TOMEE-2515 MicroProfile JWT 1.1 Cleanup

classic Classic list List threaded Threaded
28 messages Options
12
Reply | Threaded
Open this post in threaded view
|

TOMEE-2515 MicroProfile JWT 1.1 Cleanup

David Blevins-2
Hey All,

I've opened a draft PR for some work-in-progress:

 - https://github.com/apache/tomee/pull/465

At this point I'm attempting to just clean up the MP-JWT code.  Wanted to get a few commits in to make sure I was serious before bugging anyone.  Looks like I'm finding the time.

I did a presentation in March using TomEE 8.0.0-M2 and generally found the user experience on JWT verification not very good.  It gives 401 with no indication of what went wrong, so it isn't clear on how to fix.

My goals currently:

 - simplify code as much as possible, delete anything non-critical: we can add it again if we really need it.
 
 - greatly expand testing of key conversion, etc.

 - improve logging

 - improve potential features

 - write documentation

Full disclosure, I'm giving a presentation again next week in Tokyo, so my windows to work in will get tight and there'll be some definite offline time.

I have kind of a fantasy about there being an actual M3 release in the next week.  I don't know if that's realistic :)



--
David Blevins
http://twitter.com/dblevins
http://www.tomitribe.com

Reply | Threaded
Open this post in threaded view
|

Re: TOMEE-2515 MicroProfile JWT 1.1 Cleanup

David Blevins-2
Early feedback is good, like "looks good so far".  As are ideas or suggestions like, "can you sneak x in while you're at it?"

Also someone could actually be documenting in parallel if they wanted to help.  Writing emails with short notes on what the code does is easy.  Making it all polished like documentation is the hard part.  If someone is looking for something to do, and wants to turn this thread into evolving document, you'd be my personal hero :)

I've never actually tried anything like that before, so would be a fun experiment :)


--
David Blevins
http://twitter.com/dblevins
http://www.tomitribe.com

> On May 6, 2019, at 8:54 PM, David Blevins <[hidden email]> wrote:
>
> Hey All,
>
> I've opened a draft PR for some work-in-progress:
>
> - https://github.com/apache/tomee/pull/465
>
> At this point I'm attempting to just clean up the MP-JWT code.  Wanted to get a few commits in to make sure I was serious before bugging anyone.  Looks like I'm finding the time.
>
> I did a presentation in March using TomEE 8.0.0-M2 and generally found the user experience on JWT verification not very good.  It gives 401 with no indication of what went wrong, so it isn't clear on how to fix.
>
> My goals currently:
>
> - simplify code as much as possible, delete anything non-critical: we can add it again if we really need it.
>
> - greatly expand testing of key conversion, etc.
>
> - improve logging
>
> - improve potential features
>
> - write documentation
>
> Full disclosure, I'm giving a presentation again next week in Tokyo, so my windows to work in will get tight and there'll be some definite offline time.
>
> I have kind of a fantasy about there being an actual M3 release in the next week.  I don't know if that's realistic :)
>
>
>
> --
> David Blevins
> http://twitter.com/dblevins
> http://www.tomitribe.com
>

Reply | Threaded
Open this post in threaded view
|

Re: TOMEE-2515 MicroProfile JWT 1.1 Cleanup

Jean-Louis MONTEIRO
Good, and happy to wait if you volunteer for the M3 release lol

Added a quick note this morning regarding this renaming


signerKeys could have become signingKeys or something else.
But using publicKeys with Key being an abstraction for a secret key or a public/private key, I'm not sure it's accurate.
Either you change the Key type to a subclass which is more specialized. Or we keep a more generic name.

That code is supposed to handle both symmetric and asymmetric algorithms, right?
If not, it should anyways in my opinion.

What do you think?



On Tue, May 7, 2019 at 6:03 AM David Blevins <[hidden email]> wrote:
Early feedback is good, like "looks good so far".  As are ideas or suggestions like, "can you sneak x in while you're at it?"

Also someone could actually be documenting in parallel if they wanted to help.  Writing emails with short notes on what the code does is easy.  Making it all polished like documentation is the hard part.  If someone is looking for something to do, and wants to turn this thread into evolving document, you'd be my personal hero :)

I've never actually tried anything like that before, so would be a fun experiment :)


--
David Blevins
http://twitter.com/dblevins
http://www.tomitribe.com

> On May 6, 2019, at 8:54 PM, David Blevins <[hidden email]> wrote:
>
> Hey All,
>
> I've opened a draft PR for some work-in-progress:
>
> - https://github.com/apache/tomee/pull/465
>
> At this point I'm attempting to just clean up the MP-JWT code.  Wanted to get a few commits in to make sure I was serious before bugging anyone.  Looks like I'm finding the time.
>
> I did a presentation in March using TomEE 8.0.0-M2 and generally found the user experience on JWT verification not very good.  It gives 401 with no indication of what went wrong, so it isn't clear on how to fix.
>
> My goals currently:
>
> - simplify code as much as possible, delete anything non-critical: we can add it again if we really need it.
>
> - greatly expand testing of key conversion, etc.
>
> - improve logging
>
> - improve potential features
>
> - write documentation
>
> Full disclosure, I'm giving a presentation again next week in Tokyo, so my windows to work in will get tight and there'll be some definite offline time.
>
> I have kind of a fantasy about there being an actual M3 release in the next week.  I don't know if that's realistic :)
>
>
>
> --
> David Blevins
> http://twitter.com/dblevins
> http://www.tomitribe.com
>

   --
    Jean-Louis Monteiro
    http://twitter.com/jlouismonteiro
    http://www.tomitribe.com
Reply | Threaded
Open this post in threaded view
|

Re: TOMEE-2515 MicroProfile JWT 1.1 Cleanup

David Blevins-2
> On May 7, 2019, at 4:25 PM, Jean-Louis Monteiro <[hidden email]> wrote:
>
> Good, and happy to wait if you volunteer for the M3 release lol
>
> Added a quick note this morning regarding this renaming
> signerKeys could have become signingKeys or something else.
> But using publicKeys with Key being an abstraction for a secret key or a public/private key, I'm not sure it's accurate.
> Either you change the Key type to a subclass which is more specialized. Or we keep a more generic name.

MP-JWT only supports publicKey and the property has "publicKey" in it, but we definitely could support hmac signatures.  I *barely* got started with moving to the term "verificationKey" as that's the only catch-all phrase.

I ended up getting distracted on the plane over to Tokyo and hacking up a concept that allows bean validation to be used to validate an MP JsonWebToken instance.

It needs to get wired into an interceptor so it can actually be used, but here's the concept:

 - the bean method has bean validation annotations
   https://github.com/dblevins/tomee/blob/jwtimprovements/mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/bval/data/Shapes.java#L25

 - the bean validation constraint can validate some part of the JsonWebToken
   https://github.com/dblevins/tomee/blob/jwtimprovements/mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/bval/ann/Audience.java#L61

 - a future interceptor calls this and can get a validation result
   https://github.com/dblevins/tomee/blob/jwtimprovements/mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/bval/ValidationConstraintsTest.java#L50
   https://github.com/dblevins/tomee/blob/jwtimprovements/mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/bval/ValidationConstraintsTest.java#L68
   https://github.com/dblevins/tomee/blob/jwtimprovements/mp-jwt/src/test/java/org/apache/tomee/microprofile/jwt/bval/ValidationConstraintsTest.java#L72


I forget what the magic code is to programmatically add an interceptor via CDI.  If anyone has that handy, that'd be great.


-David

Reply | Threaded
Open this post in threaded view
|

Re: TOMEE-2515 MicroProfile JWT 1.1 Cleanup

David Blevins-2
Ok,

This one is ready for merge.  If anyone has a chance to take another look at it today, excellent.  I'd like to merge tomorrow and start the release.

There are a lot of commits, so here is the high level:

 - TOMEE-2519: MP JWT Logging Improvements ensures we know exactly why a JWT is not validating.  There are new tests in itests that boot the server and actually check the log output.  The tomee-server-composer is a new bit of tech introduced in this PR.

 - TOMEE-2515: Adds support for RSA keys 1024bits and signatures of RSA-SHA384, RSA-SHA512, with tests for each key and signature type.  There is also tests to ensure the only two required claims are 'sub' and 'exp'.  There is a class JsonWebTokenValidator which is not used yet.  It's mid-refactor.  The intent is to add a builder.  I'm out of time so I'll have to come back to it later.

 - TOMEE-2517: MP-JWT and BeanValidation adds a fancy new feature that allows users to use Bean Validation to check JWTs.  You simply write a validation constraints for against the JsonWebToken and annotate your method.  A method no longer needs to use @RolesAllowed and can be very expressive and specific through the power of bean validation.

 - TOMEE-2517: MP-JWT and BeanValidation Example.  Any new feature needs documentation or it doesn't exist.  The example is functional and clean.  The README is barely there and will need more work.

 - TOMEE-2521: Apache BVal 2.0.3-SNAPSHOT there was a fix that had to be made to cover a method that has a void return type. BVal was throwing an exception causing a 500.  This was fixed and passes the bean validation TCK.  Work was done so we could use a custom build for the release tomorrow.  Ideally we'll be back no proper BVal release very shortly.

That's the high level.  Doing a build on my laptop tonight.  If it looks good I'll merge early tomorrow (in a few hours) so there's 2-3 hours for a green build to run prior to starting a release.


-David

Reply | Threaded
Open this post in threaded view
|

Re: TOMEE-2515 MicroProfile JWT 1.1 Cleanup

Jean-Louis MONTEIRO
I'll do tonight

--
Jean-Louis Monteiro
http://twitter.com/jlouismonteiro
http://www.tomitribe.com


On Mon, May 13, 2019 at 8:47 PM David Blevins <[hidden email]>
wrote:

> Ok,
>
> This one is ready for merge.  If anyone has a chance to take another look
> at it today, excellent.  I'd like to merge tomorrow and start the release.
>
> There are a lot of commits, so here is the high level:
>
>  - TOMEE-2519: MP JWT Logging Improvements ensures we know exactly why a
> JWT is not validating.  There are new tests in itests that boot the server
> and actually check the log output.  The tomee-server-composer is a new bit
> of tech introduced in this PR.
>
>  - TOMEE-2515: Adds support for RSA keys 1024bits and signatures of
> RSA-SHA384, RSA-SHA512, with tests for each key and signature type.  There
> is also tests to ensure the only two required claims are 'sub' and 'exp'.
> There is a class JsonWebTokenValidator which is not used yet.  It's
> mid-refactor.  The intent is to add a builder.  I'm out of time so I'll
> have to come back to it later.
>
>  - TOMEE-2517: MP-JWT and BeanValidation adds a fancy new feature that
> allows users to use Bean Validation to check JWTs.  You simply write a
> validation constraints for against the JsonWebToken and annotate your
> method.  A method no longer needs to use @RolesAllowed and can be very
> expressive and specific through the power of bean validation.
>
>  - TOMEE-2517: MP-JWT and BeanValidation Example.  Any new feature needs
> documentation or it doesn't exist.  The example is functional and clean.
> The README is barely there and will need more work.
>
>  - TOMEE-2521: Apache BVal 2.0.3-SNAPSHOT there was a fix that had to be
> made to cover a method that has a void return type. BVal was throwing an
> exception causing a 500.  This was fixed and passes the bean validation
> TCK.  Work was done so we could use a custom build for the release
> tomorrow.  Ideally we'll be back no proper BVal release very shortly.
>
> That's the high level.  Doing a build on my laptop tonight.  If it looks
> good I'll merge early tomorrow (in a few hours) so there's 2-3 hours for a
> green build to run prior to starting a release.
>
>
> -David
>
>
   --
    Jean-Louis Monteiro
    http://twitter.com/jlouismonteiro
    http://www.tomitribe.com
Reply | Threaded
Open this post in threaded view
|

Re: TOMEE-2515 MicroProfile JWT 1.1 Cleanup

ivanjunckes
Quick question David, @RolesAllowed currently checks "groups" claim only.
Does the bean validation feature allows checking roles in "roles"?

On Mon, May 13, 2019 at 3:52 PM Jean-Louis Monteiro <
[hidden email]> wrote:

> I'll do tonight
>
> --
> Jean-Louis Monteiro
> http://twitter.com/jlouismonteiro
> http://www.tomitribe.com
>
>
> On Mon, May 13, 2019 at 8:47 PM David Blevins <[hidden email]>
> wrote:
>
> > Ok,
> >
> > This one is ready for merge.  If anyone has a chance to take another look
> > at it today, excellent.  I'd like to merge tomorrow and start the
> release.
> >
> > There are a lot of commits, so here is the high level:
> >
> >  - TOMEE-2519: MP JWT Logging Improvements ensures we know exactly why a
> > JWT is not validating.  There are new tests in itests that boot the
> server
> > and actually check the log output.  The tomee-server-composer is a new
> bit
> > of tech introduced in this PR.
> >
> >  - TOMEE-2515: Adds support for RSA keys 1024bits and signatures of
> > RSA-SHA384, RSA-SHA512, with tests for each key and signature type.
> There
> > is also tests to ensure the only two required claims are 'sub' and 'exp'.
> > There is a class JsonWebTokenValidator which is not used yet.  It's
> > mid-refactor.  The intent is to add a builder.  I'm out of time so I'll
> > have to come back to it later.
> >
> >  - TOMEE-2517: MP-JWT and BeanValidation adds a fancy new feature that
> > allows users to use Bean Validation to check JWTs.  You simply write a
> > validation constraints for against the JsonWebToken and annotate your
> > method.  A method no longer needs to use @RolesAllowed and can be very
> > expressive and specific through the power of bean validation.
> >
> >  - TOMEE-2517: MP-JWT and BeanValidation Example.  Any new feature needs
> > documentation or it doesn't exist.  The example is functional and clean.
> > The README is barely there and will need more work.
> >
> >  - TOMEE-2521: Apache BVal 2.0.3-SNAPSHOT there was a fix that had to be
> > made to cover a method that has a void return type. BVal was throwing an
> > exception causing a 500.  This was fixed and passes the bean validation
> > TCK.  Work was done so we could use a custom build for the release
> > tomorrow.  Ideally we'll be back no proper BVal release very shortly.
> >
> > That's the high level.  Doing a build on my laptop tonight.  If it looks
> > good I'll merge early tomorrow (in a few hours) so there's 2-3 hours for
> a
> > green build to run prior to starting a release.
> >
> >
> > -David
> >
> >
>
Reply | Threaded
Open this post in threaded view
|

Re: TOMEE-2515 MicroProfile JWT 1.1 Cleanup

David Blevins-2
> On May 14, 2019, at 3:54 AM, Ivan Junckes Filho <[hidden email]> wrote:
>
> Quick question David, @RolesAllowed currently checks "groups" claim only.
> Does the bean validation feature allows checking roles in "roles"?

The feature ultimately allows you to implement a method like this:

    @Override
    public boolean isValid(final JsonWebToken jsonWebToken, final ConstraintValidatorContext context) {
        // your code here
        return ...;
    }

And attach that logic to any annotation of your creation.  You then use that annotation on your methods, and the above code will run each time the JAX-RS service is invoked.

If you want people to pass you information via the annotation, you override this method.

    @Override
    public void initialize(final Issuer issuer) {
        this.issuer = issuer;
    }

Here, Issuer is an annotation made up in the app code.

So the short answer is, yes, you could validate roles claim or any data in the token you want.  The JsonWebToken interface can give you the full encoded JWT or individual claims.  So sky is the limit.  If you can put it in a token, you can validate it.  

Bean Validation allows you to have many validating annotations.  One annotation can reuse another, so you can even have one validation annotation made from several smaller validation annotations, all of which you create.

-David

> On Mon, May 13, 2019 at 3:52 PM Jean-Louis Monteiro <
> [hidden email]> wrote:
>
>> I'll do tonight
>>
>> --
>> Jean-Louis Monteiro
>> http://twitter.com/jlouismonteiro
>> http://www.tomitribe.com
>>
>>
>> On Mon, May 13, 2019 at 8:47 PM David Blevins <[hidden email]>
>> wrote:
>>
>>> Ok,
>>>
>>> This one is ready for merge.  If anyone has a chance to take another look
>>> at it today, excellent.  I'd like to merge tomorrow and start the
>> release.
>>>
>>> There are a lot of commits, so here is the high level:
>>>
>>> - TOMEE-2519: MP JWT Logging Improvements ensures we know exactly why a
>>> JWT is not validating.  There are new tests in itests that boot the
>> server
>>> and actually check the log output.  The tomee-server-composer is a new
>> bit
>>> of tech introduced in this PR.
>>>
>>> - TOMEE-2515: Adds support for RSA keys 1024bits and signatures of
>>> RSA-SHA384, RSA-SHA512, with tests for each key and signature type.
>> There
>>> is also tests to ensure the only two required claims are 'sub' and 'exp'.
>>> There is a class JsonWebTokenValidator which is not used yet.  It's
>>> mid-refactor.  The intent is to add a builder.  I'm out of time so I'll
>>> have to come back to it later.
>>>
>>> - TOMEE-2517: MP-JWT and BeanValidation adds a fancy new feature that
>>> allows users to use Bean Validation to check JWTs.  You simply write a
>>> validation constraints for against the JsonWebToken and annotate your
>>> method.  A method no longer needs to use @RolesAllowed and can be very
>>> expressive and specific through the power of bean validation.
>>>
>>> - TOMEE-2517: MP-JWT and BeanValidation Example.  Any new feature needs
>>> documentation or it doesn't exist.  The example is functional and clean.
>>> The README is barely there and will need more work.
>>>
>>> - TOMEE-2521: Apache BVal 2.0.3-SNAPSHOT there was a fix that had to be
>>> made to cover a method that has a void return type. BVal was throwing an
>>> exception causing a 500.  This was fixed and passes the bean validation
>>> TCK.  Work was done so we could use a custom build for the release
>>> tomorrow.  Ideally we'll be back no proper BVal release very shortly.
>>>
>>> That's the high level.  Doing a build on my laptop tonight.  If it looks
>>> good I'll merge early tomorrow (in a few hours) so there's 2-3 hours for
>> a
>>> green build to run prior to starting a release.
>>>
>>>
>>> -David
>>>
>>>
>>

Reply | Threaded
Open this post in threaded view
|

Re: TOMEE-2515 MicroProfile JWT 1.1 Cleanup

David Blevins-2
Thanks for the question!  I used this email to seed the README:

 - https://github.com/apache/tomee/pull/465/commits/cd5d062884074dc4c9655a4fdc919b26b4109b83


--
David Blevins
http://twitter.com/dblevins
http://www.tomitribe.com

> On May 14, 2019, at 9:47 AM, David Blevins <[hidden email]> wrote:
>
>> On May 14, 2019, at 3:54 AM, Ivan Junckes Filho <[hidden email]> wrote:
>>
>> Quick question David, @RolesAllowed currently checks "groups" claim only.
>> Does the bean validation feature allows checking roles in "roles"?
>
> The feature ultimately allows you to implement a method like this:
>
>    @Override
>    public boolean isValid(final JsonWebToken jsonWebToken, final ConstraintValidatorContext context) {
>        // your code here
>        return ...;
>    }
>
> And attach that logic to any annotation of your creation.  You then use that annotation on your methods, and the above code will run each time the JAX-RS service is invoked.
>
> If you want people to pass you information via the annotation, you override this method.
>
>    @Override
>    public void initialize(final Issuer issuer) {
>        this.issuer = issuer;
>    }
>
> Here, Issuer is an annotation made up in the app code.
>
> So the short answer is, yes, you could validate roles claim or any data in the token you want.  The JsonWebToken interface can give you the full encoded JWT or individual claims.  So sky is the limit.  If you can put it in a token, you can validate it.  
>
> Bean Validation allows you to have many validating annotations.  One annotation can reuse another, so you can even have one validation annotation made from several smaller validation annotations, all of which you create.
>
> -David
>
>> On Mon, May 13, 2019 at 3:52 PM Jean-Louis Monteiro <
>> [hidden email]> wrote:
>>
>>> I'll do tonight
>>>
>>> --
>>> Jean-Louis Monteiro
>>> http://twitter.com/jlouismonteiro
>>> http://www.tomitribe.com
>>>
>>>
>>> On Mon, May 13, 2019 at 8:47 PM David Blevins <[hidden email]>
>>> wrote:
>>>
>>>> Ok,
>>>>
>>>> This one is ready for merge.  If anyone has a chance to take another look
>>>> at it today, excellent.  I'd like to merge tomorrow and start the
>>> release.
>>>>
>>>> There are a lot of commits, so here is the high level:
>>>>
>>>> - TOMEE-2519: MP JWT Logging Improvements ensures we know exactly why a
>>>> JWT is not validating.  There are new tests in itests that boot the
>>> server
>>>> and actually check the log output.  The tomee-server-composer is a new
>>> bit
>>>> of tech introduced in this PR.
>>>>
>>>> - TOMEE-2515: Adds support for RSA keys 1024bits and signatures of
>>>> RSA-SHA384, RSA-SHA512, with tests for each key and signature type.
>>> There
>>>> is also tests to ensure the only two required claims are 'sub' and 'exp'.
>>>> There is a class JsonWebTokenValidator which is not used yet.  It's
>>>> mid-refactor.  The intent is to add a builder.  I'm out of time so I'll
>>>> have to come back to it later.
>>>>
>>>> - TOMEE-2517: MP-JWT and BeanValidation adds a fancy new feature that
>>>> allows users to use Bean Validation to check JWTs.  You simply write a
>>>> validation constraints for against the JsonWebToken and annotate your
>>>> method.  A method no longer needs to use @RolesAllowed and can be very
>>>> expressive and specific through the power of bean validation.
>>>>
>>>> - TOMEE-2517: MP-JWT and BeanValidation Example.  Any new feature needs
>>>> documentation or it doesn't exist.  The example is functional and clean.
>>>> The README is barely there and will need more work.
>>>>
>>>> - TOMEE-2521: Apache BVal 2.0.3-SNAPSHOT there was a fix that had to be
>>>> made to cover a method that has a void return type. BVal was throwing an
>>>> exception causing a 500.  This was fixed and passes the bean validation
>>>> TCK.  Work was done so we could use a custom build for the release
>>>> tomorrow.  Ideally we'll be back no proper BVal release very shortly.
>>>>
>>>> That's the high level.  Doing a build on my laptop tonight.  If it looks
>>>> good I'll merge early tomorrow (in a few hours) so there's 2-3 hours for
>>> a
>>>> green build to run prior to starting a release.
>>>>
>>>>
>>>> -David
>>>>
>>>>
>>>
>

Reply | Threaded
Open this post in threaded view
|

Re: TOMEE-2515 MicroProfile JWT 1.1 Cleanup

ivanjunckes
Thanks David, this is very useful!



On Mon, May 13, 2019 at 9:54 PM David Blevins <[hidden email]>
wrote:

> Thanks for the question!  I used this email to seed the README:
>
>  -
> https://github.com/apache/tomee/pull/465/commits/cd5d062884074dc4c9655a4fdc919b26b4109b83
>
>
> --
> David Blevins
> http://twitter.com/dblevins
> http://www.tomitribe.com
>
> > On May 14, 2019, at 9:47 AM, David Blevins <[hidden email]>
> wrote:
> >
> >> On May 14, 2019, at 3:54 AM, Ivan Junckes Filho <[hidden email]>
> wrote:
> >>
> >> Quick question David, @RolesAllowed currently checks "groups" claim
> only.
> >> Does the bean validation feature allows checking roles in "roles"?
> >
> > The feature ultimately allows you to implement a method like this:
> >
> >    @Override
> >    public boolean isValid(final JsonWebToken jsonWebToken, final
> ConstraintValidatorContext context) {
> >        // your code here
> >        return ...;
> >    }
> >
> > And attach that logic to any annotation of your creation.  You then use
> that annotation on your methods, and the above code will run each time the
> JAX-RS service is invoked.
> >
> > If you want people to pass you information via the annotation, you
> override this method.
> >
> >    @Override
> >    public void initialize(final Issuer issuer) {
> >        this.issuer = issuer;
> >    }
> >
> > Here, Issuer is an annotation made up in the app code.
> >
> > So the short answer is, yes, you could validate roles claim or any data
> in the token you want.  The JsonWebToken interface can give you the full
> encoded JWT or individual claims.  So sky is the limit.  If you can put it
> in a token, you can validate it.
> >
> > Bean Validation allows you to have many validating annotations.  One
> annotation can reuse another, so you can even have one validation
> annotation made from several smaller validation annotations, all of which
> you create.
> >
> > -David
> >
> >> On Mon, May 13, 2019 at 3:52 PM Jean-Louis Monteiro <
> >> [hidden email]> wrote:
> >>
> >>> I'll do tonight
> >>>
> >>> --
> >>> Jean-Louis Monteiro
> >>> http://twitter.com/jlouismonteiro
> >>> http://www.tomitribe.com
> >>>
> >>>
> >>> On Mon, May 13, 2019 at 8:47 PM David Blevins <[hidden email]
> >
> >>> wrote:
> >>>
> >>>> Ok,
> >>>>
> >>>> This one is ready for merge.  If anyone has a chance to take another
> look
> >>>> at it today, excellent.  I'd like to merge tomorrow and start the
> >>> release.
> >>>>
> >>>> There are a lot of commits, so here is the high level:
> >>>>
> >>>> - TOMEE-2519: MP JWT Logging Improvements ensures we know exactly why
> a
> >>>> JWT is not validating.  There are new tests in itests that boot the
> >>> server
> >>>> and actually check the log output.  The tomee-server-composer is a new
> >>> bit
> >>>> of tech introduced in this PR.
> >>>>
> >>>> - TOMEE-2515: Adds support for RSA keys 1024bits and signatures of
> >>>> RSA-SHA384, RSA-SHA512, with tests for each key and signature type.
> >>> There
> >>>> is also tests to ensure the only two required claims are 'sub' and
> 'exp'.
> >>>> There is a class JsonWebTokenValidator which is not used yet.  It's
> >>>> mid-refactor.  The intent is to add a builder.  I'm out of time so
> I'll
> >>>> have to come back to it later.
> >>>>
> >>>> - TOMEE-2517: MP-JWT and BeanValidation adds a fancy new feature that
> >>>> allows users to use Bean Validation to check JWTs.  You simply write a
> >>>> validation constraints for against the JsonWebToken and annotate your
> >>>> method.  A method no longer needs to use @RolesAllowed and can be very
> >>>> expressive and specific through the power of bean validation.
> >>>>
> >>>> - TOMEE-2517: MP-JWT and BeanValidation Example.  Any new feature
> needs
> >>>> documentation or it doesn't exist.  The example is functional and
> clean.
> >>>> The README is barely there and will need more work.
> >>>>
> >>>> - TOMEE-2521: Apache BVal 2.0.3-SNAPSHOT there was a fix that had to
> be
> >>>> made to cover a method that has a void return type. BVal was throwing
> an
> >>>> exception causing a 500.  This was fixed and passes the bean
> validation
> >>>> TCK.  Work was done so we could use a custom build for the release
> >>>> tomorrow.  Ideally we'll be back no proper BVal release very shortly.
> >>>>
> >>>> That's the high level.  Doing a build on my laptop tonight.  If it
> looks
> >>>> good I'll merge early tomorrow (in a few hours) so there's 2-3 hours
> for
> >>> a
> >>>> green build to run prior to starting a release.
> >>>>
> >>>>
> >>>> -David
> >>>>
> >>>>
> >>>
> >
>
>
Reply | Threaded
Open this post in threaded view
|

Re: TOMEE-2515 MicroProfile JWT 1.1 Cleanup

David Blevins-2
In reply to this post by David Blevins-2
> On May 14, 2019, at 3:47 AM, David Blevins <[hidden email]> wrote:
>
> - TOMEE-2521: Apache BVal 2.0.3-SNAPSHOT there was a fix that had to be made to cover a method that has a void return type. BVal was throwing an exception causing a 500.  This was fixed and passes the bean validation TCK.  Work was done so we could use a custom build for the release tomorrow.  Ideally we'll be back no proper BVal release very shortly.
>
> That's the high level.  Doing a build on my laptop tonight.  If it looks good I'll merge early tomorrow (in a few hours) so there's 2-3 hours for a green build to run prior to starting a release.

Build on the laptop had one failure in examples/bean-validation-design-by-contract/

I did a git bisect and pinned down the revision that introduced it and filed an issue:

 - https://issues.apache.org/jira/projects/BVAL/issues/BVAL-175

I grabbed the code just before, applied this patch:

 - https://issues.apache.org/jira/projects/BVAL/issues/BVAL-174

And pushed it up here:

 - https://svn.apache.org/repos/asf/tomee/deps/branches/bval-2/

And deployed a snapshot of it so others can build without having to pull down this repo and do a local build.

The CI is running now and I'll keep a close eye.

 - https://ci.apache.org/builders/tomee-trunk-ubuntu-jvm8

There's a local jug event tonight and tomorrow is the EC meeting.  If I can possibly sneak in doing a release during the meeting, I'll give it a shot.


-David


Reply | Threaded
Open this post in threaded view
|

Re: TOMEE-2515 MicroProfile JWT 1.1 Cleanup

j4fm
Just noticed buildbot is failing and looks like this info is useful here...
:)


[INFO] -------------------------------------------------------
[INFO]  T E S T S
[INFO] -------------------------------------------------------
[INFO] Running
org.apache.tomee.microprofile.jwt.bval.ValidationGeneratorTest
[ERROR] Tests run: 2, Failures: 1, Errors: 0, Skipped: 0, Time elapsed:
0.123 s <<< FAILURE! - in
org.apache.tomee.microprofile.jwt.bval.ValidationGeneratorTest
[ERROR] test(org.apache.tomee.microprofile.jwt.bval.ValidationGeneratorTest)
Time elapsed: 0.064 s  <<< FAILURE!
org.junit.ComparisonFailure:
expected:<...Method(ACC_PUBLIC, "[red$$0",
"()Lorg/eclipse/microprofile/jwt/JsonWebToken;", null, null);
{
av0 = mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/Name;",
true);
av0.visit("value", "public void
org.apache.tomee.microprofile.jwt.bval.data.Colors.red()");
av0.visitEnd();
}
{
av0 =
mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/ann/Issuer;",
true);
av0.visit("value", "http://foo.bar.com");
av0.visitEnd();
}
mv.visitCode();
mv.visitInsn(ACONST_NULL);
mv.visitInsn(ARETURN);
mv.visitMaxs(1, 1);
mv.visitEnd();
}
{
mv = cw.visitMethod(ACC_PUBLIC, "blue$$1",
"()Lorg/eclipse/microprofile/jwt/JsonWebToken;", null, null);
{
av0 = mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/Name;",
true);
av0.visit("value", "public void
org.apache.tomee.microprofile.jwt.bval.data.Colors.blue]()");
av0.visitEnd()...> but was:<...Method(ACC_PUBLIC, "[blue$$0",
"()Lorg/eclipse/microprofile/jwt/JsonWebToken;", null, null);
{
av0 = mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/Name;",
true);
av0.visit("value", "public void
org.apache.tomee.microprofile.jwt.bval.data.Colors.blue()");
av0.visitEnd();
}
{
av0 =
mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/ann/Issuer;",
true);
av0.visit("value", "http://foo.bar.com");
av0.visitEnd();
}
mv.visitCode();
mv.visitInsn(ACONST_NULL);
mv.visitInsn(ARETURN);
mv.visitMaxs(1, 1);
mv.visitEnd();
}
{
mv = cw.visitMethod(ACC_PUBLIC, "red$$1",
"()Lorg/eclipse/microprofile/jwt/JsonWebToken;", null, null);
{
av0 = mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/Name;",
true);
av0.visit("value", "public void
org.apache.tomee.microprofile.jwt.bval.data.Colors.red]()");
av0.visitEnd()...>
        at org.junit.Assert.assertEquals(Assert.java:115)
        at org.junit.Assert.assertEquals(Assert.java:144)
        at
org.apache.tomee.microprofile.jwt.bval.ValidationGeneratorTest.test(ValidationGeneratorTest.java:31)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at
org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50)
        at
org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
        at
org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47)
        at
org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
        at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325)
        at
org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:78)
        at
org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:57)
        at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290)
        at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71)
        at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288)
        at org.junit.runners.ParentRunner.access$000(ParentRunner.java:58)
        at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268)
        at org.junit.runners.ParentRunner.run(ParentRunner.java:363)
        at
org.apache.maven.surefire.junit4.JUnit4Provider.execute(JUnit4Provider.java:365)
        at
org.apache.maven.surefire.junit4.JUnit4Provider.executeWithRerun(JUnit4Provider.java:273)
        at
org.apache.maven.surefire.junit4.JUnit4Provider.executeTestSet(JUnit4Provider.java:238)
        at
org.apache.maven.surefire.junit4.JUnit4Provider.invoke(JUnit4Provider.java:159)
        at
org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:379)
        at
org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:340)
        at
org.apache.maven.surefire.booter.ForkedBooter.execute(ForkedBooter.java:125)
        at
org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:413)

[INFO] Running
org.apache.tomee.microprofile.jwt.bval.ValidationConstraintsTest
[WARNING] Tests run: 1, Failures: 0, Errors: 0, Skipped: 1, Time elapsed:
0.013 s - in
org.apache.tomee.microprofile.jwt.bval.ValidationConstraintsTest
[INFO] Running org.apache.tomee.microprofile.jwt.JsonWebTokenValidatorTest
[WARNING] Tests run: 1, Failures: 0, Errors: 0, Skipped: 1, Time elapsed:
0.044 s - in org.apache.tomee.microprofile.jwt.JsonWebTokenValidatorTest
[INFO]
[INFO] Results:
[INFO]
[ERROR] Failures:
[ERROR]   ValidationGeneratorTest.test:31 expected:<...Method(ACC_PUBLIC,
"[red$$0", "()Lorg/eclipse/microprofile/jwt/JsonWebToken;", null, null);
{
av0 = mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/Name;",
true);
av0.visit("value", "public void
org.apache.tomee.microprofile.jwt.bval.data.Colors.red()");
av0.visitEnd();
}
{
av0 =
mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/ann/Issuer;",
true);
av0.visit("value", "http://foo.bar.com");
av0.visitEnd();
}
mv.visitCode();
mv.visitInsn(ACONST_NULL);
mv.visitInsn(ARETURN);
mv.visitMaxs(1, 1);
mv.visitEnd();
}
{
mv = cw.visitMethod(ACC_PUBLIC, "blue$$1",
"()Lorg/eclipse/microprofile/jwt/JsonWebToken;", null, null);
{
av0 = mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/Name;",
true);
av0.visit("value", "public void
org.apache.tomee.microprofile.jwt.bval.data.Colors.blue]()");
av0.visitEnd()...> but was:<...Method(ACC_PUBLIC, "[blue$$0",
"()Lorg/eclipse/microprofile/jwt/JsonWebToken;", null, null);
{
av0 = mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/Name;",
true);
av0.visit("value", "public void
org.apache.tomee.microprofile.jwt.bval.data.Colors.blue()");
av0.visitEnd();
}
{
av0 =
mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/ann/Issuer;",
true);
av0.visit("value", "http://foo.bar.com");
av0.visitEnd();
}
mv.visitCode();
mv.visitInsn(ACONST_NULL);
mv.visitInsn(ARETURN);
mv.visitMaxs(1, 1);
mv.visitEnd();
}
{
mv = cw.visitMethod(ACC_PUBLIC, "red$$1",
"()Lorg/eclipse/microprofile/jwt/JsonWebToken;", null, null);
{
av0 = mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/Name;",
true);
av0.visit("value", "public void
org.apache.tomee.microprofile.jwt.bval.data.Colors.red]()");
av0.visitEnd()...>
[INFO]
[ERROR] Tests run: 4, Failures: 1, Errors: 0, Skipped: 2



--
Sent from: http://tomee-openejb.979440.n4.nabble.com/TomEE-Dev-f982480.html
Reply | Threaded
Open this post in threaded view
|

Re: TOMEE-2515 MicroProfile JWT 1.1 Cleanup

David Blevins-2
> On May 14, 2019, at 8:47 PM, j4fm <[hidden email]> wrote:
>
> Just noticed buildbot is failing and looks like this info is useful here...
> :)

Thanks, James!

I looked at the diff and slapped my forehead immediately as I've seen this problem so many times.  Iterating over a hashmap and expecting stable ordering.  Order is based on hashcode which is often stable for several VM restarts till... it's not.  :)

Sleep must be had, but I'll fix it in the morning.  For now I'll commit an @Ignore so we can see if there are any issues behind this one.


-David


>
>
> [INFO] -------------------------------------------------------
> [INFO]  T E S T S
> [INFO] -------------------------------------------------------
> [INFO] Running
> org.apache.tomee.microprofile.jwt.bval.ValidationGeneratorTest
> [ERROR] Tests run: 2, Failures: 1, Errors: 0, Skipped: 0, Time elapsed:
> 0.123 s <<< FAILURE! - in
> org.apache.tomee.microprofile.jwt.bval.ValidationGeneratorTest
> [ERROR] test(org.apache.tomee.microprofile.jwt.bval.ValidationGeneratorTest)
> Time elapsed: 0.064 s  <<< FAILURE!
> org.junit.ComparisonFailure:
> expected:<...Method(ACC_PUBLIC, "[red$$0",
> "()Lorg/eclipse/microprofile/jwt/JsonWebToken;", null, null);
> {
> av0 = mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/Name;",
> true);
> av0.visit("value", "public void
> org.apache.tomee.microprofile.jwt.bval.data.Colors.red()");
> av0.visitEnd();
> }
> {
> av0 =
> mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/ann/Issuer;",
> true);
> av0.visit("value", "http://foo.bar.com");
> av0.visitEnd();
> }
> mv.visitCode();
> mv.visitInsn(ACONST_NULL);
> mv.visitInsn(ARETURN);
> mv.visitMaxs(1, 1);
> mv.visitEnd();
> }
> {
> mv = cw.visitMethod(ACC_PUBLIC, "blue$$1",
> "()Lorg/eclipse/microprofile/jwt/JsonWebToken;", null, null);
> {
> av0 = mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/Name;",
> true);
> av0.visit("value", "public void
> org.apache.tomee.microprofile.jwt.bval.data.Colors.blue]()");
> av0.visitEnd()...> but was:<...Method(ACC_PUBLIC, "[blue$$0",
> "()Lorg/eclipse/microprofile/jwt/JsonWebToken;", null, null);
> {
> av0 = mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/Name;",
> true);
> av0.visit("value", "public void
> org.apache.tomee.microprofile.jwt.bval.data.Colors.blue()");
> av0.visitEnd();
> }
> {
> av0 =
> mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/ann/Issuer;",
> true);
> av0.visit("value", "http://foo.bar.com");
> av0.visitEnd();
> }
> mv.visitCode();
> mv.visitInsn(ACONST_NULL);
> mv.visitInsn(ARETURN);
> mv.visitMaxs(1, 1);
> mv.visitEnd();
> }
> {
> mv = cw.visitMethod(ACC_PUBLIC, "red$$1",
> "()Lorg/eclipse/microprofile/jwt/JsonWebToken;", null, null);
> {
> av0 = mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/Name;",
> true);
> av0.visit("value", "public void
> org.apache.tomee.microprofile.jwt.bval.data.Colors.red]()");
> av0.visitEnd()...>
> at org.junit.Assert.assertEquals(Assert.java:115)
> at org.junit.Assert.assertEquals(Assert.java:144)
> at
> org.apache.tomee.microprofile.jwt.bval.ValidationGeneratorTest.test(ValidationGeneratorTest.java:31)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at
> org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50)
> at
> org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
> at
> org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47)
> at
> org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
> at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325)
> at
> org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:78)
> at
> org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:57)
> at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290)
> at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71)
> at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288)
> at org.junit.runners.ParentRunner.access$000(ParentRunner.java:58)
> at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268)
> at org.junit.runners.ParentRunner.run(ParentRunner.java:363)
> at
> org.apache.maven.surefire.junit4.JUnit4Provider.execute(JUnit4Provider.java:365)
> at
> org.apache.maven.surefire.junit4.JUnit4Provider.executeWithRerun(JUnit4Provider.java:273)
> at
> org.apache.maven.surefire.junit4.JUnit4Provider.executeTestSet(JUnit4Provider.java:238)
> at
> org.apache.maven.surefire.junit4.JUnit4Provider.invoke(JUnit4Provider.java:159)
> at
> org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:379)
> at
> org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:340)
> at
> org.apache.maven.surefire.booter.ForkedBooter.execute(ForkedBooter.java:125)
> at
> org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:413)
>
> [INFO] Running
> org.apache.tomee.microprofile.jwt.bval.ValidationConstraintsTest
> [WARNING] Tests run: 1, Failures: 0, Errors: 0, Skipped: 1, Time elapsed:
> 0.013 s - in
> org.apache.tomee.microprofile.jwt.bval.ValidationConstraintsTest
> [INFO] Running org.apache.tomee.microprofile.jwt.JsonWebTokenValidatorTest
> [WARNING] Tests run: 1, Failures: 0, Errors: 0, Skipped: 1, Time elapsed:
> 0.044 s - in org.apache.tomee.microprofile.jwt.JsonWebTokenValidatorTest
> [INFO]
> [INFO] Results:
> [INFO]
> [ERROR] Failures:
> [ERROR]   ValidationGeneratorTest.test:31 expected:<...Method(ACC_PUBLIC,
> "[red$$0", "()Lorg/eclipse/microprofile/jwt/JsonWebToken;", null, null);
> {
> av0 = mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/Name;",
> true);
> av0.visit("value", "public void
> org.apache.tomee.microprofile.jwt.bval.data.Colors.red()");
> av0.visitEnd();
> }
> {
> av0 =
> mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/ann/Issuer;",
> true);
> av0.visit("value", "http://foo.bar.com");
> av0.visitEnd();
> }
> mv.visitCode();
> mv.visitInsn(ACONST_NULL);
> mv.visitInsn(ARETURN);
> mv.visitMaxs(1, 1);
> mv.visitEnd();
> }
> {
> mv = cw.visitMethod(ACC_PUBLIC, "blue$$1",
> "()Lorg/eclipse/microprofile/jwt/JsonWebToken;", null, null);
> {
> av0 = mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/Name;",
> true);
> av0.visit("value", "public void
> org.apache.tomee.microprofile.jwt.bval.data.Colors.blue]()");
> av0.visitEnd()...> but was:<...Method(ACC_PUBLIC, "[blue$$0",
> "()Lorg/eclipse/microprofile/jwt/JsonWebToken;", null, null);
> {
> av0 = mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/Name;",
> true);
> av0.visit("value", "public void
> org.apache.tomee.microprofile.jwt.bval.data.Colors.blue()");
> av0.visitEnd();
> }
> {
> av0 =
> mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/ann/Issuer;",
> true);
> av0.visit("value", "http://foo.bar.com");
> av0.visitEnd();
> }
> mv.visitCode();
> mv.visitInsn(ACONST_NULL);
> mv.visitInsn(ARETURN);
> mv.visitMaxs(1, 1);
> mv.visitEnd();
> }
> {
> mv = cw.visitMethod(ACC_PUBLIC, "red$$1",
> "()Lorg/eclipse/microprofile/jwt/JsonWebToken;", null, null);
> {
> av0 = mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/Name;",
> true);
> av0.visit("value", "public void
> org.apache.tomee.microprofile.jwt.bval.data.Colors.red]()");
> av0.visitEnd()...>
> [INFO]
> [ERROR] Tests run: 4, Failures: 1, Errors: 0, Skipped: 2
>
>
>
> --
> Sent from: http://tomee-openejb.979440.n4.nabble.com/TomEE-Dev-f982480.html

Reply | Threaded
Open this post in threaded view
|

Re: TOMEE-2515 MicroProfile JWT 1.1 Cleanup

David Blevins-2
> On May 15, 2019, at 1:49 AM, David Blevins <[hidden email]> wrote:
>
>> On May 14, 2019, at 8:47 PM, j4fm <[hidden email]> wrote:
>>
>> Just noticed buildbot is failing and looks like this info is useful here...
>> :)
>
> Thanks, James!
>
> I looked at the diff and slapped my forehead immediately as I've seen this problem so many times.  Iterating over a hashmap and expecting stable ordering.  Order is based on hashcode which is often stable for several VM restarts till... it's not.  :)
>
> Sleep must be had, but I'll fix it in the morning.  For now I'll commit an @Ignore so we can see if there are any issues behind this one.

Made the @Ignore commit and then didn't push it.  Commit message full of typos.  Looks like sleep deprivation caught up to me :)

Pushed now, build running, I'll see if I can get a proper fix in.


-David

>> [INFO] -------------------------------------------------------
>> [INFO]  T E S T S
>> [INFO] -------------------------------------------------------
>> [INFO] Running
>> org.apache.tomee.microprofile.jwt.bval.ValidationGeneratorTest
>> [ERROR] Tests run: 2, Failures: 1, Errors: 0, Skipped: 0, Time elapsed:
>> 0.123 s <<< FAILURE! - in
>> org.apache.tomee.microprofile.jwt.bval.ValidationGeneratorTest
>> [ERROR] test(org.apache.tomee.microprofile.jwt.bval.ValidationGeneratorTest)
>> Time elapsed: 0.064 s  <<< FAILURE!
>> org.junit.ComparisonFailure:
>> expected:<...Method(ACC_PUBLIC, "[red$$0",
>> "()Lorg/eclipse/microprofile/jwt/JsonWebToken;", null, null);
>> {
>> av0 = mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/Name;",
>> true);
>> av0.visit("value", "public void
>> org.apache.tomee.microprofile.jwt.bval.data.Colors.red()");
>> av0.visitEnd();
>> }
>> {
>> av0 =
>> mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/ann/Issuer;",
>> true);
>> av0.visit("value", "http://foo.bar.com");
>> av0.visitEnd();
>> }
>> mv.visitCode();
>> mv.visitInsn(ACONST_NULL);
>> mv.visitInsn(ARETURN);
>> mv.visitMaxs(1, 1);
>> mv.visitEnd();
>> }
>> {
>> mv = cw.visitMethod(ACC_PUBLIC, "blue$$1",
>> "()Lorg/eclipse/microprofile/jwt/JsonWebToken;", null, null);
>> {
>> av0 = mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/Name;",
>> true);
>> av0.visit("value", "public void
>> org.apache.tomee.microprofile.jwt.bval.data.Colors.blue]()");
>> av0.visitEnd()...> but was:<...Method(ACC_PUBLIC, "[blue$$0",
>> "()Lorg/eclipse/microprofile/jwt/JsonWebToken;", null, null);
>> {
>> av0 = mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/Name;",
>> true);
>> av0.visit("value", "public void
>> org.apache.tomee.microprofile.jwt.bval.data.Colors.blue()");
>> av0.visitEnd();
>> }
>> {
>> av0 =
>> mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/ann/Issuer;",
>> true);
>> av0.visit("value", "http://foo.bar.com");
>> av0.visitEnd();
>> }
>> mv.visitCode();
>> mv.visitInsn(ACONST_NULL);
>> mv.visitInsn(ARETURN);
>> mv.visitMaxs(1, 1);
>> mv.visitEnd();
>> }
>> {
>> mv = cw.visitMethod(ACC_PUBLIC, "red$$1",
>> "()Lorg/eclipse/microprofile/jwt/JsonWebToken;", null, null);
>> {
>> av0 = mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/Name;",
>> true);
>> av0.visit("value", "public void
>> org.apache.tomee.microprofile.jwt.bval.data.Colors.red]()");
>> av0.visitEnd()...>
>> at org.junit.Assert.assertEquals(Assert.java:115)
>> at org.junit.Assert.assertEquals(Assert.java:144)
>> at
>> org.apache.tomee.microprofile.jwt.bval.ValidationGeneratorTest.test(ValidationGeneratorTest.java:31)
>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>> at
>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
>> at
>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>> at java.lang.reflect.Method.invoke(Method.java:498)
>> at
>> org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50)
>> at
>> org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
>> at
>> org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47)
>> at
>> org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
>> at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325)
>> at
>> org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:78)
>> at
>> org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:57)
>> at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290)
>> at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71)
>> at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288)
>> at org.junit.runners.ParentRunner.access$000(ParentRunner.java:58)
>> at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268)
>> at org.junit.runners.ParentRunner.run(ParentRunner.java:363)
>> at
>> org.apache.maven.surefire.junit4.JUnit4Provider.execute(JUnit4Provider.java:365)
>> at
>> org.apache.maven.surefire.junit4.JUnit4Provider.executeWithRerun(JUnit4Provider.java:273)
>> at
>> org.apache.maven.surefire.junit4.JUnit4Provider.executeTestSet(JUnit4Provider.java:238)
>> at
>> org.apache.maven.surefire.junit4.JUnit4Provider.invoke(JUnit4Provider.java:159)
>> at
>> org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:379)
>> at
>> org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:340)
>> at
>> org.apache.maven.surefire.booter.ForkedBooter.execute(ForkedBooter.java:125)
>> at
>> org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:413)
>>
>> [INFO] Running
>> org.apache.tomee.microprofile.jwt.bval.ValidationConstraintsTest
>> [WARNING] Tests run: 1, Failures: 0, Errors: 0, Skipped: 1, Time elapsed:
>> 0.013 s - in
>> org.apache.tomee.microprofile.jwt.bval.ValidationConstraintsTest
>> [INFO] Running org.apache.tomee.microprofile.jwt.JsonWebTokenValidatorTest
>> [WARNING] Tests run: 1, Failures: 0, Errors: 0, Skipped: 1, Time elapsed:
>> 0.044 s - in org.apache.tomee.microprofile.jwt.JsonWebTokenValidatorTest
>> [INFO]
>> [INFO] Results:
>> [INFO]
>> [ERROR] Failures:
>> [ERROR]   ValidationGeneratorTest.test:31 expected:<...Method(ACC_PUBLIC,
>> "[red$$0", "()Lorg/eclipse/microprofile/jwt/JsonWebToken;", null, null);
>> {
>> av0 = mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/Name;",
>> true);
>> av0.visit("value", "public void
>> org.apache.tomee.microprofile.jwt.bval.data.Colors.red()");
>> av0.visitEnd();
>> }
>> {
>> av0 =
>> mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/ann/Issuer;",
>> true);
>> av0.visit("value", "http://foo.bar.com");
>> av0.visitEnd();
>> }
>> mv.visitCode();
>> mv.visitInsn(ACONST_NULL);
>> mv.visitInsn(ARETURN);
>> mv.visitMaxs(1, 1);
>> mv.visitEnd();
>> }
>> {
>> mv = cw.visitMethod(ACC_PUBLIC, "blue$$1",
>> "()Lorg/eclipse/microprofile/jwt/JsonWebToken;", null, null);
>> {
>> av0 = mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/Name;",
>> true);
>> av0.visit("value", "public void
>> org.apache.tomee.microprofile.jwt.bval.data.Colors.blue]()");
>> av0.visitEnd()...> but was:<...Method(ACC_PUBLIC, "[blue$$0",
>> "()Lorg/eclipse/microprofile/jwt/JsonWebToken;", null, null);
>> {
>> av0 = mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/Name;",
>> true);
>> av0.visit("value", "public void
>> org.apache.tomee.microprofile.jwt.bval.data.Colors.blue()");
>> av0.visitEnd();
>> }
>> {
>> av0 =
>> mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/ann/Issuer;",
>> true);
>> av0.visit("value", "http://foo.bar.com");
>> av0.visitEnd();
>> }
>> mv.visitCode();
>> mv.visitInsn(ACONST_NULL);
>> mv.visitInsn(ARETURN);
>> mv.visitMaxs(1, 1);
>> mv.visitEnd();
>> }
>> {
>> mv = cw.visitMethod(ACC_PUBLIC, "red$$1",
>> "()Lorg/eclipse/microprofile/jwt/JsonWebToken;", null, null);
>> {
>> av0 = mv.visitAnnotation("Lorg/apache/tomee/microprofile/jwt/bval/Name;",
>> true);
>> av0.visit("value", "public void
>> org.apache.tomee.microprofile.jwt.bval.data.Colors.red]()");
>> av0.visitEnd()...>
>> [INFO]
>> [ERROR] Tests run: 4, Failures: 1, Errors: 0, Skipped: 2
>>
>>
>>
>> --
>> Sent from: http://tomee-openejb.979440.n4.nabble.com/TomEE-Dev-f982480.html
>

Reply | Threaded
Open this post in threaded view
|

Re: TOMEE-2515 MicroProfile JWT 1.1 Cleanup

j4fm
Buildbot still failing.  Both the last two builds were the same failure (and
it's only a single failure :)) with:

Tests run: 6, Failures: 1, Errors: 0, Skipped: 0, Time elapsed: 6.823 sec
<<< FAILURE! - in org.superbiz.MovieServiceTest
testInvalidIssuer(org.superbiz.MovieServiceTest)  Time elapsed: 0.076 sec
<<< FAILURE!
java.lang.AssertionError: expected:<403> but was:<200>
        at org.junit.Assert.fail(Assert.java:88)
        at org.junit.Assert.failNotEquals(Assert.java:834)
        at org.junit.Assert.assertEquals(Assert.java:645)
        at org.junit.Assert.assertEquals(Assert.java:631)
        at
org.superbiz.MovieServiceTest.testInvalidIssuer(MovieServiceTest.java:68)




--
Sent from: http://tomee-openejb.979440.n4.nabble.com/TomEE-Dev-f982480.html
Reply | Threaded
Open this post in threaded view
|

Re: TOMEE-2515 MicroProfile JWT 1.1 Cleanup

jgallimore
Can you see what example that is failing in?

On Wed, May 15, 2019 at 2:23 PM j4fm <[hidden email]> wrote:

> Buildbot still failing.  Both the last two builds were the same failure
> (and
> it's only a single failure :)) with:
>
> Tests run: 6, Failures: 1, Errors: 0, Skipped: 0, Time elapsed: 6.823 sec
> <<< FAILURE! - in org.superbiz.MovieServiceTest
> testInvalidIssuer(org.superbiz.MovieServiceTest)  Time elapsed: 0.076 sec
> <<< FAILURE!
> java.lang.AssertionError: expected:<403> but was:<200>
>         at org.junit.Assert.fail(Assert.java:88)
>         at org.junit.Assert.failNotEquals(Assert.java:834)
>         at org.junit.Assert.assertEquals(Assert.java:645)
>         at org.junit.Assert.assertEquals(Assert.java:631)
>         at
> org.superbiz.MovieServiceTest.testInvalidIssuer(MovieServiceTest.java:68)
>
>
>
>
> --
> Sent from:
> http://tomee-openejb.979440.n4.nabble.com/TomEE-Dev-f982480.html
>
Reply | Threaded
Open this post in threaded view
|

Re: TOMEE-2515 MicroProfile JWT 1.1 Cleanup

j4fm
Apache TomEE + MicroProfile JWT Bean Validation, Strongly-typed Annotations
1.0-SNAPSHOT
mp-jwt-bean-validation-strongly-typed



--
Sent from: http://tomee-openejb.979440.n4.nabble.com/TomEE-Dev-f982480.html
Reply | Threaded
Open this post in threaded view
|

Re: TOMEE-2515 MicroProfile JWT 1.1 Cleanup

jgallimore
Awesome, thanks! Sounds like its related to the JWT work. If I get a chance
at some point today I'll try and take a look to try and help out.

On Wed, May 15, 2019 at 2:56 PM j4fm <[hidden email]> wrote:

> Apache TomEE + MicroProfile JWT Bean Validation, Strongly-typed Annotations
> 1.0-SNAPSHOT
> mp-jwt-bean-validation-strongly-typed
>
>
>
> --
> Sent from:
> http://tomee-openejb.979440.n4.nabble.com/TomEE-Dev-f982480.html
>
Reply | Threaded
Open this post in threaded view
|

Re: TOMEE-2515 MicroProfile JWT 1.1 Cleanup

David Blevins-2
Not quite sure what the issue is with that test.  It runs and passes locally.

Trying on another machine to see if I can reproduce.


--
David Blevins
http://twitter.com/dblevins
http://www.tomitribe.com

> On May 15, 2019, at 11:01 PM, Jonathan Gallimore <[hidden email]> wrote:
>
> Awesome, thanks! Sounds like its related to the JWT work. If I get a chance
> at some point today I'll try and take a look to try and help out.
>
> On Wed, May 15, 2019 at 2:56 PM j4fm <[hidden email]> wrote:
>
>> Apache TomEE + MicroProfile JWT Bean Validation, Strongly-typed Annotations
>> 1.0-SNAPSHOT
>> mp-jwt-bean-validation-strongly-typed
>>
>>
>>
>> --
>> Sent from:
>> http://tomee-openejb.979440.n4.nabble.com/TomEE-Dev-f982480.html
>>

Reply | Threaded
Open this post in threaded view
|

Re: TOMEE-2515 MicroProfile JWT 1.1 Cleanup

jgallimore
Same. If I can reproduce it on my build machine here, I'll put a debugger
on it.

Jon

On Thu, May 16, 2019 at 9:47 AM David Blevins <[hidden email]>
wrote:

> Not quite sure what the issue is with that test.  It runs and passes
> locally.
>
> Trying on another machine to see if I can reproduce.
>
>
> --
> David Blevins
> http://twitter.com/dblevins
> http://www.tomitribe.com
>
> > On May 15, 2019, at 11:01 PM, Jonathan Gallimore <
> [hidden email]> wrote:
> >
> > Awesome, thanks! Sounds like its related to the JWT work. If I get a
> chance
> > at some point today I'll try and take a look to try and help out.
> >
> > On Wed, May 15, 2019 at 2:56 PM j4fm <[hidden email]> wrote:
> >
> >> Apache TomEE + MicroProfile JWT Bean Validation, Strongly-typed
> Annotations
> >> 1.0-SNAPSHOT
> >> mp-jwt-bean-validation-strongly-typed
> >>
> >>
> >>
> >> --
> >> Sent from:
> >> http://tomee-openejb.979440.n4.nabble.com/TomEE-Dev-f982480.html
> >>
>
>
12