[tomee-site-pub] branch asf-site updated: September 2023 board report
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch asf-site in repository https://gitbox.apache.org/repos/asf/tomee-site-pub.git The following commit(s) were added to refs/heads/asf-site by this push: new 0e7cf67d21 September 2023 board report 0e7cf67d21 is described below commit 0e7cf67d21ff2d388398d8a1c8fd4c124bde8b30 Author: David Blevins AuthorDate: Wed Oct 11 12:00:03 2023 -0700 September 2023 board report --- board-report-2023-09-20.txt | 97 + 1 file changed, 97 insertions(+) diff --git a/board-report-2023-09-20.txt b/board-report-2023-09-20.txt new file mode 100644 index 00..b97cc4c9aa --- /dev/null +++ b/board-report-2023-09-20.txt @@ -0,0 +1,97 @@ +## Description: + +Apache TomEE delivers enterprise application containers and services based +on, but not limited to the Enterprise JavaBeans Specification and Java +Enterprise Edition Specifications. + +## Health + +Activity on the project over the last quarter has been low with just 10 +commits to main in the previous three months from today (9/17). We seem to +be steadily trending downward over the years. Here's an analysis of commits +broken up by calendar quarter since work first started on TomEE 1.0. + +YearQ1 Q2 Q3 Q4Average + --- --- --- ------ +202330 42 7 26 +2022 248 175 78 107 152 +202166 141 41 34 70 +202033 147 123 94 99 +2019 446 190 214 120 242 +2018 156 58 141 555 227 +201758 88 108 104 89 +2016 116 114 174 69 118 +2015 234 263 65 127 172 +2014 234 353 396 363 336 +2013 434 264 195 188 270 +2012 632 671 632 597 633 +2011 111 266 486 400 315 + +The project has actively been trying to increase participation. Users on the +user list are frequently encouraged to help and given the "every contribution +helps" perspective. + +The few that have shown interest are given very warm and encouraging +responses with a great deal of coaching to feel comfortable asking questions, +not get discouraged, not be hard on themselves and are encouraged to start +small and get the encouragement a quick win before trying bigger tasks. + +Despite our efforts, almost no one makes it to the point where they can +contribute to core code in any capacity. Contributions typically stop at +minor doc updates and library upgrades. + +Those that do show enough promise to make it to committer tend to not +continue contributing very long. We've added 7 committers in the last 6 +years and of that list only one contributes regularly. Two in the list +stopped contributing once they gained the committer title, three stopped +committing in the first year. Lowering the bar to commit hasn't really +helped. + +A significant bar to entry has always been that the TCKs we implement were +restricted and not available to the public. These were all open sourced in +2018/2019 and we had hoped this would be key in enabling more members of the +community to help with the main work of the project, getting compliance tests +to pass and shipping certified releases. This hasn't really helped and in +fact the new faster pace at which specifications are released seems to only +hurt us. + +We had reported build times as a potential deterrent (they were 4-5 hours) +and worked with Infra to help setup builds in AWS. This was complete last +quarter. So far we have not had any new contributors test out this new +system. + +We will keep trying, but overall it seems like very few are in a position to +contribute. There is a high bar in terms of time and experience we simply +cannot control or reduce. Fixing one TCK test can take a very experienced +person one week full-time. You need to research cryptic text in +specifications, do deep debugging in code you don't know to find causes, and +find intricate solutions that do not cause new failures elsewhere. Due to +the time involved it isn't something you can do without the support of your +employer and it doesn't appear anyone who uses TomEE has interest in +investing in the project at that level. + + +## Activity + +As mentioned above, activity has been low -- 10 commits to main in the last +90 days. No new releases have been shipped. + +The work done has largely been around the integration between TomEE and CXF, +specifically to get CXF 4.0 fully integrated. We have seen a new face arrive +and offer to help in this area and has openend a PR to help setup the new +Jakarta REST TCK suite from Jakarta EE 10. It's not fully working and breaks +the build, but is still very positive. Any kind of start is a good start. + +## PMC changes: + +- Currently 13 PMC members. +- Last PMC addition Richard Zowalla on May 23rd, 2022 + +## Committer base changes: + +- Currently 33 committers. +- Last committer added was Richard Zowalla on January 6th 2021 + +## Release
[tomee-site-generator] branch main updated: minor fix for donwload page
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee-site-generator.git The following commit(s) were added to refs/heads/main by this push: new 7e8c371 minor fix for donwload page new 6ca5371 Merge pull request #62 from cesarhernandezgt/main-patch 7e8c371 is described below commit 7e8c3718faff518e32335dbd835914a6c39f7e5f Author: Cesar Hernandez AuthorDate: Thu Mar 23 11:39:11 2023 -0600 minor fix for donwload page --- src/main/jbake/content/download.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/jbake/content/download.adoc b/src/main/jbake/content/download.adoc index 7cff525..d3887b0 100755 --- a/src/main/jbake/content/download.adoc +++ b/src/main/jbake/content/download.adoc @@ -41,7 +41,7 @@ IMPORTANT: Note: Information on possible ways to migrate from `javax` to `jakart - MicroProfile 2.0 - Java 8 or higher - link:8.0.14/release-notes.html[Release Notes] -- link:tomee-8.0-eol.html[End of life Notes] +- link:tomee-8.0-eol.html[The support for Apache TomEE 8.0.x will end on 31 December 2023] [cols="2,4*^1",options="header"] |===
[tomee-site-generator] branch main updated: TOMEE-4193 Added eol pages for website
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee-site-generator.git The following commit(s) were added to refs/heads/main by this push: new f6a6103 TOMEE-4193 Added eol pages for website new cecc880 Merge pull request #61 from cesarhernandezgt/main-patch f6a6103 is described below commit f6a61031d32a5ef7e3011d5c5b406961870533ff Author: Cesar Hernandez AuthorDate: Mon Mar 20 17:26:55 2023 -0600 TOMEE-4193 Added eol pages for website --- src/main/jbake/content/download.adoc | 4 src/main/jbake/content/tomee-1.7-eol.adoc | 10 ++ src/main/jbake/content/tomee-7.0-eol.adoc | 10 ++ src/main/jbake/content/tomee-7.1-eol.adoc | 10 ++ src/main/jbake/content/tomee-8.0-eol.adoc | 11 +++ 5 files changed, 45 insertions(+) diff --git a/src/main/jbake/content/download.adoc b/src/main/jbake/content/download.adoc index 75e646e..7cff525 100755 --- a/src/main/jbake/content/download.adoc +++ b/src/main/jbake/content/download.adoc @@ -41,6 +41,7 @@ IMPORTANT: Note: Information on possible ways to migrate from `javax` to `jakart - MicroProfile 2.0 - Java 8 or higher - link:8.0.14/release-notes.html[Release Notes] +- link:tomee-8.0-eol.html[End of life Notes] [cols="2,4*^1",options="header"] |=== @@ -62,6 +63,7 @@ IMPORTANT: Note: Information on possible ways to migrate from `javax` to `jakart - Java EE 7 - MicroProfile 2.0 - Java 7 or Java 8 +- link:tomee-7.1-eol.html[End of life Notes] [cols="2,4*^1",options="header"] |=== @@ -89,6 +91,7 @@ IMPORTANT: This branch is discontinued. No upcoming releases are planned due to - Java EE 7 - Java 7 or Java 8 +- link:tomee-7.0-eol.html[End of life Notes] [cols="2,4*^1",options="header"] |=== @@ -114,6 +117,7 @@ IMPORTANT: This branch is discontinued. No upcoming releases are planned due to - Java EE 6 - Java 6, Java 7 or Java 8 +- link:tomee-1.7-eol.html[End of life Notes] [cols="2,4*^1",options="header"] diff --git a/src/main/jbake/content/tomee-1.7-eol.adoc b/src/main/jbake/content/tomee-1.7-eol.adoc new file mode 100644 index 000..b1344ac --- /dev/null +++ b/src/main/jbake/content/tomee-1.7-eol.adoc @@ -0,0 +1,10 @@ += End of life for Apache TomEE 1.7.x +:jbake-type: page +:jbake-status: published + +The Apache TomEE team announces that Apache TomEE 1.7.x has reached it's end of life. +This means: + +- Releases from the `tomee-1.7.x` branch are highly unlikely +- Bugs affecting only the `tomee-1.7.x` branch will not be addressed +- Security vulnerability reports will not be checked against the `tomee-1.7.x` branch \ No newline at end of file diff --git a/src/main/jbake/content/tomee-7.0-eol.adoc b/src/main/jbake/content/tomee-7.0-eol.adoc new file mode 100644 index 000..2bfb8a3 --- /dev/null +++ b/src/main/jbake/content/tomee-7.0-eol.adoc @@ -0,0 +1,10 @@ += End of life for Apache TomEE 7.0.x +:jbake-type: page +:jbake-status: published + +The Apache TomEE team announces that Apache TomEE 7.0.x has reached it's end of life. +This means: + +- Releases from the `tomee-7.0.x` branch are highly unlikely +- Bugs affecting only the `tomee-7.0.x` branch will not be addressed +- Security vulnerability reports will not be checked against the `tomee-7.0.x` branch \ No newline at end of file diff --git a/src/main/jbake/content/tomee-7.1-eol.adoc b/src/main/jbake/content/tomee-7.1-eol.adoc new file mode 100644 index 000..49beaa8 --- /dev/null +++ b/src/main/jbake/content/tomee-7.1-eol.adoc @@ -0,0 +1,10 @@ += End of life for Apache TomEE 7.1.x +:jbake-type: page +:jbake-status: published + +The Apache TomEE team announces that Apache TomEE 7.1.x has reached it's end of life. +This means: + +- Releases from the `tomee-7.1.x` branch are highly unlikely +- Bugs affecting only the `tomee-7.1.x` branch will not be addressed +- Security vulnerability reports will not be checked against the `tomee-7.1.x` branch \ No newline at end of file diff --git a/src/main/jbake/content/tomee-8.0-eol.adoc b/src/main/jbake/content/tomee-8.0-eol.adoc new file mode 100644 index 000..a04d968 --- /dev/null +++ b/src/main/jbake/content/tomee-8.0-eol.adoc @@ -0,0 +1,11 @@ += End of life for Apache TomEE 8.0.x +:jbake-type: page +:jbake-status: published + +The Apache TomEE team announces that support for Apache TomEE 8.0.x will end on 31 December 2023. + +This means that after 31 December 2023: + +- releases from the `tomee-8.x` branch are highly unlikely +- bugs affecting only the `tomee-8.x` branch will not be addressed +- security vulnerability reports will not be checked against the `tomee-8.x` branch \ No newline at end of file
[tomee-jakartaee-api] branch main updated (0532bfa -> b7972f8)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch main in repository https://gitbox.apache.org/repos/asf/tomee-jakartaee-api.git from 0532bfa TOMEE-3983 Upgrade Activation Spec 2.0 to 1.0.0 add db112ea Update Tomcat for APIs add 571ee3d [maven-release-plugin] prepare release jakartaee-api-9.1 add 68f0538 [maven-release-plugin] prepare for next development iteration add 77e303c Move to Jakarta EE 10 when available add 93de963 Add lang model API add 1c64cd7 [maven-release-plugin] prepare release jakartaee-api-10.0-M1 add 6ec87ad [maven-release-plugin] prepare for next development iteration add 8dd741a Update name to EE 10 add a77924a [maven-release-plugin] rollback the release of jakartaee-api-10.0-M1 add 2f282a1 Update name to EE 10 add 68d2a76 [maven-release-plugin] prepare release jakartaee-api-10.0-M1 add 8966a1e [maven-release-plugin] prepare for next development iteration add 233b854 [maven-release-plugin] rollback the release of jakartaee-api-10.0-M1 add 1e78abf [maven-release-plugin] prepare release jakartaee-api-10.0-M1 add fc72dcd [maven-release-plugin] prepare for next development iteration new b7972f8 Merge pull request #1 from apache/master The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: pom.xml | 92 ++--- 1 file changed, 60 insertions(+), 32 deletions(-)
[tomee-jakartaee-api] 01/01: Merge pull request #1 from apache/master
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee-jakartaee-api.git commit b7972f8afbae27a11c99db7ac7b70ab491469ce8 Merge: 0532bfa fc72dcd Author: David Blevins AuthorDate: Wed Feb 8 16:56:08 2023 -0800 Merge pull request #1 from apache/master Merge EE 10 changes into main branch pom.xml | 92 ++--- 1 file changed, 60 insertions(+), 32 deletions(-)
[tomee-tck] 01/01: Setup for TomEE 10 against EE 9.1 TCK
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch tomee-10-with-ee-91 in repository https://gitbox.apache.org/repos/asf/tomee-tck.git commit b34dd7d6b480dcb133e55d54d74edf34671112c9 Author: David Blevins AuthorDate: Tue Jan 31 08:54:18 2023 -0800 Setup for TomEE 10 against EE 9.1 TCK --- pom.xml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pom.xml b/pom.xml index 12ac98c..87187ca 100644 --- a/pom.xml +++ b/pom.xml @@ -39,10 +39,10 @@ org.apache.tomee -9.0.0-SNAPSHOT -9.0.0-SNAPSHOT +10.0.0-SNAPSHOT +10.0.0-SNAPSHOT org.apache.tomee -9.0.0-SNAPSHOT +10.0.0-SNAPSHOT
[tomee-tck] branch tomee-10-with-ee-91 created (now b34dd7d)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch tomee-10-with-ee-91 in repository https://gitbox.apache.org/repos/asf/tomee-tck.git at b34dd7d Setup for TomEE 10 against EE 9.1 TCK This branch includes the following new commits: new b34dd7d Setup for TomEE 10 against EE 9.1 TCK The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
[tomee-tck] 01/01: Set version to TomEE 9.0.0
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch tomee-9-with-ee-10 in repository https://gitbox.apache.org/repos/asf/tomee-tck.git commit 715066edfe5dc9658e57cb49e5fc558baa294d56 Author: David Blevins AuthorDate: Tue Jan 31 08:38:15 2023 -0800 Set version to TomEE 9.0.0 --- pom.xml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pom.xml b/pom.xml index 30aae00..26e9d78 100644 --- a/pom.xml +++ b/pom.xml @@ -39,10 +39,10 @@ org.apache.tomee -10.0.0-SNAPSHOT -10.0.0-SNAPSHOT +9.0.0 +9.0.0 org.apache.tomee -10.0.0-SNAPSHOT +9.0.0
[tomee-tck] branch tomee-9-with-ee-10 created (now 715066e)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch tomee-9-with-ee-10 in repository https://gitbox.apache.org/repos/asf/tomee-tck.git at 715066e Set version to TomEE 9.0.0 This branch includes the following new commits: new 715066e Set version to TomEE 9.0.0 The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
[creadur-tentacles] branch master updated: Update version to 0.2-SNAPSHOT
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/creadur-tentacles.git The following commit(s) were added to refs/heads/master by this push: new e72acf2 Update version to 0.2-SNAPSHOT e72acf2 is described below commit e72acf25c794faac7354d9171f517c674d0a814f Author: David Blevins AuthorDate: Thu Jan 26 13:15:20 2023 -0800 Update version to 0.2-SNAPSHOT --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 6950b62..41e60db 100644 --- a/pom.xml +++ b/pom.xml @@ -25,7 +25,7 @@ org.apache.creadur.tentacles apache-tentacles jar - 0.1-SNAPSHOT + 0.2-SNAPSHOT Apache Tentacles Utility to download binaries from a remote repository and scan them for LICENSE and NOTICE files
svn commit: r59550 - /release/creadur/apache-tentacles-0.1/
Author: dblevins Date: Mon Jan 23 20:36:08 2023 New Revision: 59550 Log: Add sha512 sums Added: release/creadur/apache-tentacles-0.1/apache-tentacles-0.1-jar-with-dependencies.jar.sha512 release/creadur/apache-tentacles-0.1/apache-tentacles-0.1-javadoc.jar.sha512 release/creadur/apache-tentacles-0.1/apache-tentacles-0.1-source-release.zip.sha512 release/creadur/apache-tentacles-0.1/apache-tentacles-0.1-sources.jar.sha512 release/creadur/apache-tentacles-0.1/apache-tentacles-0.1.jar.sha512 release/creadur/apache-tentacles-0.1/apache-tentacles-0.1.pom.sha512 Added: release/creadur/apache-tentacles-0.1/apache-tentacles-0.1-jar-with-dependencies.jar.sha512 == --- release/creadur/apache-tentacles-0.1/apache-tentacles-0.1-jar-with-dependencies.jar.sha512 (added) +++ release/creadur/apache-tentacles-0.1/apache-tentacles-0.1-jar-with-dependencies.jar.sha512 Mon Jan 23 20:36:08 2023 @@ -0,0 +1 @@ +ae6e8d8d9e55517c0d2efc8bb5a63ad1514013d57f2d90552025321cfa246bc351b5a2a72a92882e4efca324f39391b01df2caa9aaf395f1c2099031c868d301 Added: release/creadur/apache-tentacles-0.1/apache-tentacles-0.1-javadoc.jar.sha512 == --- release/creadur/apache-tentacles-0.1/apache-tentacles-0.1-javadoc.jar.sha512 (added) +++ release/creadur/apache-tentacles-0.1/apache-tentacles-0.1-javadoc.jar.sha512 Mon Jan 23 20:36:08 2023 @@ -0,0 +1 @@ +96fbc7a0e83c239a0530205b95e6229c2eb8919feca36569826c20f3ac1b6cea4f5dcf4ec0136adf1476e6a850e6cfc4a24086cbbed9fb450751d1df28d4f27f Added: release/creadur/apache-tentacles-0.1/apache-tentacles-0.1-source-release.zip.sha512 == --- release/creadur/apache-tentacles-0.1/apache-tentacles-0.1-source-release.zip.sha512 (added) +++ release/creadur/apache-tentacles-0.1/apache-tentacles-0.1-source-release.zip.sha512 Mon Jan 23 20:36:08 2023 @@ -0,0 +1 @@ +644e23d610b1ac5e7935d5ae1f7f659769e90cbb47a6d02dba6b2a00507bb60b4f127d44e48dca1c8033799a82219527b6d519b07a51ef34f357e6cfb8e85d33 Added: release/creadur/apache-tentacles-0.1/apache-tentacles-0.1-sources.jar.sha512 == --- release/creadur/apache-tentacles-0.1/apache-tentacles-0.1-sources.jar.sha512 (added) +++ release/creadur/apache-tentacles-0.1/apache-tentacles-0.1-sources.jar.sha512 Mon Jan 23 20:36:08 2023 @@ -0,0 +1 @@ +9c3f3dca9e63b52d3deb0808fdc564ff8c6015bc0a069a1d085d3499bd9bf6ec8eda38ddfd31b825f101e2139162760dc6b344ce5be4f2f2f0bd31eab07d26f6 Added: release/creadur/apache-tentacles-0.1/apache-tentacles-0.1.jar.sha512 == --- release/creadur/apache-tentacles-0.1/apache-tentacles-0.1.jar.sha512 (added) +++ release/creadur/apache-tentacles-0.1/apache-tentacles-0.1.jar.sha512 Mon Jan 23 20:36:08 2023 @@ -0,0 +1 @@ +118cd28983a58848c86901b3ccb72a4d85fe6e6fd62e4d7a55487d1b6e2d55d0883a721ef31f4719dfd15f9eaa5fff0c95206d43b52cb24cce5bf6829b4de920 Added: release/creadur/apache-tentacles-0.1/apache-tentacles-0.1.pom.sha512 == --- release/creadur/apache-tentacles-0.1/apache-tentacles-0.1.pom.sha512 (added) +++ release/creadur/apache-tentacles-0.1/apache-tentacles-0.1.pom.sha512 Mon Jan 23 20:36:08 2023 @@ -0,0 +1 @@ +fd0d80c735be33134cad4c2fd0bcef404010bd6284bf98e9eef5811d14e19985fd299fabcfe6e744e47a8e55c92672c04e959717826d272dca7b153a0a70425c
svn commit: r59549 - in /release/creadur: ./ apache-tentacles-0.1/
Author: dblevins Date: Mon Jan 23 19:53:39 2023 New Revision: 59549 Log: apache-tentacles-0.1 Added: release/creadur/apache-tentacles-0.1/ release/creadur/apache-tentacles-0.1/apache-tentacles-0.1-jar-with-dependencies.jar (with props) release/creadur/apache-tentacles-0.1/apache-tentacles-0.1-jar-with-dependencies.jar.asc release/creadur/apache-tentacles-0.1/apache-tentacles-0.1-jar-with-dependencies.jar.md5 release/creadur/apache-tentacles-0.1/apache-tentacles-0.1-jar-with-dependencies.jar.sha1 release/creadur/apache-tentacles-0.1/apache-tentacles-0.1-javadoc.jar (with props) release/creadur/apache-tentacles-0.1/apache-tentacles-0.1-javadoc.jar.asc release/creadur/apache-tentacles-0.1/apache-tentacles-0.1-javadoc.jar.md5 release/creadur/apache-tentacles-0.1/apache-tentacles-0.1-javadoc.jar.sha1 release/creadur/apache-tentacles-0.1/apache-tentacles-0.1-source-release.zip (with props) release/creadur/apache-tentacles-0.1/apache-tentacles-0.1-source-release.zip.asc release/creadur/apache-tentacles-0.1/apache-tentacles-0.1-source-release.zip.md5 release/creadur/apache-tentacles-0.1/apache-tentacles-0.1-source-release.zip.sha1 release/creadur/apache-tentacles-0.1/apache-tentacles-0.1-sources.jar (with props) release/creadur/apache-tentacles-0.1/apache-tentacles-0.1-sources.jar.asc release/creadur/apache-tentacles-0.1/apache-tentacles-0.1-sources.jar.md5 release/creadur/apache-tentacles-0.1/apache-tentacles-0.1-sources.jar.sha1 release/creadur/apache-tentacles-0.1/apache-tentacles-0.1.jar (with props) release/creadur/apache-tentacles-0.1/apache-tentacles-0.1.jar.asc release/creadur/apache-tentacles-0.1/apache-tentacles-0.1.jar.md5 release/creadur/apache-tentacles-0.1/apache-tentacles-0.1.jar.sha1 release/creadur/apache-tentacles-0.1/apache-tentacles-0.1.pom release/creadur/apache-tentacles-0.1/apache-tentacles-0.1.pom.asc release/creadur/apache-tentacles-0.1/apache-tentacles-0.1.pom.md5 release/creadur/apache-tentacles-0.1/apache-tentacles-0.1.pom.sha1 Modified: release/creadur/KEYS Modified: release/creadur/KEYS == --- release/creadur/KEYS (original) +++ release/creadur/KEYS Mon Jan 23 19:53:39 2023 @@ -928,3 +928,55 @@ DP/ShZAP7de6Fc/ooMtO1E4n/vt8u2jqmS9oqS6+ 10IWlWN36jY= =3H1f -END PGP PUBLIC KEY BLOCK- +-BEGIN PGP PUBLIC KEY BLOCK- + +mQINBGPO45wBEACcsUGsHxD/5OhuGOnltA0W3I/8fv3xUUReYJgu3kB3/lzwEIDi +FECBozoeIjaEQlTeKzPay7DQD38aBGkcuRDLu0ortXyqNJ/Uv69FDQXi5SHMPs0f +xu3xEHiqo4muuKCHAbPB8YgCr/QNrwPVE9V5vaig9jKGunTbyBi4OCKHzESxqOnM +YND5IW4IgDS0pTUkswLQyW0nWxomlyRjbGPW9o9mIA0dBilYIXGCO3gaS5sKls/o +2ndgXIeRRRUhXAnE5qYqFTLT0igQGsDT13vhKvK7EQqvOZeBUDnvkI3MgqhSeZJs +WaC749Ob3yAagkpcj+HVBqrfy2hkokLsDi6NgzTjSJNKvCDTvQDau0dnDTt5BiQ+ +SyL63pMibbmEa9tSPd5ciz5Vse+rkdMgmq0TSPdTYalzOa5ofkyuZJGnAwfBS/1r +bpsSytHcsf8kX/4Ij5dnfu2FfGPP95v4AV1coqRibJdFC5LVneujTnlkLpYShA2/ +idYVO62YFPVZjJYwwZZdwaU6MFZ2s9j2w4ezNi+VO1V97OFjwtsjVc8iWCTAG9Kx +U021CUSpUUhj2d+dE5WwHCIKi9kL/y15DLyEXjidnG+VTMPS6I/zEyGMQEfkh8jT ++tWHfNnT/nnekusKIJ9CEeOwDwcnwN2EyBnDrVen//X14bB2AynPuDOsWwARAQAB +tCZEYXZpZCBCbGV2aW5zIDxkYmxldmluc0B0b21pdHJpYmUuY29tPokCVwQTAQgA +QRYhBNK5JQiMSZ/7C2kZVh4XSn1TLJUOBQJjzuOcAhsDBQkJZgGABQsJCAcCAiIC +BhUKCQgLAgQWAgMBAh4HAheAAAoJEB4XSn1TLJUOLAUP/0eVh10r57PwCV5eaIyh +7dk+r6XshnLIwVJwN5vfLjMh46tSn90bohWmMpapUV6PNP9M5OxiNk7pRtp0nO/j +C3/IA5cO7MHIUhq15yYit6vJBO5E3GIlWPgC9DItNoJ2RM5YVFW0/eH/lzwl0IgF +Qz1kaC/ebf6UzKMK3PR6u5ZXDDXrlVAO1ho227xC+IIYiOcbslgsgIS6u0b2yBZk +h6YxiY4P8ezB/YcW2oe2h3l0+FcnFBBevyesea5x5pcFgJHP0tuBRQpXvF13E3Bo +eNlqIfqSKY4aKaSaH1JwaREL6yAzCc6xXTjx+Ozp/jfCMMsS5iI7ZX1+rroYxJSa +EzmAPuQd5g7f+AA2PEbQFVkf0YuKOuZp8ohqdQyAFhLOhA+ZDOHm8JmABFIIrm+8 +A1ymqIfYudG3N2ELoJcoXAnyw6F2hMxALmVE8HksUWxFiNtMw1YqpjflIVhEpRx4 +TsPGRxmUZHADv+v5w0OxlPYfXIj27vR2CbZGXBchAxDWrqaCnI4xBweT681y84w1 +A7UYbeyCVJk0oVQ2V0rFMJReFEiqMosRVyKDSeRhJtzvIGBMT0wFL5BnOMbHGLJY ++CBCj/UwdwmPtzA81zApE6Ja43J2pufuOsT61J5VkdAxKsUlllXLv5C9D8xsPoNp +JiemTIgHB6fFH8vkiZM6njMwuQINBGPO45wBEADFJ2pdMuEPKxS+aoZzef9cWfhm +PY9nuGUSlhcqlC7T0FIWSC86V8m3gmHXz7JCyDtKArMUyxm64V3+ik199v7OnSXM +WMHO4i/uWQbtJL2wtYt+jGuKgPBwKzDnBJ0G7gHgu4kD6lq6Ph/Xg88e3ngcvX75 +mgN7Untl4ifetdOaD3s8X7q85h3Lws7xuU8u+XZzvReJyIQuP4V3mSLrZzbBE4dj +9OGCfmmuEbPN8JX7/GOAY3G5BV3wYJeZpKei4Z0CTjKFbuGzp2+3IeR6Osp7Y3Za +Nsfrzi6GxYFNXidgYsH9t+0Zdvc/4AZ6CIm48vNn7GxPDkQNV5ydiMXiBxd4KsIO +Dcsy841y0e/F2mwHHWUNeIs81izAOyWIecW53HHql+eYrYPgcfiL6QbUzPOwoavU +Qhyb9JcQKpMFVwwAhVbdPiFgdQ3HHrU9k954SOK8vFkY0kKkCSLELrKwXz2Ve51o +0XmE3zcZxbzClNhTPuzRUOZE11nVk2HgeZIaIU0qQlJ8pWQW9wmpmjUEekllX6Yi +HVdjAFAFod+iPRNMcH0nWhefz73LLPhhRnixWVgghYdNCcfGRloreM6e8kZXJrRC +RKrQdnaWksMe9h0IOoBMJtlarQKyqDr+q/QrU+NyljogHkZmwsTHv1e2Pp/5J9b+ +VUqPU01mlAlzTCLy2QARAQABiQI8BBgBCAAmFiEE0rklCIxJn/sLaRlWHhdKfVMs +lQ4FAmPO45wCGwwFCQlmAYAACgkQHhdKfVMslQ4dXg//azRdtGRxreVNby5KkhyP +ztuxlbHv+2UxQ3uuT7M6CA0ccE9h8Kg1/HFBi5r3e5cFqfJbBsqBtZIk
[tomee-tck] 01/02: Set TomEE version to 10
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee-tck.git commit 188a9c8508e43864b09807a9856c0041b043cbe4 Author: David Blevins AuthorDate: Wed Jan 11 10:24:33 2023 -0800 Set TomEE version to 10 --- pom.xml | 10 +- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pom.xml b/pom.xml index 12ac98c..a2e6325 100644 --- a/pom.xml +++ b/pom.xml @@ -39,10 +39,10 @@ org.apache.tomee -9.0.0-SNAPSHOT -9.0.0-SNAPSHOT +10.0.0-SNAPSHOT +10.0.0-SNAPSHOT org.apache.tomee -9.0.0-SNAPSHOT +10.0.0-SNAPSHOT @@ -59,8 +59,8 @@ NOTE: User must define "javaee8.cts.home" and "javaee8.ri.home" in ~/.m2/settings.xml NOTE: Same for the Jakarta version "jakartaee9.cts.home" and "jakartaee9.ri.home" in ~/.m2/settings.xml --> -${jakartaee9.cts.home} -${jakartaee9.ri.home} +${jakartaee10.cts.home} +${jakartaee10.ri.home} 9.0 ${settings.localRepository}
[tomee-tck] 02/02: Initial Setup for Jakarta EE 10 Platform/WebProfile
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee-tck.git commit af6d3ed2ec73d566460f96c448cf8a4079453ed3 Author: David Blevins AuthorDate: Wed Jan 11 17:43:33 2023 -0800 Initial Setup for Jakarta EE 10 Platform/WebProfile --- pom.xml | 16 +--- setup.sh | 16 src/test/script/openejb/tck/commands/SetupCommand.groovy | 6 +++--- 3 files changed, 20 insertions(+), 18 deletions(-) diff --git a/pom.xml b/pom.xml index a2e6325..30aae00 100644 --- a/pom.xml +++ b/pom.xml @@ -190,13 +190,6 @@ system ${cts.home}/lib/tsharness.jar - - com.sun.javaee.tck - tssv - ${tck.version} - system - ${cts.home}/lib/tssv.jar - com.sun.javaee.tck tsprovider @@ -672,6 +665,15 @@ 9.1 + + + com.sun.javaee.tck + tssv + ${tck.version} + system + ${cts.home}/lib/tssv.jar + + diff --git a/setup.sh b/setup.sh index 6e1c398..28a7a8c 100755 --- a/setup.sh +++ b/setup.sh @@ -10,8 +10,8 @@ TCKDIR="${1?Specify the directory where you would like the TCK to be downloaded and setup}" -TCK_URL="https://download.eclipse.org/jakartaee/platform/9.1/jakarta-jakartaeetck-9.1.0.zip; -RI_URL="https://download.eclipse.org/ee4j/glassfish/glassfish-6.2.5.zip; +TCK_URL="https://download.eclipse.org/jakartaee/platform/10/jakarta-jakartaeetck-10.0.1.zip; +RI_URL="https://download.eclipse.org/ee4j/glassfish/glassfish-7.0.0-M8.zip; ANT_URL="https://archive.apache.org/dist/ant/binaries/apache-ant-1.10.9-bin.zip; @@ -50,15 +50,15 @@ grep -q "$TCK" $M2 || perl -i -pe "s,(),\$1 true - - + + ," $M2 ## Update paths in ~/.m2/settings.xml -perl -i -pe "s,()[^<]*,\${1}$TCKDIR/$TCK," $M2 -perl -i -pe "s,()[^<]*,\${1}$TCKDIR/$RI/glassfish," $M2 +perl -i -pe "s,()[^<]*,\${1}$TCKDIR/$TCK," $M2 +perl -i -pe "s,()[^<]*,\${1}$TCKDIR/$RI/glassfish," $M2 @@ -81,13 +81,13 @@ cat > pom.xml <jakartaee-tck jakartaee-tck - 9.1.0 + 10.0.1 org.apache.tomee jakartaee-api - 9.1.0 + 10.0.0-SNAPSHOT $( for n in lib/*.jar; do diff --git a/src/test/script/openejb/tck/commands/SetupCommand.groovy b/src/test/script/openejb/tck/commands/SetupCommand.groovy index 6c889b9..46798cc 100644 --- a/src/test/script/openejb/tck/commands/SetupCommand.groovy +++ b/src/test/script/openejb/tck/commands/SetupCommand.groovy @@ -147,9 +147,9 @@ class SetupCommand // Create backups first. def javaeeCtsHome = requireDirectory('cts.home') -// Backup the original sig-test_se8.map, load in the new props, and create +// Backup the original sig-test.map, load in the new props, and create // the modified file -def originalSe8File = createOriginalFile("${javaeeCtsHome}/bin/sig-test_se8.map.orig", "${javaeeCtsHome}/bin/sig-test_se8.map") +def originalSe8File = createOriginalFile("${javaeeCtsHome}/bin/sig-test.map.orig", "${javaeeCtsHome}/bin/sig-test.map") // Load original properties def props = loadProps(originalSe8File) @@ -161,7 +161,7 @@ class SetupCommand props.putAll(customProps) // Save the new properties file -storeProps(props, "${javaeeCtsHome}/bin/sig-test_se8.map") +storeProps(props, "${javaeeCtsHome}/bin/sig-test.map") } def createOriginalFile(newFileName, oldFileName) {
[tomee-tck] branch main updated (54a8384 -> af6d3ed)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch main in repository https://gitbox.apache.org/repos/asf/tomee-tck.git from 54a8384 Ability to run against TomEE 9.0.0-M7 new 188a9c8 Set TomEE version to 10 new af6d3ed Initial Setup for Jakarta EE 10 Platform/WebProfile The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: pom.xml| 26 -- setup.sh | 16 ++--- .../openejb/tck/commands/SetupCommand.groovy | 6 ++--- 3 files changed, 25 insertions(+), 23 deletions(-)
[tomee-tck] branch tomee-8.x created (now 0474f5d)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch tomee-8.x in repository https://gitbox.apache.org/repos/asf/tomee-tck.git at 0474f5d Fix typo in activemq version This branch includes the following new commits: new 66e1382 Merge pull request #15 from rzo1/readme-adjusted-master new 0d2d53c Sort JAX RS providers so it takes the application providers first. Let's see if it does not break other tests. new 8a610ee Make sure Trace is allowed on Tomcat server because it's tested on JAX RS new ef08914 Don't fail on constraint dto new 38c434e See if random failures on EJB 30 get somehow better by checking the connection before. It might get the build slower though. But this is a test new 1223591 Dependency upgrade new 4e4eb08 Add potential missing dependencies to make Groovy happy in intellij new 13b69fa Force task to run with less memory new efced3a Limit Maven max memory new 797349f Bump a bit more and leave Maven without for the moment new bfe2725 See if we can get the stateful timeout tests under the 2+ hours new 335d083 Give it a bit more time to timeout new f3434f0 Remove unused files new dafa389 Update branding from openejb to tomee new d690a84 Update branding from openejb to tomee new 7980147 Create DEBUGGING.adoc new 7997f77 Update README.adoc with a link to DEBUGGING.adoc new 8177809 Backport from Jakarta EE 9 branch new 483cf8f print uname and ip address new a89e4cb Backport EE9.1 changes new bf9f7be Don't print hash on EE8 because we use only final releases new fffc17b Add JSON libs to JAX-RS client path new 6bfa3ff add 'staff' group to 'j2ee' user per JAX-RS TCK docs new 0f0aa32 Merge branch 'master' of github.com:apache/tomee-tck new f7240cd Add required roles for JAXRS related tests (securitycontext) new 15f7763 Fine tune Permissions for CTS tests new aa56532 Refine permissions a bit more new 2d8ec64 JASPIC configuration (missing permissions) new 56d3d86 Remove TomEE JAX-RS Provider sorter new 31962cc Merge branch 'master' of github.com:apache/tomee-tck new 00f75d4 Use the shade version of CXF instead new 8cb1390 Backport some changes from 9.1 branch new 9000602 Switch to next development versions new 89ba314 Looks like we were having those by transitive dependencies. new f8c1dca Update plus configuration based on what we have done for Plume new 0768409 Bad package for TomEE 8 new 7e4c537 Update TomEE to current master new aff04fc Update based on the challenges accepted for EE9 new b266385 Update TomEE version to the latest snapshot new 3755129 Update the version of tomee TCK to match tomee snapshot version new 09f756f Update the version of tomee TCK to match tomee snapshot version 8.0.11-SNAPSHOT new 2ab913b Update EE 8 TCK to latest snapshot 8.0.11-SNAPSHOT new 95ad605 Merge branch 'master' of github.com:apache/tomee-tck into master new 363cbf1 Updates tom TomEE 8.0.12-SNAPSHOT new 9b8ffee Update TomEE snapshot to 8.0.13-SNAPSHOT new 62ab9b2 Update TomEE snapshot to 8.0.13-SNAPSHOT new c7d0a61 rt.jar not available from Java 9 and above new 3c29fab Fix for EE8 execution under JDK17 - hopefully does not break JDK8 and JDK11 new feca081 Make sure we can run on JDK 17 and higher new a290d39 Update some versions for jee8 tck new 0474f5d Fix typo in activemq version The 51 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
[tomee-tck] branch main updated (0474f5d -> 54a8384)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch main in repository https://gitbox.apache.org/repos/asf/tomee-tck.git discard 0474f5d Fix typo in activemq version discard a290d39 Update some versions for jee8 tck discard feca081 Make sure we can run on JDK 17 and higher discard 3c29fab Fix for EE8 execution under JDK17 - hopefully does not break JDK8 and JDK11 discard c7d0a61 rt.jar not available from Java 9 and above discard 62ab9b2 Update TomEE snapshot to 8.0.13-SNAPSHOT discard 9b8ffee Update TomEE snapshot to 8.0.13-SNAPSHOT discard 363cbf1 Updates tom TomEE 8.0.12-SNAPSHOT discard 95ad605 Merge branch 'master' of github.com:apache/tomee-tck into master discard 2ab913b Update EE 8 TCK to latest snapshot 8.0.11-SNAPSHOT discard 09f756f Update the version of tomee TCK to match tomee snapshot version 8.0.11-SNAPSHOT discard 3755129 Update the version of tomee TCK to match tomee snapshot version discard b266385 Update TomEE version to the latest snapshot discard aff04fc Update based on the challenges accepted for EE9 discard 7e4c537 Update TomEE to current master discard 0768409 Bad package for TomEE 8 discard f8c1dca Update plus configuration based on what we have done for Plume discard 89ba314 Looks like we were having those by transitive dependencies. discard 9000602 Switch to next development versions discard 8cb1390 Backport some changes from 9.1 branch discard 00f75d4 Use the shade version of CXF instead discard 31962cc Merge branch 'master' of github.com:apache/tomee-tck discard 56d3d86 Remove TomEE JAX-RS Provider sorter discard 2d8ec64 JASPIC configuration (missing permissions) discard aa56532 Refine permissions a bit more discard 15f7763 Fine tune Permissions for CTS tests discard f7240cd Add required roles for JAXRS related tests (securitycontext) discard 0f0aa32 Merge branch 'master' of github.com:apache/tomee-tck discard 6bfa3ff add 'staff' group to 'j2ee' user per JAX-RS TCK docs discard fffc17b Add JSON libs to JAX-RS client path discard bf9f7be Don't print hash on EE8 because we use only final releases discard a89e4cb Backport EE9.1 changes discard 483cf8f print uname and ip address discard 8177809 Backport from Jakarta EE 9 branch discard 7997f77 Update README.adoc with a link to DEBUGGING.adoc discard 7980147 Create DEBUGGING.adoc discard d690a84 Update branding from openejb to tomee discard dafa389 Update branding from openejb to tomee discard f3434f0 Remove unused files discard 335d083 Give it a bit more time to timeout discard bfe2725 See if we can get the stateful timeout tests under the 2+ hours discard 797349f Bump a bit more and leave Maven without for the moment discard efced3a Limit Maven max memory discard 13b69fa Force task to run with less memory discard 4e4eb08 Add potential missing dependencies to make Groovy happy in intellij discard 1223591 Dependency upgrade discard 38c434e See if random failures on EJB 30 get somehow better by checking the connection before. It might get the build slower though. But this is a test discard ef08914 Don't fail on constraint dto discard 8a610ee Make sure Trace is allowed on Tomcat server because it's tested on JAX RS discard 0d2d53c Sort JAX RS providers so it takes the application providers first. Let's see if it does not break other tests. discard 66e1382 Merge pull request #15 from rzo1/readme-adjusted-master omit fe1cb81 enhances the REAMDE.adoc to ensure that the guide is up 2 date and contributors can follow in order to setup tck on their machines omit 63fc406 Fix most of the @DataSourceDefinition based tests by overriding the Derby port number omit 54b7eef Make sure JAXP is allowed to load external DTD and entities because it's tested in TCK omit ac5f96c Some improvements on configuration omit 9a156bb Update the expired certificates for SSL tests omit b532f1e Missing some TCK users omit 1d6efaa Configuration for websockets omit 90b5d03 Fixes some websockets tests omit 3150b8f See if we can get some of the permission related tests to pass for Servlet omit 962e215 Add exports for reported bugs fixed in Jakarta EE 9 omit 7082f5c Disable this for now as it produces more side effects on Form authentication omit 9f8092f Merge pull request #13 from Thihup/servlet-push omit e558310 Add the endorsed.lib from TCK to run the client omit b1f0124 Make sur naming operations fail for write operations and not for close omit 22efc62 Add Johnzon strict into the right place omit 05ec9f8 Not always deploying war files add 7fd0b42 DESIGN.adoc so we can remember how this is put together add b1fd692 Copy JSR-88 deploy code deleted from EE 9 TCK add 9a3d113 Rename properties jakartaee.cts.home, jakartaee.ri.home, jakartaee.tck.version add 9bee875 Update configs to reflect jakarta
[tomee-tck] branch tomee-8.x created (now 0474f5d)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch tomee-8.x in repository https://gitbox.apache.org/repos/asf/tomee-tck.git at 0474f5d Fix typo in activemq version No new revisions were added by this update.
[tomee-tck] branch tomee-10.x created (now 54a8384)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch tomee-10.x in repository https://gitbox.apache.org/repos/asf/tomee-tck.git at 54a8384 Ability to run against TomEE 9.0.0-M7 No new revisions were added by this update.
[tomee-tck] branch tomee-9.x created (now 54a8384)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch tomee-9.x in repository https://gitbox.apache.org/repos/asf/tomee-tck.git at 54a8384 Ability to run against TomEE 9.0.0-M7 No new revisions were added by this update.
[tomee-tck] branch tomee-8.x created (now 0474f5d)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch tomee-8.x in repository https://gitbox.apache.org/repos/asf/tomee-tck.git at 0474f5d Fix typo in activemq version No new revisions were added by this update.
[tomee] branch main updated: Remove modules section, added unintentionally
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git The following commit(s) were added to refs/heads/main by this push: new 69fbe3d2e1 Remove modules section, added unintentionally 69fbe3d2e1 is described below commit 69fbe3d2e1bc8a268382d2c04ba901919afad3b4 Author: David Blevins AuthorDate: Wed Dec 21 09:43:31 2022 -0800 Remove modules section, added unintentionally --- pom.xml | 16 1 file changed, 16 deletions(-) diff --git a/pom.xml b/pom.xml index 5256553b93..71a4ac0357 100644 --- a/pom.xml +++ b/pom.xml @@ -633,22 +633,6 @@ - -deps -boms -itests -maven -gradle -container -server -mp-jwt -examples -assembly -tck -arquillian -utils -tomee -
[tomee] 01/01: Merge pull request #988 from apache/TOMEE-4127
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git commit e296ed63c224968f86f6772aad65006ffcfc0f1e Merge: d76fbd589e 0224478e27 Author: David Blevins AuthorDate: Sat Dec 17 09:14:50 2022 -0800 Merge pull request #988 from apache/TOMEE-4127 TOMEE-4127 - CXF 3.5.5 pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
[tomee] branch main updated (d76fbd589e -> e296ed63c2)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git from d76fbd589e Using an interface seems to make it slower to make StatelessInvocationStatsTest add 0224478e27 TOMEE-4127 - CXF 3.5.5 new e296ed63c2 Merge pull request #988 from apache/TOMEE-4127 The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
[tomee] 02/02: Use response from WebApplicationException
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git commit bff9c22bb39bba1ada98541c87f4a76acbac9148 Author: David Blevins AuthorDate: Fri Dec 16 13:20:23 2022 -0800 Use response from WebApplicationException --- .../opentracing/MicroProfileOpenTracingExceptionMapper.java | 6 ++ 1 file changed, 6 insertions(+) diff --git a/tomee/tomee-microprofile/mp-common/src/main/java/org/apache/tomee/microprofile/opentracing/MicroProfileOpenTracingExceptionMapper.java b/tomee/tomee-microprofile/mp-common/src/main/java/org/apache/tomee/microprofile/opentracing/MicroProfileOpenTracingExceptionMapper.java index 40dd5ea0e6..5e80474dcd 100644 --- a/tomee/tomee-microprofile/mp-common/src/main/java/org/apache/tomee/microprofile/opentracing/MicroProfileOpenTracingExceptionMapper.java +++ b/tomee/tomee-microprofile/mp-common/src/main/java/org/apache/tomee/microprofile/opentracing/MicroProfileOpenTracingExceptionMapper.java @@ -16,6 +16,7 @@ */ package org.apache.tomee.microprofile.opentracing; +import jakarta.ws.rs.WebApplicationException; import jakarta.ws.rs.core.Response; import jakarta.ws.rs.ext.Provider; @@ -24,6 +25,11 @@ public class MicroProfileOpenTracingExceptionMapper implements jakarta.ws.rs.ext @Override public Response toResponse(final RuntimeException exception) { +if (exception instanceof WebApplicationException) { +final WebApplicationException o = (WebApplicationException) exception; +return o.getResponse(); +} + return Response.status(Response.Status.INTERNAL_SERVER_ERROR) .entity(exception.getMessage()) .build();
[tomee] 01/02: Update tomee-patch-plugin to 0.10-SNAPSHOT so we can get updated source jars
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git commit c0202f0b0472b4771fedae6f0ea773b74181df57 Author: David Blevins AuthorDate: Tue Dec 13 10:34:17 2022 -0800 Update tomee-patch-plugin to 0.10-SNAPSHOT so we can get updated source jars --- pom.xml | 18 +- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index c19014fa6e..ab130a1b31 100644 --- a/pom.xml +++ b/pom.xml @@ -99,7 +99,7 @@ 9.1-M2 -0.9 +0.10-SNAPSHOT UTF-8 @@ -633,6 +633,22 @@ + +deps +boms +itests +maven +gradle +container +server +mp-jwt +examples +assembly +tck +arquillian +utils +tomee +
[tomee] branch main updated (d97c43ad72 -> bff9c22bb3)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git from d97c43ad72 Rollback BeanContext refactoring until we solve the StatelessInvocationStatsTest. It's breaking itests as it's currently new c0202f0b04 Update tomee-patch-plugin to 0.10-SNAPSHOT so we can get updated source jars new bff9c22bb3 Use response from WebApplicationException The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: pom.xml| 18 +- .../MicroProfileOpenTracingExceptionMapper.java| 6 ++ 2 files changed, 23 insertions(+), 1 deletion(-)
[tomee] 01/01: Merge pull request #987 from apache/opentracing-provider
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git commit 0d52fe9e8fd540404e95991df996ac3e375ba066 Merge: f9f7d173b1 00b81fc7ae Author: David Blevins AuthorDate: Thu Dec 15 11:48:00 2022 -0800 Merge pull request #987 from apache/opentracing-provider Make sure providers aren't scanned if Application returns classes or singletons. .../microprofile/jwt/jaxrs/MPJWPProviderRegistration.java| 2 +- .../java/org/apache/openejb/server/rest/RESTService.java | 4 ++-- .../MicroProfileOpenTracingTCKDeploymentPackager.java| 1 - .../resources/META-INF/services/jakarta.ws.rs.ext.Providers | 2 -- tomee/tomee-microprofile/mp-common/pom.xml | 6 ++ .../apache/tomee/microprofile/TomEEMicroProfileListener.java | 12 .../opentracing}/MicroProfileOpenTracingExceptionMapper.java | 4 ++-- 7 files changed, 23 insertions(+), 8 deletions(-)
[tomee] branch main updated (f9f7d173b1 -> 0d52fe9e8f)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git from f9f7d173b1 TOMEE-4124 Remove timings of timings for the sake of logging. Another interceptor can be added to drill down if necessary. Make the map thread safe add 00b81fc7ae Make sure providers aren't scanned if Application returns classes or singletons. Register OpenTracing providers during MP initialization new 0d52fe9e8f Merge pull request #987 from apache/opentracing-provider The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: .../microprofile/jwt/jaxrs/MPJWPProviderRegistration.java| 2 +- .../java/org/apache/openejb/server/rest/RESTService.java | 4 ++-- .../MicroProfileOpenTracingTCKDeploymentPackager.java| 1 - .../resources/META-INF/services/jakarta.ws.rs.ext.Providers | 2 -- tomee/tomee-microprofile/mp-common/pom.xml | 6 ++ .../apache/tomee/microprofile/TomEEMicroProfileListener.java | 12 .../opentracing}/MicroProfileOpenTracingExceptionMapper.java | 4 ++-- 7 files changed, 23 insertions(+), 8 deletions(-) delete mode 100644 tck/microprofile-tck/opentracing/src/test/resources/META-INF/services/jakarta.ws.rs.ext.Providers rename {tck/microprofile-tck/opentracing/src/test/java/org.apache.tomee.microprofile.tck.opentracing => tomee/tomee-microprofile/mp-common/src/main/java/org/apache/tomee/microprofile/opentracing}/MicroProfileOpenTracingExceptionMapper.java (95%)
[tomee-patch-plugin] 02/02: Reformat
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee-patch-plugin.git commit 67fdfc16c695070ebcc0b88dacbb0149e84338fe Author: David Blevins AuthorDate: Tue Dec 13 10:33:29 2022 -0800 Reformat --- .../apache/tomee/patch/core/Transformation.java| 11 +-- .../apache/tomee/patch/core/ExcludeJarsTest.java | 38 -- .../org/apache/tomee/patch/plugin/PatchMojo.java | 27 --- 3 files changed, 50 insertions(+), 26 deletions(-) diff --git a/tomee-patch-core/src/main/java/org/apache/tomee/patch/core/Transformation.java b/tomee-patch-core/src/main/java/org/apache/tomee/patch/core/Transformation.java index 3cc2a39..02f6507 100644 --- a/tomee-patch-core/src/main/java/org/apache/tomee/patch/core/Transformation.java +++ b/tomee-patch-core/src/main/java/org/apache/tomee/patch/core/Transformation.java @@ -28,7 +28,12 @@ import java.io.File; import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; -import java.util.*; +import java.util.ArrayList; +import java.util.Collection; +import java.util.HashSet; +import java.util.List; +import java.util.Map; +import java.util.Set; import java.util.regex.Pattern; import java.util.stream.Collectors; import java.util.zip.ZipEntry; @@ -138,9 +143,9 @@ public class Transformation { if (path.endsWith(".class")) { scanClass(zipInputStream, zipOutputStream); } else if (isZip(path)) { -if(isExcludedJar(path)){ +if (isExcludedJar(path)) { IO.copy(zipInputStream, zipOutputStream); -}else{ +} else { scanJar(path, zipInputStream, zipOutputStream); } } else if (copyUnmodified(path)) { diff --git a/tomee-patch-core/src/test/java/org/apache/tomee/patch/core/ExcludeJarsTest.java b/tomee-patch-core/src/test/java/org/apache/tomee/patch/core/ExcludeJarsTest.java index 719ba97..e13ff17 100644 --- a/tomee-patch-core/src/test/java/org/apache/tomee/patch/core/ExcludeJarsTest.java +++ b/tomee-patch-core/src/test/java/org/apache/tomee/patch/core/ExcludeJarsTest.java @@ -8,7 +8,9 @@ import java.io.File; import java.io.FileOutputStream; import java.io.IOException; import java.io.InputStream; -import java.util.*; +import java.util.ArrayList; +import java.util.Enumeration; +import java.util.List; import java.util.jar.JarEntry; import java.util.jar.JarFile; import java.util.zip.ZipEntry; @@ -22,9 +24,9 @@ public class ExcludeJarsTest { public Skips customSkips = new Skips(); @Before -public void prepareLists(){ - customSkips.getJars().put("eclipselink-3.0.0.jar","org.eclipse.persistence:eclipselink:jar:3.0.0"); - customSkips.getJars().put("bcprov-jdk15on-1.69.jar","org.bouncycastle:bcprov-jdk15on:jar:1.69"); +public void prepareLists() { +customSkips.getJars().put("eclipselink-3.0.0.jar", "org.eclipse.persistence:eclipselink:jar:3.0.0"); +customSkips.getJars().put("bcprov-jdk15on-1.69.jar", "org.bouncycastle:bcprov-jdk15on:jar:1.69"); } @Test @@ -40,8 +42,8 @@ public class ExcludeJarsTest { .add("README.txt", "hi") .add(jarName, testJar).toJar(); -Transformation transformation = new Transformation(new ArrayList(), new File("does not exist"),null, customSkips, null, new NullLog(), false); -File transformedJar = transformation.transformArchive(zipFile); +final Transformation transformation = new Transformation(new ArrayList(), new File("does not exist"), null, customSkips, null, new NullLog(), false); +final File transformedJar = transformation.transformArchive(zipFile); assertTrue(obtainJarContent(transformedJar).contains(jarSignatureFileName)); } @@ -59,31 +61,31 @@ public class ExcludeJarsTest { .add("README.txt", "hi") .add(jarName, testJar).toJar(); -Transformation transformation = new Transformation(new ArrayList(), new File("does not exist"),null, customSkips, null, new NullLog(), false); -File transformedJar = transformation.transformArchive(zipFile); +final Transformation transformation = new Transformation(new ArrayList(), new File("does not exist"), null, customSkips, null, new NullLog(), false); +final File transformedJar = transformation.transformArchive(zipFile); assertFalse(obtainJarContent(transformedJar).contains(jarSignatureFileName)); } private List obtainJarContent(File transformedJar) throws IOException { -
[tomee-patch-plugin] 01/02: Patch source jar
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee-patch-plugin.git commit dbf27d3d210b0b29d3e6407a7bc5a1ddf3e97eb1 Author: David Blevins AuthorDate: Tue Dec 13 08:39:26 2022 -0800 Patch source jar --- .../org/apache/tomee/patch/plugin/PatchMojo.java | 87 +- 1 file changed, 70 insertions(+), 17 deletions(-) diff --git a/tomee-patch-plugin/src/main/java/org/apache/tomee/patch/plugin/PatchMojo.java b/tomee-patch-plugin/src/main/java/org/apache/tomee/patch/plugin/PatchMojo.java index 72132c8..3133a04 100644 --- a/tomee-patch-plugin/src/main/java/org/apache/tomee/patch/plugin/PatchMojo.java +++ b/tomee-patch-plugin/src/main/java/org/apache/tomee/patch/plugin/PatchMojo.java @@ -27,11 +27,7 @@ import org.apache.maven.execution.MavenSession; import org.apache.maven.plugin.AbstractMojo; import org.apache.maven.plugin.MojoExecutionException; import org.apache.maven.plugin.MojoFailureException; -import org.apache.maven.plugins.annotations.Component; -import org.apache.maven.plugins.annotations.LifecyclePhase; -import org.apache.maven.plugins.annotations.Mojo; -import org.apache.maven.plugins.annotations.Parameter; -import org.apache.maven.plugins.annotations.ResolutionScope; +import org.apache.maven.plugins.annotations.*; import org.apache.maven.project.DefaultProjectBuildingRequest; import org.apache.maven.project.MavenProject; import org.apache.maven.project.ProjectBuildingRequest; @@ -59,10 +55,7 @@ import org.codehaus.plexus.util.StringUtils; import org.tomitribe.jkta.usage.Dir; import org.tomitribe.jkta.util.Paths; import org.tomitribe.swizzle.stream.StreamBuilder; -import org.tomitribe.util.Files; -import org.tomitribe.util.IO; -import org.tomitribe.util.Mvn; -import org.tomitribe.util.Zips; +import org.tomitribe.util.*; import java.io.File; import java.io.IOException; @@ -70,17 +63,15 @@ import java.io.InputStream; import java.io.UncheckedIOException; import java.lang.reflect.InvocationTargetException; import java.lang.reflect.Method; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.Collections; -import java.util.List; -import java.util.Map; -import java.util.Objects; +import java.util.*; import java.util.function.Predicate; +import java.util.function.Supplier; import java.util.regex.Matcher; import java.util.regex.Pattern; import java.util.stream.Collectors; import java.util.stream.Stream; +import java.util.zip.ZipEntry; +import java.util.zip.ZipOutputStream; @Mojo(name = "run", requiresDependencyResolution = ResolutionScope.RUNTIME_PLUS_SYSTEM, defaultPhase = LifecyclePhase.PACKAGE, requiresProject = true, threadSafe = true) public class PatchMojo extends AbstractMojo { @@ -232,6 +223,9 @@ public class PatchMojo extends AbstractMojo { @Parameter(defaultValue = "${project.build.directory}/patch-resources", required = true) private File patchResourceDirectory; +@Parameter(defaultValue = "${project.build.directory}/patch-sourcejars", required = true, readonly = true) +private File patchSourceJarsDirectory; + /** * The -encoding argument for the Java compiler. * @@ -305,7 +299,7 @@ public class PatchMojo extends AbstractMojo { continue; } -if(attach) { +if (attach) { final String classifier = artifact.getClassifier(); final AttachedArtifact attachedArtifact = new AttachedArtifact(project.getArtifact(), "tar.gz", classifier, project.getArtifact().getArtifactHandler()); attachedArtifact.setFile(tarGz); @@ -315,12 +309,52 @@ public class PatchMojo extends AbstractMojo { } } +updateSourceJar(); + transformation.complete(); } catch (IOException | MojoFailureException e) { throw new MojoExecutionException("Error occurred during execution", e); } } +private void updateSourceJar() throws IOException { +final List attachedArtifacts = this.project.getAttachedArtifacts(); +final List sourceJars = attachedArtifacts.stream() +.filter(Artifact::hasClassifier) +.filter(artifact -> "sources".equals(artifact.getClassifier())) +.filter(artifact -> "java-source".equals(artifact.getType())) +.map(Artifact::getFile) +.collect(Collectors.toList()); + +Files.mkdir(patchSourceJarsDirectory); + +for (final File sourceJar : sourceJars) { +final File extractedZip = new File(patchClasspathDirectory, sourceJar.getName() + ".extracted"); +Files.mkdir(extractedZip); +Zips.unzip(sourceJar, extractedZip); + +
[tomee-patch-plugin] branch main updated (1824ca4 -> 67fdfc1)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch main in repository https://gitbox.apache.org/repos/asf/tomee-patch-plugin.git from 1824ca4 [maven-release-plugin] prepare for next development iteration new dbf27d3 Patch source jar new 67fdfc1 Reformat The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: .../apache/tomee/patch/core/Transformation.java| 11 +++- .../apache/tomee/patch/core/ExcludeJarsTest.java | 38 ++- .../org/apache/tomee/patch/plugin/PatchMojo.java | 76 +- 3 files changed, 101 insertions(+), 24 deletions(-)
[tomee-tck] 01/01: Use tomee-9.0.0-M7
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch tomee-9.0.0-M7 in repository https://gitbox.apache.org/repos/asf/tomee-tck.git commit efd5c2951e61630516d967b99c7d8e9666fb9d9a Author: David Blevins AuthorDate: Thu Dec 1 07:11:10 2022 -0800 Use tomee-9.0.0-M7 --- pom.xml | 13 - 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/pom.xml b/pom.xml index 12ac98c..c4c294e 100644 --- a/pom.xml +++ b/pom.xml @@ -39,16 +39,11 @@ org.apache.tomee -9.0.0-SNAPSHOT -9.0.0-SNAPSHOT -org.apache.tomee -9.0.0-SNAPSHOT - - - - - +8.0.7 +8.0.7 +org.apache.tomee +9.0.0-M7 10.0.27
[tomee-tck] branch tomee-9.0.0-M7 created (now efd5c29)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch tomee-9.0.0-M7 in repository https://gitbox.apache.org/repos/asf/tomee-tck.git at efd5c29 Use tomee-9.0.0-M7 This branch includes the following new commits: new efd5c29 Use tomee-9.0.0-M7 The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
[tomee-tck] branch jakartaee9-tck updated: Ability to run against TomEE 9.0.0-M7
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch jakartaee9-tck in repository https://gitbox.apache.org/repos/asf/tomee-tck.git The following commit(s) were added to refs/heads/jakartaee9-tck by this push: new 54a8384 Ability to run against TomEE 9.0.0-M7 54a8384 is described below commit 54a8384616b5bac3694983d0f413c2b35e02a5ee Author: David Blevins AuthorDate: Wed Nov 30 19:19:00 2022 -0800 Ability to run against TomEE 9.0.0-M7 --- pom.xml| 6 ++ src/test/script/openejb/tck/commands/CommandSupport.groovy | 5 ++--- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/pom.xml b/pom.xml index 1e94d9c..12ac98c 100644 --- a/pom.xml +++ b/pom.xml @@ -44,6 +44,12 @@ org.apache.tomee 9.0.0-SNAPSHOT + + + + + + 10.0.27 1.2.19 diff --git a/src/test/script/openejb/tck/commands/CommandSupport.groovy b/src/test/script/openejb/tck/commands/CommandSupport.groovy index ea2e31e..588a746 100644 --- a/src/test/script/openejb/tck/commands/CommandSupport.groovy +++ b/src/test/script/openejb/tck/commands/CommandSupport.groovy @@ -200,8 +200,7 @@ abstract class CommandSupport { builder.append("jakartaee-api-*.jar") // mail is a special case because api and impl are together -builder.append("geronimo-mail_2.1_spec*.jar") -builder.append("geronimo-mail_2.1_provider*.jar") +builder.appendAll("geronimo-*mail_*.jar") // builder.append("jakarta.activation-*.jar") // only for plume because api and impl are mixed @@ -251,7 +250,7 @@ abstract class CommandSupport { builder.append("jasper-el.jar") // for CXF JAX-RS client -builder.append("cxf-shade-*.jar") +builder.appendAll("cxf-*.jar") // builder.append("cxf-rt-rs-client-*.jar") // builder.append("cxf-rt-transports-http-*.jar") // builder.append("cxf-core-*.jar")
[tomee-tck] branch jakartaee9-tck updated: Generate a valid pom.xml
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch jakartaee9-tck in repository https://gitbox.apache.org/repos/asf/tomee-tck.git The following commit(s) were added to refs/heads/jakartaee9-tck by this push: new 19dba89 Generate a valid pom.xml 19dba89 is described below commit 19dba89289f23aee5b350751eb93aa6969eca5a1 Author: David Blevins AuthorDate: Wed Nov 30 18:47:21 2022 -0800 Generate a valid pom.xml --- setup.sh | 62 ++ 1 file changed, 62 insertions(+) diff --git a/setup.sh b/setup.sh index 330f39e..6e1c398 100755 --- a/setup.sh +++ b/setup.sh @@ -59,3 +59,65 @@ grep -q "$TCK" $M2 || perl -i -pe "s,(),\$1 ## Update paths in ~/.m2/settings.xml perl -i -pe "s,()[^<]*,\${1}$TCKDIR/$TCK," $M2 perl -i -pe "s,()[^<]*,\${1}$TCKDIR/$RI/glassfish," $M2 + + + +# +# create a pom.xml for the tck so it can be +# easily opened in IDEs that support Maven +# + +(cd "$TCK" + + + +cat > pom.xml < +http://maven.apache.org/POM/4.0.0; +xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance; + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd;> + + 4.0.0 + + jakartaee-tck + jakartaee-tck + 9.1.0 + + + + org.apache.tomee + jakartaee-api + 9.1.0 + +$( +for n in lib/*.jar; do + +artifact="$(basename "$n" | perl -pe 's,(-[0-9.]+)?.jar$,,')" + +echo " + jakartaee-tck + $artifact + 1.0 + system + \${project.basedir}/$n +" +done +) + + + +src + + +maven-compiler-plugin + + 1.8 + 1.8 + + + + + +EOF + +)
[tomee-tck] branch jakartaee9-tck updated: Script to setup the Jakarta EE 9.1 on a new computer
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch jakartaee9-tck in repository https://gitbox.apache.org/repos/asf/tomee-tck.git The following commit(s) were added to refs/heads/jakartaee9-tck by this push: new 384fa3f Script to setup the Jakarta EE 9.1 on a new computer 384fa3f is described below commit 384fa3ff69ffb31990259ae56c6b4bb58e45c529 Author: David Blevins AuthorDate: Wed Nov 30 17:13:07 2022 -0800 Script to setup the Jakarta EE 9.1 on a new computer --- setup-tck91.sh | 120 - setup.sh | 61 + 2 files changed, 61 insertions(+), 120 deletions(-) diff --git a/setup-tck91.sh b/setup-tck91.sh deleted file mode 100755 index 48569d9..000 --- a/setup-tck91.sh +++ /dev/null @@ -1,120 +0,0 @@ -#!/bin/bash -# -# This script will look for a more recent Jakarta EE 9.1 SNAPSHOT TCK -# And download and install it onto your machine, then update the value -# of the element in ~/.m2/settings.xml -# -# It is safe to run this script repeatedly as a way to check for new TCKs -# - -grep -q -m 1 jakartaee91.cts.home ~/.m2/settings.xml || { -echo "No variable found in ~/.m2/settings.xml" -echo "This script requires you to have setup the EE 9.1 TCK at least once manually" -echo "See the README.adoc for further instructions" -exit 1 -} - -grep -q -m 1 jakartaee91.ri.home ~/.m2/settings.xml || { -echo "No variable found in ~/.m2/settings.xml" -echo "This script requires you to have setup the EE 9.1 TCK at least once manually" -echo "See the README.adoc for further instructions" -exit 1 -} - -## Download the jakarta-jakartaeetckinfo.txt from Eclipse and get basic meta data -TCKINFO="$(curl -s https://download.eclipse.org/ee4j/jakartaee-tck/jakartaee9-eftl/promoted/jakarta-jakartaee-tckinfo.txt)" -DATESTAMP="$(echo "$TCKINFO" | grep 'date:' | perl -pe 's,.*date: (\d\d\d\d-\d\d-\d\d) (\d\d):(\d\d).*,$1.$2$3,')" -URL="$(echo "$TCKINFO" | grep 'download.eclipse.org' | perl -pe 's,.*(://download.eclipse.org/[^ ]+\.zip).*,https$1,')" -SHA="$(echo "$TCKINFO" | grep 'SHA256SUM' | perl -pe 's,.*SHA256SUM: ([0-9a-f]+).*,$1,')" -NAME="$(echo "$TCKINFO" | grep 'Name:' | perl -pe 's,.*Name: *jakarta-([^ ]+)\.zip.*,$1,')" - -## Look at our existing tck setup to see where TCKs should be installed -OLDTCK="$(grep jakartaee91.cts.home ~/.m2/settings.xml | perl -pe 's,.*home>([^<]+)<.*,$1,')" -TCKDIR="$(dirname "$OLDTCK")" - -## Look at our existing tck setup to see where GlassFish should be installed -OLDRI="$(grep jakartaee91.ri.home ~/.m2/settings.xml | perl -pe 's,.*home>([^<]+)<.*,$1,')" -RIDIR="$(dirname "$OLDRI")" - -TCK="$NAME-$DATESTAMP" - -RI="glassfish-6.2.5" -RIURL="https://download.eclipse.org/ee4j/glassfish/$RI.zip; - -echo "Latest TCK -NAME: $NAME -DATE: $DATESTAMP -URL: $URL -SHA: $SHA -DIR: $TCKDIR -" -#https://download.eclipse.org/ee4j/glassfish/glassfish-6.0.0.zip -## Download the TCK if we have not -[ -f "$TCKDIR/$TCK.zip" ] || ( -echo "Downloading $TCK.zip" -cd "$TCKDIR" && -curl "$URL" > "$TCK.zip" -) - -echo "Downloaded $TCK.zip" - -## Extract the TCK if we have not -[ -d "$TCKDIR/$TCK" ] || ( -echo "Extracting to $TCKDIR/$TCK" -mkdir "$TCKDIR/$TCK" && - cd "$TCKDIR/$TCK" && - bsdtar --strip-components=1 -xf "../$TCK.zip" -) - -echo "Extracted $TCK" - -## Download the RI if we have not -[ -f "$RIDIR/$RI.zip" ] || ( -echo "Downloading $RI.zip" -cd "$RIDIR" && -curl "$RIURL" > "$RI.zip" -) - -echo "Downloaded $RI.zip" - -## Extract the RI if we have not -[ -d "$RIDIR/$RI" ] || ( -echo "Extracting to $RIDIR/$RI" -mkdir "$RIDIR/$RI" && -cd "$RIDIR/$RI" && -bsdtar --strip-components=1 -xf "../$RI.zip" -) - -echo "Extracted $RI" - -## Download ant if we have not -[ -f "$TCKDIR/apache-ant-1.10.9-bin.zip" ] || ( -echo "Downloading ant" -cd "$TCKDIR" && - curl -s -O https://archive.apache.org/dist/ant/binaries/apache-ant-1.10.9-bin.zip -) - -echo "Downloaded ant" - -## Extract ant into TCK if
[tomee] branch main updated: TOMEE-4119 TomEEJsonbProvider triggered for */* mime types
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git The following commit(s) were added to refs/heads/main by this push: new 7f375d9a41 TOMEE-4119 TomEEJsonbProvider triggered for */* mime types 7f375d9a41 is described below commit 7f375d9a41fada563b6569a8db0a719844eaa445 Author: David Blevins AuthorDate: Mon Nov 28 19:07:34 2022 -0800 TOMEE-4119 TomEEJsonbProvider triggered for */* mime types Causes the following Jakarta EE 9.1 Web Profile TCK tests to fail: com/sun/ts/tests/jaxrs/api/rs/ext/interceptor/reader/readerinterceptorcontext/JAXRSClient#java#proceedThrowsWebApplicationExceptionTest_from_standalone com/sun/ts/tests/jaxrs/ee/rs/core/responsebuilder/JAXRSClient#java#entityObjectTest_from_standalone com/sun/ts/tests/jaxrs/ee/rs/ext/interceptor/containerreader/readerinterceptorcontext/JAXRSClient#java#proceedThrowsWebApplicationExceptionTest_from_standalone com/sun/ts/tests/jaxrs/spec/client/typedentities/JAXRSClient#java#clientAnyWriterUsageTest_from_standalone com/sun/ts/tests/jaxrs/spec/filter/interceptor/JAXRSClient#java#stringBeanReaderContainerInterceptorTest_from_standalone com/sun/ts/tests/jaxrs/spec/filter/interceptor/JAXRSClient#java#stringBeanReaderNoInterceptorTest_from_standalone com/sun/ts/tests/jaxrs/spec/filter/lastvalue/JAXRSClient#java#readerContextOnContainerTest_from_standalone --- .../server/cxf/rs/johnzon/TomEEJsonbProvider.java | 18 +++--- .../rs/johnzon/TomEEJsonbProviderMediaTypeTest.java | 19 +++ 2 files changed, 34 insertions(+), 3 deletions(-) diff --git a/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/johnzon/TomEEJsonbProvider.java b/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/johnzon/TomEEJsonbProvider.java index 739d670dad..6593a56c1e 100644 --- a/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/johnzon/TomEEJsonbProvider.java +++ b/server/openejb-cxf-rs/src/main/java/org/apache/openejb/server/cxf/rs/johnzon/TomEEJsonbProvider.java @@ -16,9 +16,6 @@ */ package org.apache.openejb.server.cxf.rs.johnzon; -import org.apache.johnzon.jaxrs.jsonb.jaxrs.JsonbJaxrsProvider; -import org.apache.johnzon.mapper.access.AccessMode; - import jakarta.activation.DataSource; import jakarta.annotation.Priority; import jakarta.json.bind.JsonbConfig; @@ -26,6 +23,9 @@ import jakarta.ws.rs.Consumes; import jakarta.ws.rs.Produces; import jakarta.ws.rs.core.MediaType; import jakarta.ws.rs.ext.Provider; +import org.apache.johnzon.jaxrs.jsonb.jaxrs.JsonbJaxrsProvider; +import org.apache.johnzon.mapper.access.AccessMode; + import java.io.File; import java.io.Reader; import java.lang.annotation.Annotation; @@ -38,6 +38,7 @@ import java.util.Locale; @Consumes({"application/json", "application/*+json"}) @Priority(value = 5000) public class TomEEJsonbProvider extends JsonbJaxrsProvider { + public TomEEJsonbProvider() { config.withPropertyVisibilityStrategy(new TomEEJsonbPropertyVisibilityStrategy()); setThrowNoContentExceptionOnEmptyStreams(true); // this is to make TCK tests happy @@ -46,6 +47,8 @@ public class TomEEJsonbProvider extends JsonbJaxrsProvider { @Override public boolean isWriteable(Class type, Type genericType, Annotation[] annotations, MediaType mediaType) { +if (!isJson(mediaType)) return false; + // let the CXF built-in writer handle this one // TODO: add a setting? if (DataSource.class.isAssignableFrom(type)) return false; @@ -58,6 +61,8 @@ public class TomEEJsonbProvider extends JsonbJaxrsProvider { @Override public boolean isReadable(Class type, Type genericType, Annotation[] annotations, MediaType mediaType) { +if (!isJson(mediaType)) return false; + // let the CXF built-in writer handle this one // TODO: add a setting? if (DataSource.class.isAssignableFrom(type)) return false; @@ -68,6 +73,13 @@ public class TomEEJsonbProvider extends JsonbJaxrsProvider { return super.isReadable(type, genericType, annotations, mediaType); } +public static boolean isJson(final MediaType mediaType) { +if (!mediaType.getType().equals("application")) return false; +if (mediaType.getSubtype().equals("json")) return true; +if (mediaType.getSubtype().endsWith("+json")) return true; +return false; +} + public void setDateFormat(String dateFormat) { config.setProperty(JsonbConfig.DATE_FORMAT, dateFormat); } diff --git a/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/johnzon/TomEEJsonbProviderMediaTypeTest.java b/server/openejb-cxf-rs/src/test/java/org/apache/openejb/server/cxf/rs/johnzon/TomEEJsonbProviderMediaTypeTest.java new file
[tomee-tck] 01/02: Ensure the --source option causes an exit if file not found
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch jakartaee9-tck in repository https://gitbox.apache.org/repos/asf/tomee-tck.git commit 12bb2d85897ad07c4147e338fae9e70677912999 Author: David Blevins AuthorDate: Wed Oct 26 16:14:08 2022 -0700 Ensure the --source option causes an exit if file not found --- runtests | 9 +++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/runtests b/runtests index 7e60be8..41e0946 100755 --- a/runtests +++ b/runtests @@ -202,7 +202,7 @@ processOptions() { --source) assertOptionArg "$1" "$2" -src="$(readlink -f "$2")" +src="$2" shift ;; @@ -323,9 +323,14 @@ echo ">>> config => $( echo "$CONFIG" | sed 's/ /\n/g')" echo "" # just an empty line [ ! -z "$src" ] && { -ls "$src" +[ -f "$src" ] || { + echo "Cannot source file $src: file not found" + exit 1 +} + source "$src" } + [ ! -z $env ] && export # printing the content of the 2 main directories
[tomee-tck] 02/02: Use the users environment (removing -l) This may cause issues in CI jobs
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch jakartaee9-tck in repository https://gitbox.apache.org/repos/asf/tomee-tck.git commit 04936aacf77bd2bbd8d7d316451e5ecbbfc014fe Author: David Blevins AuthorDate: Wed Oct 26 16:15:01 2022 -0700 Use the users environment (removing -l) This may cause issues in CI jobs --- runtests | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/runtests b/runtests index 41e0946..b5025b2 100755 --- a/runtests +++ b/runtests @@ -1,4 +1,4 @@ -#!/bin/bash -l +#!/bin/bash ## ## $Revision$ $Date$ ##
[tomee-tck] branch jakartaee9-tck updated (437dd8c -> 04936aa)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch jakartaee9-tck in repository https://gitbox.apache.org/repos/asf/tomee-tck.git from 437dd8c Set protocols="TLSv1.2" to disable TLSv1.3 since the TCK requires post-handshake authentication and the Java 11 client does not support that. new 12bb2d8 Ensure the --source option causes an exit if file not found new 04936aa Use the users environment (removing -l) This may cause issues in CI jobs The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: runtests | 11 --- 1 file changed, 8 insertions(+), 3 deletions(-)
[tomee-site-generator] branch main updated: Fix the build failure
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee-site-generator.git The following commit(s) were added to refs/heads/main by this push: new 4fdd4c6 Fix the build failure 4fdd4c6 is described below commit 4fdd4c6ed5d881263f841f25b03e957ca9ea7e51 Author: David Blevins AuthorDate: Mon Oct 24 19:34:16 2022 -0700 Fix the build failure --- src/main/resources/ignored.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/main/resources/ignored.txt b/src/main/resources/ignored.txt index 502e2aa..f405468 100644 --- a/src/main/resources/ignored.txt +++ b/src/main/resources/ignored.txt @@ -4,9 +4,9 @@ # # Fixing or deleting these files is a good area for contribution # -#features.adoc -#tomee-8.0/docs/documentation.old.adoc -#tomee-8.0/pt/examples/webservice-holder.adoc +features.adoc +tomee-8.0/docs/documentation.old.adoc +tomee-8.0/pt/examples/webservice-holder.adoc tomee-8.0/pt/examples/webservice-ssl-client-cert.adoc tomee-8.0/pt/examples/websocket-tls-basic-auth.adoc tomee-8.0/examples/webservice-ws-security.adoc
[tomee-site-generator] 02/02: Cause a build failure
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee-site-generator.git commit bfef0c9058e6878cc384fcefeed0365c9160cb45 Author: David Blevins AuthorDate: Mon Oct 24 19:10:52 2022 -0700 Cause a build failure --- src/main/resources/ignored.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/main/resources/ignored.txt b/src/main/resources/ignored.txt index f405468..502e2aa 100644 --- a/src/main/resources/ignored.txt +++ b/src/main/resources/ignored.txt @@ -4,9 +4,9 @@ # # Fixing or deleting these files is a good area for contribution # -features.adoc -tomee-8.0/docs/documentation.old.adoc -tomee-8.0/pt/examples/webservice-holder.adoc +#features.adoc +#tomee-8.0/docs/documentation.old.adoc +#tomee-8.0/pt/examples/webservice-holder.adoc tomee-8.0/pt/examples/webservice-ssl-client-cert.adoc tomee-8.0/pt/examples/websocket-tls-basic-auth.adoc tomee-8.0/examples/webservice-ws-security.adoc
[tomee-site-generator] 01/02: Reduce output of git clone command
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee-site-generator.git commit 3af51038ba60f3cbb168a7e36c503c0c0901d048 Author: David Blevins AuthorDate: Mon Oct 24 19:09:50 2022 -0700 Reduce output of git clone command --- src/main/java/org/apache/tomee/website/Repos.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/org/apache/tomee/website/Repos.java b/src/main/java/org/apache/tomee/website/Repos.java index 0c1144f..a425a35 100644 --- a/src/main/java/org/apache/tomee/website/Repos.java +++ b/src/main/java/org/apache/tomee/website/Repos.java @@ -51,7 +51,7 @@ public class Repos { private static void clone(final Source source) throws Exception { System.out.println(" > git clone " + source.getScmUrl()); -jgit("clone", source.getScmUrl(), "-b", source.getBranch(), source.getDir().getAbsolutePath()); +jgit("clone", "--quiet", source.getScmUrl(), "-b", source.getBranch(), source.getDir().getAbsolutePath()); } private static void pull(final Source source) throws IOException, GitAPIException {
[tomee-site-generator] branch main updated (1433f79 -> bfef0c9)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch main in repository https://gitbox.apache.org/repos/asf/tomee-site-generator.git from 1433f79 Set JDK version to java 8 new 3af5103 Reduce output of git clone command new bfef0c9 Cause a build failure The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: src/main/java/org/apache/tomee/website/Repos.java | 2 +- src/main/resources/ignored.txt| 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-)
[tomee-site-generator] branch main updated: Set JDK version to java 8
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee-site-generator.git The following commit(s) were added to refs/heads/main by this push: new 1433f79 Set JDK version to java 8 1433f79 is described below commit 1433f791de8ded219ced9a99287ab8830cc9426a Author: David Blevins AuthorDate: Mon Oct 24 18:52:50 2022 -0700 Set JDK version to java 8 --- .github/workflows/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 2b387ad..8e3cd59 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -14,10 +14,10 @@ jobs: steps: - uses: actions/checkout@v3 -- name: Set up JDK 11 +- name: Set up JDK 8 uses: actions/setup-java@v3 with: -java-version: '11' +java-version: '8' distribution: 'temurin' cache: maven - name: Build with Maven
[tomee-site-generator] branch main updated (f4c9f4a -> 5b54974)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch main in repository https://gitbox.apache.org/repos/asf/tomee-site-generator.git from f4c9f4a Fail build if new md/adoc files don't generate html new a75bbbc Added github actions new 6d6446c added basic validation to github actions new 5b54974 Merge pull request #52 from cesarhernandezgt/actions-pr The 327 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: .github/workflows/main.yml | 30 ++ 1 file changed, 30 insertions(+) create mode 100644 .github/workflows/main.yml
[tomee-site-generator] branch main updated: Fail build if new md/adoc files don't generate html
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee-site-generator.git The following commit(s) were added to refs/heads/main by this push: new f4c9f4a Fail build if new md/adoc files don't generate html f4c9f4a is described below commit f4c9f4a428d63457035db23f55c76633845d32b1 Author: David Blevins AuthorDate: Mon Oct 24 18:02:57 2022 -0700 Fail build if new md/adoc files don't generate html --- src/main/java/org/apache/tomee/website/Checks.java | 98 ++ src/main/java/org/apache/tomee/website/JBake.java | 6 +- src/main/resources/ignored.txt | 49 +++ 3 files changed, 151 insertions(+), 2 deletions(-) diff --git a/src/main/java/org/apache/tomee/website/Checks.java b/src/main/java/org/apache/tomee/website/Checks.java new file mode 100644 index 000..bfe75dd --- /dev/null +++ b/src/main/java/org/apache/tomee/website/Checks.java @@ -0,0 +1,98 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.tomee.website; + +import org.apache.openejb.loader.IO; +import org.tomitribe.util.PrintString; + +import java.io.File; +import java.io.IOException; +import java.io.UncheckedIOException; +import java.nio.file.Files; +import java.nio.file.Path; +import java.nio.file.attribute.BasicFileAttributes; +import java.util.List; +import java.util.function.BiPredicate; +import java.util.stream.Collectors; +import java.util.stream.Stream; + +public class Checks { + +public void check(final File contentDir, final File generatedDir) { +final List ignored = getIgnored(); + +try { +final BiPredicate sources = (path, attributes) -> { +if (!path.toFile().isFile()) return false; +if (path.toString().endsWith(".adoc") || path.toString().endsWith(".md")) return true; +return false; +}; + +final List missing = Files.find(contentDir.toPath(), 100, sources) +.map(Path::toFile) +.map(File::getAbsolutePath) +.map(s -> s.substring(contentDir.getAbsolutePath().length() + 1)) +// was the html not generated? +.filter(s -> { +final String html = s.replaceAll("\\.(adoc|md)$", ".html"); +final File expected = new File(generatedDir, html); +return !expected.exists(); +}) +// is this file not in the list of known issues? +.filter(s -> !ignored.contains(s)) +.collect(Collectors.toList()); + +if (missing.size() > 0) { +throw new HtmlGenerationFailedException(missing); +} +missing.forEach(System.out::println); +System.out.println(missing); +} catch (IOException e) { +throw new UncheckedIOException(e); +} +} + +private List getIgnored() { +try { +final String content = IO.slurp(this.getClass().getClassLoader().getResource("ignored.txt")); + +return Stream.of(content.split(" *\r?\n *")) +.filter(s -> s.length() > 0) +.filter(s -> !s.startsWith("#")) +.collect(Collectors.toList()); +} catch (IOException e) { +throw new UncheckedIOException(e); +} +} + +public static class HtmlGenerationFailedException extends RuntimeException { + +private final List missing; + +public HtmlGenerationFailedException(final List missing) { +this.missing = missing; +} + +@Override +public String getMessage() { +final PrintString message = new PrintString(); +message.printf("%s source files did not generate html%n", missing.size()); +missing.forEach(message::println); +return message.toString(); +} +} +} diff
[tomee-release-tools] branch main updated: Finally remove the SNAPSHOT dependency on tentacles
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee-release-tools.git The following commit(s) were added to refs/heads/main by this push: new 6a47a66 Finally remove the SNAPSHOT dependency on tentacles 6a47a66 is described below commit 6a47a6601c9246ce1a1f3f1831ffcc709002a554 Author: David Blevins AuthorDate: Tue Oct 11 06:47:42 2022 -0700 Finally remove the SNAPSHOT dependency on tentacles --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index e4346f1..a35cc4e 100644 --- a/pom.xml +++ b/pom.xml @@ -165,7 +165,7 @@ org.apache.creadur.tentacles apache-tentacles - 0.1-SNAPSHOT + 0.1 plexus-utils
[tomee] 02/03: Remove references to MP 2.0 APIs
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git commit 8fcea26ecd88cd9d7bd4f1a14c16e3bd07eb54cc Author: David Blevins AuthorDate: Sat Oct 8 01:41:04 2022 -0500 Remove references to MP 2.0 APIs --- examples/mp-rest-jwt-jwk/pom.xml | 21 +++-- 1 file changed, 3 insertions(+), 18 deletions(-) diff --git a/examples/mp-rest-jwt-jwk/pom.xml b/examples/mp-rest-jwt-jwk/pom.xml index 8ae26cda03..8e8b1cfd49 100644 --- a/examples/mp-rest-jwt-jwk/pom.xml +++ b/examples/mp-rest-jwt-jwk/pom.xml @@ -25,11 +25,8 @@ TomEE :: Examples :: MP REST JWT JWK UTF-8 -9.1-M2 9.0.0-M9-SNAPSHOT 2.0.0 -1.1 -1.1 install @@ -96,21 +93,9 @@ - org.apache.tomee - jakartaee-api - ${version.jakartaee-api} - provided - - - org.eclipse.microprofile.jwt - microprofile-jwt-auth-api - ${mp-jwt.version} - provided - - - org.eclipse.microprofile.rest.client - microprofile-rest-client-api - ${mp-rest-client.version} + org.apache.tomee.bom + tomee-microprofile-api + ${tomee.version} provided
[tomee] 03/03: Remove references to MP 2.0 APIs
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git commit ec2f7da2546115ee366726a95faa51da53bf558d Author: David Blevins AuthorDate: Sat Oct 8 01:43:20 2022 -0500 Remove references to MP 2.0 APIs --- examples/mp-rest-jwt-principal/pom.xml | 28 +++- 1 file changed, 3 insertions(+), 25 deletions(-) diff --git a/examples/mp-rest-jwt-principal/pom.xml b/examples/mp-rest-jwt-principal/pom.xml index 5300b05dd6..7c221d8059 100644 --- a/examples/mp-rest-jwt-principal/pom.xml +++ b/examples/mp-rest-jwt-principal/pom.xml @@ -26,12 +26,8 @@ UTF-8 9.0.0-M9-SNAPSHOT -9.1-M2 4.23 1.7.0.Alpha10 -1.1.1 -1.0 -1.1 install @@ -89,27 +85,9 @@ - org.apache.tomee - jakartaee-api - ${version.jakartaee-api} - provided - - - org.eclipse.microprofile.jwt - microprofile-jwt-auth-api - ${mp-jwt.version} - provided - - - org.eclipse.microprofile.rest.client - microprofile-rest-client-api - ${mp-rest-client.version} - provided - - - org.eclipse.microprofile.config - microprofile-config-api - ${mp-config.version} + org.apache.tomee.bom + tomee-microprofile-api + ${tomee.version} provided
[tomee] branch main updated (35d43a6916 -> ec2f7da254)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git from 35d43a6916 iTests for supported JWE algorithms new 15d19e18a7 Remove MP JWT 1.1 reference in mp-rest-jwt-public-key new 8fcea26ecd Remove references to MP 2.0 APIs new ec2f7da254 Remove references to MP 2.0 APIs The 3 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: examples/mp-rest-jwt-jwk/pom.xml| 21 +++-- examples/mp-rest-jwt-principal/pom.xml | 28 +++- examples/mp-rest-jwt-public-key/pom.xml | 12 +++- 3 files changed, 9 insertions(+), 52 deletions(-)
[tomee] 01/03: Remove MP JWT 1.1 reference in mp-rest-jwt-public-key
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git commit 15d19e18a7a11955bf59c672cfbd82c47b6cdd9b Author: David Blevins AuthorDate: Sat Oct 8 01:38:19 2022 -0500 Remove MP JWT 1.1 reference in mp-rest-jwt-public-key --- examples/mp-rest-jwt-public-key/pom.xml | 12 +++- 1 file changed, 3 insertions(+), 9 deletions(-) diff --git a/examples/mp-rest-jwt-public-key/pom.xml b/examples/mp-rest-jwt-public-key/pom.xml index 8536a6493b..ee35080b40 100644 --- a/examples/mp-rest-jwt-public-key/pom.xml +++ b/examples/mp-rest-jwt-public-key/pom.xml @@ -101,18 +101,12 @@ - org.apache.tomee - jakartaee-api - ${version.jakartaee-api} + org.apache.tomee.bom + tomee-microprofile-api + ${tomee.version} provided - - org.eclipse.microprofile.jwt - microprofile-jwt-auth-api - ${mp-jwt.version} - provided - com.nimbusds nimbus-jose-jwt
[tomee] branch main updated: iTests for supported JWE algorithms
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git The following commit(s) were added to refs/heads/main by this push: new 35d43a6916 iTests for supported JWE algorithms 35d43a6916 is described below commit 35d43a6916c5318a68f3401c31bf00db38a32c15 Author: David Blevins AuthorDate: Thu Oct 6 17:04:27 2022 -0500 iTests for supported JWE algorithms --- itests/microprofile-jwt-itests/pom.xml | 4 +- ...izesTest.java => EncryptionAlgorithmsTest.java} | 77 ++-- .../microprofile/jwt/itest/RsaKeySizesTest.java| 5 -- .../tomee/microprofile/jwt/itest/Tokens.java | 81 +++--- .../apache/tomee/microprofile/jwt/MPJWTFilter.java | 1 + 5 files changed, 131 insertions(+), 37 deletions(-) diff --git a/itests/microprofile-jwt-itests/pom.xml b/itests/microprofile-jwt-itests/pom.xml index 080e4e8acb..2a20483ad5 100644 --- a/itests/microprofile-jwt-itests/pom.xml +++ b/itests/microprofile-jwt-itests/pom.xml @@ -89,7 +89,7 @@ com.nimbusds nimbus-jose-jwt - 4.23 + 9.25.4 test @@ -101,7 +101,7 @@ io.churchkey churchkey - 1.21 + 1.22 test diff --git a/itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/RsaKeySizesTest.java b/itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/EncryptionAlgorithmsTest.java similarity index 64% copy from itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/RsaKeySizesTest.java copy to itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/EncryptionAlgorithmsTest.java index de7a87aafa..a8ed538a2e 100644 --- a/itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/RsaKeySizesTest.java +++ b/itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/EncryptionAlgorithmsTest.java @@ -18,16 +18,11 @@ package org.apache.tomee.microprofile.jwt.itest; -import org.apache.cxf.feature.LoggingFeature; -import org.apache.cxf.jaxrs.client.WebClient; -import org.apache.johnzon.jaxrs.JohnzonProvider; -import org.apache.tomee.server.composer.Archive; -import org.apache.tomee.server.composer.TomEE; -import org.eclipse.microprofile.auth.LoginConfig; -import org.junit.Test; - import jakarta.annotation.security.RolesAllowed; import jakarta.enterprise.context.RequestScoped; +import jakarta.json.Json; +import jakarta.json.JsonObject; +import jakarta.json.JsonReader; import jakarta.ws.rs.ApplicationPath; import jakarta.ws.rs.Consumes; import jakarta.ws.rs.GET; @@ -36,6 +31,15 @@ import jakarta.ws.rs.Produces; import jakarta.ws.rs.core.Application; import jakarta.ws.rs.core.MediaType; import jakarta.ws.rs.core.Response; +import org.apache.cxf.feature.LoggingFeature; +import org.apache.cxf.jaxrs.client.WebClient; +import org.apache.johnzon.jaxrs.JohnzonProvider; +import org.apache.tomee.server.composer.Archive; +import org.apache.tomee.server.composer.TomEE; +import org.eclipse.microprofile.auth.LoginConfig; +import org.junit.Test; + +import java.io.ByteArrayInputStream; import java.io.File; import java.net.URL; import java.util.Base64; @@ -43,36 +47,55 @@ import java.util.Base64; import static java.util.Collections.singletonList; import static org.junit.Assert.assertEquals; -public class RsaKeySizesTest { +public class EncryptionAlgorithmsTest { @Test -public void test1024() throws Exception { -assertKey(Tokens.rsa(1024, 256)); +public void rsaOaep() throws Exception { +assertAlgorithm(Tokens.rsa(2048, "RSA-OAEP"), Tokens.rsa(2048, 256)); } @Test -public void test2048() throws Exception { -assertKey(Tokens.rsa(2048, 256)); +public void rsaOaep256() throws Exception { +assertAlgorithm(Tokens.rsa(2048, "RSA-OAEP-256"), Tokens.rsa(2048, 256)); } @Test -public void test4096() throws Exception { -assertKey(Tokens.rsa(4096, 256)); +public void ecdhEs() throws Exception { +assertAlgorithm(Tokens.ec("secp256r1", "ECDH-ES"), Tokens.ec("secp256r1", 256)); } -public void assertKey(final Tokens tokens) throws Exception { +@Test +public void ecdhEsA128KW() throws Exception { +assertAlgorithm(Tokens.ec("secp256r1", "ECDH-ES+A128KW"), Tokens.ec("secp256r1", 256)); +} + +@Test +public void ecdhEsA192KW() throws Exception { +assertAlgorithm(Tokens.ec("secp256r1", "ECDH-ES+A192KW"), Tokens.ec("secp256r1", 256)); +} + +@Test +public void ecdhEsA256KW() throws Exception { +assertAlgorithm(Tokens.ec("secp256r1", "ECDH-ES+A256KW"), T
[tomee-release-tools] branch main updated (828284c -> 7943de2)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch main in repository https://gitbox.apache.org/repos/asf/tomee-release-tools.git from 828284c TOMEE-3921 - Consistency for sha512 hashes in releases add 7943de2 Command to compare version upgrades No new revisions were added by this update. Summary of changes: pom.xml| 6 +- .../org/apache/openejb/tools/release/Loader.java | 3 +- .../openejb/tools/release/cmd/AnalyzeUpgrades.java | 139 .../pom/Coordinates.java} | 15 +- .../tools/release/maven/pom/Dependency.java| 55 +++ .../pom/MavenPomException.java}| 16 +- .../pom/Parent.java} | 39 +++-- .../openejb/tools/release/maven/pom/PomParser.java | 175 + .../openejb/tools/release/maven/pom/Project.java | 80 ++ .../pom/Properties.java} | 35 +++-- .../pom/PropertiesAdapter.java}| 34 ++-- .../tools/release/util/JsonMarshalling.java| 81 ++ 12 files changed, 616 insertions(+), 62 deletions(-) create mode 100644 src/main/java/org/apache/openejb/tools/release/cmd/AnalyzeUpgrades.java copy src/main/java/org/apache/openejb/tools/release/{cmd/CommandFailedException.java => maven/pom/Coordinates.java} (74%) create mode 100644 src/main/java/org/apache/openejb/tools/release/maven/pom/Dependency.java copy src/main/java/org/apache/openejb/tools/release/{cmd/JiraReport.java => maven/pom/MavenPomException.java} (73%) copy src/main/java/org/apache/openejb/tools/release/{StagingRepositories.java => maven/pom/Parent.java} (51%) create mode 100644 src/main/java/org/apache/openejb/tools/release/maven/pom/PomParser.java create mode 100644 src/main/java/org/apache/openejb/tools/release/maven/pom/Project.java copy src/main/java/org/apache/openejb/tools/release/{StagingRepositories.java => maven/pom/Properties.java} (56%) copy src/main/java/org/apache/openejb/tools/release/{DateAdapter.java => maven/pom/PropertiesAdapter.java} (57%) create mode 100644 src/main/java/org/apache/openejb/tools/release/util/JsonMarshalling.java
[creadur-tentacles] branch trunk updated: [maven-release-plugin] prepare for next development iteration
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch trunk in repository https://gitbox.apache.org/repos/asf/creadur-tentacles.git The following commit(s) were added to refs/heads/trunk by this push: new 1a47f3b [maven-release-plugin] prepare for next development iteration 1a47f3b is described below commit 1a47f3b846d0f0ae663593fc6a85bd097fed34c7 Author: David Blevins AuthorDate: Thu Oct 6 14:52:11 2022 -0500 [maven-release-plugin] prepare for next development iteration --- pom.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pom.xml b/pom.xml index c3a1d18..9817633 100644 --- a/pom.xml +++ b/pom.xml @@ -25,7 +25,7 @@ org.apache.creadur.tentacles apache-tentacles jar - 0.1 + 0.2-SNAPSHOT Apache Tentacles Utility to download binaries from a remote repository and scan them for LICENSE and NOTICE files @@ -337,7 +337,7 @@ scm:git:https://git-wip-us.apache.org/repos/asf/creadur-tentacles.git scm:git:https://git-wip-us.apache.org/repos/asf/creadur-tentacles.git https://git-wip-us.apache.org/repos/asf?p=creadur-tentacles.git -apache-tentacles-0.1 +HEAD
[creadur-tentacles] annotated tag apache-tentacles-0.1 created (now 30d403b)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to annotated tag apache-tentacles-0.1 in repository https://gitbox.apache.org/repos/asf/creadur-tentacles.git at 30d403b (tag) tagging 8ec81af4c7a3e8b23337d08beb129dee09a6ea6a (commit) by David Blevins on Thu Oct 6 14:52:07 2022 -0500 - Log - [maven-release-plugin] copy for tag apache-tentacles-0.1 --- No new revisions were added by this update.
[creadur-tentacles] 02/02: [maven-release-plugin] prepare release apache-tentacles-0.1
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch trunk in repository https://gitbox.apache.org/repos/asf/creadur-tentacles.git commit 8ec81af4c7a3e8b23337d08beb129dee09a6ea6a Author: David Blevins AuthorDate: Thu Oct 6 14:51:53 2022 -0500 [maven-release-plugin] prepare release apache-tentacles-0.1 --- pom.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pom.xml b/pom.xml index be1b02d..c3a1d18 100644 --- a/pom.xml +++ b/pom.xml @@ -25,7 +25,7 @@ org.apache.creadur.tentacles apache-tentacles jar - 0.1-SNAPSHOT + 0.1 Apache Tentacles Utility to download binaries from a remote repository and scan them for LICENSE and NOTICE files @@ -337,7 +337,7 @@ scm:git:https://git-wip-us.apache.org/repos/asf/creadur-tentacles.git scm:git:https://git-wip-us.apache.org/repos/asf/creadur-tentacles.git https://git-wip-us.apache.org/repos/asf?p=creadur-tentacles.git -HEAD +apache-tentacles-0.1
[creadur-tentacles] branch trunk updated (61d58d4 -> 8ec81af)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch trunk in repository https://gitbox.apache.org/repos/asf/creadur-tentacles.git from 61d58d4 RAT-271: Upgrade animal sniffer to comply with JDK8 new daae9ca Update information in pom.xml new 8ec81af [maven-release-plugin] prepare release apache-tentacles-0.1 The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: pom.xml | 9 + 1 file changed, 5 insertions(+), 4 deletions(-)
[creadur-tentacles] 01/02: Update information in pom.xml
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch trunk in repository https://gitbox.apache.org/repos/asf/creadur-tentacles.git commit daae9ca16bd4bd92bde16bc2bd252e37cae78290 Author: David Blevins AuthorDate: Thu Oct 6 14:51:07 2022 -0500 Update information in pom.xml --- pom.xml | 7 --- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/pom.xml b/pom.xml index adf845b..be1b02d 100644 --- a/pom.xml +++ b/pom.xml @@ -334,9 +334,10 @@ - scm:svn:http://svn.apache.org/repos/asf/creadur/tentacles/trunk - scm:svn:https://svn.apache.org/repos/asf/creadur/tentacles/trunk -http://svn.apache.org/repos/asf/creadur/tentacles/trunk + scm:git:https://git-wip-us.apache.org/repos/asf/creadur-tentacles.git + scm:git:https://git-wip-us.apache.org/repos/asf/creadur-tentacles.git +https://git-wip-us.apache.org/repos/asf?p=creadur-tentacles.git +HEAD
[tomee-site-generator] branch main updated: TOMEE-3981 update javadoc to reflect updates on Jakarta EE
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee-site-generator.git The following commit(s) were added to refs/heads/main by this push: new 4406e53 TOMEE-3981 update javadoc to reflect updates on Jakarta EE new e2f20f2 Merge pull request #50 from sultan/update-javadoc 4406e53 is described below commit 4406e535733f9d7b87ce2b54a72b55a1cb1aaa6c Author: Swell <5782559+sul...@users.noreply.github.com> AuthorDate: Tue Oct 4 10:39:25 2022 +0200 TOMEE-3981 update javadoc to reflect updates on Jakarta EE --- src/main/java/org/apache/tomee/website/Configuration.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/org/apache/tomee/website/Configuration.java b/src/main/java/org/apache/tomee/website/Configuration.java index c83913c..1ea81b6 100644 --- a/src/main/java/org/apache/tomee/website/Configuration.java +++ b/src/main/java/org/apache/tomee/website/Configuration.java @@ -157,7 +157,7 @@ public class Configuration { new Source("https://github.com/eclipse/microprofile-metrics;, "4.0.1", "microprofile-5.0-repos/metrics").filterJavadoc(".*/api/src/main/java/.*", ""), new Source("https://github.com/eclipse/microprofile-open-api;, "3.0", "microprofile-5.0-repos/open-api").filterJavadoc(".*/api/src/main/java/.*", ""), new Source("https://github.com/eclipse/microprofile-opentracing;, "3.0", "microprofile-5.0-repos/opentracing").filterJavadoc(".*/api/src/main/java/.*", ""), -new Source("https://github.com/eclipse/microprofile-rest-client;, "3.0", "microprofile-5.0-repos/rest-client").filterJavadoc(".*/api/src/main/java/.*", ""), +new Source("https://github.com/eclipse/microprofile-rest-client;, "3.0.1", "microprofile-5.0-repos/rest-client").filterJavadoc(".*/api/src/main/java/.*", ""), }; final Source[] microProfile4 = new Source[]{
[tomee-site-generator] branch main updated: Update master reference to main
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee-site-generator.git The following commit(s) were added to refs/heads/main by this push: new 9dec450 Update master reference to main 9dec450 is described below commit 9dec4500af82a1e545e66b76d0582fa42f1452ee Author: David Blevins AuthorDate: Tue Oct 4 16:18:55 2022 -0500 Update master reference to main --- src/main/java/org/apache/tomee/website/Configuration.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/org/apache/tomee/website/Configuration.java b/src/main/java/org/apache/tomee/website/Configuration.java index c83913c..016fd48 100644 --- a/src/main/java/org/apache/tomee/website/Configuration.java +++ b/src/main/java/org/apache/tomee/website/Configuration.java @@ -191,7 +191,7 @@ public class Configuration { //new Source("https://github.com/apache/tomee.git;, "tomee-7.1.x", "tomee-7.1", false).javadoc("^org.apache.(openejb|tomee).*"), //new Source("https://github.com/apache/tomee.git;, "tomee-7.0.x", "tomee-7.0", false).javadoc("^org.apache.(openejb|tomee).*"), // TOMEE CURRENT -new Source("https://github.com/apache/tomee.git;, "master", "tomee-9.0", false).label("milestone").related(microProfile5).related(jakartaEE9).javadoc("^org.apache.(openejb|tomee).*"), +new Source("https://github.com/apache/tomee.git;, "main", "tomee-9.0", false).label("milestone").related(microProfile5).related(jakartaEE9).javadoc("^org.apache.(openejb|tomee).*"), new Source("https://github.com/apache/tomee.git;, "tomee-8.x", "tomee-8.0", true).related(microProfile2).related(jakartaEE8).javadoc("^org.apache.(openejb|tomee).*"), new Source("https://github.com/apache/tomee.git;, "tomee-7.1.x", "tomee-7.1", false).javadoc("^org.apache.(openejb|tomee).*"), new Source("https://github.com/apache/tomee.git;, "tomee-7.0.x", "tomee-7.0", false).javadoc("^org.apache.(openejb|tomee).*"),
[tomee] branch main updated (0b0273009b -> f0adaefeba)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git from 0b0273009b Philosophy and goals of the itests add 5e943d37fb Add greater/less operations on Duration add 6e201ba508 Prototype CachingSupplier required for TOMEE-4050: Retry and Refresh for MP JWT keys supplied via HTTP add 876bf3b9e1 Initialization and retry tests for CachingSupplier Required for TOMEE-4050: Retry and Refresh for MP JWT keys supplied via HTTP add 063c801690 Refresh tests and logging for CachingSupplier Required for TOMEE-4050: Retry and Refresh for MP JWT keys supplied via HTTP add 7da859bfb7 TOMEE-4050: Retry and Refresh for MP JWT keys supplied via HTTP Error handling and integration testing still incomplete add 190307934e Add itest-util and itest-common Largely empty now, but likely to grow as we create more itests add 40a4de32da Start of iTests for TOMEE-4050 Retry and Refresh for MP JWT keys supplied via HTTP add 0f42e0767a iTests for HTTP 200s and 500s in key rotation and initialization TOMEE-4050 add d3a8a20e04 iTests for invalid keys in key rotation and initialization TOMEE-4050 add e0c2d27e1c 401 on access timeout. Rework logging. TOMEE-4050 add 7d21a2079b iTests for logging on key initialization TOMEE-4050 add 29d25cd6c8 iTests for logging on rotation TOMEE-4050 add 765e379160 Better Thread safety for Logging asserts add 1f4caa363a Enable TOMEE-4050 by default new f0adaefeba Merge pull request #926 from apache/TOMEE-4050 The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: .../org/apache/openejb/util/CachedSupplier.java| 314 + .../java/org/apache/openejb/util/Duration.java | 35 + .../main/java/org/apache/openejb/util/Logger.java | 3 + .../apache/openejb/util/CachedSupplierTest.java| 707 + .../java/org/apache/openejb/util/DurationTest.java | 82 +++ docs/microprofile/jwt.adoc | 118 itests/itest-common/README.adoc| 3 + itests/{ => itest-common}/pom.xml | 56 +- .../org/apache/tomee/itest/common/Logging.java | 69 ++ itests/itest-util/README.adoc | 3 + itests/{ => itest-util}/pom.xml| 46 +- .../org/apache/tomee/itest}/util/Duration.java | 53 +- .../java/org/apache/tomee/itest/util/Join.java | 115 .../java/org/apache/tomee/itest/util/Runner.java | 190 ++ .../java/org/apache/tomee/itest/util/Timer.java| 67 ++ itests/microprofile-jwt-itests/pom.xml | 12 +- .../jwt/itest/PublicKeyLocationCachedTest.java | 203 ++ .../tomee/microprofile/jwt/itest/Tokens.java | 35 +- .../jwt/itest/keys/PublicKeyLocation.java | 87 +++ .../itest/keys/http/HttpKeyAccessTimeoutTest.java | 207 ++ .../http/HttpKeyInitializationEmptyKeySetTest.java | 201 ++ .../http/HttpKeyInitializationHttp500Test.java | 202 ++ .../http/HttpKeyInitializationNoValidKeysTest.java | 201 ++ .../jwt/itest/keys/http/HttpKeyLocationTest.java | 179 ++ .../keys/http/HttpKeyRotationEmptyKeySetTest.java | 285 + .../keys/http/HttpKeyRotationHttp500Test.java | 287 + .../keys/http/HttpKeyRotationNoValidKeysTest.java | 286 + itests/pom.xml | 2 + .../org/apache/tomee/server/composer/Archive.java | 15 + .../apache/tomee/microprofile/jwt/MPJWTFilter.java | 72 ++- .../jwt/config/JWTAuthConfiguration.java | 32 +- .../jwt/config/JWTAuthConfigurationProperties.java | 116 +++- .../tomee/microprofile/jwt/keys/DecryptKeys.java | 39 ++ .../tomee/microprofile/jwt/keys/FixedKeys.java | 35 + .../tomee/microprofile/jwt/keys/HttpLocation.java | 95 +++ .../jwt/{config => keys}/KeyResolver.java | 27 +- .../tomee/microprofile/jwt/keys/PublicKeys.java| 59 ++ .../tomee/microprofile/jwt/keys/UrlLocation.java | 67 ++ .../microprofile/jwt/config/KeyResolverTest.java | 1 + 39 files changed, 4478 insertions(+), 128 deletions(-) create mode 100644 container/openejb-core/src/main/java/org/apache/openejb/util/CachedSupplier.java create mode 100644 container/openejb-core/src/test/java/org/apache/openejb/util/CachedSupplierTest.java create mode 100644 docs/microprofile/jwt.adoc create mode 100644 itests/itest-common/README.adoc copy itests/{ => itest-common}/pom.xml (61%) create mode 100644 itests/itest-common/src/main/java/org/apache/tomee/itest/common/Logging.java create mode 100644 itests/itest-util/README.adoc copy itests/{ => itest-util}/pom.xml (61%) copy {container/op
[tomee] 01/01: Merge pull request #926 from apache/TOMEE-4050
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git commit f0adaefeba704553380e881da7d3f5629275c786 Merge: 0b0273009b 1f4caa363a Author: David Blevins AuthorDate: Tue Oct 4 12:24:11 2022 -0500 Merge pull request #926 from apache/TOMEE-4050 TOMEE-4050 Retry and Refresh for MP JWT keys supplied via HTTP .../org/apache/openejb/util/CachedSupplier.java| 314 + .../java/org/apache/openejb/util/Duration.java | 35 + .../main/java/org/apache/openejb/util/Logger.java | 3 + .../apache/openejb/util/CachedSupplierTest.java| 707 + .../java/org/apache/openejb/util/DurationTest.java | 82 +++ docs/microprofile/jwt.adoc | 118 itests/itest-common/README.adoc| 3 + itests/{ => itest-common}/pom.xml | 56 +- .../org/apache/tomee/itest/common/Logging.java | 69 ++ itests/itest-util/README.adoc | 3 + itests/{ => itest-util}/pom.xml| 46 +- .../org/apache/tomee/itest}/util/Duration.java | 53 +- .../java/org/apache/tomee/itest/util/Join.java | 115 .../java/org/apache/tomee/itest/util/Runner.java | 190 ++ .../java/org/apache/tomee/itest/util/Timer.java| 67 ++ itests/microprofile-jwt-itests/pom.xml | 12 +- .../jwt/itest/PublicKeyLocationCachedTest.java | 203 ++ .../tomee/microprofile/jwt/itest/Tokens.java | 35 +- .../jwt/itest/keys/PublicKeyLocation.java | 87 +++ .../itest/keys/http/HttpKeyAccessTimeoutTest.java | 207 ++ .../http/HttpKeyInitializationEmptyKeySetTest.java | 201 ++ .../http/HttpKeyInitializationHttp500Test.java | 202 ++ .../http/HttpKeyInitializationNoValidKeysTest.java | 201 ++ .../jwt/itest/keys/http/HttpKeyLocationTest.java | 179 ++ .../keys/http/HttpKeyRotationEmptyKeySetTest.java | 285 + .../keys/http/HttpKeyRotationHttp500Test.java | 287 + .../keys/http/HttpKeyRotationNoValidKeysTest.java | 286 + itests/pom.xml | 2 + .../org/apache/tomee/server/composer/Archive.java | 15 + .../apache/tomee/microprofile/jwt/MPJWTFilter.java | 72 ++- .../jwt/config/JWTAuthConfiguration.java | 32 +- .../jwt/config/JWTAuthConfigurationProperties.java | 116 +++- .../tomee/microprofile/jwt/keys/DecryptKeys.java | 39 ++ .../tomee/microprofile/jwt/keys/FixedKeys.java | 35 + .../tomee/microprofile/jwt/keys/HttpLocation.java | 95 +++ .../jwt/{config => keys}/KeyResolver.java | 27 +- .../tomee/microprofile/jwt/keys/PublicKeys.java| 59 ++ .../tomee/microprofile/jwt/keys/UrlLocation.java | 67 ++ .../microprofile/jwt/config/KeyResolverTest.java | 1 + 39 files changed, 4478 insertions(+), 128 deletions(-)
[tomee] branch TOMEE-4050 updated (765e379160 -> 1f4caa363a)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch TOMEE-4050 in repository https://gitbox.apache.org/repos/asf/tomee.git from 765e379160 Better Thread safety for Logging asserts add 1f4caa363a Enable TOMEE-4050 by default No new revisions were added by this update. Summary of changes: docs/microprofile/jwt.adoc| 8 +--- .../microprofile/jwt/config/JWTAuthConfigurationProperties.java | 3 ++- 2 files changed, 7 insertions(+), 4 deletions(-)
[tomee] branch TOMEE-4050 updated (29d25cd6c8 -> 765e379160)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch TOMEE-4050 in repository https://gitbox.apache.org/repos/asf/tomee.git from 29d25cd6c8 iTests for logging on rotation TOMEE-4050 add 765e379160 Better Thread safety for Logging asserts No new revisions were added by this update. Summary of changes: .../src/main/java/org/apache/tomee/itest/common/Logging.java | 9 ++--- 1 file changed, 6 insertions(+), 3 deletions(-)
[tomee] branch TOMEE-4050 updated (7d21a2079b -> 29d25cd6c8)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch TOMEE-4050 in repository https://gitbox.apache.org/repos/asf/tomee.git from 7d21a2079b iTests for logging on key initialization TOMEE-4050 add 29d25cd6c8 iTests for logging on rotation TOMEE-4050 No new revisions were added by this update. Summary of changes: .../keys/http/HttpKeyRotationEmptyKeySetTest.java | 43 -- .../keys/http/HttpKeyRotationHttp500Test.java | 40 +++- .../keys/http/HttpKeyRotationNoValidKeysTest.java | 41 - 3 files changed, 118 insertions(+), 6 deletions(-)
[tomee] branch TOMEE-4050 updated (d3a8a20e04 -> 7d21a2079b)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch TOMEE-4050 in repository https://gitbox.apache.org/repos/asf/tomee.git from d3a8a20e04 iTests for invalid keys in key rotation and initialization TOMEE-4050 add e0c2d27e1c 401 on access timeout. Rework logging. TOMEE-4050 add 7d21a2079b iTests for logging on key initialization TOMEE-4050 No new revisions were added by this update. Summary of changes: .../org/apache/openejb/util/CachedSupplier.java| 40 ++-- .../apache/openejb/util/CachedSupplierTest.java| 2 +- itests/itest-common/pom.xml| 5 + .../org/apache/tomee/itest/common/Logging.java}| 39 +--- ...p500Test.java => HttpKeyAccessTimeoutTest.java} | 104 ++--- .../http/HttpKeyInitializationEmptyKeySetTest.java | 18 +++- .../http/HttpKeyInitializationHttp500Test.java | 18 +++- .../http/HttpKeyInitializationNoValidKeysTest.java | 19 +++- .../apache/tomee/microprofile/jwt/MPJWTFilter.java | 55 ++- .../jwt/config/JWTAuthConfigurationProperties.java | 47 +- .../DecryptKeys.java} | 26 -- .../tomee/microprofile/jwt/keys/FixedKeys.java | 25 +++-- .../tomee/microprofile/jwt/keys/HttpLocation.java | 95 +++ .../jwt/{config => keys}/KeyResolver.java | 27 +++--- .../tomee/microprofile/jwt/keys/PublicKeys.java| 59 .../tomee/microprofile/jwt/keys/UrlLocation.java | 67 + .../microprofile/jwt/config/KeyResolverTest.java | 1 + 17 files changed, 472 insertions(+), 175 deletions(-) copy itests/{microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/Output.java => itest-common/src/main/java/org/apache/tomee/itest/common/Logging.java} (54%) copy itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/keys/http/{HttpKeyRotationHttp500Test.java => HttpKeyAccessTimeoutTest.java} (69%) copy mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/{bval/ValidationConstraintException.java => keys/DecryptKeys.java} (56%) copy arquillian/arquillian-tomee-embedded/src/test/java/org/apache/openejb/arquillian/embedded/AnApp.java => mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/keys/FixedKeys.java (66%) create mode 100644 mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/keys/HttpLocation.java rename mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/{config => keys}/KeyResolver.java (92%) create mode 100644 mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/keys/PublicKeys.java create mode 100644 mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/keys/UrlLocation.java
[tomee] branch TOMEE-4050 updated (0f42e0767a -> d3a8a20e04)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch TOMEE-4050 in repository https://gitbox.apache.org/repos/asf/tomee.git from 0f42e0767a iTests for HTTP 200s and 500s in key rotation and initialization TOMEE-4050 add d3a8a20e04 iTests for invalid keys in key rotation and initialization TOMEE-4050 No new revisions were added by this update. Summary of changes: .../org/apache/tomee/microprofile/jwt/itest/Tokens.java | 4 ...t.java => HttpKeyInitializationEmptyKeySetTest.java} | 15 +++ ...t.java => HttpKeyInitializationNoValidKeysTest.java} | 14 +++--- ...500Test.java => HttpKeyRotationEmptyKeySetTest.java} | 17 - ...500Test.java => HttpKeyRotationNoValidKeysTest.java} | 16 5 files changed, 34 insertions(+), 32 deletions(-) copy itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/keys/http/{HttpKeyInitializationHttp500Test.java => HttpKeyInitializationEmptyKeySetTest.java} (93%) copy itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/keys/http/{HttpKeyInitializationHttp500Test.java => HttpKeyInitializationNoValidKeysTest.java} (93%) copy itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/keys/http/{HttpKeyRotationHttp500Test.java => HttpKeyRotationEmptyKeySetTest.java} (94%) copy itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/keys/http/{HttpKeyRotationHttp500Test.java => HttpKeyRotationNoValidKeysTest.java} (94%)
[tomee] branch TOMEE-4050 updated (40a4de32da -> 0f42e0767a)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch TOMEE-4050 in repository https://gitbox.apache.org/repos/asf/tomee.git from 40a4de32da Start of iTests for TOMEE-4050 Retry and Refresh for MP JWT keys supplied via HTTP add 0f42e0767a iTests for HTTP 200s and 500s in key rotation and initialization TOMEE-4050 No new revisions were added by this update. Summary of changes: java => HttpKeyInitializationHttp500Test.java} | 23 +- .../jwt/itest/keys/http/HttpKeyLocationTest.java | 2 +- .../keys/http/HttpKeyRotationHttp500Test.java | 249 + 3 files changed, 265 insertions(+), 9 deletions(-) copy itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/keys/http/{HttpKeyLocationTest.java => HttpKeyInitializationHttp500Test.java} (90%) create mode 100644 itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/keys/http/HttpKeyRotationHttp500Test.java
[tomee] branch TOMEE-4050 updated (7da859bfb7 -> 40a4de32da)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch TOMEE-4050 in repository https://gitbox.apache.org/repos/asf/tomee.git from 7da859bfb7 TOMEE-4050: Retry and Refresh for MP JWT keys supplied via HTTP Error handling and integration testing still incomplete add 190307934e Add itest-util and itest-common Largely empty now, but likely to grow as we create more itests add 40a4de32da Start of iTests for TOMEE-4050 Retry and Refresh for MP JWT keys supplied via HTTP No new revisions were added by this update. Summary of changes: itests/itest-common/README.adoc| 3 + itests/{legacy-server => itest-common}/pom.xml | 14 +- itests/itest-util/README.adoc | 3 + itests/{legacy-server => itest-util}/pom.xml | 15 +- .../org/apache/tomee/itest}/util/Duration.java | 18 +- .../java/org/apache/tomee/itest}/util/Join.java| 12 +- .../java/org/apache/tomee/itest/util/Runner.java | 190 + .../java/org/apache/tomee/itest/util/Timer.java| 67 itests/microprofile-jwt-itests/pom.xml | 12 +- .../tomee/microprofile/jwt/itest/Tokens.java | 31 +++- .../jwt/itest/keys/PublicKeyLocation.java | 87 ++ .../jwt/itest/keys/http/HttpKeyLocationTest.java | 179 +++ itests/pom.xml | 2 + .../org/apache/tomee/server/composer/Archive.java | 15 ++ 14 files changed, 605 insertions(+), 43 deletions(-) create mode 100644 itests/itest-common/README.adoc copy itests/{legacy-server => itest-common}/pom.xml (81%) create mode 100644 itests/itest-util/README.adoc copy itests/{legacy-server => itest-util}/pom.xml (78%) copy {container/openejb-core/src/main/java/org/apache/openejb => itests/itest-util/src/main/java/org/apache/tomee/itest}/util/Duration.java (95%) copy {container/openejb-core/src/main/java/org/apache/openejb => itests/itest-util/src/main/java/org/apache/tomee/itest}/util/Join.java (90%) create mode 100644 itests/itest-util/src/main/java/org/apache/tomee/itest/util/Runner.java create mode 100644 itests/itest-util/src/main/java/org/apache/tomee/itest/util/Timer.java create mode 100644 itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/keys/PublicKeyLocation.java create mode 100644 itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/keys/http/HttpKeyLocationTest.java
[tomee] branch main updated: Philosophy and goals of the itests
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git The following commit(s) were added to refs/heads/main by this push: new 0b0273009b Philosophy and goals of the itests 0b0273009b is described below commit 0b0273009b5853fa5aedc52b9604ba853448418a Author: David Blevins AuthorDate: Thu Sep 29 23:07:53 2022 -0500 Philosophy and goals of the itests --- itests/README.adoc | 23 +++ 1 file changed, 23 insertions(+) diff --git a/itests/README.adoc b/itests/README.adoc new file mode 100644 index 00..e1b658bc88 --- /dev/null +++ b/itests/README.adoc @@ -0,0 +1,23 @@ +# iTest + +The goal of the itests are to test and use the TomEE binaries exactly how users use them; unpack the server, update configurations, deploy an application and send it requests. When tests are done, we're asserting responses, files on disk, log output and all expected behavior of the server. + +## Why not use Arquillian? + +The focus of Arquillian is to create tests for applications that are abstracted from the server details. iTests are the opposite -- we're testing the server itself and cannot do that while also abstracting ourselves from the server. + +It's the job of an iTest to manipulate the server exactly the way users would and assert that the user experience is what we want it to be. Some examples: + +- If we tell users, "throw this file in this directory and it should work", there is ideally an itest that sets up a server, puts that file in the directory and asserts it does in fact work. +- If we tell a user, "turn on debug logging and you should see these details", there is ideally an itest that tries this and asserts the expected debug messages do show up. +- If we tell a user, "set this flag to X and it should enable Y behavior", ideally there is an itest that not only tests the behavior when the flag is enabled, but tests the behavior when the flag is not enabled and possibly even tests the error handling when the flag is set to an invalid value. + +We're not testing applications, we're testing the server. We don't want to be abstracted from the server and we don't any magic plumbing like Arquillian's adapters, deployment code or local/remote testing code. Arquillian is an awesome hammer, but this problem is not a nail. It solves a different problem. + +## Why no dependencies on internals? + +While we do not want to be abstracted from the server, we still want to limit ourselves to using the server the way users would use it. We should not touch any internal API that is forbidden or off-limits to users. iTests should only use server features that are supported and considered user-facing. Should users be using the code in openejb-core? No, they should not, so neither should itests. Remember, when you're writing an itest the code inside the server is not "our" code -- you n [...] + +Not only is this good for ensuring the user experience always works as expected, it also means we can theoretically throw alway all the existing TomEE code, rewrite it entirely and verify user's applications and configuration file's still work. There are advantages to testing strictly from the user's perspective and not digging into guts like unit tests do. If we wanted to do something large and aggressive like cut the size of the server in half, the itests should continue to work with [...] + +A good itest should work even if the server is entirely rewritten.
[tomee] branch TOMEE-4050 updated (876bf3b9e1 -> 7da859bfb7)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch TOMEE-4050 in repository https://gitbox.apache.org/repos/asf/tomee.git from 876bf3b9e1 Initialization and retry tests for CachingSupplier Required for TOMEE-4050: Retry and Refresh for MP JWT keys supplied via HTTP add 063c801690 Refresh tests and logging for CachingSupplier Required for TOMEE-4050: Retry and Refresh for MP JWT keys supplied via HTTP add 7da859bfb7 TOMEE-4050: Retry and Refresh for MP JWT keys supplied via HTTP Error handling and integration testing still incomplete No new revisions were added by this update. Summary of changes: .../org/apache/openejb/util/CachedSupplier.java| 67 +-- .../main/java/org/apache/openejb/util/Logger.java | 3 + .../apache/openejb/util/CachedSupplierTest.java| 193 - docs/microprofile/jwt.adoc | 116 + ...nTest.java => PublicKeyLocationCachedTest.java} | 23 +-- .../apache/tomee/microprofile/jwt/MPJWTFilter.java | 21 ++- .../jwt/config/JWTAuthConfiguration.java | 32 +--- .../jwt/config/JWTAuthConfigurationProperties.java | 156 +++-- 8 files changed, 546 insertions(+), 65 deletions(-) create mode 100644 docs/microprofile/jwt.adoc copy itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/{PublicKeyLocationTest.java => PublicKeyLocationCachedTest.java} (91%)
[tomee] 02/03: Prototype CachingSupplier required for TOMEE-4050: Retry and Refresh for MP JWT keys supplied via HTTP
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch TOMEE-4050 in repository https://gitbox.apache.org/repos/asf/tomee.git commit 6e201ba5085a696aa3c0b0d8cd7af1790de73caa Author: David Blevins AuthorDate: Wed Sep 21 18:51:16 2022 -0700 Prototype CachingSupplier required for TOMEE-4050: Retry and Refresh for MP JWT keys supplied via HTTP --- .../org/apache/openejb/util/CachedSupplier.java| 237 + .../java/org/apache/openejb/util/Duration.java | 14 ++ .../apache/openejb/util/CachedSupplierTest.java| 112 ++ .../java/org/apache/openejb/util/DurationTest.java | 17 ++ 4 files changed, 380 insertions(+) diff --git a/container/openejb-core/src/main/java/org/apache/openejb/util/CachedSupplier.java b/container/openejb-core/src/main/java/org/apache/openejb/util/CachedSupplier.java new file mode 100644 index 00..8eec3d6444 --- /dev/null +++ b/container/openejb-core/src/main/java/org/apache/openejb/util/CachedSupplier.java @@ -0,0 +1,237 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.openejb.util; + +import java.util.Objects; +import java.util.concurrent.CountDownLatch; +import java.util.concurrent.Executors; +import java.util.concurrent.ScheduledExecutorService; +import java.util.concurrent.ThreadFactory; +import java.util.concurrent.TimeUnit; +import java.util.concurrent.atomic.AtomicReference; +import java.util.function.Supplier; + +public class CachedSupplier implements Supplier { + +private final Duration initialRetryDelay; +private final Duration maxRetryDelay; +private final Duration accessTimeout; +private final Duration refreshInterval; +private final Supplier supplier; + +private final AtomicReference value = new AtomicReference<>(); +private final AtomicReference> accessor = new AtomicReference<>(); +private final ScheduledExecutorService executor = Executors.newSingleThreadScheduledExecutor(new DaemonThreadFactory()); + +private CachedSupplier(final Supplier supplier, final Duration initialRetryDelay, + final Duration maxRetryDelay, final Duration accessTimeout, + final Duration refreshInterval) { + +Objects.requireNonNull(supplier, "supplier"); +Objects.requireNonNull(initialRetryDelay, "initialRetryDelay"); +Objects.requireNonNull(maxRetryDelay, "maxRetryDelay"); +Objects.requireNonNull(accessTimeout, "accessTimeout"); +Objects.requireNonNull(refreshInterval, "refreshInterval"); + +this.supplier = supplier; +this.initialRetryDelay = initialRetryDelay; +this.maxRetryDelay = maxRetryDelay; +this.accessTimeout = accessTimeout; +this.refreshInterval = refreshInterval; + +/* + * This must be last as it starts running code + * that uses the above settings + */ +this.accessor.set(new BlockTillInitialized()); +} + +@Override +public T get() { +final Accessor accessor = this.accessor.get(); +return accessor.get(); +} + +public interface Accessor { +T get(); +} + +class BlockTillInitialized implements Accessor { +final CountDownLatch initialized = new CountDownLatch(1); + +public BlockTillInitialized() { +executor.execute(new Initialize(1, initialRetryDelay)); +} + +@Override +public T get() { +try { +initialized.await(accessTimeout.getTime(), accessTimeout.getUnit()); +return value.get(); +} catch (InterruptedException e) { +throw new TimeoutException(); +} +} + +class Initialize implements Runnable { +final int attempts; +final Duration delay; + +public Initialize(final int attempts, final Duration delay) { +this.attempts = attempts; +this.delay = delay; +} + +public Initialize retry() { +if (delay.great
[tomee] branch TOMEE-4050 created (now 876bf3b9e1)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch TOMEE-4050 in repository https://gitbox.apache.org/repos/asf/tomee.git at 876bf3b9e1 Initialization and retry tests for CachingSupplier Required for TOMEE-4050: Retry and Refresh for MP JWT keys supplied via HTTP This branch includes the following new commits: new 5e943d37fb Add greater/less operations on Duration new 6e201ba508 Prototype CachingSupplier required for TOMEE-4050: Retry and Refresh for MP JWT keys supplied via HTTP new 876bf3b9e1 Initialization and retry tests for CachingSupplier Required for TOMEE-4050: Retry and Refresh for MP JWT keys supplied via HTTP The 3 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
[tomee] 01/03: Add greater/less operations on Duration
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch TOMEE-4050 in repository https://gitbox.apache.org/repos/asf/tomee.git commit 5e943d37fb26f971391c7fe9afe2d392f5b30cae Author: David Blevins AuthorDate: Wed Sep 21 13:48:03 2022 -0700 Add greater/less operations on Duration --- .../java/org/apache/openejb/util/Duration.java | 21 +++ .../java/org/apache/openejb/util/DurationTest.java | 65 ++ 2 files changed, 86 insertions(+) diff --git a/container/openejb-core/src/main/java/org/apache/openejb/util/Duration.java b/container/openejb-core/src/main/java/org/apache/openejb/util/Duration.java index f028a16327..dd7b1c6af4 100644 --- a/container/openejb-core/src/main/java/org/apache/openejb/util/Duration.java +++ b/container/openejb-core/src/main/java/org/apache/openejb/util/Duration.java @@ -115,6 +115,7 @@ public class Duration { this.unit = unit; } + private static final class Normalize { private final long a; private final long b; @@ -168,6 +169,26 @@ public class Duration { return new Duration(n.a - n.b, n.base); } +public boolean greaterThan(final Duration that) { +final Normalize n = new Normalize(this, that); +return n.a > n.b; +} + +public boolean greaterOrEqualTo(final Duration that) { +final Normalize n = new Normalize(this, that); +return n.a >= n.b; +} + +public boolean lessThan(final Duration that) { +final Normalize n = new Normalize(this, that); +return n.a < n.b; +} + +public boolean lessOrEqualTo(final Duration that) { +final Normalize n = new Normalize(this, that); +return n.a <= n.b; +} + public static Duration parse(final String text) { return new Duration(text); } diff --git a/container/openejb-core/src/test/java/org/apache/openejb/util/DurationTest.java b/container/openejb-core/src/test/java/org/apache/openejb/util/DurationTest.java index 2713c0d270..4f370dbac0 100644 --- a/container/openejb-core/src/test/java/org/apache/openejb/util/DurationTest.java +++ b/container/openejb-core/src/test/java/org/apache/openejb/util/DurationTest.java @@ -20,6 +20,7 @@ import junit.framework.TestCase; import static java.util.concurrent.TimeUnit.MICROSECONDS; import static java.util.concurrent.TimeUnit.MILLISECONDS; +import static java.util.concurrent.TimeUnit.MINUTES; import static java.util.concurrent.TimeUnit.NANOSECONDS; import static java.util.concurrent.TimeUnit.SECONDS; @@ -75,4 +76,68 @@ public class DurationTest extends TestCase { assertEquals(new Duration(125, SECONDS), Duration.parse("2 minutes and 5 seconds")); } + +public void testAdd() { +final Duration a = new Duration(1, SECONDS); +final Duration b = new Duration(1, MINUTES); + + +final Duration c = a.add(b); +assertEquals(c.getUnit(), SECONDS); +assertEquals(c.getTime(), 61); + +final Duration d = b.add(a); +assertEquals(d.getUnit(), SECONDS); +assertEquals(d.getTime(), 61); +} + +public void testSubtract() { +final Duration a = new Duration(1, SECONDS); +final Duration b = new Duration(1, MINUTES); + + +final Duration c = a.subtract(b); +assertEquals(c.getUnit(), SECONDS); +assertEquals(c.getTime(), -59); + +final Duration d = b.subtract(a); +assertEquals(d.getUnit(), SECONDS); +assertEquals(d.getTime(), 59); +} + +public void testGreaterThan() { +final Duration a = new Duration(1, SECONDS); +final Duration b = new Duration(1, MINUTES); + +assertFalse(a.greaterThan(b)); +assertFalse(a.greaterThan(a)); +assertTrue(b.greaterThan(a)); +} + +public void testLessThan() { +final Duration a = new Duration(1, SECONDS); +final Duration b = new Duration(1, MINUTES); + +assertTrue(a.lessThan(b)); +assertFalse(a.lessThan(a)); +assertFalse(b.lessThan(a)); +} + +public void testGreaterOrEqual() { +final Duration a = new Duration(1, SECONDS); +final Duration b = new Duration(1, MINUTES); + +assertFalse(a.greaterOrEqualTo(b)); +assertTrue(a.greaterOrEqualTo(a)); +assertTrue(b.greaterOrEqualTo(a)); +} + +public void testLessOrEqual() { +final Duration a = new Duration(1, SECONDS); +final Duration b = new Duration(1, MINUTES); + +assertTrue(a.lessOrEqualTo(b)); +assertTrue(a.lessOrEqualTo(a)); +assertFalse(b.lessOrEqualTo(a)); +} }
[tomee] 03/03: Initialization and retry tests for CachingSupplier Required for TOMEE-4050: Retry and Refresh for MP JWT keys supplied via HTTP
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch TOMEE-4050 in repository https://gitbox.apache.org/repos/asf/tomee.git commit 876bf3b9e123e485a1a3488e8de5e1bed0e000dc Author: David Blevins AuthorDate: Thu Sep 22 18:50:16 2022 -0700 Initialization and retry tests for CachingSupplier Required for TOMEE-4050: Retry and Refresh for MP JWT keys supplied via HTTP --- .../org/apache/openejb/util/CachedSupplier.java| 6 +- .../apache/openejb/util/CachedSupplierTest.java| 410 - 2 files changed, 411 insertions(+), 5 deletions(-) diff --git a/container/openejb-core/src/main/java/org/apache/openejb/util/CachedSupplier.java b/container/openejb-core/src/main/java/org/apache/openejb/util/CachedSupplier.java index 8eec3d6444..45a47e8a35 100644 --- a/container/openejb-core/src/main/java/org/apache/openejb/util/CachedSupplier.java +++ b/container/openejb-core/src/main/java/org/apache/openejb/util/CachedSupplier.java @@ -80,8 +80,10 @@ public class CachedSupplier implements Supplier { @Override public T get() { try { -initialized.await(accessTimeout.getTime(), accessTimeout.getUnit()); -return value.get(); +if (initialized.await(accessTimeout.getTime(), accessTimeout.getUnit())){ +return value.get(); +} +throw new TimeoutException(); } catch (InterruptedException e) { throw new TimeoutException(); } diff --git a/container/openejb-core/src/test/java/org/apache/openejb/util/CachedSupplierTest.java b/container/openejb-core/src/test/java/org/apache/openejb/util/CachedSupplierTest.java index e179bc3acc..ecac615047 100644 --- a/container/openejb-core/src/test/java/org/apache/openejb/util/CachedSupplierTest.java +++ b/container/openejb-core/src/test/java/org/apache/openejb/util/CachedSupplierTest.java @@ -18,9 +18,23 @@ package org.apache.openejb.util; import org.junit.Test; +import java.util.Objects; +import java.util.concurrent.CountDownLatch; +import java.util.concurrent.Executor; +import java.util.concurrent.Executors; +import java.util.concurrent.TimeUnit; import java.util.concurrent.atomic.AtomicInteger; +import java.util.function.Supplier; +import java.util.stream.Stream; -import static org.junit.Assert.*; +import static java.util.concurrent.TimeUnit.MILLISECONDS; +import static java.util.concurrent.TimeUnit.MINUTES; +import static java.util.concurrent.TimeUnit.NANOSECONDS; +import static java.util.concurrent.TimeUnit.SECONDS; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; public class CachedSupplierTest { @@ -34,6 +48,17 @@ public class CachedSupplierTest { */ @Test public void happyPath() { +final AtomicInteger count = new AtomicInteger(); +final Supplier supplier = count::incrementAndGet; +final CachedSupplier cached = CachedSupplier.of(supplier); + +Runner.threads(100) +.run(() -> assertEquals(1, (int) cached.get())) +.assertNoExceptions() +.assertTimesLessThan(5, MILLISECONDS); + +// Assert the supplier was not called more than once +assertEquals(1, count.get()); } /** @@ -43,6 +68,32 @@ public class CachedSupplierTest { */ @Test public void delayedInitialization() { +final CountDownLatch causeSomeDelays = new CountDownLatch(1); +final AtomicInteger count = new AtomicInteger(); +final Supplier supplier = () -> { +await(causeSomeDelays); +sleep(111); +return count.incrementAndGet(); +}; +final CachedSupplier cached = CachedSupplier.of(supplier); + +final Runner runner = Runner.threads(100); + +// Run and expect at least 100 ms of delays +runner.pre(causeSomeDelays::countDown) +.run(() -> assertEquals(1, (int) cached.get())) +.assertNoExceptions() +.assertTimesGreaterThan(100, MILLISECONDS) +.assertTimesLessThan(200, MILLISECONDS); + +// Everything is cached now, so runs should be quick +runner.pre(null) +.run(() -> assertEquals(1, (int) cached.get())) +.assertNoExceptions() +.assertTimesLessThan(5, MILLISECONDS); + +// Assert the supplier was not called more than once +assertEquals(1, count.get()); } /** @@ -53,7 +104,51 @@ public class CachedSupplierTest { * or any blocking. */ @Test -public void delayedInitializationTimeout() { +public void delayedInitializationTimeout() throws InterruptedException { +final CountDownLatch causeSomeDelays = new CountDownLatch(1); +
[tomee] branch main updated: Tests for all supported signature algorithms
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git The following commit(s) were added to refs/heads/main by this push: new a65f782ee4 Tests for all supported signature algorithms new b8b130132d Merge branch 'main' of github.com:apache/tomee into main a65f782ee4 is described below commit a65f782ee417e8c6e37e38046f44d1c5a7a25b29 Author: David Blevins AuthorDate: Fri Sep 16 15:02:38 2022 -0700 Tests for all supported signature algorithms --- .../jwt/itest/SignatureAlgorithmsTest.java | 155 + .../tomee/microprofile/jwt/itest/Tokens.java | 41 -- 2 files changed, 186 insertions(+), 10 deletions(-) diff --git a/itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/SignatureAlgorithmsTest.java b/itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/SignatureAlgorithmsTest.java new file mode 100644 index 00..7a1d4c87f8 --- /dev/null +++ b/itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/SignatureAlgorithmsTest.java @@ -0,0 +1,155 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +package org.apache.tomee.microprofile.jwt.itest; + +import jakarta.annotation.security.RolesAllowed; +import jakarta.enterprise.context.RequestScoped; +import jakarta.json.Json; +import jakarta.json.JsonObject; +import jakarta.json.JsonReader; +import jakarta.ws.rs.ApplicationPath; +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.GET; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.Application; +import jakarta.ws.rs.core.MediaType; +import jakarta.ws.rs.core.Response; +import org.apache.cxf.feature.LoggingFeature; +import org.apache.cxf.jaxrs.client.WebClient; +import org.apache.johnzon.jaxrs.JohnzonProvider; +import org.apache.tomee.server.composer.Archive; +import org.apache.tomee.server.composer.TomEE; +import org.eclipse.microprofile.auth.LoginConfig; +import org.junit.Test; + +import java.io.ByteArrayInputStream; +import java.io.File; +import java.net.URL; +import java.util.Base64; + +import static java.util.Collections.singletonList; +import static org.junit.Assert.assertEquals; + +public class SignatureAlgorithmsTest { + +@Test +public void rs256() throws Exception { +assertAlgorithm("RS256", Tokens.rsa(2048, 256)); +} + +@Test +public void rs384() throws Exception { +assertAlgorithm("RS384", Tokens.rsa(2048, 384)); +} + +@Test +public void rs512() throws Exception { +assertAlgorithm("RS512", Tokens.rsa(2048, 512)); +} + +@Test +public void es256() throws Exception { +assertAlgorithm("ES256", Tokens.ec("secp256r1", 256)); +} + +public void assertAlgorithm(final String alg, final Tokens tokens) throws Exception { +final File appJar = Archive.archive() +.add(SignatureAlgorithmsTest.class) +.add(ColorService.class) +.add(Api.class) +.add("META-INF/microprofile-config.properties", "#\n" + +"mp.jwt.verify.publickey=" + Base64.getEncoder().encodeToString(tokens.getPublicKey().getEncoded())) +.asJar(); + +final TomEE tomee = TomEE.microprofile() +.add("webapps/test/WEB-INF/beans.xml", "") +.add("webapps/test/WEB-INF/lib/app.jar", appJar) +//.update() +.build(); + +final WebClient webClient = createWebClient(tomee.toURI().resolve("/test").toURL()); + +final String claims = "{" + +" \"sub\":\"Jane Awesome\"," + +" \"iss\":\"https://server.example.com\",; + +" \"groups\":[\"manager\",\"user\"]," + +" \"jti\":\"uB3r7zOr\"," + +
[tomee] branch main updated: TOMEE-4046 MP JWT 2.1 mp.jwt.decrypt.key.algorithm support
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git The following commit(s) were added to refs/heads/main by this push: new 2fd5c701d2 TOMEE-4046 MP JWT 2.1 mp.jwt.decrypt.key.algorithm support new 9766103c0a Merge branch 'main' of github.com:apache/tomee into main 2fd5c701d2 is described below commit 2fd5c701d270e60d1d2ca9fd5afb2833bb5f837e Author: David Blevins AuthorDate: Wed Sep 14 18:20:38 2022 -0700 TOMEE-4046 MP JWT 2.1 mp.jwt.decrypt.key.algorithm support --- .../apache/tomee/microprofile/jwt/MPJWTFilter.java | 45 +++- .../jwt/config/JWTAuthConfiguration.java | 48 +- .../jwt/config/JWTAuthConfigurationProperties.java | 4 +- 3 files changed, 74 insertions(+), 23 deletions(-) diff --git a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java index da951b974c..8793823770 100644 --- a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java +++ b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java @@ -44,6 +44,7 @@ import org.apache.tomee.microprofile.jwt.principal.JWTCallerPrincipal; import org.eclipse.microprofile.jwt.Claims; import org.eclipse.microprofile.jwt.JsonWebToken; import org.jose4j.jwa.AlgorithmConstraints; +import org.jose4j.jwe.KeyManagementAlgorithmIdentifiers; import org.jose4j.jwk.JsonWebKey; import org.jose4j.jws.AlgorithmIdentifiers; import org.jose4j.jwt.JwtClaims; @@ -377,16 +378,39 @@ public class MPJWTFilter implements Filter { try { final JwtConsumerBuilder builder = new JwtConsumerBuilder() .setRelaxVerificationKeyValidation() -.setRequireSubject() -.setJwsAlgorithmConstraints( -new AlgorithmConstraints(AlgorithmConstraints.ConstraintType.WHITELIST, -AlgorithmIdentifiers.RSA_USING_SHA256, -AlgorithmIdentifiers.RSA_USING_SHA384, -AlgorithmIdentifiers.RSA_USING_SHA512, - AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256, - AlgorithmIdentifiers.ECDSA_USING_P384_CURVE_AND_SHA384, - AlgorithmIdentifiers.ECDSA_USING_P521_CURVE_AND_SHA512 -)); +.setRequireSubject(); + +if (authContextInfo.getSignatureAlgorithm() != null) { +builder.setJwsAlgorithmConstraints( +new AlgorithmConstraints(AlgorithmConstraints.ConstraintType.PERMIT, +authContextInfo.getSignatureAlgorithm() +)); +} else { +builder.setJwsAlgorithmConstraints( +new AlgorithmConstraints(AlgorithmConstraints.ConstraintType.PERMIT, +AlgorithmIdentifiers.RSA_USING_SHA256, +AlgorithmIdentifiers.RSA_USING_SHA384, +AlgorithmIdentifiers.RSA_USING_SHA512, + AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256, + AlgorithmIdentifiers.ECDSA_USING_P384_CURVE_AND_SHA384, + AlgorithmIdentifiers.ECDSA_USING_P521_CURVE_AND_SHA512 +)); +} + +if (authContextInfo.getDecryptAlgorithm() != null) { + builder.setJweAlgorithmConstraints(AlgorithmConstraints.ConstraintType.PERMIT, +authContextInfo.getDecryptAlgorithm() +); +} else { + builder.setJweAlgorithmConstraints(AlgorithmConstraints.ConstraintType.PERMIT, +KeyManagementAlgorithmIdentifiers.RSA_OAEP, +KeyManagementAlgorithmIdentifiers.RSA_OAEP_256, +KeyManagementAlgorithmIdentifiers.ECDH_ES, +KeyManagementAlgorithmIdentifiers.ECDH_ES_A128KW, +KeyManagementAlgorithmIdentifiers.ECDH_ES_A192KW, +KeyManagementAlgorithmIdentifiers.ECDH_ES_A256KW +); +} if (authContextInfo.getAudiences().length > 0) { builder.setExpectedAudience(true, authContextInfo.getAudiences()); @@ -422,7 +446,6 @@ public class MPJWTFilter implements Filter { } - final JwtConsumer jwtConsumer = builder.build(); fi
[tomee] branch main updated: TOMEE-4043 Remove support for JWTAuthConfiguration API
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git The following commit(s) were added to refs/heads/main by this push: new cbeebe6478 TOMEE-4043 Remove support for JWTAuthConfiguration API cbeebe6478 is described below commit cbeebe6478933582d97e0b495e82f07279787d74 Author: David Blevins AuthorDate: Tue Sep 13 09:09:33 2022 -0700 TOMEE-4043 Remove support for JWTAuthConfiguration API --- examples/mp-rest-jwt/README.adoc | 329 - examples/mp-rest-jwt/README_es.adoc| 328 examples/mp-rest-jwt/README_pt.adoc| 318 examples/mp-rest-jwt/pom.xml | 199 - .../src/main/java/org/superbiz/moviefun/Movie.java | 70 - .../java/org/superbiz/moviefun/MoviesBean.java | 61 .../superbiz/moviefun/rest/ApplicationConfig.java | 28 -- .../rest/MoviesMPJWTConfigurationProvider.java | 56 .../org/superbiz/moviefun/rest/MoviesRest.java | 77 - .../java/org/superbiz/moviefun/MoviesTest.java | 132 - .../java/org/superbiz/moviefun/TokenUtils.java | 257 .../test/resources/META-INF/application-client.xml | 19 -- .../mp-rest-jwt/src/test/resources/Token1.json | 17 -- .../mp-rest-jwt/src/test/resources/Token2.json | 14 - .../mp-rest-jwt/src/test/resources/arquillian.xml | 32 -- .../mp-rest-jwt/src/test/resources/privateKey.pem | 28 -- .../mp-rest-jwt/src/test/resources/publicKey.pem | 9 - examples/pom.xml | 1 - 18 files changed, 1975 deletions(-) diff --git a/examples/mp-rest-jwt/README.adoc b/examples/mp-rest-jwt/README.adoc deleted file mode 100644 index 231ef6818b..00 --- a/examples/mp-rest-jwt/README.adoc +++ /dev/null @@ -1,329 +0,0 @@ -= MicroProfile JWT -:index-group: MicroProfile -:jbake-type: page -:jbake-status: published - -This is a basic example on how to configure and use MicroProfile JWT in -TomEE. - -== Run the tests for different scenarios related with JWT validation - -[source,java] - -mvn clean test - - -== Configuration in TomEE - -The class `MoviesMPJWTConfigurationProvider.java` provides to TomEE the -figuration need it for JWT validation. - -[source,java] - -package org.superbiz.moviefun.rest; - -import org.apache.tomee.microprofile.jwt.config.JWTAuthContextInfo; - -import jakarta.enterprise.context.Dependent; -import jakarta.enterprise.inject.Produces; -import java.security.KeyFactory; -import java.security.NoSuchAlgorithmException; -import java.security.interfaces.RSAPublicKey; -import java.security.spec.InvalidKeySpecException; -import java.security.spec.X509EncodedKeySpec; -import java.util.Base64; -import java.util.Optional; - -@Dependent -public class MoviesMPJWTConfigurationProvider { - -@Produces -Optional getOptionalContextInfo() throws NoSuchAlgorithmException, InvalidKeySpecException { -JWTAuthContextInfo contextInfo = new JWTAuthContextInfo(); - -// todo use MP Config to load the configuration -contextInfo.setIssuedBy("https://server.example.com;); - -final String pemEncoded = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlivFI8qB4D0y2jy0CfEq" + - "Fyy46R0o7S8TKpsx5xbHKoU1VWg6QkQm+ntyIv1p4kE1sPEQO73+HY8+Bzs75XwR" + - "TYL1BmR1w8J5hmjVWjc6R2BTBGAYRPFRhor3kpM6ni2SPmNNhurEAHw7TaqszP5e" + - "UF/F9+KEBWkwVta+PZ37bwqSE4sCb1soZFrVz/UT/LF4tYpuVYt3YbqToZ3pZOZ9" + - "AX2o1GCG3xwOjkc4x0W7ezbQZdC9iftPxVHR8irOijJRRjcPDtA6vPKpzLl6CyYn" + - "sIYPd99ltwxTHjr3npfv/3Lw50bAkbT4HeLFxTx4flEoZLKO/g0bAoV2uqBhkA9x" + -"nQIDAQAB"; -byte[] encodedBytes = Base64.getDecoder().decode(pemEncoded); - -final X509EncodedKeySpec spec = new X509EncodedKeySpec(encodedBytes); -final KeyFactory kf = KeyFactory.getInstance("RSA"); -final RSAPublicKey pk = (RSAPublicKey) kf.generatePublic(spec); - -contextInfo.setSignerKey(pk); - -return Optional.of(contextInfo); -} - -@Produces -JWTAuthContextInfo getContextInfo() throws InvalidKeySpecException, NoSuchAlgorithmException { -return getOptionalContextInfo().get(); -} -} - - -== Use MicroProfile JWT in TomEE - -The JAX-RS resource `MoviesRest.java` contains several endpoint that are -secured using the standard annotation `@RolesAllowed`. MicroProfile JWT -takes care of performing the validation for incoming requests with -`Authorization` header providing a signed `Access Token` - -[source,java] - - package org.superbiz.moviefun.rest; - - import org.superbiz.moviefun.Movie; - import org.superbiz.moviefun.MoviesBean; - - import jakarta.annotation.security.R
[tomee] branch main updated: Clean dead code and begin TOMEE-4043 Remove support for JWTAuthConfiguration API
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git The following commit(s) were added to refs/heads/main by this push: new 81bf08aced Clean dead code and begin TOMEE-4043 Remove support for JWTAuthConfiguration API 81bf08aced is described below commit 81bf08aced1a83440d68012c7711952d49da4f33 Author: David Blevins AuthorDate: Mon Sep 12 18:49:57 2022 -0700 Clean dead code and begin TOMEE-4043 Remove support for JWTAuthConfiguration API --- .../microprofile/jwt/JsonWebTokenValidator.java| 175 --- .../jwt/config/JWTAuthConfiguration.java | 54 + .../jwt/JsonWebTokenValidatorTest.java | 49 - .../jwt/bval/ValidationConstraintsTest.java| 244 - 4 files changed, 1 insertion(+), 521 deletions(-) diff --git a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/JsonWebTokenValidator.java b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/JsonWebTokenValidator.java deleted file mode 100644 index 2178832bc2..00 --- a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/JsonWebTokenValidator.java +++ /dev/null @@ -1,175 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.tomee.microprofile.jwt; - -import org.apache.openejb.util.Logger; -import org.apache.tomee.microprofile.jwt.config.JWTAuthConfiguration; -import org.apache.tomee.microprofile.jwt.config.KeyResolver; -import org.apache.tomee.microprofile.jwt.principal.JWTCallerPrincipal; -import org.eclipse.microprofile.jwt.Claims; -import org.eclipse.microprofile.jwt.JsonWebToken; -import org.jose4j.jwa.AlgorithmConstraints; -import org.jose4j.jwk.JsonWebKey; -import org.jose4j.jws.AlgorithmIdentifiers; -import org.jose4j.jwt.JwtClaims; -import org.jose4j.jwt.MalformedClaimException; -import org.jose4j.jwt.NumericDate; -import org.jose4j.jwt.consumer.InvalidJwtException; -import org.jose4j.jwt.consumer.JwtConsumer; -import org.jose4j.jwt.consumer.JwtConsumerBuilder; -import org.jose4j.jwt.consumer.JwtContext; -import org.jose4j.keys.resolvers.JwksVerificationKeyResolver; - -import java.security.Key; -import java.util.List; -import java.util.Map; -import java.util.function.Predicate; - -public class JsonWebTokenValidator { - -private static final Logger VALIDATION = Logger.getInstance(JWTLogCategories.CONSTRAINT, JsonWebTokenValidator.class); - -private final Predicate validation; -private final Key verificationKey; -private final Map verificationKeys; -private final String issuer; -private boolean allowNoExpiryClaim = false; - -public JsonWebTokenValidator(final Predicate validation, final Key verificationKey, final String issuer, final Map verificationKeys, final boolean allowNoExpiryClaim) { -this.validation = validation; -this.verificationKey = verificationKey; -this.verificationKeys = verificationKeys; -this.issuer = issuer; -this.allowNoExpiryClaim = allowNoExpiryClaim; -} - -public JsonWebToken validate(final String token) throws ParseException { -final JWTAuthConfiguration authConfiguration = verificationKey != null ? JWTAuthConfiguration.authConfiguration(verificationKey, issuer, allowNoExpiryClaim) : JWTAuthConfiguration.authConfiguration(verificationKeys, issuer, allowNoExpiryClaim); -JWTCallerPrincipal principal; - -try { -final JwtConsumerBuilder builder = new JwtConsumerBuilder() -.setRelaxVerificationKeyValidation() -.setRequireSubject() -.setSkipDefaultAudienceValidation() -.setJwsAlgorithmConstraints( -new AlgorithmConstraints(AlgorithmConstraints.ConstraintType.WHITELIST, -AlgorithmIdentifiers.RSA_USING_SHA256, -AlgorithmIdentifiers.RSA_USING_SHA384, -AlgorithmIdentifiers.RSA_USING_SHA512 -)); - -if (authConfiguration
[tomee] branch main updated: iTest coverage for TOMEE-2517
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git The following commit(s) were added to refs/heads/main by this push: new c419971d4c iTest coverage for TOMEE-2517 c419971d4c is described below commit c419971d4c70d4bac9fa94fe5c7abeb07e231581 Author: David Blevins AuthorDate: Mon Sep 12 18:16:58 2022 -0700 iTest coverage for TOMEE-2517 --- .../tomee/microprofile/jwt/itest/Output.java | 49 +++ .../jwt/itest/bval/ValidationConstraintsTest.java | 469 + 2 files changed, 518 insertions(+) diff --git a/itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/Output.java b/itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/Output.java new file mode 100644 index 00..67d83af77f --- /dev/null +++ b/itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/Output.java @@ -0,0 +1,49 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.tomee.microprofile.jwt.itest; + +import java.util.ArrayList; +import java.util.List; +import java.util.Optional; + +import static org.junit.Assert.assertTrue; + +public class Output { +private final List output = new ArrayList<>(); + +public void add(final String line) { +this.output.add(line); +} + +public Output assertPresent(final String s) { +final Optional actual = output.stream() +.filter(line -> line.contains(s)) +.findFirst(); + +assertTrue(actual.isPresent()); +return this; +} + +public Output assertNotPresent(final String s) { +final Optional actual = output.stream() +.filter(line -> line.contains(s)) +.findFirst(); + +assertTrue(!actual.isPresent()); +return this; +} +} diff --git a/itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/bval/ValidationConstraintsTest.java b/itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/bval/ValidationConstraintsTest.java new file mode 100644 index 00..7f047f4576 --- /dev/null +++ b/itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/bval/ValidationConstraintsTest.java @@ -0,0 +1,469 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +package org.apache.tomee.microprofile.jwt.itest.bval; + +import jakarta.enterprise.context.RequestScoped; +import jakarta.validation.ConstraintValidator; +import jakarta.validation.ConstraintValidatorContext; +import jakarta.validation.Payload; +import jakarta.ws.rs.ApplicationPath; +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.GET; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.Application; +import jakarta.ws.rs.core.MediaType; +import jakarta.ws.rs.core.Response; +import org.apache.cxf.feature.LoggingFeature; +import org.apache.cxf.jaxrs.client.WebClient; +import org.apache.johnzon.jaxrs.JohnzonProvider; +import org.apache.tomee.microprofile.jwt.itest.Output; +import org.apache.tomee.microprofile.jwt.itest.Tokens; +import org.apache.tomee.server.composer.Archive; +import org.apache.tomee.server.composer.TomEE; +import org.eclipse.microprofile.auth.LoginConfi
[tomee] branch main updated: TOMEE-3948 Reject signed JWTs when decryption key is configured
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git The following commit(s) were added to refs/heads/main by this push: new e2dec101e7 TOMEE-3948 Reject signed JWTs when decryption key is configured e2dec101e7 is described below commit e2dec101e7a38629e9bfb8d70b9568ca6d18d8aa Author: David Blevins AuthorDate: Fri Sep 9 20:17:25 2022 -0700 TOMEE-3948 Reject signed JWTs when decryption key is configured --- .../src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java | 3 +++ 1 file changed, 3 insertions(+) diff --git a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java index 23b086f3e0..da951b974c 100644 --- a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java +++ b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java @@ -415,11 +415,14 @@ public class MPJWTFilter implements Filter { if (authContextInfo.getDecryptKeys().size() == 1) { final Key decryptionKey = authContextInfo.getDecryptKeys().values().iterator().next(); builder.setDecryptionKey(decryptionKey); +builder.setEnableRequireEncryption(); } else if (authContextInfo.getDecryptKeys().size() > 1) { builder.setDecryptionKeyResolver(new JwksDecryptionKeyResolver(asJwks(authContextInfo.getDecryptKeys(; +builder.setEnableRequireEncryption(); } + final JwtConsumer jwtConsumer = builder.build(); final JwtContext jwtContext = jwtConsumer.process(token); final String type = jwtContext.getJoseObjects().get(0).getHeader("typ");
[tomee] branch main updated: TOMEE-3950 Support for JWT token cookies
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git The following commit(s) were added to refs/heads/main by this push: new f53be6f4fb TOMEE-3950 Support for JWT token cookies new e07945cb7f Merge branch 'main' of github.com:apache/tomee into main f53be6f4fb is described below commit f53be6f4fb6d0b26ad84a50ab4c00d609fcf72a6 Author: David Blevins AuthorDate: Fri Sep 9 19:32:14 2022 -0700 TOMEE-3950 Support for JWT token cookies --- .../apache/tomee/microprofile/jwt/MPJWTFilter.java | 63 ++ .../jwt/config/JWTAuthConfiguration.java | 11 +++- .../jwt/config/JWTAuthConfigurationProperties.java | 11 +++- 3 files changed, 72 insertions(+), 13 deletions(-) diff --git a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java index adee42c135..23b086f3e0 100644 --- a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java +++ b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java @@ -25,6 +25,7 @@ import jakarta.servlet.FilterConfig; import jakarta.servlet.ServletException; import jakarta.servlet.ServletRequest; import jakarta.servlet.ServletResponse; +import jakarta.servlet.http.Cookie; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletRequestWrapper; import jakarta.servlet.http.HttpServletResponse; @@ -71,6 +72,7 @@ import java.util.concurrent.Callable; import java.util.function.Function; import java.util.function.Supplier; import java.util.stream.Collectors; +import java.util.stream.Stream; // async is supported because we only need to do work on the way in //@WebFilter(asyncSupported = true, urlPatterns = "/*") @@ -243,6 +245,25 @@ public class MPJWTFilter implements Filter { } } +private static class MissingTokenCookieException extends MPJWTException { + +private final String cookieName; + +public MissingTokenCookieException(final String authorizationHeader) { +this.cookieName = authorizationHeader; +} + +@Override +public int getStatus() { +return HttpServletResponse.SC_UNAUTHORIZED; +} + +@Override +public String getMessage() { +return String.format("Cookie of name '%s' holding a JWT was not found.", cookieName); +} +} + private static class InvalidTokenException extends MPJWTException { private final String token; @@ -293,17 +314,39 @@ public class MPJWTFilter implements Filter { } final String headerName = jwtAuthConfiguration.getHeaderName(); -final String authorizationHeader = httpServletRequest.getHeader(headerName); -if (authorizationHeader == null || authorizationHeader.isEmpty()) { -throw new MissingAuthorizationHeaderException(); -} +final String token; + +if ("cookie".equals(headerName)) { +final String cookieName = jwtAuthConfiguration.getCookieName(); + +if (httpServletRequest.getCookies() == null) { +throw new MissingTokenCookieException(cookieName); +} + +final Cookie tokenCookie = Stream.of(httpServletRequest.getCookies()) +.filter(cookie -> cookieName.equals(cookie.getName().toLowerCase())) +.findFirst() +.orElse(null); + +if (tokenCookie == null) { +throw new MissingTokenCookieException(cookieName); +} -final String headerScheme = (jwtAuthConfiguration.getHeaderScheme() + " ").toLowerCase(Locale.ENGLISH); -if (headerScheme.trim().length() > 0 && !authorizationHeader.toLowerCase(Locale.ENGLISH).startsWith(headerScheme)) { -throw new BadAuthorizationPrefixException(authorizationHeader); +token = tokenCookie.getValue(); +} else { +final String authorizationHeader = httpServletRequest.getHeader(headerName); +if (authorizationHeader == null || authorizationHeader.isEmpty()) { +throw new MissingAuthorizationHeaderException(); +} + +final String headerScheme = (jwtAuthConfiguration.getHeaderScheme() + " ").toLowerCase(Locale.ENGLISH); +if (headerScheme.trim().length() > 0 && !authorizationHeader.toLowerCase(Locale.ENGLISH).startsWith(headerScheme)) { +throw new BadAuthorizationPrefixException(authorizationHeader); +} + +token = authorizationHeader.substring(headerScheme.length());
[tomee] 01/03: Tests for public key resolution
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git commit 9f1f46b61edb5710e6e93afc9ed09b912146f567 Author: David Blevins AuthorDate: Thu Sep 8 19:18:27 2022 -0700 Tests for public key resolution --- .../tomee/microprofile/jwt/CurveAsserts.java | 52 +++ .../apache/tomee/microprofile/jwt/KeyAsserts.java | 54 +++ .../jwt/config/PublicKeyResolverTest.java | 78 ++ 3 files changed, 184 insertions(+) diff --git a/mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/CurveAsserts.java b/mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/CurveAsserts.java new file mode 100644 index 00..9de1e8734f --- /dev/null +++ b/mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/CurveAsserts.java @@ -0,0 +1,52 @@ +/* + * Copyright 2021 Tomitribe and community + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.tomee.microprofile.jwt; + + +import io.churchkey.shade.util.Hex; + +import java.math.BigInteger; +import java.security.spec.ECFieldF2m; +import java.security.spec.ECFieldFp; +import java.security.spec.ECParameterSpec; + +import static org.junit.Assert.assertEquals; + +public class CurveAsserts { + +public static void assertParamSpec(final ECParameterSpec expected, final ECParameterSpec actual) { +assertEquals(expected.getCofactor(), actual.getCofactor()); +assertBigInt(expected.getOrder(), actual.getOrder()); +assertBigInt(expected.getCurve().getA(), actual.getCurve().getA()); +assertBigInt(expected.getCurve().getB(), actual.getCurve().getB()); +assertBigInt(expected.getGenerator().getAffineX(), actual.getGenerator().getAffineX()); +assertBigInt(expected.getGenerator().getAffineY(), actual.getGenerator().getAffineY()); + +if (expected.getCurve().getField() instanceof ECFieldFp) { +assertBigInt(((ECFieldFp) expected.getCurve().getField()).getP(), ((ECFieldFp) actual.getCurve().getField()).getP()); +} +if (expected.getCurve().getField() instanceof ECFieldF2m) { +assertBigInt(((ECFieldF2m) expected.getCurve().getField()).getReductionPolynomial(), ((ECFieldF2m) actual.getCurve().getField()).getReductionPolynomial()); +} + +} + +public static void assertBigInt(final BigInteger expected, final BigInteger actual) { +final String e1 = Hex.toString(expected.toByteArray()).replaceFirst("^00", ""); +final String a1 = Hex.toString(actual.toByteArray()).replaceFirst("^00", ""); +assertEquals(e1, a1); +} +} diff --git a/mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/KeyAsserts.java b/mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/KeyAsserts.java new file mode 100644 index 00..5ff253a457 --- /dev/null +++ b/mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/KeyAsserts.java @@ -0,0 +1,54 @@ +package org.apache.tomee.microprofile.jwt; + + +import java.security.interfaces.DSAPrivateKey; +import java.security.interfaces.DSAPublicKey; +import java.security.interfaces.ECPrivateKey; +import java.security.interfaces.ECPublicKey; +import java.security.interfaces.RSAPrivateCrtKey; +import java.security.interfaces.RSAPublicKey; + +import static org.junit.Assert.assertEquals; + +public class KeyAsserts { +public static void assertRsaPrivateKey(final RSAPrivateCrtKey expected, final RSAPrivateCrtKey actual) { +assertEquals(expected.getPublicExponent(), actual.getPublicExponent()); +assertEquals(expected.getCrtCoefficient(), actual.getCrtCoefficient()); +assertEquals(expected.getPrimeExponentP(), actual.getPrimeExponentP()); +assertEquals(expected.getPrimeExponentQ(), actual.getPrimeExponentQ()); +assertEquals(expected.getPrimeP(), actual.getPrimeP()); +assertEquals(expected.getPrimeQ(), actual.getPrimeQ()); +assertEquals(expected.getPrivateExponent(), actual.getPrivateExponent()); +assertEquals(expected.getModulus(), actual.getModulus()); +} + +public static void assertRsaPublicKey(final RSAPublicKey expected, final RSAPublicKey actual) { +assertEquals(expected.getPublicExponent(), actual.getPublicExponent()); +assertEquals(expected.getModulus(), actual.getModulus())
[tomee] 03/03: TOMEE-3948 Decryption of JWTs using RSA-OAEP and A256GCM algorithms
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git commit ab6e17dc8f0ea6d875c7107e1f39861b9dabf853 Author: David Blevins AuthorDate: Fri Sep 9 09:20:39 2022 -0700 TOMEE-3948 Decryption of JWTs using RSA-OAEP and A256GCM algorithms --- .../microprofile/jwt/JsonWebTokenValidator.java| 2 +- .../apache/tomee/microprofile/jwt/MPJWTFilter.java | 36 --- .../jwt/config/JWTAuthConfiguration.java | 40 ++ .../jwt/config/JWTAuthConfigurationProperties.java | 10 -- 4 files changed, 66 insertions(+), 22 deletions(-) diff --git a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/JsonWebTokenValidator.java b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/JsonWebTokenValidator.java index a0caf6d096..2178832bc2 100644 --- a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/JsonWebTokenValidator.java +++ b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/JsonWebTokenValidator.java @@ -85,7 +85,7 @@ public class JsonWebTokenValidator { if (authConfiguration.isSingleKey()) { builder.setVerificationKey(authConfiguration.getPublicKey()); } else { -builder.setVerificationKeyResolver(new JwksVerificationKeyResolver(authConfiguration.getPublicKeys())); +builder.setVerificationKeyResolver(new JwksVerificationKeyResolver(authConfiguration.getPublicKeysJwk())); } final JwtConsumer jwtConsumer = builder.build(); diff --git a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java index c9f7c5049c..adee42c135 100644 --- a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java +++ b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java @@ -17,6 +17,7 @@ package org.apache.tomee.microprofile.jwt; import jakarta.enterprise.inject.Instance; +import jakarta.enterprise.inject.spi.DeploymentException; import jakarta.inject.Inject; import jakarta.servlet.Filter; import jakarta.servlet.FilterChain; @@ -42,6 +43,7 @@ import org.apache.tomee.microprofile.jwt.principal.JWTCallerPrincipal; import org.eclipse.microprofile.jwt.Claims; import org.eclipse.microprofile.jwt.JsonWebToken; import org.jose4j.jwa.AlgorithmConstraints; +import org.jose4j.jwk.JsonWebKey; import org.jose4j.jws.AlgorithmIdentifiers; import org.jose4j.jwt.JwtClaims; import org.jose4j.jwt.MalformedClaimException; @@ -50,14 +52,19 @@ import org.jose4j.jwt.consumer.InvalidJwtException; import org.jose4j.jwt.consumer.JwtConsumer; import org.jose4j.jwt.consumer.JwtConsumerBuilder; import org.jose4j.jwt.consumer.JwtContext; +import org.jose4j.keys.resolvers.JwksDecryptionKeyResolver; import org.jose4j.keys.resolvers.JwksVerificationKeyResolver; +import org.jose4j.lang.JoseException; import javax.security.auth.Subject; import java.io.IOException; +import java.security.Key; import java.security.Principal; import java.util.Collections; import java.util.LinkedHashSet; +import java.util.List; import java.util.Locale; +import java.util.Map; import java.util.Optional; import java.util.Set; import java.util.concurrent.Callable; @@ -277,7 +284,6 @@ public class MPJWTFilter implements Filter { this.jwtAuthConfiguration = authContextInfo; } - public JsonWebToken validate(final HttpServletRequest request) { // not sure it's worth having synchronization inside a single request @@ -357,12 +363,20 @@ public class MPJWTFilter implements Filter { builder.setEvaluationTime(NumericDate.fromSeconds(0)); } -if (authContextInfo.isSingleKey()) { +if (authContextInfo.getPublicKeys().size() == 1) { builder.setVerificationKey(authContextInfo.getPublicKey()); -} else { -builder.setVerificationKeyResolver(new JwksVerificationKeyResolver(authContextInfo.getPublicKeys())); +} else if (authContextInfo.getPublicKeys().size() > 1) { +builder.setVerificationKeyResolver(new JwksVerificationKeyResolver(asJwks(authContextInfo.getPublicKeys(; } +if (authContextInfo.getDecryptKeys().size() == 1){ +final Key decryptionKey = authContextInfo.getDecryptKeys().values().iterator().next(); +builder.setDecryptionKey(decryptionKey); +} else if (authContextInfo.getDecryptKeys().size() > 1) { +builder.setDecryptionKeyResolver(new JwksDecryptionKeyResolver(asJwks(authContextInfo.getDecryptKeys(; +} + + final JwtConsumer jwtConsumer = builder.build(); final JwtC
[tomee] 02/03: Parsing for private decrypt keys
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git commit b682e9c48f0702e640bfd72bdc130fb449a65e9e Author: David Blevins AuthorDate: Thu Sep 8 20:08:25 2022 -0700 Parsing for private decrypt keys --- .../microprofile/jwt/JsonWebTokenValidator.java| 4 +- .../jwt/config/JWTAuthConfigurationProperties.java | 2 +- .../{PublicKeyResolver.java => KeyResolver.java} | 40 -- .../microprofile/jwt/config/KeyResolverTest.java | 153 + .../jwt/config/PublicKeyResolverTest.java | 78 --- 5 files changed, 187 insertions(+), 90 deletions(-) diff --git a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/JsonWebTokenValidator.java b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/JsonWebTokenValidator.java index 40d2eec817..a0caf6d096 100644 --- a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/JsonWebTokenValidator.java +++ b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/JsonWebTokenValidator.java @@ -18,7 +18,7 @@ package org.apache.tomee.microprofile.jwt; import org.apache.openejb.util.Logger; import org.apache.tomee.microprofile.jwt.config.JWTAuthConfiguration; -import org.apache.tomee.microprofile.jwt.config.PublicKeyResolver; +import org.apache.tomee.microprofile.jwt.config.KeyResolver; import org.apache.tomee.microprofile.jwt.principal.JWTCallerPrincipal; import org.eclipse.microprofile.jwt.Claims; import org.eclipse.microprofile.jwt.JsonWebToken; @@ -136,7 +136,7 @@ public class JsonWebTokenValidator { } public Builder publicKey(final String keyContent) { -final Map keys = new PublicKeyResolver().readPublicKeys(keyContent); +final Map keys = new KeyResolver().readPublicKeys(keyContent); final Map.Entry key = keys.entrySet().iterator().next(); return verificationKey(key.getValue()); } diff --git a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/JWTAuthConfigurationProperties.java b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/JWTAuthConfigurationProperties.java index f5255bb428..1697c92c7e 100644 --- a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/JWTAuthConfigurationProperties.java +++ b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/JWTAuthConfigurationProperties.java @@ -92,7 +92,7 @@ public class JWTAuthConfigurationProperties { final Optional publicKeyLocation = getPublicKeyLocation(); final List audiences = getAudiences(); -final Map keys = new PublicKeyResolver().resolve(publicKeyContents, publicKeyLocation).orElse(null); +final Map keys = new KeyResolver().resolvePublicKey(publicKeyContents, publicKeyLocation).orElse(null); final Boolean allowNoExp = config.getOptionalValue("mp.jwt.tomee.allow.no-exp", Boolean.class).orElse(false); return JWTAuthConfiguration.authConfiguration(keys, getIssuer().orElse(null), allowNoExp, audiences.toArray(new String[0])); diff --git a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/PublicKeyResolver.java b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/KeyResolver.java similarity index 79% rename from mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/PublicKeyResolver.java rename to mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/KeyResolver.java index a32e669473..d9e73bfd7b 100644 --- a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/PublicKeyResolver.java +++ b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/KeyResolver.java @@ -17,7 +17,6 @@ package org.apache.tomee.microprofile.jwt.config; import io.churchkey.Keys; -import io.churchkey.util.Pem; import jakarta.enterprise.inject.spi.DeploymentException; import org.apache.openejb.loader.IO; @@ -31,18 +30,28 @@ import java.util.HashMap; import java.util.List; import java.util.Map; import java.util.Optional; +import java.util.function.Consumer; import java.util.function.Supplier; import java.util.stream.Stream; import static io.churchkey.Key.Type.PRIVATE; +import static io.churchkey.Key.Type.PUBLIC; import static io.churchkey.Key.Type.SECRET; -public class PublicKeyResolver { +public class KeyResolver { -public Optional> resolve(final Optional publicKeyContents, final Optional publicKeyLocation) { +public Optional> resolvePublicKey(final Optional keyContents, final Optional keyLocation) { +return resolve(keyContents, keyLocation, this::validatePublicKeys); +} + +public Optional> resolveDecryptKey(final Optional keyContents, final Optional keyLocation) { +return resolve(keyContents, keyLocation, this::validateDecryptKeys); +} + +private Optional> resolve(final Optional publicKeyContents, final Optional publicKey
[tomee] branch main updated (28e9a390cd -> ab6e17dc8f)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git from 28e9a390cd TOMEE-4001 - Upgrade Tomcat to 10.0.23 new 9f1f46b61e Tests for public key resolution new b682e9c48f Parsing for private decrypt keys new ab6e17dc8f TOMEE-3948 Decryption of JWTs using RSA-OAEP and A256GCM algorithms The 3 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: .../microprofile/jwt/JsonWebTokenValidator.java| 6 +- .../apache/tomee/microprofile/jwt/MPJWTFilter.java | 36 - .../jwt/config/JWTAuthConfiguration.java | 40 -- .../jwt/config/JWTAuthConfigurationProperties.java | 10 +- .../{PublicKeyResolver.java => KeyResolver.java} | 40 -- .../tomee/microprofile/jwt/CurveAsserts.java | 52 +++ .../apache/tomee/microprofile/jwt/KeyAsserts.java | 54 .../microprofile/jwt/config/KeyResolverTest.java | 153 + 8 files changed, 358 insertions(+), 33 deletions(-) rename mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/{PublicKeyResolver.java => KeyResolver.java} (79%) create mode 100644 mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/CurveAsserts.java create mode 100644 mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/KeyAsserts.java create mode 100644 mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/config/KeyResolverTest.java
[tomee] 01/02: TOMEE-3949 Support for JWT audience aud claim
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git commit 183e88fd1ee4bb751c5eaea7b358ef7cd7895781 Author: David Blevins AuthorDate: Wed Aug 31 15:43:34 2022 -0700 TOMEE-3949 Support for JWT audience aud claim --- .../apache/tomee/microprofile/jwt/MPJWTFilter.java | 38 -- .../jwt/config/JWTAuthConfiguration.java | 19 --- .../jwt/config/JWTAuthConfigurationProperties.java | 17 +++--- 3 files changed, 49 insertions(+), 25 deletions(-) diff --git a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java index 3ded1ff31b..c9f7c5049c 100644 --- a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java +++ b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java @@ -16,7 +16,20 @@ */ package org.apache.tomee.microprofile.jwt; -import org.apache.commons.lang3.Validate; +import jakarta.enterprise.inject.Instance; +import jakarta.inject.Inject; +import jakarta.servlet.Filter; +import jakarta.servlet.FilterChain; +import jakarta.servlet.FilterConfig; +import jakarta.servlet.ServletException; +import jakarta.servlet.ServletRequest; +import jakarta.servlet.ServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletRequestWrapper; +import jakarta.servlet.http.HttpServletResponse; +import jakarta.ws.rs.core.Response; +import jakarta.ws.rs.ext.ExceptionMapper; +import jakarta.ws.rs.ext.Provider; import org.apache.openejb.loader.SystemInstance; import org.apache.openejb.spi.SecurityService; import org.apache.openejb.util.Logger; @@ -39,21 +52,7 @@ import org.jose4j.jwt.consumer.JwtConsumerBuilder; import org.jose4j.jwt.consumer.JwtContext; import org.jose4j.keys.resolvers.JwksVerificationKeyResolver; -import jakarta.enterprise.inject.Instance; -import jakarta.inject.Inject; import javax.security.auth.Subject; -import jakarta.servlet.Filter; -import jakarta.servlet.FilterChain; -import jakarta.servlet.FilterConfig; -import jakarta.servlet.ServletException; -import jakarta.servlet.ServletRequest; -import jakarta.servlet.ServletResponse; -import jakarta.servlet.http.HttpServletRequest; -import jakarta.servlet.http.HttpServletRequestWrapper; -import jakarta.servlet.http.HttpServletResponse; -import jakarta.ws.rs.core.Response; -import jakarta.ws.rs.ext.ExceptionMapper; -import jakarta.ws.rs.ext.Provider; import java.io.IOException; import java.security.Principal; import java.util.Collections; @@ -294,7 +293,7 @@ public class MPJWTFilter implements Filter { } final String headerScheme = (jwtAuthConfiguration.getHeaderScheme() + " ").toLowerCase(Locale.ENGLISH); -if (headerScheme.trim().length() > 0 && !authorizationHeader.toLowerCase(Locale.ENGLISH).startsWith(headerScheme)) { +if (headerScheme.trim().length() > 0 && !authorizationHeader.toLowerCase(Locale.ENGLISH).startsWith(headerScheme)) { throw new BadAuthorizationPrefixException(authorizationHeader); } @@ -330,7 +329,6 @@ public class MPJWTFilter implements Filter { final JwtConsumerBuilder builder = new JwtConsumerBuilder() .setRelaxVerificationKeyValidation() .setRequireSubject() -.setSkipDefaultAudienceValidation() .setJwsAlgorithmConstraints( new AlgorithmConstraints(AlgorithmConstraints.ConstraintType.WHITELIST, AlgorithmIdentifiers.RSA_USING_SHA256, @@ -341,6 +339,12 @@ public class MPJWTFilter implements Filter { AlgorithmIdentifiers.ECDSA_USING_P521_CURVE_AND_SHA512 )); +if (authContextInfo.getAudiences().length > 0) { +builder.setExpectedAudience(true, authContextInfo.getAudiences()); +} else { +builder.setSkipDefaultAudienceValidation(); +} + if (!authContextInfo.isAllowNoExpiryClaim()) { builder.setRequireExpirationTime(); } diff --git a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/JWTAuthConfiguration.java b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/JWTAuthConfiguration.java index 7a9fae68d9..eec7fc4180 100644 --- a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/JWTAuthConfiguration.java +++ b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/JWTAuthConfiguration.java @@ -34,19 +34,21 @@ public class JWTAuthConfiguration { public static final String DEFAULT_KEY = "DEFAULT"; private Ma
[tomee] 02/02: Fix NPE when there are no public keys specified
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git commit 698ccda9fbe1c9dfd4f8d2d13958ba80acfc3a3b Author: David Blevins AuthorDate: Wed Aug 31 16:17:33 2022 -0700 Fix NPE when there are no public keys specified --- .../apache/tomee/microprofile/jwt/config/JWTAuthConfiguration.java| 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/JWTAuthConfiguration.java b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/JWTAuthConfiguration.java index eec7fc4180..930e9d7f23 100644 --- a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/JWTAuthConfiguration.java +++ b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/JWTAuthConfiguration.java @@ -49,7 +49,9 @@ public class JWTAuthConfiguration { } private JWTAuthConfiguration(final Map publicKeys, final String issuer, final boolean allowNoExpiryClaim, final String[] audiences) { -if (publicKeys.size() == 1) { +if (publicKeys == null) { +this.publicKeys = Collections.EMPTY_MAP; +} else if (publicKeys.size() == 1) { final Key singleKey = publicKeys.values().iterator().next(); this.publicKeys = Collections.singletonMap(DEFAULT_KEY, singleKey); } else {
[tomee] branch main updated (27ba03dc9a -> 698ccda9fb)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git from 27ba03dc9a TOMEE-3947 Elliptic Curve ES256 signature algorithm new 183e88fd1e TOMEE-3949 Support for JWT audience aud claim new 698ccda9fb Fix NPE when there are no public keys specified The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: .../apache/tomee/microprofile/jwt/MPJWTFilter.java | 38 -- .../jwt/config/JWTAuthConfiguration.java | 23 ++--- .../jwt/config/JWTAuthConfigurationProperties.java | 17 +++--- 3 files changed, 52 insertions(+), 26 deletions(-)
[tomee] 02/02: TOMEE-3947 Elliptic Curve ES256 signature algorithm
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git commit 27ba03dc9a46d4775eb160add4cb77902db6898c Author: David Blevins AuthorDate: Tue Aug 30 13:43:28 2022 -0700 TOMEE-3947 Elliptic Curve ES256 signature algorithm --- boms/tomee-microprofile/pom.xml| 11 + boms/tomee-plume/pom.xml | 11 + boms/tomee-plus/pom.xml| 11 + .../jwt/itest/PublicKeyLocationTest.java | 1 + mp-jwt/pom.xml | 5 + .../apache/tomee/microprofile/jwt/MPJWTFilter.java | 5 +- .../jwt/config/JWTAuthConfigurationProperties.java | 17 +- .../microprofile/jwt/config/PublicKeyResolver.java | 228 ++--- pom.xml| 2 +- 9 files changed, 109 insertions(+), 182 deletions(-) diff --git a/boms/tomee-microprofile/pom.xml b/boms/tomee-microprofile/pom.xml index 4af267bce1..996d744a03 100644 --- a/boms/tomee-microprofile/pom.xml +++ b/boms/tomee-microprofile/pom.xml @@ -210,6 +210,17 @@ + + io.churchkey + churchkey + 1.22 + + + * + * + + + io.opentracing.contrib opentracing-concurrent diff --git a/boms/tomee-plume/pom.xml b/boms/tomee-plume/pom.xml index f4a48441b8..247953c7e2 100644 --- a/boms/tomee-plume/pom.xml +++ b/boms/tomee-plume/pom.xml @@ -221,6 +221,17 @@ + + io.churchkey + churchkey + 1.22 + + + * + * + + + io.opentracing.contrib opentracing-concurrent diff --git a/boms/tomee-plus/pom.xml b/boms/tomee-plus/pom.xml index 51e84ce84b..91e16806b6 100644 --- a/boms/tomee-plus/pom.xml +++ b/boms/tomee-plus/pom.xml @@ -232,6 +232,17 @@ + + io.churchkey + churchkey + 1.22 + + + * + * + + + io.opentracing.contrib opentracing-concurrent diff --git a/itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/PublicKeyLocationTest.java b/itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/PublicKeyLocationTest.java index 4cd49c1e87..453bf1686f 100644 --- a/itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/PublicKeyLocationTest.java +++ b/itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/PublicKeyLocationTest.java @@ -82,6 +82,7 @@ public class PublicKeyLocationTest { .asJar(); final TomEE tomee = TomEE.microprofile() +//.update() .add("webapps/test/WEB-INF/beans.xml", "") .add("webapps/test/WEB-INF/lib/app.jar", appJar) .build(); diff --git a/mp-jwt/pom.xml b/mp-jwt/pom.xml index cad40a98d7..183868b28d 100644 --- a/mp-jwt/pom.xml +++ b/mp-jwt/pom.xml @@ -84,6 +84,11 @@ jose4j 0.7.9 + + io.churchkey + churchkey + 1.22 + junit junit diff --git a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java index ea6a1de6eb..3ded1ff31b 100644 --- a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java +++ b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/MPJWTFilter.java @@ -335,7 +335,10 @@ public class MPJWTFilter implements Filter { new AlgorithmConstraints(AlgorithmConstraints.ConstraintType.WHITELIST, AlgorithmIdentifiers.RSA_USING_SHA256, AlgorithmIdentifiers.RSA_USING_SHA384, -AlgorithmIdentifiers.RSA_USING_SHA512 +AlgorithmIdentifiers.RSA_USING_SHA512, + AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256, + AlgorithmIdentifiers.ECDSA_USING_P384_CURVE_AND_SHA384, + AlgorithmIdentifiers.ECDSA_USING_P521_CURVE_AND_SHA512 )); if (!authContextInfo.isAllowNoExpiryClaim()) { diff --git a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/JWTAuthConfigurationProperties.java b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/JWTAuthConfigurationProperties.java index 47050a6885..87a8350d6b 100644 --- a/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/JWTAuthConfigurationProperties.java +++ b/mp-jwt/src/main/java/org/apache/tomee/microprofile/jwt/config/JWTAuthConfigurationPr
[tomee] branch main updated (d4d9d9916d -> 27ba03dc9a)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git from d4d9d9916d Merge branch 'main' of github.com:apache/tomee into main new 3f3524bee3 All tests now use standard MP-JWT config. Vendor-specific config no longer needed. new 27ba03dc9a TOMEE-3947 Elliptic Curve ES256 signature algorithm The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: boms/tomee-microprofile/pom.xml| 11 + boms/tomee-plume/pom.xml | 11 + boms/tomee-plus/pom.xml| 11 + .../jwt/itest/PublicKeyLocationTest.java | 1 + mp-jwt/pom.xml | 5 + .../apache/tomee/microprofile/jwt/MPJWTFilter.java | 5 +- .../jwt/config/JWTAuthConfigurationProperties.java | 17 +- .../microprofile/jwt/config/PublicKeyResolver.java | 228 ++--- pom.xml| 2 +- .../tck/jwt/JWTAuthContextInfoProvider.java| 56 - .../jwt/MicroProfileJWTTCKArchiveProcessor.java| 35 +--- .../tck/jwt/jwk/PublicKeyAsJWKSTest.java | 85 12 files changed, 119 insertions(+), 348 deletions(-) delete mode 100644 tck/microprofile-tck/jwt/src/test/java/org/apache/tomee/microprofile/tck/jwt/JWTAuthContextInfoProvider.java delete mode 100644 tck/microprofile-tck/jwt/src/test/java/org/apache/tomee/microprofile/tck/jwt/jwk/PublicKeyAsJWKSTest.java
[tomee] 01/02: All tests now use standard MP-JWT config. Vendor-specific config no longer needed.
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git commit 3f3524bee3b64a049bbc39b8b4ca2de547a25b57 Author: David Blevins AuthorDate: Tue Aug 30 07:05:22 2022 -0700 All tests now use standard MP-JWT config. Vendor-specific config no longer needed. --- .../tck/jwt/JWTAuthContextInfoProvider.java| 56 -- .../jwt/MicroProfileJWTTCKArchiveProcessor.java| 35 +++-- .../tck/jwt/jwk/PublicKeyAsJWKSTest.java | 85 -- 3 files changed, 10 insertions(+), 166 deletions(-) diff --git a/tck/microprofile-tck/jwt/src/test/java/org/apache/tomee/microprofile/tck/jwt/JWTAuthContextInfoProvider.java b/tck/microprofile-tck/jwt/src/test/java/org/apache/tomee/microprofile/tck/jwt/JWTAuthContextInfoProvider.java deleted file mode 100644 index 4e3ddba4bf..00 --- a/tck/microprofile-tck/jwt/src/test/java/org/apache/tomee/microprofile/tck/jwt/JWTAuthContextInfoProvider.java +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - *http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.tomee.microprofile.tck.jwt; - -import org.apache.tomee.microprofile.jwt.config.JWTAuthConfiguration; - -import jakarta.enterprise.context.Dependent; -import jakarta.enterprise.inject.Produces; -import java.security.KeyFactory; -import java.security.NoSuchAlgorithmException; -import java.security.interfaces.RSAPublicKey; -import java.security.spec.InvalidKeySpecException; -import java.security.spec.X509EncodedKeySpec; -import java.util.Base64; -import java.util.Optional; - -@Dependent -public class JWTAuthContextInfoProvider { - -@Produces -Optional getOptionalContextInfo() throws NoSuchAlgorithmException, InvalidKeySpecException { -final String pemEncoded = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlivFI8qB4D0y2jy0CfEq" + - "Fyy46R0o7S8TKpsx5xbHKoU1VWg6QkQm+ntyIv1p4kE1sPEQO73+HY8+Bzs75XwR" + - "TYL1BmR1w8J5hmjVWjc6R2BTBGAYRPFRhor3kpM6ni2SPmNNhurEAHw7TaqszP5e" + - "UF/F9+KEBWkwVta+PZ37bwqSE4sCb1soZFrVz/UT/LF4tYpuVYt3YbqToZ3pZOZ9" + - "AX2o1GCG3xwOjkc4x0W7ezbQZdC9iftPxVHR8irOijJRRjcPDtA6vPKpzLl6CyYn" + - "sIYPd99ltwxTHjr3npfv/3Lw50bAkbT4HeLFxTx4flEoZLKO/g0bAoV2uqBhkA9x" + -"nQIDAQAB"; -byte[] encodedBytes = Base64.getDecoder().decode(pemEncoded); - -final X509EncodedKeySpec spec = new X509EncodedKeySpec(encodedBytes); -final KeyFactory kf = KeyFactory.getInstance("RSA"); -final RSAPublicKey pk = (RSAPublicKey) kf.generatePublic(spec); - -return Optional.of(JWTAuthConfiguration.authConfiguration(pk, "https://server.example.com;, false)); -} - -@Produces -JWTAuthConfiguration getContextInfo() throws InvalidKeySpecException, NoSuchAlgorithmException { -return getOptionalContextInfo().get(); -} -} diff --git a/tck/microprofile-tck/jwt/src/test/java/org/apache/tomee/microprofile/tck/jwt/MicroProfileJWTTCKArchiveProcessor.java b/tck/microprofile-tck/jwt/src/test/java/org/apache/tomee/microprofile/tck/jwt/MicroProfileJWTTCKArchiveProcessor.java index d156a589c4..c451d66b90 100644 --- a/tck/microprofile-tck/jwt/src/test/java/org/apache/tomee/microprofile/tck/jwt/MicroProfileJWTTCKArchiveProcessor.java +++ b/tck/microprofile-tck/jwt/src/test/java/org/apache/tomee/microprofile/tck/jwt/MicroProfileJWTTCKArchiveProcessor.java @@ -23,7 +23,16 @@ import org.apache.tomee.arquillian.remote.RemoteTomEEContainer; import org.apache.tomee.microprofile.tck.jwt.validation.ExpClaimAllowMissingExpValidationTest; import org.apache.tomee.microprofile.tck.jwt.validation.ExpClaimValidationTest; import org.eclipse.microprofile.jwt.tck.arquillian.BaseWarArchiveProcessor; -import org.eclipse.microprofile.jwt.tck.config.*; +import org.eclipse.microprofile.jwt.tck.config.IssValidationTest; +import org.eclipse.microprofile.jwt.tck.config.PublicKeyAsBase64JWKTest; +import org.eclipse.microprofile.jwt.tck.config.P
[tomee] branch main updated: Test JWT support when there are multiple public keys
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git The following commit(s) were added to refs/heads/main by this push: new 4d51465201 Test JWT support when there are multiple public keys new d4d9d9916d Merge branch 'main' of github.com:apache/tomee into main 4d51465201 is described below commit 4d51465201ca8a98446d76dbdfb1a5a6bf134504 Author: David Blevins AuthorDate: Sat Aug 27 13:34:58 2022 -0700 Test JWT support when there are multiple public keys --- .../microprofile/jwt/itest/MultipleKeysTest.java | 181 + .../tomee/microprofile/jwt/itest/Tokens.java | 31 +++- 2 files changed, 208 insertions(+), 4 deletions(-) diff --git a/itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/MultipleKeysTest.java b/itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/MultipleKeysTest.java new file mode 100644 index 00..b4cfe8303c --- /dev/null +++ b/itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/MultipleKeysTest.java @@ -0,0 +1,181 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +package org.apache.tomee.microprofile.jwt.itest; + +import io.churchkey.Key; +import io.churchkey.Keys; +import jakarta.annotation.security.RolesAllowed; +import jakarta.enterprise.context.RequestScoped; +import jakarta.ws.rs.ApplicationPath; +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.GET; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.Application; +import jakarta.ws.rs.core.MediaType; +import jakarta.ws.rs.core.Response; +import org.apache.cxf.feature.LoggingFeature; +import org.apache.cxf.jaxrs.client.WebClient; +import org.apache.johnzon.jaxrs.JohnzonProvider; +import org.apache.tomee.server.composer.Archive; +import org.apache.tomee.server.composer.TomEE; +import org.eclipse.microprofile.auth.LoginConfig; +import org.junit.Ignore; +import org.junit.Test; + +import java.io.File; +import java.net.URL; +import java.util.List; +import java.util.concurrent.atomic.AtomicInteger; +import java.util.stream.Collectors; +import java.util.stream.Stream; + +import static java.util.Collections.singletonList; +import static org.junit.Assert.assertEquals; + +public class MultipleKeysTest { + +@Test +public void jwksWithKid() throws Exception { +final Tokens[] tokens = { +Tokens.rsa(2048, 256, "orange-1"), +Tokens.rsa(2048, 256, "orange-2"), +Tokens.rsa(2048, 256, "orange-3"), +}; + +final List publicKeys = Stream.of(tokens) +.map(tokens1 -> { +final Key key = Keys.of(tokens1.getPublicKey()); +key.getAttributes().put("kid", tokens1.getId()); +return key; +}) +.collect(Collectors.toList()); + +final File appJar = Archive.archive() +.add(MultipleKeysTest.class) +.add(ColorService.class) +.add(Api.class) +.add("orange.jwks", Keys.encodeSet(publicKeys, Key.Format.JWK)) +.add("META-INF/microprofile-config.properties", "#\n" + +"mp.jwt.verify.publickey.location=orange.jwks") +.asJar(); + +final TomEE tomee = TomEE.microprofile() +//.debug(5005) +.add("webapps/test/WEB-INF/beans.xml", "") +.add("webapps/test/WEB-INF/lib/app.jar", appJar) +.build(); + +for (final Tokens token : tokens) { +assertVerification(token, tomee); +} +} + +@Ignore("TOMEE-4029") +@Test +public void jwks() throws Exception { +final Tokens[] tokens = { +Tokens.rsa(2048, 256), +Tokens.rsa(2048, 256), +Tokens.rsa(2048, 256), +}; + +final AtomicInteger kids =
[tomee] branch main updated: Explicitly test all MP-JWT key formats
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomee.git The following commit(s) were added to refs/heads/main by this push: new 0e090e6ac9 Explicitly test all MP-JWT key formats 0e090e6ac9 is described below commit 0e090e6ac9be1ec66bd3a9c086e90b403a4df489 Author: David Blevins AuthorDate: Fri Aug 26 14:26:02 2022 -0700 Explicitly test all MP-JWT key formats --- itests/microprofile-jwt-itests/pom.xml | 7 +- .../jwt/itest/PublicKeyFormatsTest.java| 168 + .../tomee/microprofile/jwt/itest/Tokens.java | 13 ++ 3 files changed, 187 insertions(+), 1 deletion(-) diff --git a/itests/microprofile-jwt-itests/pom.xml b/itests/microprofile-jwt-itests/pom.xml index c4a1d98453..bcd12e47db 100644 --- a/itests/microprofile-jwt-itests/pom.xml +++ b/itests/microprofile-jwt-itests/pom.xml @@ -88,7 +88,12 @@ ${tomee.version} test - + + io.churchkey + churchkey + 1.21 + test + junit junit diff --git a/itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/PublicKeyFormatsTest.java b/itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/PublicKeyFormatsTest.java new file mode 100644 index 00..32aabb095d --- /dev/null +++ b/itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/PublicKeyFormatsTest.java @@ -0,0 +1,168 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +package org.apache.tomee.microprofile.jwt.itest; + +import jakarta.annotation.security.RolesAllowed; +import jakarta.enterprise.context.RequestScoped; +import jakarta.ws.rs.ApplicationPath; +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.GET; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.Application; +import jakarta.ws.rs.core.MediaType; +import jakarta.ws.rs.core.Response; +import org.apache.cxf.feature.LoggingFeature; +import org.apache.cxf.jaxrs.client.WebClient; +import org.apache.johnzon.jaxrs.JohnzonProvider; +import org.apache.tomee.server.composer.Archive; +import org.apache.tomee.server.composer.TomEE; +import org.eclipse.microprofile.auth.LoginConfig; +import org.junit.Ignore; +import org.junit.Test; + +import java.io.File; +import java.net.URL; + +import static java.util.Collections.singletonList; +import static org.junit.Assert.assertEquals; + +public class PublicKeyFormatsTest { + +@Test +public void pkcs8Pem() throws Exception { +final Tokens tokens = Tokens.rsa(2048, 256); + +final File appJar = Archive.archive() +.add(PublicKeyFormatsTest.class) +.add(ColorService.class) +.add(Api.class) +.add("orange.pem", "-BEGIN PUBLIC KEY-\n" + +tokens.getEncodedPublicKey() + +"\n-END PUBLIC KEY-") +.add("META-INF/microprofile-config.properties", "#\n" + +"mp.jwt.verify.publickey.location=orange.pem") +.asJar(); + +final TomEE tomee = TomEE.microprofile() +.add("webapps/test/WEB-INF/beans.xml", "") +.add("webapps/test/WEB-INF/lib/app.jar", appJar) +.build(); + +assertVerification(tokens, tomee); +} + +@Test +public void jwk() throws Exception { +final Tokens tokens = Tokens.rsa(2048, 256); + +final File appJar = Archive.archive() +.add(PublicKeyFormatsTest.class) +.add(ColorService.class) +.add(Api.class) +.add("orange", tokens.getJwkPublicKey()) +.add("META-INF/microprofile-config.properties", "#\n" + +"mp.jwt.verify.publickey.location=orange") +.asJar(); + +final TomEE tomee = TomEE.microprofile() +.add("webapps/tes
[tomee] branch master updated: Update to mail api 1.0.0-M1
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomee.git The following commit(s) were added to refs/heads/master by this push: new 8f9a3e1a1f Update to mail api 1.0.0-M1 8f9a3e1a1f is described below commit 8f9a3e1a1fd072071c98b7fbb754044b0fcbdb7f Author: David Blevins AuthorDate: Mon May 23 11:36:29 2022 -0700 Update to mail api 1.0.0-M1 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 9ed4a32cac..fc8adcd690 100644 --- a/pom.xml +++ b/pom.xml @@ -107,7 +107,7 @@ We decided to add them here in the project so we can patch/update the 2 libraries without having to update and release the jakartaee-api.jar. Different lifecycle. --> - 1.0.0-SNAPSHOT +1.0.0-M1 1.0.0-SNAPSHOT
[tomee-jakartaee-api] branch master updated: Update activatio to 1.0.0-M1
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomee-jakartaee-api.git The following commit(s) were added to refs/heads/master by this push: new c5fc5cb Update activatio to 1.0.0-M1 c5fc5cb is described below commit c5fc5cb342b2af2da2a83d9f51586591423bb79d Author: David Blevins AuthorDate: Mon May 23 10:55:53 2022 -0700 Update activatio to 1.0.0-M1 --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 2c5536a..a0b38df 100644 --- a/pom.xml +++ b/pom.xml @@ -80,7 +80,7 @@ 10.0.21 - 1.0.0-SNAPSHOT + 1.0.0-M1 2.0.0 2.0.0
[tomee] 02/02: Test support for mp.jwt.verify.publickey.location
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomee.git commit 48f01d2e8d641f5296a54eecea8d8a30281e0882 Author: David Blevins AuthorDate: Fri May 13 21:38:29 2022 -0700 Test support for mp.jwt.verify.publickey.location --- .../jwt/itest/PublicKeyLocationTest.java | 199 + .../tomee/microprofile/jwt/itest/Tokens.java | 5 + 2 files changed, 204 insertions(+) diff --git a/itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/PublicKeyLocationTest.java b/itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/PublicKeyLocationTest.java new file mode 100644 index 00..4cd49c1e87 --- /dev/null +++ b/itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/PublicKeyLocationTest.java @@ -0,0 +1,199 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +package org.apache.tomee.microprofile.jwt.itest; + +import jakarta.annotation.security.RolesAllowed; +import jakarta.enterprise.context.RequestScoped; +import jakarta.ws.rs.ApplicationPath; +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.GET; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.Application; +import jakarta.ws.rs.core.MediaType; +import jakarta.ws.rs.core.Response; +import org.apache.cxf.feature.LoggingFeature; +import org.apache.cxf.jaxrs.client.WebClient; +import org.apache.johnzon.jaxrs.JohnzonProvider; +import org.apache.tomee.server.composer.Archive; +import org.apache.tomee.server.composer.TomEE; +import org.eclipse.microprofile.auth.LoginConfig; +import org.junit.Ignore; +import org.junit.Test; + +import java.io.File; +import java.net.URL; + +import static java.util.Collections.singletonList; +import static org.junit.Assert.assertEquals; + +public class PublicKeyLocationTest { + +@Ignore("TOMEE-3964") +@Test +public void relativePathOnDisk() throws Exception { +final Tokens tokens = Tokens.rsa(2048, 256); + +final File appJar = Archive.archive() +.add(PublicKeyLocationTest.class) +.add(ColorService.class) +.add(Api.class) +.add("META-INF/microprofile-config.properties", "#\n" + +"mp.jwt.verify.publickey.location=orange.pem") +.asJar(); + +final TomEE tomee = TomEE.microprofile() +.add("webapps/test/WEB-INF/beans.xml", "") +.add("webapps/test/WEB-INF/lib/app.jar", appJar) +.add("orange.pem", tokens.getEncodedPublicKey()) +//.update() +.build(); + +assertVerification(tokens, tomee); +} + +@Test +public void relativePathInApp() throws Exception { +final Tokens tokens = Tokens.rsa(2048, 256); + +final File appJar = Archive.archive() +.add(PublicKeyLocationTest.class) +.add(ColorService.class) +.add(Api.class) +.add("orange.pem", tokens.getEncodedPublicKey()) +.add("META-INF/microprofile-config.properties", "#\n" + +"mp.jwt.verify.publickey.location=orange.pem") +.asJar(); + +final TomEE tomee = TomEE.microprofile() +.add("webapps/test/WEB-INF/beans.xml", "") +.add("webapps/test/WEB-INF/lib/app.jar", appJar) +.build(); + +assertVerification(tokens, tomee); +} + +@Test +public void fileUrl() throws Exception { +final Tokens tokens = Tokens.rsa(2048, 256); + +final File dir = Archive.archive() +.add("orange.pem", tokens.getEncodedPublicKey()) +.toDir(); + +final File orangePem = new File(dir, "orange.pem"); + +final File appJar = Archive.archive() +.add(PublicKeyLocationTest.cl
[tomee] branch master updated (4e435e0d57 -> 48f01d2e8d)
This is an automated email from the ASF dual-hosted git repository. dblevins pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/tomee.git from 4e435e0d57 Use system line endings in GenerateBoms to reduce git status noise new 2694ff8f86 Reformat new 48f01d2e8d Test support for mp.jwt.verify.publickey.location The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: ...dClaimsTest.java => PublicKeyLocationTest.java} | 154 - .../tomee/microprofile/jwt/itest/Tokens.java | 13 +- 2 files changed, 103 insertions(+), 64 deletions(-) copy itests/microprofile-jwt-itests/src/test/java/org/apache/tomee/microprofile/jwt/itest/{MissingRequiredClaimsTest.java => PublicKeyLocationTest.java} (58%)