Incorporate pull requests into 1.0.1

Incorporate pull request, and upgrade dependencies mulesoft-consulting/jwt-module#7
mulesoft-catalyst · Jan 5, 2024 · 3f003d2 · 3f003d2
1 parent 962d6f7
commit 3f003d2
Show file tree

Hide file tree

Showing 4 changed files with 27 additions and 22 deletions.
diff --git a/pom.xml b/pom.xml
@@ -12,16 +12,16 @@
 
     <groupId>ORG_ID_TOKEN</groupId>
     <artifactId>jwt-module</artifactId>
-    <version>1.0.0</version>
+    <version>1.0.1</version>
     <packaging>mule-extension</packaging>
     <name>JWT Module</name>
     <description>A Mule4 plugin that simplifies the process of generating a signed JSON Web Token</description>
 
     <properties>
-        <bcpkix.version>1.71</bcpkix.version>
-        <jjwt.version>0.11.5</jjwt.version>
+        <bcpkix.version>1.77</bcpkix.version>
+        <jjwt.version>0.12.3</jjwt.version>
         <munit.extensions.maven.plugin.version>1.1.2</munit.extensions.maven.plugin.version>
-        <spotbugs.version>4.7.0.0</spotbugs.version>
+        <spotbugs.version>4.8.2.0</spotbugs.version>
     </properties>
 
     <build>

diff --git a/src/main/java/uk/org/mule/jwt/internal/JwtAlgorithm.java b/src/main/java/uk/org/mule/jwt/internal/JwtAlgorithm.java
@@ -1,17 +1,18 @@
 package uk.org.mule.jwt.internal;
 
-import io.jsonwebtoken.SignatureAlgorithm;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.security.SignatureAlgorithm;
 
 enum JwtAlgorithm {
-    ES256(SignatureAlgorithm.ES256),
-    ES384(SignatureAlgorithm.ES384),
-    ES512(SignatureAlgorithm.ES512),
-    PS256(SignatureAlgorithm.PS256),
-    PS384(SignatureAlgorithm.PS384),
-    PS512(SignatureAlgorithm.PS512),
-    RS256(SignatureAlgorithm.RS256),
-    RS384(SignatureAlgorithm.RS384),
-    RS512(SignatureAlgorithm.RS512);
+    ES256(Jwts.SIG.ES256),
+    ES384(Jwts.SIG.ES384),
+    ES512(Jwts.SIG.ES512),
+    PS256(Jwts.SIG.PS256),
+    PS384(Jwts.SIG.PS384),
+    PS512(Jwts.SIG.PS512),
+    RS256(Jwts.SIG.RS256),
+    RS384(Jwts.SIG.RS384),
+    RS512(Jwts.SIG.RS512);
 
     private final SignatureAlgorithm algorithm;
 

diff --git a/src/main/java/uk/org/mule/jwt/internal/JwtConfiguration.java b/src/main/java/uk/org/mule/jwt/internal/JwtConfiguration.java
@@ -1,6 +1,6 @@
 package uk.org.mule.jwt.internal;
 
-import io.jsonwebtoken.SignatureAlgorithm;
+import io.jsonwebtoken.security.SignatureAlgorithm;
 import org.mule.runtime.api.meta.ExpressionSupport;
 import org.mule.runtime.extension.api.annotation.Expression;
 import org.mule.runtime.extension.api.annotation.Operations;

diff --git a/src/main/java/uk/org/mule/jwt/internal/JwtOperations.java b/src/main/java/uk/org/mule/jwt/internal/JwtOperations.java
@@ -1,6 +1,5 @@
 package uk.org.mule.jwt.internal;
 
-
 import io.jsonwebtoken.JwtBuilder;
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.security.InvalidKeyException;
@@ -17,7 +16,6 @@
 import org.bouncycastle.operator.InputDecryptorProvider;
 import org.bouncycastle.operator.OperatorCreationException;
 import org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo;
-
 import org.bouncycastle.pkcs.PKCSException;
 import org.mule.runtime.extension.api.annotation.error.Throws;
 import org.mule.runtime.extension.api.annotation.param.Config;
@@ -53,6 +51,7 @@ public String sign(@Optional @Content Map<String, Object> header,
                        @Config JwtConfiguration config) {
         String jws;
         PEMParser parser = null;
+        Security.addProvider(new BouncyCastleProvider());
         try {
             parser = new PEMParser(
                          new InputStreamReader(new FileInputStream(config.getKeyPath()), StandardCharsets.UTF_8));
@@ -68,13 +67,18 @@ else if (object instanceof PEMKeyPair) {
             else if (object instanceof PEMEncryptedKeyPair) {
                 PEMEncryptedKeyPair encryptedKeyPair = ((PEMEncryptedKeyPair)object);
                 PEMDecryptorProvider provider =
-                        new JcePEMDecryptorProviderBuilder().build(config.getPassphrase().toCharArray());
+                        new JcePEMDecryptorProviderBuilder().
+                                setProvider(BouncyCastleProvider.PROVIDER_NAME).
+                                build(config.getPassphrase().toCharArray());
                 PEMKeyPair keyPair = encryptedKeyPair.decryptKeyPair(provider);
                 keyInfo = keyPair.getPrivateKeyInfo();
             } else if (object instanceof PKCS8EncryptedPrivateKeyInfo) {
-                Security.addProvider(new BouncyCastleProvider());
-                InputDecryptorProvider decryptorProvider = new JceOpenSSLPKCS8DecryptorProviderBuilder().setProvider("BC").build(config.getPassphrase().toCharArray());
-                keyInfo = ((PKCS8EncryptedPrivateKeyInfo) object).decryptPrivateKeyInfo(decryptorProvider);
+                PKCS8EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = ((PKCS8EncryptedPrivateKeyInfo)object);
+                InputDecryptorProvider decryptorProvider =
+                        new JceOpenSSLPKCS8DecryptorProviderBuilder().
+                                setProvider(BouncyCastleProvider.PROVIDER_NAME).
+                                build(config.getPassphrase().toCharArray());
+                keyInfo = encryptedPrivateKeyInfo.decryptPrivateKeyInfo(decryptorProvider);
             }
             else {
                 throw new InvalidKeyException(config.getKeyPath() + " is not a PrivateKey, but " + object.getClass());
@@ -109,7 +113,7 @@ private String getJWS(Map<String, Object> header,
                           PrivateKeyInfo privateKeyInfo) throws PEMException {
         String jws = null;
         if (privateKeyInfo != null) {
-            JcaPEMKeyConverter converter = new JcaPEMKeyConverter();
+            JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME);
             PrivateKey privateKey = converter.getPrivateKey(privateKeyInfo);
             JwtBuilder builder = Jwts.builder().setClaims(Jwts.claims(payload));
             if (header != null) {