Bump io.jsonwebtoken.jjwt 0.11.5 -> 0.12.6

Kehrlann · Kehrlann · commit 6b9eac8e5fe2 · 2025-05-28T10:43:04.000+02:00
diff --git a/cloudfoundry-client-reactor/src/main/java/org/cloudfoundry/reactor/tokenprovider/AbstractUaaTokenProvider.java b/cloudfoundry-client-reactor/src/main/java/org/cloudfoundry/reactor/tokenprovider/AbstractUaaTokenProvider.java
@@ -161,7 +161,7 @@ private static Optional<Claims> parseToken(String token) {
 
         try {
             String jws = token.substring(0, token.lastIndexOf('.') + 1);
-            JwtParser parser = Jwts.parserBuilder().build();
+            JwtParser parser = Jwts.parser().build();
 
             return Optional.of(parser.parseClaimsJwt(jws).getBody());
         } catch (Exception e) {
diff --git a/cloudfoundry-client-reactor/src/main/java/org/cloudfoundry/reactor/uaa/UaaSigningKeyResolver.java b/cloudfoundry-client-reactor/src/main/java/org/cloudfoundry/reactor/uaa/UaaSigningKeyResolver.java
@@ -58,8 +58,8 @@ public Key resolveSigningKey(JwsHeader header, Claims claims) {
 
     @Override
     @SuppressWarnings("rawtypes")
-    public Key resolveSigningKey(JwsHeader header, String plaintext) {
-        return getKey(header.getKeyId());
+    public Key resolveSigningKey(JwsHeader jwsHeader, byte[] bytes) {
+        return getKey(jwsHeader.getKeyId());
     }
 
     private static byte[] decode(TokenKey tokenKey) {
diff --git a/cloudfoundry-client-reactor/src/main/java/org/cloudfoundry/reactor/uaa/UsernameProvider.java b/cloudfoundry-client-reactor/src/main/java/org/cloudfoundry/reactor/uaa/UsernameProvider.java
@@ -72,8 +72,7 @@ private static Mono<String> getToken(
     }
 
     private String getUsername(String token) {
-        JwtParser parser =
-                Jwts.parserBuilder().setSigningKeyResolver(this.signingKeyResolver).build();
+        JwtParser parser = Jwts.parser().setSigningKeyResolver(this.signingKeyResolver).build();
 
         Jws<Claims> jws = parser.parseClaimsJws(token);
 
diff --git a/cloudfoundry-client-reactor/src/test/java/org/cloudfoundry/reactor/uaa/UaaSigningKeyResolverTest.java b/cloudfoundry-client-reactor/src/test/java/org/cloudfoundry/reactor/uaa/UaaSigningKeyResolverTest.java
@@ -22,14 +22,15 @@
 import static org.mockito.Mockito.when;
 
 import io.jsonwebtoken.Claims;
-import io.jsonwebtoken.JwsHeader;
 import io.jsonwebtoken.impl.DefaultClaims;
 import io.jsonwebtoken.impl.DefaultJwsHeader;
+import io.jsonwebtoken.impl.security.AbstractJwk;
 import java.security.KeyPair;
 import java.security.KeyPairGenerator;
 import java.security.NoSuchAlgorithmException;
 import java.security.PublicKey;
 import java.util.Base64;
+import java.util.HashMap;
 import org.cloudfoundry.uaa.tokens.KeyType;
 import org.cloudfoundry.uaa.tokens.ListTokenKeysRequest;
 import org.cloudfoundry.uaa.tokens.ListTokenKeysResponse;
@@ -64,8 +65,10 @@ void resolveExistingKey() throws NoSuchAlgorithmException {
                                                         .build())
                                         .build()));
 
-        JwsHeader<?> header = new DefaultJwsHeader().setKeyId("test-key-id");
-        Claims claims = new DefaultClaims();
+        HashMap<String, String> params = new HashMap<>();
+        params.put(AbstractJwk.KID.getId(), "test-key-id");
+        DefaultJwsHeader header = new DefaultJwsHeader(params);
+        Claims claims = new DefaultClaims(new HashMap<>());
 
         this.signingKeyResolver.resolveSigningKey(header, claims);
         assertThat(this.signingKeyResolver.resolveSigningKey(header, claims)).isNotNull();
@@ -91,8 +94,10 @@ void resolveRefreshedKey() throws NoSuchAlgorithmException {
                                                         .build())
                                         .build()));
 
-        JwsHeader<?> header = new DefaultJwsHeader().setKeyId("test-key-id");
-        Claims claims = new DefaultClaims();
+        HashMap<String, String> params = new HashMap<>();
+        params.put(AbstractJwk.KID.getId(), "test-key-id");
+        DefaultJwsHeader header = new DefaultJwsHeader(params);
+        Claims claims = new DefaultClaims(new HashMap<>());
 
         assertThat(this.signingKeyResolver.resolveSigningKey(header, claims)).isNotNull();
     }
@@ -105,8 +110,10 @@ void resolveUnknownKey() {
                     when(this.tokens.listKeys(ListTokenKeysRequest.builder().build()))
                             .thenReturn(Mono.just(ListTokenKeysResponse.builder().build()));
 
-                    JwsHeader<?> header = new DefaultJwsHeader().setKeyId("test-key-id");
-                    Claims claims = new DefaultClaims();
+                    HashMap<String, String> params = new HashMap<>();
+                    params.put(AbstractJwk.KID.getId(), "test-key-id");
+                    DefaultJwsHeader header = new DefaultJwsHeader(params);
+                    Claims claims = new DefaultClaims(new HashMap<>());
 
                     this.signingKeyResolver.resolveSigningKey(header, claims);
                 });
diff --git a/cloudfoundry-client-reactor/src/test/java/org/cloudfoundry/reactor/uaa/UsernameProviderTest.java b/cloudfoundry-client-reactor/src/test/java/org/cloudfoundry/reactor/uaa/UsernameProviderTest.java
@@ -27,14 +27,15 @@
 import io.jsonwebtoken.SignatureAlgorithm;
 import io.jsonwebtoken.SigningKeyResolver;
 import io.jsonwebtoken.impl.DefaultJwsHeader;
+import io.jsonwebtoken.impl.security.AbstractJwk;
 import java.security.KeyPair;
 import java.security.KeyPairGenerator;
 import java.security.NoSuchAlgorithmException;
 import java.security.PrivateKey;
 import java.sql.Date;
 import java.time.Duration;
 import java.time.Instant;
-import java.util.Map;
+import java.util.HashMap;
 import org.cloudfoundry.reactor.ConnectionContext;
 import org.cloudfoundry.reactor.TokenProvider;
 import org.junit.jupiter.api.Test;
@@ -103,8 +104,11 @@ void getValidToken() throws NoSuchAlgorithmException {
 
     @SuppressWarnings("unchecked")
     private static String getToken(PrivateKey privateKey, Instant expiration) {
+        HashMap<String, String> params = new HashMap<>();
+        params.put(AbstractJwk.KID.getId(), "test-key-id");
+        DefaultJwsHeader header = new DefaultJwsHeader(params);
         return Jwts.builder()
-                .setHeader((Map<String, Object>) new DefaultJwsHeader().setKeyId("test-key"))
+                .setHeader(header)
                 .signWith(privateKey, SignatureAlgorithm.RS256)
                 .claim("user_name", "test-username")
                 .setExpiration(Date.from(expiration))
diff --git a/pom.xml b/pom.xml
@@ -66,7 +66,7 @@
         <immutables.version>2.10.1</immutables.version>
         <jackson.version>2.16.1</jackson.version>
         <java-semver.version>0.9.0</java-semver.version>
-        <jjwt.version>0.11.5</jjwt.version>
+        <jjwt.version>0.12.6</jjwt.version>
         <junit-jupiter.version>5.10.1</junit-jupiter.version>
         <mockito.version>5.8.0</mockito.version>
         <snakeyaml.version>2.2</snakeyaml.version>

Original file line number	Diff line number	Diff line change
`@@ -58,8 +58,8 @@ public Key resolveSigningKey(JwsHeader header, Claims claims) {`
`58`	`58`
`59`	`59`	`@Override`
`60`	`60`	`@SuppressWarnings("rawtypes")`
`61`		`- public Key resolveSigningKey(JwsHeader header, String plaintext) {`
`62`		`- return getKey(header.getKeyId());`
	`61`	`+ public Key resolveSigningKey(JwsHeader jwsHeader, byte[] bytes) {`
	`62`	`+ return getKey(jwsHeader.getKeyId());`
`63`	`63`	`}`
`64`	`64`
`65`	`65`	`private static byte[] decode(TokenKey tokenKey) {`
Original file line number	Diff line number	Diff line change
`@@ -72,8 +72,7 @@ private static Mono<String> getToken(`
`72`	`72`	`}`
`73`	`73`
`74`	`74`	`private String getUsername(String token) {`
`75`		`- JwtParser parser =`
`76`		`- Jwts.parserBuilder().setSigningKeyResolver(this.signingKeyResolver).build();`
	`75`	`+ JwtParser parser = Jwts.parser().setSigningKeyResolver(this.signingKeyResolver).build();`
`77`	`76`
`78`	`77`	`Jws<Claims> jws = parser.parseClaimsJws(token);`
`79`	`78`