GERONIMO-6725 ensure JAXRS ContainerFilterRequest can mutate headers
diff --git a/src/main/java/org/apache/geronimo/microprofile/impl/jwtauth/jaxrs/JAXRSRequestForwarder.java b/src/main/java/org/apache/geronimo/microprofile/impl/jwtauth/jaxrs/JAXRSRequestForwarder.java
new file mode 100644
index 0000000..d3f206e
--- /dev/null
+++ b/src/main/java/org/apache/geronimo/microprofile/impl/jwtauth/jaxrs/JAXRSRequestForwarder.java
@@ -0,0 +1,48 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.geronimo.microprofile.impl.jwtauth.jaxrs;
+
+import javax.annotation.Priority;
+import javax.enterprise.context.Dependent;
+import javax.servlet.http.HttpServletRequest;
+import javax.ws.rs.Priorities;
+import javax.ws.rs.container.ContainerRequestContext;
+import javax.ws.rs.container.ContainerRequestFilter;
+import javax.ws.rs.core.Context;
+import javax.ws.rs.ext.Provider;
+
+import org.apache.geronimo.microprofile.impl.jwtauth.servlet.JwtRequest;
+
+@Provider
+@Dependent
+@Priority(Priorities.AUTHENTICATION - 1)
+public class JAXRSRequestForwarder implements ContainerRequestFilter {
+ @Context
+ private HttpServletRequest request;
+
+ @Override
+ public void filter(final ContainerRequestContext requestContext) {
+ final JwtRequest jwtRequest = JwtRequest.class.cast(request.getAttribute(JwtRequest.class.getName()));
+ if (jwtRequest == null) {
+ return;
+ }
+ final String value = requestContext.getHeaders().getFirst(jwtRequest.getHeaderName());
+ if (value != null) {
+ jwtRequest.setAttribute(JAXRSRequestForwarder.class.getName() + ".header", value);
+ }
+ }
+}
diff --git a/src/main/java/org/apache/geronimo/microprofile/impl/jwtauth/servlet/JwtRequest.java b/src/main/java/org/apache/geronimo/microprofile/impl/jwtauth/servlet/JwtRequest.java
index 7510fc7..fc346b4 100644
--- a/src/main/java/org/apache/geronimo/microprofile/impl/jwtauth/servlet/JwtRequest.java
+++ b/src/main/java/org/apache/geronimo/microprofile/impl/jwtauth/servlet/JwtRequest.java
@@ -34,16 +34,19 @@
import javax.servlet.http.HttpServletResponse;
import org.apache.geronimo.microprofile.impl.jwtauth.JwtException;
+import org.apache.geronimo.microprofile.impl.jwtauth.jaxrs.JAXRSRequestForwarder;
import org.apache.geronimo.microprofile.impl.jwtauth.jwt.JwtParser;
import org.eclipse.microprofile.jwt.JsonWebToken;
public class JwtRequest extends HttpServletRequestWrapper implements TokenAccessor {
private final Supplier<JsonWebToken> tokenExtractor;
+ private final String headerName;
private volatile JsonWebToken token; // cache for perf reasons
public JwtRequest(final JwtParser service, final String header, final String cookie,
final String prefix, final HttpServletRequest request) {
super(request);
+ this.headerName = header;
this.tokenExtractor = () -> {
if (token != null) {
@@ -56,7 +59,11 @@
}
boolean fromHeader = true;
- String auth = getHeader(header);
+ String auth = String.class.cast(
+ getAttribute("org.apache.geronimo.microprofile.impl.jwtauth.jaxrs.JAXRSRequestForwarder.header"));
+ if (auth == null) {
+ auth = getHeader(header);
+ }
if (auth == null) {
final Cookie[] cookies = getCookies();
if (cookies != null) {
@@ -98,6 +105,10 @@
});
}
+ public String getHeaderName() {
+ return headerName;
+ }
+
public TokenAccessor asTokenAccessor() {
return this;
}