#195 review fixes, bump up jackson to 2.17.1

adorsys · Jun 25, 2024 · 00d9c1b · 00d9c1b
1 parent ee919fa
commit 00d9c1b
Show file tree

Hide file tree

Showing 6 changed files with 34 additions and 22 deletions.
diff --git a/pom.xml b/pom.xml
@@ -54,8 +54,8 @@
         <shedlock.version>5.3.0</shedlock.version>
         <openapi.version>2.5.0</openapi.version>
         <swagger-annotations.version>2.2.22</swagger-annotations.version>
-        <jackson.version>2.15.1</jackson.version>
-        <jackson-databind.version>2.15.1</jackson-databind.version>
+        <jackson.version>2.17.1</jackson.version>
+        <jackson-databind.version>2.17.1</jackson-databind.version>
         <keycloak.version>22.0.4</keycloak.version>
         <surefire.version>3.2.5</surefire.version>
         <failsafe.version>3.2.5</failsafe.version>

diff --git a/.../src/test/java/de/adorsys/sts/tests/e2e/tokenexchange/TokenExchangeControllerJpaTest.java b/.../src/test/java/de/adorsys/sts/tests/e2e/tokenexchange/TokenExchangeControllerJpaTest.java
@@ -7,7 +7,6 @@
 import de.adorsys.sts.tests.config.WithTokenExchangeConfig;
 import de.adorsys.sts.tests.config.WithoutWebSecurityConfig;
 import de.adorsys.sts.token.tokenexchange.TokenExchangeConstants;
-import de.adorsys.sts.token.tokenexchange.server.TokenExchangeRestController;
 import lombok.SneakyThrows;
 import org.junit.jupiter.api.Test;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -38,7 +37,7 @@ void tokenExchangeTest() {
 
         clock.setInstant(Instant.ofEpochMilli(1516239022000L));
 
-        mvc.perform(post(TokenExchangeRestController.DEFAULT_PATH)
+        mvc.perform(post("/token/token-exchange")
                         .accept(MediaType.APPLICATION_JSON_VALUE)
                         .contentType(MediaType.APPLICATION_FORM_URLENCODED_VALUE)
                         .param("grant_type", TokenExchangeConstants.TOKEN_EXCHANGE_OAUTH_GRANT_TYPE)

diff --git a/sts-spring/pom.xml b/sts-spring/pom.xml
@@ -76,7 +76,7 @@
         <dependency>
             <groupId>com.fasterxml.jackson.module</groupId>
             <artifactId>jackson-module-jakarta-xmlbind-annotations</artifactId>
-            <version>2.15.0</version>
+            <version>${jackson.version}</version>
         </dependency>
 
         <dependency>

diff --git a/sts-spring/src/main/java/de/adorsys/sts/token/authentication/LoggingAuthServer.java b/sts-spring/src/main/java/de/adorsys/sts/token/authentication/LoggingAuthServer.java
@@ -2,9 +2,11 @@
 
 import com.nimbusds.jose.jwk.JWK;
 import de.adorsys.sts.tokenauth.AuthServer;
+import lombok.extern.slf4j.Slf4j;
 
 import java.util.List;
 
+@Slf4j
 public class LoggingAuthServer extends AuthServer {
 
     public LoggingAuthServer(String name, String issUrl, String jwksUrl, int refreshIntervalSeconds, String keyCloakUrl) {
@@ -14,5 +16,9 @@ public LoggingAuthServer(String name, String issUrl, String jwksUrl, int refresh
     @Override
     protected void onJsonWebKeySetRetrieved(List<JWK> jwks) {
         super.onJsonWebKeySetRetrieved(jwks);
+
+        if(log.isDebugEnabled()) {
+            log.debug("Retrieved remote JWKS: {}", jwks);
+        }
     }
 }
diff --git a/...ring/src/main/java/de/adorsys/sts/token/tokenexchange/server/TokenExchangeController.java b/...ring/src/main/java/de/adorsys/sts/token/tokenexchange/server/TokenExchangeController.java
@@ -14,6 +14,7 @@
 import io.swagger.v3.oas.annotations.media.Schema;
 import io.swagger.v3.oas.annotations.responses.ApiResponse;
 import jakarta.servlet.http.HttpServletRequest;
+import lombok.AccessLevel;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.http.MediaType;
@@ -23,7 +24,7 @@
 import org.springframework.web.bind.annotation.RequestBody;
 
 @Slf4j
-@RequiredArgsConstructor
+@RequiredArgsConstructor(access = AccessLevel.PROTECTED)
 public class TokenExchangeController {
 
     private final TokenExchangeService tokenExchangeService;
@@ -36,31 +37,39 @@ public class TokenExchangeController {
     public ResponseEntity<Object> tokenExchange(@RequestBody @ModelAttribute TokenRequestForm tokenRequestForm, HttpServletRequest servletRequest) {
         if (log.isTraceEnabled()) log.trace("POST tokenExchange started...");
 
-        TokenExchangeRequest tokenExchange = TokenExchangeRequest.builder()
-                .grantType(tokenRequestForm.getGrantType())
-                .resources(tokenRequestForm.getResources())
-                .subjectToken(tokenRequestForm.getSubjectToken())
-                .subjectTokenType(tokenRequestForm.getSubjectTokenType())
-                .actorToken(tokenRequestForm.getActorToken())
-                .actorTokenType(tokenRequestForm.getActorTokenType())
-                .issuer(ResponseUtils.getIssuer(servletRequest))
-                .scope(tokenRequestForm.getScope())
-                .requestedTokenType(tokenRequestForm.getRequestedTokenType())
-                .audiences(tokenRequestForm.getAudiences())
-                .build();
+        TokenExchangeRequest tokenExchange = getTokenExchangeRequest(tokenRequestForm, servletRequest);
 
+        String errorMessage = "";
         try {
             TokenResponse tokenResponse = tokenExchangeService.exchangeToken(tokenExchange);
             return ResponseEntity.ok(tokenResponse);
         } catch (InvalidParameterException e) {
+            errorMessage = e.getMessage();
             return ResponseUtils.invalidParam(e.getMessage());
         } catch (MissingParameterException e) {
+            errorMessage = e.getMessage();
             return ResponseUtils.missingParam(e.getMessage());
         } catch (TokenValidationException e) {
+            errorMessage = e.getMessage();
             ResponseEntity<Object> errorData = ResponseUtils.invalidParam(e.getMessage());
             return ResponseEntity.badRequest().body(errorData);
         } finally {
-            if (log.isTraceEnabled()) log.trace("POST tokenExchange finished.");
+            if (log.isTraceEnabled()) log.trace("POST tokenExchange finished: {}", errorMessage);
         }
     }
+
+    private static TokenExchangeRequest getTokenExchangeRequest(TokenRequestForm tokenRequestForm, HttpServletRequest servletRequest) {
+        return TokenExchangeRequest.builder()
+                .grantType(tokenRequestForm.getGrantType())
+                .resources(tokenRequestForm.getResources())
+                .subjectToken(tokenRequestForm.getSubjectToken())
+                .subjectTokenType(tokenRequestForm.getSubjectTokenType())
+                .actorToken(tokenRequestForm.getActorToken())
+                .actorTokenType(tokenRequestForm.getActorTokenType())
+                .issuer(ResponseUtils.getIssuer(servletRequest))
+                .scope(tokenRequestForm.getScope())
+                .requestedTokenType(tokenRequestForm.getRequestedTokenType())
+                .audiences(tokenRequestForm.getAudiences())
+                .build();
+    }
 }
diff --git a/.../src/main/java/de/adorsys/sts/token/tokenexchange/server/TokenExchangeRestController.java b/.../src/main/java/de/adorsys/sts/token/tokenexchange/server/TokenExchangeRestController.java
@@ -9,11 +9,9 @@
 @RestController
 @Tag(name = "Token Exchange", description = "Token exchange, token degradation endpoint")
 @TokenResource
-@RequestMapping(path = TokenExchangeRestController.DEFAULT_PATH)
+@RequestMapping(path = "/token/token-exchange")
 public class TokenExchangeRestController extends TokenExchangeController {
 
-    public static final String DEFAULT_PATH = "/token/token-exchange";
-
     public TokenExchangeRestController(TokenExchangeService tokenExchangeService) {
         super(tokenExchangeService);
     }