This is an automated email from the git hooks/post-receive script. New commit to branch develop in repository coselmar. See http://git.codelutin.com/coselmar.git commit 6397169dddaa7bd7e765cde49100e89d756ba956 Author: Yannick Martel <martel@©odelutin.com> Date: Fri Feb 13 16:44:20 2015 +0100 some version upgrade --- .../services/CoselmarWebServiceSupport.java | 20 +++++++-- .../coselmar/services/UsersWebServiceTest.java | 5 +-- coselmar-ui/pom.xml | 2 - coselmar-ui/src/main/webapp/index.html | 24 +++++----- pom.xml | 52 ++++++++++++++-------- 5 files changed, 65 insertions(+), 38 deletions(-) diff --git a/coselmar-rest/src/main/java/fr/ifremer/coselmar/services/CoselmarWebServiceSupport.java b/coselmar-rest/src/main/java/fr/ifremer/coselmar/services/CoselmarWebServiceSupport.java index e634047..079560d 100644 --- a/coselmar-rest/src/main/java/fr/ifremer/coselmar/services/CoselmarWebServiceSupport.java +++ b/coselmar-rest/src/main/java/fr/ifremer/coselmar/services/CoselmarWebServiceSupport.java @@ -33,6 +33,7 @@ import java.util.Locale; import java.util.Map; import com.auth0.jwt.JWTVerifier; +import com.auth0.jwt.JWTVerifyException; import fr.ifremer.coselmar.beans.UserWebToken; import fr.ifremer.coselmar.config.CoselmarServicesConfig; import fr.ifremer.coselmar.exceptions.CoselmarTechnicalException; @@ -44,7 +45,6 @@ import fr.ifremer.coselmar.persistence.entity.DocumentTopiaDao; import fr.ifremer.coselmar.persistence.entity.QuestionTopiaDao; import fr.ifremer.coselmar.services.errors.InvalidCredentialException; import fr.ifremer.coselmar.services.v1.DocumentsWebService; -import org.apache.commons.codec.binary.Base64; import org.apache.commons.lang3.StringUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -149,7 +149,7 @@ public abstract class CoselmarWebServiceSupport extends WebMotionController impl try { String webSecurityKey = getServicesContext().getCoselmarServicesConfig().getWebSecurityKey(); - JWTVerifier jwtVerifier = new JWTVerifier(Base64.encodeBase64String(webSecurityKey.getBytes("utf8")), "audience"); + JWTVerifier jwtVerifier = new JWTVerifier(webSecurityKey, "audience"); String token = StringUtils.replace(authorization, "Bearer ", ""); Map<String, Object> claims = jwtVerifier.verify(token); @@ -169,6 +169,13 @@ public abstract class CoselmarWebServiceSupport extends WebMotionController impl log.error("Error during JWT verification : bad signature!", e); } throw new InvalidCredentialException("Error with signature"); + + } catch (JWTVerifyException e) { + // Error during Payload verification + if (log.isErrorEnabled()) { + log.error("Error during JWT verification : bad claims!", e); + } + throw new InvalidCredentialException("Error with claims"); } } @@ -188,7 +195,7 @@ public abstract class CoselmarWebServiceSupport extends WebMotionController impl try { String webSecurityKey = getServicesContext().getCoselmarServicesConfig().getWebSecurityKey(); - JWTVerifier jwtVerifier = new JWTVerifier(Base64.encodeBase64String(webSecurityKey.getBytes("utf8")), "audience"); + JWTVerifier jwtVerifier = new JWTVerifier(webSecurityKey, "audience"); String token = StringUtils.replace(authorization, "Bearer ", ""); Map<String, Object> claims = jwtVerifier.verify(token); @@ -214,6 +221,13 @@ public abstract class CoselmarWebServiceSupport extends WebMotionController impl } throw new InvalidCredentialException("Error with signature"); + } catch (JWTVerifyException e) { + // Error during Payload verification + if (log.isErrorEnabled()) { + log.error("Error during JWT verification : bad claims!", e); + } + throw new InvalidCredentialException("Error with claims"); + } catch (TopiaNoResultException e) { // User not found, maybe old token ? Or well faked ! if (log.isErrorEnabled()) { diff --git a/coselmar-rest/src/test/java/fr/ifremer/coselmar/services/UsersWebServiceTest.java b/coselmar-rest/src/test/java/fr/ifremer/coselmar/services/UsersWebServiceTest.java index 23ac5de..aad8af9 100644 --- a/coselmar-rest/src/test/java/fr/ifremer/coselmar/services/UsersWebServiceTest.java +++ b/coselmar-rest/src/test/java/fr/ifremer/coselmar/services/UsersWebServiceTest.java @@ -29,7 +29,6 @@ import java.util.Map; import com.auth0.jwt.JWTVerifier; import com.google.gson.Gson; -import org.apache.commons.codec.binary.Base64; import org.apache.http.HttpResponse; import org.apache.http.StatusLine; import org.apache.http.client.fluent.Request; @@ -70,7 +69,7 @@ public class UsersWebServiceTest extends AbstractCoselmarWebServiceTest { Map<String, String> map = gson.fromJson(loginContent, Map.class); String webSecurityKey = getServiceContext().getCoselmarServicesConfig().getWebSecurityKey(); - JWTVerifier jwtVerifier = new JWTVerifier(Base64.encodeBase64String(webSecurityKey.getBytes("utf8")), "audience"); + JWTVerifier jwtVerifier = new JWTVerifier(webSecurityKey, "audience"); String token = map.get("jwt"); jwtVerifier.verify(token); } @@ -115,7 +114,7 @@ public class UsersWebServiceTest extends AbstractCoselmarWebServiceTest { Map<String, String> newUserLoginMap = gson.fromJson(loginContent, Map.class); String webSecurityKey = getServiceContext().getCoselmarServicesConfig().getWebSecurityKey(); - JWTVerifier jwtVerifier = new JWTVerifier(Base64.encodeBase64String(webSecurityKey.getBytes("utf8")), "audience"); + JWTVerifier jwtVerifier = new JWTVerifier(webSecurityKey, "audience"); String token = newUserLoginMap.get("jwt"); jwtVerifier.verify(token); } diff --git a/coselmar-ui/pom.xml b/coselmar-ui/pom.xml index 1568b57..0bde332 100644 --- a/coselmar-ui/pom.xml +++ b/coselmar-ui/pom.xml @@ -54,14 +54,12 @@ <dependency> <groupId>org.webjars</groupId> <artifactId>jquery</artifactId> - <version>2.1.1</version> <scope>runtime</scope> </dependency> <dependency> <groupId>org.webjars</groupId> <artifactId>font-awesome</artifactId> - <version>4.2.0</version> <scope>runtime</scope> </dependency> diff --git a/coselmar-ui/src/main/webapp/index.html b/coselmar-ui/src/main/webapp/index.html index 0ebfde8..a6bd6fd 100644 --- a/coselmar-ui/src/main/webapp/index.html +++ b/coselmar-ui/src/main/webapp/index.html @@ -27,23 +27,23 @@ <meta charset="utf-8" /> <title>Coselmar {{ 'application.title' | translate}}</title> - <link rel="stylesheet" href="webjars/bootstrap/3.3.1/css/bootstrap.css"> - <link rel="stylesheet" href="webjars/font-awesome/4.2.0/css/font-awesome.css"> + <link rel="stylesheet" href="webjars/bootstrap/3.3.2/css/bootstrap.css"> + <link rel="stylesheet" href="webjars/font-awesome/4.3.0/css/font-awesome.css"> <link rel="stylesheet" href="css/coselmar.css"> - <script src="webjars/jquery/2.1.1/jquery.js"></script> - <script src="webjars/angularjs/1.3.6/angular.js"></script> - <script src="webjars/angularjs/1.3.6/angular-route.js"></script> - <script src="webjars/angularjs/1.3.6/angular-resource.js"></script> - <script src="webjars/angularjs/1.3.6/angular-messages.js"></script> + <script src="webjars/jquery/2.1.3/jquery.js"></script> + <script src="webjars/angularjs/1.3.13/angular.js"></script> + <script src="webjars/angularjs/1.3.13/angular-route.js"></script> + <script src="webjars/angularjs/1.3.13/angular-resource.js"></script> + <script src="webjars/angularjs/1.3.13/angular-messages.js"></script> <!--<script src="nuiton-js/angular-ui-bootstrap.js"></script>--> - <script src="webjars/bootstrap/3.3.1/js/bootstrap.js"></script> - <script src="webjars/angular-translate/2.5.2/angular-translate.js"></script> - <script src="webjars/angular-dynamic-locale/0.1.24/src/tmhDynamicLocale.js"></script> + <script src="webjars/bootstrap/3.3.2/js/bootstrap.js"></script> + <script src="webjars/angular-translate/2.6.0/angular-translate.js"></script> + <script src="webjars/angular-dynamic-locale/0.1.27/src/tmhDynamicLocale.js"></script> <!--TODO ymartel 20141203 : extract version, or use wro --> - <script src="webjars/angular-ui-select/0.9.0/select.js"></script> - <link rel="stylesheet" href="webjars/angular-ui-select/0.9.0/select.css"> + <script src="webjars/angular-ui-select/0.9.6/select.js"></script> + <link rel="stylesheet" href="webjars/angular-ui-select/0.9.6/select.css"> <script src="webjars/angular-ui-bootstrap/0.12.0/ui-bootstrap.js"></script> <script src="webjars/angular-ui-bootstrap/0.12.0/ui-bootstrap-tpls.js"></script> diff --git a/pom.xml b/pom.xml index 22040a1..f1ce828 100644 --- a/pom.xml +++ b/pom.xml @@ -103,7 +103,7 @@ <nuitonI18nVersion>3.3</nuitonI18nVersion> <nuitonValidatorVersion>3.0-rc-2</nuitonValidatorVersion> - <slf4jVersion>1.7.7</slf4jVersion> + <slf4jVersion>1.7.10</slf4jVersion> <xworkVersion>2.3.15.1</xworkVersion> @@ -127,27 +127,29 @@ <topiaVersion>3.0-beta-15</topiaVersion> <nuitonWebVersion>1.17</nuitonWebVersion> - <nuitonUtilsVersion>3.0-rc-7</nuitonUtilsVersion> - <nuitonConfigVersion>3.0-rc-1</nuitonConfigVersion> + <nuitonUtilsVersion>3.0-rc-8</nuitonUtilsVersion> + <nuitonConfigVersion>3.0-rc-2</nuitonConfigVersion> <nuitonCsvVersion>3.0-alpha-3</nuitonCsvVersion> - <nuitonDecoratorVersion>3.0-alpha-3</nuitonDecoratorVersion> - <nuitonValidatorVersion>3.0-rc-1</nuitonValidatorVersion> + <nuitonDecoratorVersion>3.0</nuitonDecoratorVersion> + <nuitonValidatorVersion>3.0</nuitonValidatorVersion> <nuitonConvertorVersion>1.0</nuitonConvertorVersion> - <hibernateVersion>4.3.5.Final</hibernateVersion> + <hibernateVersion>4.3.8.Final</hibernateVersion> <postgresqlVersion>9.1-901-1.jdbc4</postgresqlVersion> - <h2Version>1.4.178</h2Version> + <h2Version>1.4.185</h2Version> - <luceneVersion>4.10.2</luceneVersion> + <luceneVersion>4.10.3</luceneVersion> <tomcatEmbedVersion>7.0.50</tomcatEmbedVersion> - <angularVersion>1.3.6</angularVersion> - <bootstrapVersion>3.3.1</bootstrapVersion> - <angularUiSelectVersion>0.9.0</angularUiSelectVersion> + <angularVersion>1.3.13</angularVersion> + <bootstrapVersion>3.3.2</bootstrapVersion> + <angularUiSelectVersion>0.9.6</angularUiSelectVersion> <angularUiBootstrapVersion>0.12.0</angularUiBootstrapVersion> - <angularTranslateVersion>2.5.2</angularTranslateVersion> - <angularDynamicLocaleVersion>0.1.24</angularDynamicLocaleVersion> + <angularTranslateVersion>2.6.0</angularTranslateVersion> + <angularDynamicLocaleVersion>0.1.27</angularDynamicLocaleVersion> + <jqueryVersion>2.1.3</jqueryVersion> + <fontAwesomeVersion>4.3.0-1</fontAwesomeVersion> </properties> @@ -308,7 +310,7 @@ <dependency> <groupId>org.apache.commons</groupId> <artifactId>commons-email</artifactId> - <version>1.3.2</version> + <version>1.3.3</version> </dependency> <dependency> <groupId>commons-logging</groupId> @@ -318,17 +320,17 @@ <dependency> <groupId>commons-codec</groupId> <artifactId>commons-codec</artifactId> - <version>1.6</version> + <version>1.10</version> </dependency> <dependency> <groupId>com.google.guava</groupId> <artifactId>guava</artifactId> - <version>17.0</version> + <version>18.0</version> </dependency> <dependency> <groupId>com.google.code.gson</groupId> <artifactId>gson</artifactId> - <version>2.2.4</version> + <version>2.3.1</version> </dependency> <dependency> <groupId>net.java.dev.jna</groupId> @@ -358,7 +360,7 @@ <dependency> <groupId>com.auth0</groupId> <artifactId>java-jwt</artifactId> - <version>1.0.0</version> + <version>2.0.1</version> </dependency> <!-- Logging --> @@ -424,6 +426,20 @@ <scope>runtime</scope> </dependency> + <dependency> + <groupId>org.webjars</groupId> + <artifactId>jquery</artifactId> + <version>${jqueryVersion}</version> + <scope>runtime</scope> + </dependency> + + <dependency> + <groupId>org.webjars</groupId> + <artifactId>font-awesome</artifactId> + <version>${fontAwesomeVersion}</version> + <scope>runtime</scope> + </dependency> + <!-- Others --> <dependency> <groupId>com.github.spullara.mustache.java</groupId> -- To stop receiving notification emails like this one, please contact codelutin.com SCM administrator <admin+scm@codelutin.com>.