuthenticationFactory<SaslServer, SaslServerFactory, SaslException> {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@
* the callback handler is returned instead.
*
* @author <a href="mailto:[email protected]">Darran Lofthouse</a>
* @deprecated Use {@link org.wildfly.security.auth.server.http.SecurityIdentityServerMechanismFactory} instead
* @deprecated Use {@link org.wildfly.security.auth.server.http.SecurityIdentityServerMechanismFactory org.wildfly.security.auth.server.http.SecurityIdentityServerMechanismFactory} instead
*/
@Deprecated
class SecurityIdentityServerMechanismFactory implements HttpServerAuthenticationMechanismFactory {
Expand Down
2 changes: 1 addition & 1 deletion auth/server/http/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@
<parent>
<groupId>org.wildfly.security</groupId>
<artifactId>wildfly-elytron-parent</artifactId>
<version>2.5.2.CR1-SNAPSHOT</version>
<version>2.6.1.CR1-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>

Expand Down
2 changes: 1 addition & 1 deletion auth/server/sasl/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@
<parent>
<groupId>org.wildfly.security</groupId>
<artifactId>wildfly-elytron-parent</artifactId>
<version>2.5.2.CR1-SNAPSHOT</version>
<version>2.6.1.CR1-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>

Expand Down
2 changes: 1 addition & 1 deletion auth/util/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@
<parent>
<groupId>org.wildfly.security</groupId>
<artifactId>wildfly-elytron-parent</artifactId>
<version>2.5.2.CR1-SNAPSHOT</version>
<version>2.6.1.CR1-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>

Expand Down
2 changes: 1 addition & 1 deletion base/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@
<parent>
<groupId>org.wildfly.security</groupId>
<artifactId>wildfly-elytron-parent</artifactId>
<version>2.5.2.CR1-SNAPSHOT</version>
<version>2.6.1.CR1-SNAPSHOT</version>
</parent>

<modelVersion>4.0.0</modelVersion>
Expand Down
2 changes: 1 addition & 1 deletion credential/base/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@
<parent>
<groupId>org.wildfly.security</groupId>
<artifactId>wildfly-elytron-parent</artifactId>
<version>2.5.2.CR1-SNAPSHOT</version>
<version>2.6.1.CR1-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@
import java.security.interfaces.RSAMultiPrimePrivateCrtKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.DSAParameterSpec;
import java.security.spec.ECParameterSpec;
import java.util.Arrays;
import java.util.Objects;
Expand Down Expand Up @@ -99,7 +100,9 @@ public static <P extends AlgorithmParameterSpec> P getParameters(Key key, Class<
} else if (key instanceof RSAKey && paramSpecClass.isAssignableFrom(RSAParameterSpec.class)) {
return paramSpecClass.cast(new RSAParameterSpec((RSAKey) key));
} else if (key instanceof DSAKey && paramSpecClass.isAssignableFrom(DSAParams.class)) {
return paramSpecClass.cast(((DSAKey) key).getParams());
final DSAKey dsaKey = (DSAKey) key;
final DSAParams dsaParams = dsaKey.getParams();
return paramSpecClass.cast(new DSAParameterSpec(dsaParams.getP(), dsaParams.getQ(), dsaParams.getG()));
} else if (key instanceof ECKey && paramSpecClass.isAssignableFrom(ECParameterSpec.class)) {
return paramSpecClass.cast(((ECKey) key).getParams());
} else if (key instanceof DHKey && paramSpecClass.isAssignableFrom(DHParameterSpec.class)) {
Expand Down
2 changes: 1 addition & 1 deletion credential/source/deprecated/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@
<parent>
<groupId>org.wildfly.security</groupId>
<artifactId>wildfly-elytron-parent</artifactId>
<version>2.5.2.CR1-SNAPSHOT</version>
<version>2.6.1.CR1-SNAPSHOT</version>
<relativePath>../../../pom.xml</relativePath>
</parent>

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@
* A credential source which is backed by a callback handler.
*
* @author <a href="mailto:[email protected]">David M. Lloyd</a>
* @deprecated Use {@link org.wildfly.security.credential.source.impl.CallbackHandlerCredentialSource} instead
* @deprecated Use {@link org.wildfly.security.credential.source.impl.CallbackHandlerCredentialSource org.wildfly.security.credential.source.impl.CallbackHandlerCredentialSource} instead
*/
@Deprecated
public final class CallbackHandlerCredentialSource implements CredentialSource {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@
* A credential source which acquires a credential from the command line.
*
* @author <a href="mailto:[email protected]">David M. Lloyd</a>
* @deprecated Use {@link org.wildfly.security.credential.source.impl.CommandCredentialSource} instead
* @deprecated Use {@link org.wildfly.security.credential.source.impl.CommandCredentialSource org.wildfly.security.credential.source.impl.CommandCredentialSource} instead
*/
@Deprecated
public final class CommandCredentialSource implements CredentialSource {
Expand Down
Loading

0 comments on commit c6edd87

Please sign in to comment.