Adds new convenience module using the old package name (#629)

* Adds new connivence module, in place of the old io.jsonwebtoken:jjwt module

Some folks are unaware of newer JJWT versions because they are still using the old io.jsonwebtoken:jjwt module. This makes automatic version updates tools "just work" for them

NOTE: This new module is _basically_ an empty jar, that adds `jjwt-api` (compile scope), `jjwt-impl` (runtime scope), and `jjwt-jackson` (runtime scope) transitive dependencies.

* Minor cleanup before changing `all` directory name

* Renamed `all` to `tdjar` (transitive dependency jar)

Co-authored-by: Les Hazlewood <[email protected]>

Author: bdemers

CHANGELOG.md

@@ -1,5 +1,10 @@
 ## Release Notes
 
+### JJWT_RELEASE_VERSION
+
+* Adds a simplified "starter" jar that automatically pulls in `jjwt-api`, `jjwt-impl` and `jjwt-jackson`, useful when 
+  upgrading from the older `io.jsonwebtoken:jjwt:*` to the project's current flexible module structure.
+
 ### 0.11.5
 
 This patch release adds additional security guards against an ECDSA bug in Java SE versions 15-15.0.6, 17-17.0.2, and 18
@@ -15,7 +20,7 @@ their JVM in a timely manner.
 However, even with these additional JJWT security guards, the root cause of the issue is the JVM, so it **strongly
 recommended** to upgrade your JVM to version
 15.0.7, 17.0.3, or 18.0.1 or later to ensure the bug does not surface elsewhere in your application code or any other
-third party library in your application that may not contain similar security guards.
+third party library in your application that may not contain similar security guards. 
 
 Issues included in this patch are listed in the [JJWT 0.11.5 milestone](https://github.com/jwtk/jjwt/milestone/26?closed=1).
 

api/src/main/java/io/jsonwebtoken/lang/Collections.java

@@ -15,8 +15,14 @@
  */
 package io.jsonwebtoken.lang;
 
+import java.util.ArrayList;
 import java.util.Arrays;
-import java.util.*;
+import java.util.Collection;
+import java.util.Enumeration;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Properties;
 
 public final class Collections {
 

api/src/main/java/io/jsonwebtoken/lang/Strings.java

@@ -16,8 +16,18 @@
 package io.jsonwebtoken.lang;
 
 import java.nio.charset.Charset;
+import java.util.ArrayList;
 import java.util.Arrays;
-import java.util.*;
+import java.util.Collection;
+import java.util.Enumeration;
+import java.util.Iterator;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Locale;
+import java.util.Properties;
+import java.util.Set;
+import java.util.StringTokenizer;
+import java.util.TreeSet;
 
 public final class Strings {
 

impl/src/main/java/io/jsonwebtoken/impl/DefaultJwtBuilder.java

@@ -15,11 +15,21 @@
  */
 package io.jsonwebtoken.impl;
 
-import io.jsonwebtoken.*;
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.CompressionCodec;
+import io.jsonwebtoken.Header;
+import io.jsonwebtoken.JwsHeader;
+import io.jsonwebtoken.JwtBuilder;
+import io.jsonwebtoken.JwtParser;
+import io.jsonwebtoken.SignatureAlgorithm;
 import io.jsonwebtoken.impl.crypto.DefaultJwtSigner;
 import io.jsonwebtoken.impl.crypto.JwtSigner;
 import io.jsonwebtoken.impl.lang.LegacyServices;
-import io.jsonwebtoken.io.*;
+import io.jsonwebtoken.io.Decoders;
+import io.jsonwebtoken.io.Encoder;
+import io.jsonwebtoken.io.Encoders;
+import io.jsonwebtoken.io.SerializationException;
+import io.jsonwebtoken.io.Serializer;
 import io.jsonwebtoken.lang.Assert;
 import io.jsonwebtoken.lang.Collections;
 import io.jsonwebtoken.lang.Strings;

impl/src/main/java/io/jsonwebtoken/impl/DefaultJwtParser.java

@@ -15,7 +15,27 @@
  */
 package io.jsonwebtoken.impl;
 
-import io.jsonwebtoken.*;
+import io.jsonwebtoken.ClaimJwtException;
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.Clock;
+import io.jsonwebtoken.CompressionCodec;
+import io.jsonwebtoken.CompressionCodecResolver;
+import io.jsonwebtoken.ExpiredJwtException;
+import io.jsonwebtoken.Header;
+import io.jsonwebtoken.IncorrectClaimException;
+import io.jsonwebtoken.InvalidClaimException;
+import io.jsonwebtoken.Jws;
+import io.jsonwebtoken.JwsHeader;
+import io.jsonwebtoken.Jwt;
+import io.jsonwebtoken.JwtHandler;
+import io.jsonwebtoken.JwtHandlerAdapter;
+import io.jsonwebtoken.JwtParser;
+import io.jsonwebtoken.MalformedJwtException;
+import io.jsonwebtoken.MissingClaimException;
+import io.jsonwebtoken.PrematureJwtException;
+import io.jsonwebtoken.SignatureAlgorithm;
+import io.jsonwebtoken.SigningKeyResolver;
+import io.jsonwebtoken.UnsupportedJwtException;
 import io.jsonwebtoken.impl.compression.DefaultCompressionCodecResolver;
 import io.jsonwebtoken.impl.crypto.DefaultJwtSignatureValidator;
 import io.jsonwebtoken.impl.crypto.JwtSignatureValidator;

impl/src/main/java/io/jsonwebtoken/impl/JwtMap.java

@@ -19,7 +19,12 @@
 import io.jsonwebtoken.lang.DateFormats;
 
 import java.text.ParseException;
-import java.util.*;
+import java.util.Calendar;
+import java.util.Collection;
+import java.util.Date;
+import java.util.LinkedHashMap;
+import java.util.Map;
+import java.util.Set;
 
 public class JwtMap implements Map<String, Object> {
 

impl/src/main/java/io/jsonwebtoken/impl/compression/DefaultCompressionCodecResolver.java

@@ -15,8 +15,11 @@
  */
 package io.jsonwebtoken.impl.compression;
 
+import io.jsonwebtoken.CompressionCodec;
+import io.jsonwebtoken.CompressionCodecResolver;
 import io.jsonwebtoken.CompressionCodecs;
-import io.jsonwebtoken.*;
+import io.jsonwebtoken.CompressionException;
+import io.jsonwebtoken.Header;
 import io.jsonwebtoken.impl.lang.Services;
 import io.jsonwebtoken.lang.Assert;
 import io.jsonwebtoken.lang.Strings;

pom.xml

@@ -152,6 +152,7 @@
         <module>api</module>
         <module>impl</module>
         <module>extensions</module>
+        <module>tdjar</module>
     </modules>
 
     <dependencyManagement>
@@ -161,6 +162,11 @@
                 <artifactId>jjwt-api</artifactId>
                 <version>${project.version}</version>
             </dependency>
+            <dependency>
+                <groupId>io.jsonwebtoken</groupId>
+                <artifactId>jjwt-impl</artifactId>
+                <version>${project.version}</version>
+            </dependency>
             <dependency>
                 <groupId>io.jsonwebtoken</groupId>
                 <artifactId>jjwt-jackson</artifactId>

tdjar/pom.xml

@@ -0,0 +1,53 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  ~ Copyright 2020 JWTK
+  ~
+  ~ Licensed under the Apache License, Version 2.0 (the "License");
+  ~ you may not use this file except in compliance with the License.
+  ~ You may obtain a copy of the License at
+  ~
+  ~     http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing, software
+  ~ distributed under the License is distributed on an "AS IS" BASIS,
+  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  ~ See the License for the specific language governing permissions and
+  ~ limitations under the License.
+  -->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+
+    <modelVersion>4.0.0</modelVersion>
+
+    <parent>
+        <groupId>io.jsonwebtoken</groupId>
+        <artifactId>jjwt-root</artifactId>
+        <version>0.11.6-SNAPSHOT</version>
+        <relativePath>../pom.xml</relativePath>
+    </parent>
+
+    <artifactId>jjwt</artifactId>
+    <name>JJWT :: Legacy Transitive Dependency Jar</name>
+    <description>Legacy dependency. Please update your dependencies as documented here: https://github.com/jwtk/jjwt#installation</description>
+    <packaging>jar</packaging>
+
+    <properties>
+        <jjwt.root>${basedir}/..</jjwt.root>
+    </properties>
+
+    <dependencies>
+        <dependency>
+            <groupId>io.jsonwebtoken</groupId>
+            <artifactId>jjwt-api</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>io.jsonwebtoken</groupId>
+            <artifactId>jjwt-impl</artifactId>
+            <scope>runtime</scope>
+        </dependency>
+        <dependency>
+            <groupId>io.jsonwebtoken</groupId>
+            <artifactId>jjwt-jackson</artifactId>
+            <scope>runtime</scope>
+        </dependency>
+    </dependencies>
+</project>

tdjar/src/test/groovy/io/jsonwebtoken/all/BasicTest.groovy

@@ -0,0 +1,35 @@
+package io.jsonwebtoken.all
+
+import io.jsonwebtoken.*
+import io.jsonwebtoken.security.Keys
+import org.junit.Test
+
+import static org.hamcrest.CoreMatchers.equalTo
+import static org.hamcrest.CoreMatchers.notNullValue
+import static org.hamcrest.MatcherAssert.assertThat
+
+/**
+ * This test ensures that the included dependency are all that is needed to use JJWT.
+ */
+class BasicTest {
+
+    @Test
+    void basicUsageTest() {
+        def key = Keys.secretKeyFor(SignatureAlgorithm.HS256)
+
+        String token = Jwts.builder()
+            .setSubject("test-user")
+            .claim("test", "basicUsageTest")
+            .signWith(key, SignatureAlgorithm.HS256)
+            .compact()
+
+        JwtParser parser = Jwts.parserBuilder()
+            .setSigningKey(key)
+            .build()
+
+        Jwt<Header, Claims> result = parser.parseClaimsJws(token)
+        assertThat result, notNullValue()
+        assertThat result.getBody().getSubject(), equalTo("test-user")
+        assertThat result.getBody().get("test", String), equalTo("basicUsageTest")
+    }
+}