GERONIMO-6697 ensure issuer validation can be optional

commit: a5f0e7ff079ddd8cddf119284f745a88a48fe770 [log] [tgz]
author: Romain Manni-Bucau <rmannibucau@gmail.com> Wed Feb 20 16:05:01 2019 +0100
committer: Romain Manni-Bucau <rmannibucau@gmail.com> Wed Feb 20 16:05:01 2019 +0100
tree: e8b8b5a88fe98f9118b80e57fc26c3adae0fe679
parent: 42de9159a41a9b7dbbbd5974fa42dd1b0147e236 [diff]
diff --git a/src/main/java/org/apache/geronimo/microprofile/impl/jwtauth/jwt/JwtParser.java b/src/main/java/org/apache/geronimo/microprofile/impl/jwtauth/jwt/JwtParser.java
index 66cd1c7..3b922df 100644
--- a/src/main/java/org/apache/geronimo/microprofile/impl/jwtauth/jwt/JwtParser.java
+++ b/src/main/java/org/apache/geronimo/microprofile/impl/jwtauth/jwt/JwtParser.java

@@ -21,6 +21,7 @@
 import java.io.ByteArrayInputStream;
 import java.net.HttpURLConnection;
 import java.util.Base64;
+import java.util.Collection;
 
 import javax.annotation.PostConstruct;
 import javax.enterprise.context.ApplicationScoped;
@@ -90,7 +91,8 @@
 
         final String alg = getAttribute(header, "alg", defaultAlg);
         final String kid = getAttribute(header, "kid", defaultKid);
-        if (kidMapper.loadIssuers(kid).noneMatch(it -> it.equals(payload.getString(Claims.iss.name())))) {
+        final Collection<String> issuers = kidMapper.loadIssuers(kid);
+        if (!issuers.isEmpty() && issuers.stream().noneMatch(it -> it.equals(payload.getString(Claims.iss.name())))) {
             throw new JwtException("Invalid issuer", HttpURLConnection.HTTP_UNAUTHORIZED);
         }
         signatureValidator.verifySignature(alg, kidMapper.loadKey(kid), jwt.substring(0, secondDot), jwt.substring(secondDot + 1));

diff --git a/src/main/java/org/apache/geronimo/microprofile/impl/jwtauth/jwt/KidMapper.java b/src/main/java/org/apache/geronimo/microprofile/impl/jwtauth/jwt/KidMapper.java
index 9a378df..8b36265 100644
--- a/src/main/java/org/apache/geronimo/microprofile/impl/jwtauth/jwt/KidMapper.java
+++ b/src/main/java/org/apache/geronimo/microprofile/impl/jwtauth/jwt/KidMapper.java

@@ -26,7 +26,6 @@
 import java.io.InputStreamReader;
 import java.nio.file.Files;
 import java.util.Collection;
-import java.util.Collections;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Map;
@@ -96,8 +95,8 @@
         return value;
     }
 
-    Stream<String> loadIssuers(final String property) {
-        return issuerMapping.getOrDefault(property, defaultIssuers).stream();
+    Collection<String> loadIssuers(final String property) {
+        return issuerMapping.getOrDefault(property, defaultIssuers);
     }
 
     private String tryLoad(final String value) {
commit	a5f0e7ff079ddd8cddf119284f745a88a48fe770	[log] [tgz]
author	Romain Manni-Bucau <rmannibucau@gmail.com>	Wed Feb 20 16:05:01 2019 +0100
committer	Romain Manni-Bucau <rmannibucau@gmail.com>	Wed Feb 20 16:05:01 2019 +0100
tree	e8b8b5a88fe98f9118b80e57fc26c3adae0fe679
parent	42de9159a41a9b7dbbbd5974fa42dd1b0147e236 [diff]