From e9c57cf30552bac54ab168efc1b9af9067865124 Mon Sep 17 00:00:00 2001 From: CrowleyRajapakse Date: Mon, 14 Oct 2024 14:45:16 +0530 Subject: [PATCH] upgrade enforcer dependencies --- gateway/enforcer/README.md | 2 +- .../apk/enforcer/security/jwt/APIKeyAuthenticator.java | 6 ++++-- .../wso2/apk/enforcer/security/jwt/APIKeyHandler.java | 2 +- libs.versions.toml | 10 +++++----- 4 files changed, 11 insertions(+), 9 deletions(-) diff --git a/gateway/enforcer/README.md b/gateway/enforcer/README.md index 2122a1b3a3..5f466edd00 100644 --- a/gateway/enforcer/README.md +++ b/gateway/enforcer/README.md @@ -33,7 +33,7 @@ The following should be installed in your development machine. + value: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5006 -Dhttpclient.hostnameVerifier=AllowAll -Xms512m -Xmx512m -XX:MaxRAMFraction=2 ``` -2. Start WSO2 API Platform for K8s. +2. Start WSO2 API Platform for K8s in k8s cluster. 3. Port forward the port 5006. diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/jwt/APIKeyAuthenticator.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/jwt/APIKeyAuthenticator.java index eba64e2c25..8bd9215eac 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/jwt/APIKeyAuthenticator.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/jwt/APIKeyAuthenticator.java @@ -344,11 +344,13 @@ private APIKeyValidationInfoDTO getAPIKeyValidationDTO(RequestContext requestCon throws ParseException, APISecurityException { APIKeyValidationInfoDTO validationInfoDTO = new APIKeyValidationInfoDTO(); - JSONObject app = payload.getJSONObjectClaim(APIConstants.JwtTokenConstants.APPLICATION); + Map appClaim = payload.getJSONObjectClaim(APIConstants.JwtTokenConstants.APPLICATION); + JSONObject app; JSONObject api = null; validationInfoDTO.setType(requestContext.getMatchedAPI().getEnvType()); - if (app != null) { + if (appClaim != null) { + app = new JSONObject(appClaim); validationInfoDTO.setApplicationUUID(app.getAsString(APIConstants.JwtTokenConstants.APPLICATION_UUID)); validationInfoDTO.setApplicationName(app.getAsString(APIConstants.JwtTokenConstants.APPLICATION_NAME)); //validationInfoDTO.setSubscriber(app.getAsString(APIConstants.JwtTokenConstants.APPLICATION_OWNER)); diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/jwt/APIKeyHandler.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/jwt/APIKeyHandler.java index 03d67d13ea..9ca1aa0215 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/jwt/APIKeyHandler.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/jwt/APIKeyHandler.java @@ -170,7 +170,7 @@ public boolean isJwtTokenExpired(JWTClaimsSet payload, String keyType, String or DefaultJWTClaimsVerifier jwtClaimsSetVerifier = new DefaultJWTClaimsVerifier(); jwtClaimsSetVerifier.setMaxClockSkew((int) FilterUtils.getTimeStampSkewInSeconds()); try { - jwtClaimsSetVerifier.verify(payload); + jwtClaimsSetVerifier.verify(payload,null); } catch (BadJWTException e) { if ("Expired JWT".equals(e.getMessage())) { log.debug("{} API key is expired.", keyType); diff --git a/libs.versions.toml b/libs.versions.toml index 433c544fac..b5d2f3c5ae 100644 --- a/libs.versions.toml +++ b/libs.versions.toml @@ -147,7 +147,7 @@ httpcomponents = "4.5.14" io-github-openfeign = "11.0" io-swagger = "1.6.9" io-swagger-v3 = "2.2.9" -jackson = "2.14.2" +jackson = "2.18.0" javax-cache = "1.1.1" javax-validation = "2.0.1.Final" javax-validation-api = "1.1.0.Final" @@ -159,10 +159,10 @@ log4j = "2.19.0" mapstruct = "1.5.3.Final" minidev = "2.4.9" moandjiezana = "0.7.2" -netty = "4.1.100.Final" -nimbus = "7.9.0.wso2v1" -okhttp = "4.9.3.wso2v1" -okio = "2.8.0.wso2v1" +netty = "4.1.114.Final" +nimbus = "9.31.wso2v1" +okhttp = "4.9.3.wso2v3" +okio = "3.9.0.wso2v1" opentelemetry = "1.24.0" opentelemetry-jaeger-thrift = "1.24.0" opentelemetry-semconv = "1.24.0-alpha"