Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enforce scope claim as authorization bitmask #21

Merged
merged 33 commits into from
Jun 11, 2019
Merged

Enforce scope claim as authorization bitmask #21

merged 33 commits into from
Jun 11, 2019

Conversation

dknoma
Copy link
Contributor

@dknoma dknoma commented May 30, 2019

No description provided.

dknoma added 7 commits May 24, 2019 17:06
@dknoma
cloned tests to test scope for oauth2
d898a13
@dknoma
changed resolve() references throughout OAuth from a ToLongFunction t…
387a3a6 
…o ToLongBiFunction to accomodate for a String scopes parameter in resolve. TODO: actually do something with the scopes string. (it is not necessary to auto-resolve a previously unseen scope)
@dknoma
lazily assigned bits to the scopes based off of how many scopes are p…
d320adb 
…resent during resolve. if scope bit exists, grabs that bit and | it to the realmBit. else assigns the bit THEN grab and | it to the realmBit. fixed test for it as well to have correct expectedAuthorization
@dknoma
cleaned up code. TODO: need to check for scopes length >48, what http…
a3de538 
… status code to test for, and if resolve should ignore excess scopes or if that's taken care of beforehand
@dknoma
revised resolve(). no uses an OAuthRealmObject to contain realm and s…
96ab6ff 
…cope bit information
@dknoma
removed unnecessary imports from files.
ce5f656
@dknoma
fixed spec test. modular to allow for scopes to be passed as a prop f…
d1bc444 
…rom implementation to the spec.
@jfallows jfallows changed the title For Review Enforce scope claim as authorization bitmask May 31, 2019
dknoma added 7 commits May 31, 2019 10:02
@dknoma
fixed pom.xml. using correct dependencies now. also fixed an error in…
0dc65ae 
… the implementation where tests would hang because of unaccounted for null exceptions
@dknoma
passing all StreamsIT and ControllerIT tests. fixed another empty rol…
30d77cf 
…es check for OAuthNukleus as well.
@dknoma
working on getting test scripts to work together. doesnt seem to reco…
354c63c 
…gnize 281474976710663 vs. 0x0001_000000000007L. with.roles script passes on its own, but when grouped with the route and stream scripts it fails
@dknoma
WithNoSetScopes and WithSetScopes tests are passing. Working on WithE…
e8963bf 
…xtraScope test
@dknoma
Working on WithExtraScope tests.
3b47c41
@dknoma
fixed checkstyle. commented out extra scopes test to pass build
2f4ce8b
@dknoma
cleaned up code. extra scopes test should now be passing correctly. s…
f7f6ffb 
…cope authorization bits are set, route is set up correctly and authorization seems to be correctly required now
jfallows
jfallows requested changes Jun 4, 2019
View reviewed changes
src/main/java/org/reaktivity/nukleus/oauth/internal/OAuthNukleus.java Outdated Show resolved Hide resolved
src/main/java/org/reaktivity/nukleus/oauth/internal/OAuthNukleus.java Outdated Show resolved Hide resolved
src/main/java/org/reaktivity/nukleus/oauth/internal/OAuthNukleus.java Outdated Show resolved Hide resolved
src/main/java/org/reaktivity/nukleus/oauth/internal/OAuthRealms.java Outdated Show resolved Hide resolved
src/main/java/org/reaktivity/nukleus/oauth/internal/OAuthRealms.java Outdated Show resolved Hide resolved
src/main/java/org/reaktivity/nukleus/oauth/internal/stream/OAuthProxyFactory.java Outdated Show resolved Hide resolved
src/main/java/org/reaktivity/nukleus/oauth/internal/stream/OAuthProxyFactoryBuilder.java Outdated Show resolved Hide resolved
src/test/java/org/reaktivity/nukleus/oauth/internal/control/ControllerIT.java Outdated Show resolved Hide resolved
src/test/java/org/reaktivity/nukleus/oauth/internal/streams/StreamsIT.java Outdated Show resolved Hide resolved
src/test/java/org/reaktivity/nukleus/oauth/internal/streams/StreamsIT.java Outdated Show resolved Hide resolved
dknoma added 7 commits June 4, 2019 10:28
@dknoma
made changes from the requests: removed unnecessary imports and lefto…
9224617 
…ver commented code. changed resolveRealm from ToLongBiFunction to ToLongFunction<JsonWebSignature>. Renamed variables and parameters to be more specific.
@dknoma
builds successfully now. Need to change OAuthRealmsTests as they use …
baafabf 
…an outdated version of lookup() that use different parameters in its signature. keeping old method for now, will need to change.
@dknoma
Also moved realm assignment from startup to first Resolve. test corre…
941d2a8 
…ctly call RESOLVE first before executing their scripts allowing the oauth realms to be correctly added. all StreamIT tests are passing.
@dknoma
commented out test code. need to figure out a way to get the test to …
13e5d8f 
…use the new lookup() method that uses JsonWebSignature as its lone parameter.
@dknoma
fixed shouldNotResolveUnkownRealm() test: was accidentally adding a r…
f585e8e 
…ealm, should NOT have been adding a reaklm
@dknoma
OAuthRealmsTest now works with the new lookup(). All tests passing, b…
8820539 
…uilds correctly as well.
@dknoma
removed commented out code and print statements and TODOs.
23299bf
jfallows
jfallows requested changes Jun 6, 2019
View reviewed changes
src/main/java/org/reaktivity/nukleus/oauth/internal/OAuthNukleus.java Outdated Show resolved Hide resolved
src/main/java/org/reaktivity/nukleus/oauth/internal/OAuthRealms.java Outdated Show resolved Hide resolved
src/main/java/org/reaktivity/nukleus/oauth/internal/OAuthRealms.java Outdated Show resolved Hide resolved
src/main/java/org/reaktivity/nukleus/oauth/internal/stream/OAuthProxyFactoryBuilder.java Outdated Show resolved Hide resolved
src/main/java/org/reaktivity/nukleus/oauth/internal/stream/OAuthProxyFactoryBuilder.java Outdated Show resolved Hide resolved
src/main/java/org/reaktivity/nukleus/oauth/internal/OAuthRealms.java Outdated Show resolved Hide resolved
src/main/java/org/reaktivity/nukleus/oauth/internal/OAuthRealms.java Outdated Show resolved Hide resolved
src/main/java/org/reaktivity/nukleus/oauth/internal/OAuthRealms.java Outdated Show resolved Hide resolved
src/main/java/org/reaktivity/nukleus/oauth/internal/OAuthRealms.java Show resolved Hide resolved
src/main/java/org/reaktivity/nukleus/oauth/internal/OAuthRealms.java Outdated Show resolved Hide resolved
dknoma added 2 commits June 6, 2019 10:58
@dknoma
made fixes to the requested changes. removed add(), changed OAuthReal…
6af563a 
…msTest to use resolve() instead of add() now. StreamIT tests now use the correct format for route/resolve tests.
@dknoma
optimized OAuthRealm. No longer uses redundant methods: removed old g…
b772de8 
…et/supplybits and used built-in getOrDefault() and computeIfAbsent() in lookup() and resolve() respectively. better checks if there are too many scopes and reduces redundancy of checking if a scope has its bit set and doing computeIfAbsent().
jfallows
jfallows requested changes Jun 6, 2019
View reviewed changes
src/main/java/org/reaktivity/nukleus/oauth/internal/OAuthRealms.java Outdated Show resolved Hide resolved
src/main/java/org/reaktivity/nukleus/oauth/internal/OAuthRealms.java Outdated Show resolved Hide resolved
src/main/java/org/reaktivity/nukleus/oauth/internal/OAuthRealms.java Outdated Show resolved Hide resolved
src/main/java/org/reaktivity/nukleus/oauth/internal/OAuthRealms.java Outdated Show resolved Hide resolved
src/main/java/org/reaktivity/nukleus/oauth/internal/OAuthRealms.java Show resolved Hide resolved
src/main/java/org/reaktivity/nukleus/oauth/internal/OAuthRealms.java Show resolved Hide resolved
src/main/java/org/reaktivity/nukleus/oauth/internal/OAuthRealms.java Outdated Show resolved Hide resolved
src/main/java/org/reaktivity/nukleus/oauth/internal/OAuthRealms.java Outdated Show resolved Hide resolved
src/test/java/org/reaktivity/nukleus/oauth/internal/OAuthRealmsTest.java Outdated Show resolved Hide resolved
dknoma added 2 commits June 6, 2019 16:55
@dknoma
changed the way realm bit shift works to be more consistent with the …
7cfc640 
…way scope bit shifting works. fixed tests as well
@dknoma
fixed MAX_SCOPES check in resolve(). also created a helper method in …
017aa7d 
…OAuthRealmsTest, newSignedSignature(), to create a new signed signature for testing RESOLVE
@dknoma
fixed ControllerIT tests to assert the correct authorization bits. ap…
f0e40e0 
…plied change to use this::assignScopeBit in computeIfAbsent
dknoma added 4 commits June 7, 2019 13:45
@dknoma
changed variable names to be consistent with their function and purpo…
1d1346a 
…se. fixed imports to be alphabetical
@dknoma
changed variable names to be consistent with their function and purpo…
29af370 
…se. fixed imports to be alphabetical
@dknoma
set up previously unimplemented tests. also created and updated a few…
a5b20ca 
… too.many.realms tests. too many realms or scopes trying to be resolved will end up with NO_AUTHORIZATION (0) due to IllegalStateExceptions. Maybe want to change this later
@dknoma
set up previously unimplemented tests. also created and updated a few…
1f71897 
… too.many.realms tests. too many realms or scopes trying to be resolved will end up with NO_AUTHORIZATION (0) due to IllegalStateExceptions. Maybe want to change this later
jfallows
jfallows requested changes Jun 10, 2019
View reviewed changes
Copy link
Contributor

@jfallows jfallows left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggestions to remove need for IllegalStateException in error case.

src/main/java/org/reaktivity/nukleus/oauth/internal/OAuthRealms.java Show resolved Hide resolved
src/main/java/org/reaktivity/nukleus/oauth/internal/OAuthRealms.java Show resolved Hide resolved
src/main/java/org/reaktivity/nukleus/oauth/internal/OAuthRealms.java Outdated Show resolved Hide resolved
src/main/java/org/reaktivity/nukleus/oauth/internal/OAuthRealms.java Outdated Show resolved Hide resolved
@dknoma
removed throwing IllegalStateException. instead of throwing an error,…
eb07cf9 
… will now just make authorization be 0 and instead asserts that if condition rather than throwing the error.
@dknoma
removed second parameter from OAuthRealm constructor. Changed `this…
5a18aaf 
…::newOAuthRealm` to `OAuthRealm::new` and removed `newOAuthRealm` method.
jfallows
jfallows previously approved these changes Jun 11, 2019
View reviewed changes
@jfallows jfallows merged commit 2de6ffc into reaktivity:develop Jun 11, 2019
This was referenced Jun 11, 2019
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jfallows jfallows jfallows approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@dknoma @jfallows