allow to require a custom class Claim

lbalmaceda · lbalmaceda · commit 59ac5e4423bf · 2016-12-15T10:08:28.000-03:00
diff --git a/README.md b/README.md
@@ -300,7 +300,7 @@ The Claim class is a wrapper for the Claim values. It allows you to get the Clai
 #### Custom Class and Collections
 To obtain a Claim as a Collection you'll need to provide the **Class Type** of the contents to convert from.
 
-* **as(class)**: Returns the value parsed as **Class Type**.
+* **as(class)**: Returns the value parsed as **Class Type**. For collections you should use the `asArray` and `asList` methods.
 * **asArray(class)**: Returns the value parsed as an Array of elements of type **Class Type**, or null if the value isn't a JSON Array.
 * **asList(class)**: Returns the value parsed as a List of elements of type **Class Type**, or null if the value isn't a JSON Array.
 
diff --git a/lib/src/main/java/com/auth0/jwt/JWTVerifier.java b/lib/src/main/java/com/auth0/jwt/JWTVerifier.java
@@ -168,20 +168,15 @@ public Verification withJWTId(String jwtId) {
         /**
          * Require a specific Claim value.
          *
-         * @param name  the Claim's name
-         * @param value the Claim's value. Must be an instance of Integer, Double, Boolean, Date or String class.
+         * @param name  the Claim's name.
+         * @param value the Claim's value.
          * @return this same Verification instance.
-         * @throws IllegalArgumentException if the name is null or the value class is not allowed.
+         * @throws IllegalArgumentException if the name is null.
          */
         public Verification withClaim(String name, Object value) throws IllegalArgumentException {
-            final boolean validValue = value instanceof Integer || value instanceof Double ||
-                    value instanceof Boolean || value instanceof Date || value instanceof String;
             if (name == null) {
                 throw new IllegalArgumentException("The Custom Claim's name can't be null.");
             }
-            if (!validValue) {
-                throw new IllegalArgumentException("The Custom Claim's value class must be an instance of Integer, Double, Boolean, Date or String.");
-            }
 
             requireClaim(name, value);
             return this;
@@ -301,6 +296,8 @@ private void assertValidClaim(Claim claim, String claimName, Object value) {
             isValid = value.equals(claim.asDouble());
         } else if (value instanceof Date) {
             isValid = value.equals(claim.asDate());
+        } else {
+            isValid = Objects.deepEquals(value, claim.as(value.getClass()));
         }
 
         if (!isValid) {
diff --git a/lib/src/main/java/com/auth0/jwt/impl/JsonNodeClaim.java b/lib/src/main/java/com/auth0/jwt/impl/JsonNodeClaim.java
@@ -6,6 +6,7 @@
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.ObjectMapper;
 
+import java.io.IOException;
 import java.lang.reflect.Array;
 import java.util.ArrayList;
 import java.util.Date;
@@ -93,8 +94,8 @@ public <T> List<T> asList(Class<T> tClazz) throws JWTDecodeException {
     public <T> T as(Class<T> tClazz) throws JWTDecodeException {
         ObjectMapper mapper = new ObjectMapper();
         try {
-            return mapper.treeToValue(data, tClazz);
-        } catch (JsonProcessingException e) {
+            return mapper.treeAsTokens(data).readValueAs(tClazz);
+        } catch (IOException e) {
             throw new JWTDecodeException("Couldn't map the Claim value to " + tClazz.getSimpleName(), e);
         }
     }
diff --git a/lib/src/test/java/com/auth0/jwt/JWTVerifierTest.java b/lib/src/test/java/com/auth0/jwt/JWTVerifierTest.java
@@ -8,9 +8,7 @@
 import org.junit.Test;
 import org.junit.rules.ExpectedException;
 
-import java.util.Date;
-import java.util.HashMap;
-import java.util.Map;
+import java.util.*;
 
 import static org.hamcrest.Matchers.*;
 import static org.junit.Assert.assertThat;
@@ -132,14 +130,6 @@ public void shouldThrowOnNullCustomClaimName() throws Exception {
                 .withClaim(null, "value");
     }
 
-    @Test
-    public void shouldThrowOnIllegalCustomClaimValueClass() throws Exception {
-        exception.expect(IllegalArgumentException.class);
-        exception.expectMessage("The Custom Claim's value class must be an instance of Integer, Double, Boolean, Date or String.");
-        JWTVerifier.init(Algorithm.HMAC256("secret"))
-                .withClaim("name", new Object());
-    }
-
     @Test
     public void shouldThrowOnInvalidCustomClaimValueOfTypeString() throws Exception {
         exception.expect(InvalidClaimException.class);
@@ -263,6 +253,38 @@ public void shouldValidateCustomClaimOfTypeDate() throws Exception {
         assertThat(jwt, is(notNullValue()));
     }
 
+    @Test
+    public void shouldValidateCustomClaimOfCustomType() throws Exception {
+        String token = "eyJhbGciOiJIUzI1NiJ9.eyJ1c2VyIjp7Im5hbWUiOiJqb2huIiwiaWQiOjEyM319.j3e7IfnEchQEwgDs1icOyufhzAyNOYfX9fjJwV6uyZk";
+        DecodedJWT jwt = JWTVerifier.init(Algorithm.HMAC256("secret"))
+                .withClaim("user", new UserPojo("john", 123))
+                .build()
+                .verify(token);
+
+        assertThat(jwt, is(notNullValue()));
+    }
+
+    @Test
+    public void shouldValidateCustomClaimOfTypeArray() throws Exception {
+        String token = "eyJhbGciOiJIUzI1NiJ9.eyJuYW1lIjpbInRleHQiLDEyMyx0cnVlXX0.uSulPFzLSbgfG8Lpr0jq0JDMhDlGGeQrx09PHEymu1E";
+        DecodedJWT jwt = JWTVerifier.init(Algorithm.HMAC256("secret"))
+                .withClaim("name", new Object[]{"text", 123, true})
+                .build()
+                .verify(token);
+
+        assertThat(jwt, is(notNullValue()));
+    }
+
+    @Test
+    public void shouldValidateCustomClaimOfTypeList() throws Exception {
+        String token = "eyJhbGciOiJIUzI1NiJ9.eyJuYW1lIjpbInRleHQiLDEyMyx0cnVlXX0.uSulPFzLSbgfG8Lpr0jq0JDMhDlGGeQrx09PHEymu1E";
+        DecodedJWT jwt = JWTVerifier.init(Algorithm.HMAC256("secret"))
+                .withClaim("name", new ArrayList<>(Arrays.asList("text", 123, true)))
+                .build()
+                .verify(token);
+
+        assertThat(jwt, is(notNullValue()));
+    }
 
     // Generic Delta
     @SuppressWarnings("RedundantCast")
diff --git a/lib/src/test/java/com/auth0/jwt/impl/JsonNodeClaimTest.java b/lib/src/test/java/com/auth0/jwt/impl/JsonNodeClaimTest.java
@@ -7,13 +7,15 @@
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.fasterxml.jackson.databind.node.MissingNode;
 import com.fasterxml.jackson.databind.node.NullNode;
-import org.hamcrest.collection.IsMapContaining;
 import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;
 import org.junit.rules.ExpectedException;
 
-import java.util.*;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.Date;
+import java.util.Map;
 
 import static com.auth0.jwt.impl.JWTParser.getDefaultObjectMapper;
 import static com.auth0.jwt.impl.JsonNodeClaim.claimFromNode;
@@ -223,16 +225,16 @@ public void shouldThrowIfCustomClassMismatch() throws Exception {
         claim.as(String.class);
     }
 
-    @SuppressWarnings("unchecked")
+    @SuppressWarnings({"unchecked", "RedundantCast"})
     @Test
     public void shouldGetAsMapValue() throws Exception {
         JsonNode value = mapper.valueToTree(Collections.singletonMap("key", new UserPojo("john", 123)));
         Claim claim = claimFromNode(value);
 
         assertThat(claim, is(notNullValue()));
         Map map = claim.as(Map.class);
-        assertThat(((HashMap<String, Object>) map.get("key")), IsMapContaining.hasEntry("name", "john"));
-        assertThat(((HashMap<String, Object>) map.get("key")), IsMapContaining.hasEntry("id", 123));
+        assertThat(((Map<String, Object>) map.get("key")), hasEntry("name", (Object) "john"));
+        assertThat(((Map<String, Object>) map.get("key")), hasEntry("id", (Object) 123));
     }
 
     @Test
diff --git a/lib/src/test/java/com/auth0/jwt/impl/NullClaimTest.java b/lib/src/test/java/com/auth0/jwt/impl/NullClaimTest.java
@@ -8,7 +8,7 @@
 import static org.hamcrest.Matchers.nullValue;
 import static org.junit.Assert.assertThat;
 
-public class BaseClaimTest {
+public class NullClaimTest {
     private NullClaim claim;
 
     @Before
@@ -56,4 +56,9 @@ public void shouldGetAsList() throws Exception {
         assertThat(claim.asList(Object.class), is(nullValue()));
     }
 
+    @Test
+    public void shouldGetAsCustomClass() throws Exception {
+        assertThat(claim.as(Object.class), is(nullValue()));
+    }
+
 }
