Support for the keys on the file system (#107)

sberyozkin · web-flow · commit b6a84c63e48c · 2019-07-15T22:05:35.000+01:00
diff --git a/implementation/src/main/java/io/smallrye/jwt/auth/principal/KeyLocationResolver.java b/implementation/src/main/java/io/smallrye/jwt/auth/principal/KeyLocationResolver.java
@@ -17,11 +17,14 @@
 package io.smallrye.jwt.auth.principal;
 
 import java.io.BufferedReader;
+import java.io.File;
+import java.io.FileInputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.InputStreamReader;
 import java.io.StringReader;
 import java.io.StringWriter;
+import java.net.URI;
 import java.net.URL;
 import java.security.Key;
 import java.security.PublicKey;
@@ -157,21 +160,36 @@ private PublicKey tryAsJWK(JsonWebSignature jws) throws UnresolvableKeyException
     }
 
     private void loadContents() throws Exception {
-        final String location = authContextInfo.getPublicKeyLocation();
-        if (location.startsWith("https:")) {
-            httpsJwks = new HttpsJwks(location);
+        final URI location = URI.create(authContextInfo.getPublicKeyLocation());
+
+        if ("https".equals(location.getScheme())) {
+            httpsJwks = new HttpsJwks(authContextInfo.getPublicKeyLocation());
             httpsJwks.setDefaultCacheDuration(authContextInfo.getJwksRefreshInterval().longValue() * 60L);
             return;
         }
 
-        StringWriter contents = new StringWriter();
-        final InputStream is;
-        if (location.startsWith("classpath:") || location.indexOf(':') < 0) {
-            is = getAsResource(location);
+        InputStream is = null;
+
+        if (location.getScheme() != null) {
+            if ("classpath".equals(location.getScheme())) {
+                is = getAsClasspathResource(location.getSchemeSpecificPart());
+            } else if ("file".equals(location.getScheme())) {
+                is = getAsFileSystemResource(location.getRawSchemeSpecificPart());
+            } else {
+                is = new URL(authContextInfo.getPublicKeyLocation()).openStream();
+            }
         } else {
-            URL locationURL = new URL(location);
-            is = locationURL.openStream();
+            is = getAsClasspathResource(authContextInfo.getPublicKeyLocation());
+            if (is == null) {
+                is = getAsFileSystemResource(authContextInfo.getPublicKeyLocation());
+            }
+        }
+
+        if (is == null) {
+            throw new IOException("No resource with the named " + location + " location exists");
         }
+
+        StringWriter contents = new StringWriter();
         try (BufferedReader reader = new BufferedReader(new InputStreamReader(is))) {
             String line = reader.readLine();
             while (line != null) {
@@ -185,20 +203,12 @@ private void loadContents() throws Exception {
         content = contents.toString();
     }
 
-    private static InputStream getAsResource(String location) throws IOException {
-
-        final String path;
-        if (location.startsWith("classpath:")) {
-            path = location.substring(10);
-        } else {
-            path = location;
-        }
-        ClassLoader loader = Thread.currentThread().getContextClassLoader();
-        final InputStream is = loader.getResourceAsStream(path);
-        if (is == null) {
-            throw new IOException("No resource with named " + location + " exists");
-        }
+    private static InputStream getAsFileSystemResource(String publicKeyLocation) throws IOException {
+        File f = new File(publicKeyLocation);
+        return f.exists() ? new FileInputStream(f) : null;
+    }
 
-        return is;
+    private static InputStream getAsClasspathResource(String location) throws IOException {
+        return Thread.currentThread().getContextClassLoader().getResourceAsStream(location);
     }
 }
diff --git a/testsuite/basic/src/test/java/io/smallrye/jwt/KeyLocationResolverTest.java b/testsuite/basic/src/test/java/io/smallrye/jwt/KeyLocationResolverTest.java
@@ -76,13 +76,23 @@ public void testVerifyWithJwkKeyWithNonMatchingKidFromSet() throws Exception {
     }
 
     @Test
-    public void testVerifyWithPemKey() throws Exception {
+    public void testVerifyWithClassPathPemKey() throws Exception {
         verifyToken("key3", null, "publicKey.pem");
     }
 
     @Test
-    public void testVerifyWithPemKeyWithMatchingKid() throws Exception {
-        verifyToken("key3", null, "publicKey.pem");
+    public void testVerifyWithClassPathPemKey2() throws Exception {
+        verifyToken("key3", null, "classpath:publicKey.pem");
+    }
+
+    @Test
+    public void testVerifyWithFileSystemPemKey() throws Exception {
+        verifyToken("key3", null, "target/test-classes/publicKey.pem");
+    }
+
+    @Test
+    public void testVerifyWithFileSystemPemKey2() throws Exception {
+        verifyToken("key3", null, "file:target/test-classes/publicKey.pem");
     }
 
     private static void verifyToken(String kid, String requiredKeyId, String publicKeyLocation) throws Exception {
