Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Extend type support on JWT claims #451

Closed
wants to merge 1 commit into from
Closed

Extend type support on JWT claims #451

wants to merge 1 commit into from

Conversation

rafaelmenta
Copy link
Contributor

Additional JWT claims now support more types other than String

Fixes #439

@rafaelmenta rafaelmenta requested a review from a team as a code owner July 24, 2020 17:12
@google-cla google-cla bot added the cla: yes This human has signed the Contributor License Agreement. label Jul 24, 2020
@elharo elharo added the kokoro:run Add this label to force Kokoro to re-run the tests. label Aug 4, 2020
@kokoro-team kokoro-team removed the kokoro:run Add this label to force Kokoro to re-run the tests. label Aug 4, 2020
elharo
elharo reviewed Aug 4, 2020
View reviewed changes
oauth2_http/java/com/google/auth/oauth2/JwtClaims.java Outdated Show resolved Hide resolved
oauth2_http/java/com/google/auth/oauth2/JwtClaims.java
*
* @param claims Map of claim objects to be validated
*/
private static boolean validateClaims(Map<String, ?> claims) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is interesting code. I wonder if there's a library for this somewhere?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I asked a fellow programmer friends who are more experience than me on Java before coming up with this and they didn't know of any.

I ultimately got inspired by the logic used on java-jwt though I wanted to provide a more robust support than that implementation.

Open to any suggestions you may have on how to improve this code!

oauth2_http/javatests/com/google/auth/oauth2/JwtClaimsTest.java Outdated Show resolved Hide resolved
elharo
elharo reviewed Aug 13, 2020
View reviewed changes
Copy link
Contributor

@elharo elharo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd like a SWE on the oauth team to review this.

oauth2_http/java/com/google/auth/oauth2/JwtClaims.java Outdated Show resolved Hide resolved
oauth2_http/javatests/com/google/auth/oauth2/JwtClaimsTest.java Outdated Show resolved Hide resolved
feat: Extend type support on JWT claims
6fba737 
Additional JWT claims now support more types other than String
@TimurSadykov TimurSadykov self-requested a review July 29, 2021 23:10
TimurSadykov
TimurSadykov requested changes Oct 5, 2021
View reviewed changes
oauth2_http/java/com/google/auth/oauth2/JwtClaims.java
* @param claims Map of claim objects to be validated
*/
private static boolean validateClaims(Map<String, ?> claims) {
if (!validateKeys(claims)) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it really required here given that the key type is explicitly defined as String?

oauth2_http/java/com/google/auth/oauth2/JwtClaims.java
* @param value object to be evaluated.
*/
private static final boolean isSupportedValue(Object value) {
Class clazz = value.getClass();
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we can remove this and pass into contains directly? since its trivial and not reused

oauth2_http/java/com/google/auth/oauth2/JwtClaims.java
@@ -68,10 +73,10 @@
*
* @return additional claims
*/
abstract Map<String, String> getAdditionalClaims();
abstract Map<String, ?> getAdditionalClaims();
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is a breaking change. It should be possible to keep the old one marked as Deprecated and calling this new signature internally

@TimurSadykov
Copy link
Member

Closing as outdated, feel free to reopen if actual again

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@elharo elharo elharo left review comments

@TimurSadykov TimurSadykov TimurSadykov requested changes

Assignees
No one assigned
Labels
cla: yes This human has signed the Contributor License Agreement.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Support Map as an additional claim on JWTClaim payload
4 participants
@rafaelmenta @TimurSadykov @elharo @kokoro-team