Skip to content

Commit 07ea314

Browse files
lbalmacedalbalmaceda
committed
restrict again the classes to verify but allow arrays
1 parent 59ac5e4 commit 07ea314

File tree

3 files changed

+116
-36
lines changed

3 files changed

+116
-36
lines changed

README.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -286,6 +286,8 @@ JWT.require(Algorithm.HMAC256("secret"))
286286
.verify("my.jwt.token");
287287
```
288288

289+
> Currently supported classes for custom Claim verification are: Boolean, Integer, Double, String, Date and Array of types String and Integer.
290+
289291

290292
### Claim Class
291293
The Claim class is a wrapper for the Claim values. It allows you to get the Claim as different class types. The available helpers are:

lib/src/main/java/com/auth0/jwt/JWTVerifier.java

Lines changed: 105 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -99,9 +99,7 @@ public Verification withAudience(String... audience) {
9999
* @throws IllegalArgumentException if leeway is negative.
100100
*/
101101
public Verification acceptLeeway(long leeway) throws IllegalArgumentException {
102-
if (leeway < 0) {
103-
throw new IllegalArgumentException("Leeway value can't be negative.");
104-
}
102+
assertPositive(leeway);
105103
this.defaultLeeway = leeway;
106104
return this;
107105
}
@@ -115,9 +113,7 @@ public Verification acceptLeeway(long leeway) throws IllegalArgumentException {
115113
* @throws IllegalArgumentException if leeway is negative.
116114
*/
117115
public Verification acceptExpiresAt(long leeway) throws IllegalArgumentException {
118-
if (leeway < 0) {
119-
throw new IllegalArgumentException("Leeway value can't be negative.");
120-
}
116+
assertPositive(leeway);
121117
requireClaim(PublicClaims.EXPIRES_AT, leeway);
122118
return this;
123119
}
@@ -131,9 +127,7 @@ public Verification acceptExpiresAt(long leeway) throws IllegalArgumentException
131127
* @throws IllegalArgumentException if leeway is negative.
132128
*/
133129
public Verification acceptNotBefore(long leeway) throws IllegalArgumentException {
134-
if (leeway < 0) {
135-
throw new IllegalArgumentException("Leeway value can't be negative.");
136-
}
130+
assertPositive(leeway);
137131
requireClaim(PublicClaims.NOT_BEFORE, leeway);
138132
return this;
139133
}
@@ -147,9 +141,7 @@ public Verification acceptNotBefore(long leeway) throws IllegalArgumentException
147141
* @throws IllegalArgumentException if leeway is negative.
148142
*/
149143
public Verification acceptIssuedAt(long leeway) throws IllegalArgumentException {
150-
if (leeway < 0) {
151-
throw new IllegalArgumentException("Leeway value can't be negative.");
152-
}
144+
assertPositive(leeway);
153145
requireClaim(PublicClaims.ISSUED_AT, leeway);
154146
return this;
155147
}
@@ -173,15 +165,96 @@ public Verification withJWTId(String jwtId) {
173165
* @return this same Verification instance.
174166
* @throws IllegalArgumentException if the name is null.
175167
*/
176-
public Verification withClaim(String name, Object value) throws IllegalArgumentException {
177-
if (name == null) {
178-
throw new IllegalArgumentException("The Custom Claim's name can't be null.");
179-
}
168+
public Verification withClaim(String name, Boolean value) throws IllegalArgumentException {
169+
assertNonNull(name);
170+
requireClaim(name, value);
171+
return this;
172+
}
173+
174+
/**
175+
* Require a specific Claim value.
176+
*
177+
* @param name the Claim's name.
178+
* @param value the Claim's value.
179+
* @return this same Verification instance.
180+
* @throws IllegalArgumentException if the name is null.
181+
*/
182+
public Verification withClaim(String name, Integer value) throws IllegalArgumentException {
183+
assertNonNull(name);
184+
requireClaim(name, value);
185+
return this;
186+
}
180187

188+
/**
189+
* Require a specific Claim value.
190+
*
191+
* @param name the Claim's name.
192+
* @param value the Claim's value.
193+
* @return this same Verification instance.
194+
* @throws IllegalArgumentException if the name is null.
195+
*/
196+
public Verification withClaim(String name, Double value) throws IllegalArgumentException {
197+
assertNonNull(name);
181198
requireClaim(name, value);
182199
return this;
183200
}
184201

202+
/**
203+
* Require a specific Claim value.
204+
*
205+
* @param name the Claim's name.
206+
* @param value the Claim's value.
207+
* @return this same Verification instance.
208+
* @throws IllegalArgumentException if the name is null.
209+
*/
210+
public Verification withClaim(String name, String value) throws IllegalArgumentException {
211+
assertNonNull(name);
212+
requireClaim(name, value);
213+
return this;
214+
}
215+
216+
/**
217+
* Require a specific Claim value.
218+
*
219+
* @param name the Claim's name.
220+
* @param value the Claim's value.
221+
* @return this same Verification instance.
222+
* @throws IllegalArgumentException if the name is null.
223+
*/
224+
public Verification withClaim(String name, Date value) throws IllegalArgumentException {
225+
assertNonNull(name);
226+
requireClaim(name, value);
227+
return this;
228+
}
229+
230+
/**
231+
* Require a specific Array Claim to contain at least the given items.
232+
*
233+
* @param name the Claim's name.
234+
* @param items the items the Claim must contain.
235+
* @return this same Verification instance.
236+
* @throws IllegalArgumentException if the name is null.
237+
*/
238+
public Verification withArrayClaim(String name, String... items) throws IllegalArgumentException {
239+
assertNonNull(name);
240+
requireClaim(name, items);
241+
return this;
242+
}
243+
244+
/**
245+
* Require a specific Array Claim to contain at least the given items.
246+
*
247+
* @param name the Claim's name.
248+
* @param items the items the Claim must contain.
249+
* @return this same Verification instance.
250+
* @throws IllegalArgumentException if the name is null.
251+
*/
252+
public Verification withArrayClaim(String name, Integer... items) throws IllegalArgumentException {
253+
assertNonNull(name);
254+
requireClaim(name, items);
255+
return this;
256+
}
257+
185258
/**
186259
* Creates a new and reusable instance of the JWTVerifier with the configuration already provided.
187260
*
@@ -203,6 +276,18 @@ JWTVerifier build(Clock clock) {
203276
return new JWTVerifier(algorithm, claims, clock);
204277
}
205278

279+
private void assertPositive(long leeway) {
280+
if (leeway < 0) {
281+
throw new IllegalArgumentException("Leeway value can't be negative.");
282+
}
283+
}
284+
285+
private void assertNonNull(String name) {
286+
if (name == null) {
287+
throw new IllegalArgumentException("The Custom Claim's name can't be null.");
288+
}
289+
}
290+
206291
private void addLeewayToDateClaims() {
207292
if (!claims.containsKey(PublicClaims.EXPIRES_AT)) {
208293
claims.put(PublicClaims.EXPIRES_AT, defaultLeeway);
@@ -296,8 +381,10 @@ private void assertValidClaim(Claim claim, String claimName, Object value) {
296381
isValid = value.equals(claim.asDouble());
297382
} else if (value instanceof Date) {
298383
isValid = value.equals(claim.asDate());
299-
} else {
300-
isValid = Objects.deepEquals(value, claim.as(value.getClass()));
384+
} else if (value instanceof Object[]) {
385+
List<Object> claimArr = Arrays.asList(claim.as(Object[].class));
386+
List<Object> valueArr = Arrays.asList((Object[]) value);
387+
isValid = claimArr.containsAll(valueArr);
301388
}
302389

303390
if (!isValid) {

lib/src/test/java/com/auth0/jwt/JWTVerifierTest.java

Lines changed: 9 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,9 @@
88
import org.junit.Test;
99
import org.junit.rules.ExpectedException;
1010

11-
import java.util.*;
11+
import java.util.Date;
12+
import java.util.HashMap;
13+
import java.util.Map;
1214

1315
import static org.hamcrest.Matchers.*;
1416
import static org.junit.Assert.assertThat;
@@ -254,32 +256,21 @@ public void shouldValidateCustomClaimOfTypeDate() throws Exception {
254256
}
255257

256258
@Test
257-
public void shouldValidateCustomClaimOfCustomType() throws Exception {
258-
String token = "eyJhbGciOiJIUzI1NiJ9.eyJ1c2VyIjp7Im5hbWUiOiJqb2huIiwiaWQiOjEyM319.j3e7IfnEchQEwgDs1icOyufhzAyNOYfX9fjJwV6uyZk";
259+
public void shouldValidateCustomArrayClaimOfTypeString() throws Exception {
260+
String token = "eyJhbGciOiJIUzI1NiJ9.eyJuYW1lIjpbInRleHQiLCIxMjMiLCJ0cnVlIl19.lxM8EcmK1uSZRAPd0HUhXGZJdauRmZmLjoeqz4J9yAA";
259261
DecodedJWT jwt = JWTVerifier.init(Algorithm.HMAC256("secret"))
260-
.withClaim("user", new UserPojo("john", 123))
262+
.withArrayClaim("name", "text", "123", "true")
261263
.build()
262264
.verify(token);
263265

264266
assertThat(jwt, is(notNullValue()));
265267
}
266268

267269
@Test
268-
public void shouldValidateCustomClaimOfTypeArray() throws Exception {
269-
String token = "eyJhbGciOiJIUzI1NiJ9.eyJuYW1lIjpbInRleHQiLDEyMyx0cnVlXX0.uSulPFzLSbgfG8Lpr0jq0JDMhDlGGeQrx09PHEymu1E";
270+
public void shouldValidateCustomArrayClaimOfTypeInteger() throws Exception {
271+
String token = "eyJhbGciOiJIUzI1NiJ9.eyJuYW1lIjpbMSwyLDNdfQ.UEuMKRQYrzKAiPpPLhIVawWkKWA1zj0_GderrWUIyFE";
270272
DecodedJWT jwt = JWTVerifier.init(Algorithm.HMAC256("secret"))
271-
.withClaim("name", new Object[]{"text", 123, true})
272-
.build()
273-
.verify(token);
274-
275-
assertThat(jwt, is(notNullValue()));
276-
}
277-
278-
@Test
279-
public void shouldValidateCustomClaimOfTypeList() throws Exception {
280-
String token = "eyJhbGciOiJIUzI1NiJ9.eyJuYW1lIjpbInRleHQiLDEyMyx0cnVlXX0.uSulPFzLSbgfG8Lpr0jq0JDMhDlGGeQrx09PHEymu1E";
281-
DecodedJWT jwt = JWTVerifier.init(Algorithm.HMAC256("secret"))
282-
.withClaim("name", new ArrayList<>(Arrays.asList("text", 123, true)))
273+
.withArrayClaim("name", 1, 2, 3)
283274
.build()
284275
.verify(token);
285276

0 commit comments

Comments
 (0)