From 963819a19c78fbe2dc07d28b079c3a561a83fa57 Mon Sep 17 00:00:00 2001
From: Felix Sidokhine <felix.sidokhine@randstad.ca>
Date: Thu, 14 May 2020 01:39:19 +0300
Subject: [PATCH] fixed module dependency issue
---
authentication-module/pom.xml | 5 +++++
jams-server/pom.xml | 5 +++++
.../servlets/filters/InstallFilter.java | 20 ++++++++++---------
pom.xml | 1 +
4 files changed, 22 insertions(+), 9 deletions(-)
diff --git a/authentication-module/pom.xml b/authentication-module/pom.xml
index dd588562..97db28fb 100644
--- a/authentication-module/pom.xml
+++ b/authentication-module/pom.xml
@@ -34,6 +34,11 @@
<artifactId>nimbus-jose-jwt</artifactId>
<version>${nimbus.jwt.version}</version>
</dependency>
+ <dependency>
+ <groupId>org.ow2.asm</groupId>
+ <artifactId>asm</artifactId>
+ <version>${asm.version}</version>
+ </dependency>
</dependencies>
<build>
diff --git a/jams-server/pom.xml b/jams-server/pom.xml
index 5a996447..16d4bc93 100644
--- a/jams-server/pom.xml
+++ b/jams-server/pom.xml
@@ -61,6 +61,11 @@
<artifactId>nimbus-jose-jwt</artifactId>
<version>${nimbus.jwt.version}</version>
</dependency>
+ <dependency>
+ <groupId>org.ow2.asm</groupId>
+ <artifactId>asm</artifactId>
+ <version>${asm.version}</version>
+ </dependency>
</dependencies>
<build>
diff --git a/jams-server/src/main/java/net/jami/jams/server/servlets/filters/InstallFilter.java b/jams-server/src/main/java/net/jami/jams/server/servlets/filters/InstallFilter.java
index 696cec90..e653da22 100644
--- a/jams-server/src/main/java/net/jami/jams/server/servlets/filters/InstallFilter.java
+++ b/jams-server/src/main/java/net/jami/jams/server/servlets/filters/InstallFilter.java
@@ -31,16 +31,18 @@ public class InstallFilter implements Filter {
boolean isLogin = false;
if(request.getServletPath().contains("start")) isLogin = true;
SignedJWT signedJWT = null;
- try {
- JWSVerifier jwsVerifier = new RSASSAVerifier(userAuthenticationModule.getAuthModulePubKey());
- signedJWT = SignedJWT.parse(request.getHeader("Bearer"));
- if(signedJWT.verify(jwsVerifier) && signedJWT.getJWTClaimsSet().getExpirationTime().compareTo(new Date()) > 0){
- authsuccess = true;
- request.setAttribute("username",signedJWT.getJWTClaimsSet().getSubject());
- request.setAttribute("accessLevel",signedJWT.getJWTClaimsSet().getClaim("scope"));
+ if(request.getHeader("Bearer") != null) {
+ try {
+ JWSVerifier jwsVerifier = new RSASSAVerifier(userAuthenticationModule.getAuthModulePubKey());
+ signedJWT = SignedJWT.parse(request.getHeader("Bearer"));
+ if (signedJWT.verify(jwsVerifier) && signedJWT.getJWTClaimsSet().getExpirationTime().compareTo(new Date()) > 0) {
+ authsuccess = true;
+ request.setAttribute("username", signedJWT.getJWTClaimsSet().getSubject());
+ request.setAttribute("accessLevel", signedJWT.getJWTClaimsSet().getClaim("scope"));
+ }
+ } catch (Exception e) {
+ log.info("Received an invalid token, declining access...");
}
- } catch (Exception e) {
- log.info("Received an invalid token, declining access...");
}
if(authsuccess || isLogin) filterChain.doFilter(servletRequest,servletResponse);
else response.sendError(403,"You are not authorized to access this page!");
diff --git a/pom.xml b/pom.xml
index bd0f1c42..1da1ddf2 100644
--- a/pom.xml
+++ b/pom.xml
@@ -45,6 +45,7 @@
<javax.servlet.version>4.0.1</javax.servlet.version>
<maven.clean.version>3.1.0</maven.clean.version>
<nimbus.jwt.version>8.17</nimbus.jwt.version>
+ <asm.version>8.0</asm.version>
</properties>
<dependencies>
--
GitLab