From 49c86777ee00f22151f81f6f0430c3b4c5c9106f Mon Sep 17 00:00:00 2001 From: Jacek Poreda Date: Mon, 6 Nov 2023 14:11:55 +0100 Subject: [PATCH] [NO-JIRA] Update io.jsonwebtoken 0.11.5 -> 0.12.3 --- build.gradle | 2 +- .../authentication/JwtHttpHandlerIT.java | 88 ++++++++------- .../server/authentication/JwtSerializer.java | 32 +++--- .../authentication/JwtSerializerTest.java | 104 +++++++++--------- 4 files changed, 120 insertions(+), 106 deletions(-) diff --git a/build.gradle b/build.gradle index 9cbed220ebc..490e0990232 100644 --- a/build.gradle +++ b/build.gradle @@ -334,7 +334,7 @@ subprojects { } dependency 'org.json:json:20231013' dependency 'com.tngtech.java:junit-dataprovider:1.13.1' - dependencySet(group: 'io.jsonwebtoken', version: '0.11.5') { + dependencySet(group: 'io.jsonwebtoken', version: '0.12.3') { entry 'jjwt-api' entry 'jjwt-impl' entry 'jjwt-jackson' diff --git a/server/sonar-webserver-auth/src/it/java/org/sonar/server/authentication/JwtHttpHandlerIT.java b/server/sonar-webserver-auth/src/it/java/org/sonar/server/authentication/JwtHttpHandlerIT.java index f95f815273b..5f90a577d30 100644 --- a/server/sonar-webserver-auth/src/it/java/org/sonar/server/authentication/JwtHttpHandlerIT.java +++ b/server/sonar-webserver-auth/src/it/java/org/sonar/server/authentication/JwtHttpHandlerIT.java @@ -20,7 +20,8 @@ package org.sonar.server.authentication; import io.jsonwebtoken.Claims; -import io.jsonwebtoken.impl.DefaultClaims; +import io.jsonwebtoken.ClaimsBuilder; +import io.jsonwebtoken.impl.DefaultClaimsBuilder; import java.util.Date; import java.util.Map; import java.util.Optional; @@ -74,17 +75,17 @@ public class JwtHttpHandlerIT { @Rule public DbTester db = DbTester.create(); - private DbClient dbClient = db.getDbClient(); - private DbSession dbSession = db.getSession(); - private ArgumentCaptor cookieArgumentCaptor = ArgumentCaptor.forClass(Cookie.class); - private ArgumentCaptor jwtArgumentCaptor = ArgumentCaptor.forClass(JwtSerializer.JwtSession.class); - private HttpRequest request = mock(HttpRequest.class); - private HttpResponse response = mock(HttpResponse.class); - private HttpSession httpSession = mock(HttpSession.class); - private System2 system2 = spy(System2.INSTANCE); - private MapSettings settings = new MapSettings(); - private JwtSerializer jwtSerializer = mock(JwtSerializer.class); - private JwtCsrfVerifier jwtCsrfVerifier = mock(JwtCsrfVerifier.class); + private final DbClient dbClient = db.getDbClient(); + private final DbSession dbSession = db.getSession(); + private final ArgumentCaptor cookieArgumentCaptor = ArgumentCaptor.forClass(Cookie.class); + private final ArgumentCaptor jwtArgumentCaptor = ArgumentCaptor.forClass(JwtSerializer.JwtSession.class); + private final HttpRequest request = mock(HttpRequest.class); + private final HttpResponse response = mock(HttpResponse.class); + private final HttpSession httpSession = mock(HttpSession.class); + private final System2 system2 = spy(System2.INSTANCE); + private final MapSettings settings = new MapSettings(); + private final JwtSerializer jwtSerializer = mock(JwtSerializer.class); + private final JwtCsrfVerifier jwtCsrfVerifier = mock(JwtCsrfVerifier.class); private JwtHttpHandler underTest = new JwtHttpHandler(system2, dbClient, settings.asConfig(), jwtSerializer, jwtCsrfVerifier); @@ -190,7 +191,7 @@ public class JwtHttpHandlerIT { UserDto user = db.users().insertUser(); addJwtCookie(); SessionTokenDto sessionToken = db.users().insertSessionToken(user, st -> st.setExpirationDate(IN_FIVE_MINUTES)); - Claims claims = createToken(sessionToken, NOW); + Claims claims = createTokenBuilder(sessionToken, NOW).build(); when(jwtSerializer.decode(JWT_TOKEN)).thenReturn(Optional.of(claims)); assertThat(underTest.validateToken(request, response)).isPresent(); @@ -204,8 +205,9 @@ public class JwtHttpHandlerIT { addJwtCookie(); // Token was created 10 days ago and refreshed 6 minutes ago SessionTokenDto sessionToken = db.users().insertSessionToken(user, st -> st.setExpirationDate(IN_FIVE_MINUTES)); - Claims claims = createToken(sessionToken, TEN_DAYS_AGO); - claims.put("lastRefreshTime", SIX_MINUTES_AGO); + Claims claims = createTokenBuilder(sessionToken, TEN_DAYS_AGO) + .add("lastRefreshTime", SIX_MINUTES_AGO) + .build(); when(jwtSerializer.decode(JWT_TOKEN)).thenReturn(Optional.of(claims)); assertThat(underTest.validateToken(request, response)).isPresent(); @@ -222,8 +224,9 @@ public class JwtHttpHandlerIT { addJwtCookie(); // Token was created 10 days ago and refreshed 4 minutes ago SessionTokenDto sessionToken = db.users().insertSessionToken(user, st -> st.setExpirationDate(IN_FIVE_MINUTES)); - Claims claims = createToken(sessionToken, TEN_DAYS_AGO); - claims.put("lastRefreshTime", FOUR_MINUTES_AGO); + Claims claims = createTokenBuilder(sessionToken, TEN_DAYS_AGO) + .add("lastRefreshTime", FOUR_MINUTES_AGO) + .build(); when(jwtSerializer.decode(JWT_TOKEN)).thenReturn(Optional.of(claims)); assertThat(underTest.validateToken(request, response)).isPresent(); @@ -237,8 +240,9 @@ public class JwtHttpHandlerIT { addJwtCookie(); // Token was created 4 months ago, refreshed 4 minutes ago, and it expired in 5 minutes SessionTokenDto sessionToken = db.users().insertSessionToken(user, st -> st.setExpirationDate(IN_FIVE_MINUTES)); - Claims claims = createToken(sessionToken, NOW - (4L * 30 * 24 * 60 * 60 * 1000)); - claims.put("lastRefreshTime", FOUR_MINUTES_AGO); + Claims claims = createTokenBuilder(sessionToken, NOW - (4L * 30 * 24 * 60 * 60 * 1000)) + .add("lastRefreshTime", FOUR_MINUTES_AGO) + .build(); when(jwtSerializer.decode(JWT_TOKEN)).thenReturn(Optional.of(claims)); assertThat(underTest.validateToken(request, response)).isEmpty(); @@ -249,7 +253,7 @@ public class JwtHttpHandlerIT { addJwtCookie(); UserDto user = addUser(false); SessionTokenDto sessionToken = db.users().insertSessionToken(user, st -> st.setExpirationDate(IN_FIVE_MINUTES)); - Claims claims = createToken(sessionToken, NOW); + Claims claims = createTokenBuilder(sessionToken, NOW).build(); when(jwtSerializer.decode(JWT_TOKEN)).thenReturn(Optional.of(claims)); assertThat(underTest.validateToken(request, response)).isEmpty(); @@ -287,8 +291,9 @@ public class JwtHttpHandlerIT { UserDto user = db.users().insertUser(); addJwtCookie(); SessionTokenDto sessionToken = db.users().insertSessionToken(user, st -> st.setExpirationDate(IN_FIVE_MINUTES)); - Claims claims = createToken(sessionToken, NOW); - claims.put("xsrfToken", CSRF_STATE); + Claims claims = createTokenBuilder(sessionToken, NOW) + .add("xsrfToken", CSRF_STATE) + .build(); when(jwtSerializer.decode(JWT_TOKEN)).thenReturn(Optional.of(claims)); underTest.validateToken(request, response); @@ -301,8 +306,9 @@ public class JwtHttpHandlerIT { UserDto user = db.users().insertUser(); addJwtCookie(); // No SessionToken in DB - Claims claims = createToken("ABCD", user.getUuid(), NOW, IN_FIVE_MINUTES); - claims.put("lastRefreshTime", SIX_MINUTES_AGO); + Claims claims = createTokenBuilder("ABCD", user.getUuid(), NOW, IN_FIVE_MINUTES) + .add("lastRefreshTime", SIX_MINUTES_AGO) + .build(); when(jwtSerializer.decode(JWT_TOKEN)).thenReturn(Optional.of(claims)); underTest.validateToken(request, response); @@ -317,8 +323,9 @@ public class JwtHttpHandlerIT { // In SessionToken, the expiration date is expired... SessionTokenDto sessionToken = db.users().insertSessionToken(user, st -> st.setExpirationDate(FOUR_MINUTES_AGO)); // ...whereas in the cookie, the expiration date is not expired - Claims claims = createToken(sessionToken.getUuid(), user.getUuid(), NOW, IN_FIVE_MINUTES); - claims.put("lastRefreshTime", SIX_MINUTES_AGO); + Claims claims = createTokenBuilder(sessionToken.getUuid(), user.getUuid(), NOW, IN_FIVE_MINUTES) + .add("lastRefreshTime", SIX_MINUTES_AGO) + .build(); when(jwtSerializer.decode(JWT_TOKEN)).thenReturn(Optional.of(claims)); underTest.validateToken(request, response); @@ -332,8 +339,9 @@ public class JwtHttpHandlerIT { addJwtCookie(); // Token was created 10 days ago and refreshed 6 minutes ago SessionTokenDto sessionToken = db.users().insertSessionToken(user, st -> st.setExpirationDate(IN_FIVE_MINUTES)); - Claims claims = createToken(sessionToken, TEN_DAYS_AGO); - claims.put("xsrfToken", "CSRF_STATE"); + Claims claims = createTokenBuilder(sessionToken, TEN_DAYS_AGO) + .add("xsrfToken", "CSRF_STATE") + .build(); when(jwtSerializer.decode(JWT_TOKEN)).thenReturn(Optional.of(claims)); underTest.validateToken(request, response); @@ -347,8 +355,9 @@ public class JwtHttpHandlerIT { addJwtCookie(); UserDto user = db.users().insertUser(); SessionTokenDto sessionToken = db.users().insertSessionToken(user, st -> st.setExpirationDate(IN_FIVE_MINUTES)); - Claims claims = createToken(sessionToken, TEN_DAYS_AGO); - claims.put("lastRefreshTime", FOUR_MINUTES_AGO); + Claims claims = createTokenBuilder(sessionToken, TEN_DAYS_AGO) + .add("lastRefreshTime", FOUR_MINUTES_AGO) + .build(); when(jwtSerializer.decode(JWT_TOKEN)).thenReturn(Optional.of(claims)); underTest.removeToken(request, response); @@ -430,17 +439,16 @@ public class JwtHttpHandlerIT { return cookie; } - private Claims createToken(SessionTokenDto sessionToken, long createdAt) { - return createToken(sessionToken.getUuid(), sessionToken.getUserUuid(), createdAt, sessionToken.getExpirationDate()); + private ClaimsBuilder createTokenBuilder(SessionTokenDto sessionToken, long createdAt) { + return createTokenBuilder(sessionToken.getUuid(), sessionToken.getUserUuid(), createdAt, sessionToken.getExpirationDate()); } - private Claims createToken(String uuid, String userUuid, long createdAt, long expiredAt) { - DefaultClaims claims = new DefaultClaims(); - claims.setId(uuid); - claims.setSubject(userUuid); - claims.setIssuedAt(new Date(createdAt)); - claims.setExpiration(new Date(expiredAt)); - claims.put("lastRefreshTime", createdAt); - return claims; + private ClaimsBuilder createTokenBuilder(String uuid, String userUuid, long createdAt, long expiredAt) { + return new DefaultClaimsBuilder() + .id(uuid) + .subject(userUuid) + .issuedAt(new Date(createdAt)) + .expiration(new Date(expiredAt)) + .add("lastRefreshTime", createdAt); } } diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/JwtSerializer.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/JwtSerializer.java index 33eaf94af7e..1122972805c 100644 --- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/JwtSerializer.java +++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/JwtSerializer.java @@ -23,8 +23,8 @@ import com.google.common.annotations.VisibleForTesting; import io.jsonwebtoken.Claims; import io.jsonwebtoken.ExpiredJwtException; import io.jsonwebtoken.Jwts; -import io.jsonwebtoken.SignatureAlgorithm; import io.jsonwebtoken.UnsupportedJwtException; +import io.jsonwebtoken.security.MacAlgorithm; import io.jsonwebtoken.security.SignatureException; import java.util.Base64; import java.util.Collections; @@ -42,7 +42,6 @@ import org.sonar.server.authentication.event.AuthenticationEvent.Source; import org.sonar.server.authentication.event.AuthenticationException; import static com.google.common.base.Preconditions.checkNotNull; -import static io.jsonwebtoken.impl.crypto.MacProvider.generateKey; import static java.util.Objects.requireNonNull; import static org.sonar.process.ProcessProperties.Property.AUTH_JWT_SECRET; @@ -52,7 +51,8 @@ import static org.sonar.process.ProcessProperties.Property.AUTH_JWT_SECRET; @ServerSide public class JwtSerializer implements Startable { - private static final SignatureAlgorithm SIGNATURE_ALGORITHM = SignatureAlgorithm.HS256; + private static final MacAlgorithm SIGNATURE_ALGORITHM = Jwts.SIG.HS256; + private static final String HS256_JCA_NAME = "HmacSHA256"; static final String LAST_REFRESH_TIME_PARAM = "lastRefreshTime"; @@ -82,12 +82,12 @@ public class JwtSerializer implements Startable { String encode(JwtSession jwtSession) { checkIsStarted(); return Jwts.builder() - .addClaims(jwtSession.getProperties()) + .claims(jwtSession.getProperties()) .claim(LAST_REFRESH_TIME_PARAM, system2.now()) - .setId(jwtSession.getSessionTokenUuid()) - .setSubject(jwtSession.getUserLogin()) - .setIssuedAt(new Date(system2.now())) - .setExpiration(new Date(jwtSession.getExpirationTime())) + .id(jwtSession.getSessionTokenUuid()) + .subject(jwtSession.getUserLogin()) + .issuedAt(new Date(system2.now())) + .expiration(new Date(jwtSession.getExpirationTime())) .signWith(secretKey, SIGNATURE_ALGORITHM) .compact(); } @@ -96,11 +96,11 @@ public class JwtSerializer implements Startable { checkIsStarted(); Claims claims = null; try { - claims = Jwts.parserBuilder() - .setSigningKey(secretKey) + claims = Jwts.parser() + .verifyWith(secretKey) .build() - .parseClaimsJws(token) - .getBody(); + .parseSignedClaims(token) + .getPayload(); requireNonNull(claims.getId(), "Token id hasn't been found"); requireNonNull(claims.getSubject(), "Token subject hasn't been found"); requireNonNull(claims.getExpiration(), "Token expiration date hasn't been found"); @@ -120,20 +120,20 @@ public class JwtSerializer implements Startable { String refresh(Claims token, long expirationTime) { checkIsStarted(); return Jwts.builder() - .setClaims(token) + .claims(token) .claim(LAST_REFRESH_TIME_PARAM, system2.now()) - .setExpiration(new Date(expirationTime)) + .expiration(new Date(expirationTime)) .signWith(secretKey, SIGNATURE_ALGORITHM) .compact(); } private static SecretKey generateSecretKey() { - return generateKey(SIGNATURE_ALGORITHM); + return SIGNATURE_ALGORITHM.key().build(); } private static SecretKey decodeSecretKeyProperty(String base64SecretKey) { byte[] decodedKey = Base64.getDecoder().decode(base64SecretKey); - return new SecretKeySpec(decodedKey, 0, decodedKey.length, SIGNATURE_ALGORITHM.getJcaName()); + return new SecretKeySpec(decodedKey, 0, decodedKey.length, HS256_JCA_NAME); } private void checkIsStarted() { diff --git a/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/JwtSerializerTest.java b/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/JwtSerializerTest.java index 57e05a99be4..f887695e8f0 100644 --- a/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/JwtSerializerTest.java +++ b/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/JwtSerializerTest.java @@ -22,7 +22,8 @@ package org.sonar.server.authentication; import com.google.common.collect.ImmutableMap; import io.jsonwebtoken.Claims; import io.jsonwebtoken.Jwts; -import io.jsonwebtoken.impl.DefaultClaims; +import io.jsonwebtoken.impl.DefaultClaimsBuilder; +import io.jsonwebtoken.security.MacAlgorithm; import java.util.Base64; import java.util.Date; import java.util.Optional; @@ -35,7 +36,6 @@ import org.sonar.api.utils.System2; import org.sonar.server.authentication.JwtSerializer.JwtSession; import org.sonar.server.authentication.event.AuthenticationException; -import static io.jsonwebtoken.SignatureAlgorithm.HS256; import static org.apache.commons.lang.time.DateUtils.addMinutes; import static org.apache.commons.lang.time.DateUtils.addYears; import static org.assertj.core.api.Assertions.assertThat; @@ -44,14 +44,15 @@ import static org.sonar.server.authentication.event.AuthenticationEvent.Source; public class JwtSerializerTest { + private static final MacAlgorithm SIGNATURE_ALGORITHM = Jwts.SIG.HS256; + private static final String A_SECRET_KEY = "HrPSavOYLNNrwTY+SOqpChr7OwvbR/zbDLdVXRN0+Eg="; private static final String USER_LOGIN = "john"; private static final String SESSION_TOKEN_UUID = "ABCD"; - - private MapSettings settings = new MapSettings(); - private System2 system2 = System2.INSTANCE; - private JwtSerializer underTest = new JwtSerializer(settings.asConfig(), system2); + private final MapSettings settings = new MapSettings(); + private final System2 system2 = System2.INSTANCE; + private final JwtSerializer underTest = new JwtSerializer(settings.asConfig(), system2); @Test public void generate_token() { @@ -125,10 +126,10 @@ public class JwtSerializerTest { underTest.start(); String token = Jwts.builder() - .setId("123") - .setIssuedAt(new Date(system2.now())) - .setExpiration(addMinutes(new Date(), -20)) - .signWith(decodeSecretKey(A_SECRET_KEY), HS256) + .id("123") + .issuedAt(new Date(system2.now())) + .expiration(addMinutes(new Date(), -20)) + .signWith(decodeSecretKey(A_SECRET_KEY), SIGNATURE_ALGORITHM) .compact(); assertThat(underTest.decode(token)).isEmpty(); @@ -140,11 +141,11 @@ public class JwtSerializerTest { underTest.start(); String token = Jwts.builder() - .setId("123") - .setSubject(USER_LOGIN) - .setIssuedAt(new Date(system2.now())) - .setExpiration(addMinutes(new Date(), 20)) - .signWith(decodeSecretKey("LyWgHktP0FuHB2K+kMs3KWMCJyFHVZDdDSqpIxAMVaQ="), HS256) + .id("123") + .subject(USER_LOGIN) + .issuedAt(new Date(system2.now())) + .expiration(addMinutes(new Date(), 20)) + .signWith(decodeSecretKey("LyWgHktP0FuHB2K+kMs3KWMCJyFHVZDdDSqpIxAMVaQ="), SIGNATURE_ALGORITHM) .compact(); assertThat(underTest.decode(token)).isEmpty(); @@ -156,10 +157,10 @@ public class JwtSerializerTest { underTest.start(); String token = Jwts.builder() - .setId("123") - .setSubject(USER_LOGIN) - .setIssuedAt(new Date(system2.now())) - .setExpiration(addMinutes(new Date(), 20)) + .id("123") + .subject(USER_LOGIN) + .issuedAt(new Date(system2.now())) + .expiration(addMinutes(new Date(), 20)) .compact(); assertThat(underTest.decode(token)).isEmpty(); @@ -171,11 +172,11 @@ public class JwtSerializerTest { underTest.start(); String token = Jwts.builder() - .setSubject(USER_LOGIN) - .setIssuer("sonarqube") - .setIssuedAt(new Date(system2.now())) - .setExpiration(addMinutes(new Date(), 20)) - .signWith(decodeSecretKey(A_SECRET_KEY), HS256) + .subject(USER_LOGIN) + .issuer("sonarqube") + .issuedAt(new Date(system2.now())) + .expiration(addMinutes(new Date(), 20)) + .signWith(decodeSecretKey(A_SECRET_KEY), SIGNATURE_ALGORITHM) .compact(); assertThatThrownBy(() -> underTest.decode(token)) @@ -191,11 +192,11 @@ public class JwtSerializerTest { underTest.start(); String token = Jwts.builder() - .setId("123") - .setIssuer("sonarqube") - .setIssuedAt(new Date(system2.now())) - .setExpiration(addMinutes(new Date(), 20)) - .signWith(HS256, decodeSecretKey(A_SECRET_KEY)) + .id("123") + .issuer("sonarqube") + .issuedAt(new Date(system2.now())) + .expiration(addMinutes(new Date(), 20)) + .signWith(decodeSecretKey(A_SECRET_KEY), SIGNATURE_ALGORITHM) .compact(); assertThatThrownBy(() -> underTest.decode(token)) @@ -210,11 +211,11 @@ public class JwtSerializerTest { underTest.start(); String token = Jwts.builder() - .setId("123") - .setIssuer("sonarqube") - .setSubject(USER_LOGIN) - .setIssuedAt(new Date(system2.now())) - .signWith(decodeSecretKey(A_SECRET_KEY), HS256) + .id("123") + .issuer("sonarqube") + .subject(USER_LOGIN) + .issuedAt(new Date(system2.now())) + .signWith(decodeSecretKey(A_SECRET_KEY), SIGNATURE_ALGORITHM) .compact(); assertThatThrownBy(() -> underTest.decode(token)) @@ -230,10 +231,10 @@ public class JwtSerializerTest { underTest.start(); String token = Jwts.builder() - .setId("123") - .setSubject(USER_LOGIN) - .setExpiration(addMinutes(new Date(), 20)) - .signWith(decodeSecretKey(A_SECRET_KEY), HS256) + .id("123") + .subject(USER_LOGIN) + .expiration(addMinutes(new Date(), 20)) + .signWith(decodeSecretKey(A_SECRET_KEY), SIGNATURE_ALGORITHM) .compact(); assertThatThrownBy(() -> underTest.decode(token)) @@ -250,7 +251,7 @@ public class JwtSerializerTest { underTest.start(); assertThat(underTest.getSecretKey()).isNotNull(); - assertThat(underTest.getSecretKey().getAlgorithm()).isEqualTo(HS256.getJcaName()); + assertThat(underTest.getSecretKey().getAlgorithm()).isEqualTo("HmacSHA256"); } @Test @@ -272,14 +273,15 @@ public class JwtSerializerTest { // Expired in 10 minutes Date expiredAt = addMinutes(new Date(), 10); Date lastRefreshDate = addMinutes(new Date(), -4); - Claims token = new DefaultClaims() + Claims token = new DefaultClaimsBuilder() .setId("id") - .setSubject("subject") - .setIssuer("sonarqube") - .setIssuedAt(createdAt) - .setExpiration(expiredAt); - token.put("lastRefreshTime", lastRefreshDate.getTime()); - token.put("key", "value"); + .subject("subject") + .issuer("sonarqube") + .issuedAt(createdAt) + .expiration(expiredAt) + .add("lastRefreshTime", lastRefreshDate.getTime()) + .add("key", "value") + .build(); // Refresh the token with a higher expiration time String encodedToken = underTest.refresh(token, addMinutes(new Date(), 20).getTime()); @@ -310,7 +312,8 @@ public class JwtSerializerTest { @Test public void encode_fail_when_not_started() { - assertThatThrownBy(() -> underTest.encode(new JwtSession(USER_LOGIN, SESSION_TOKEN_UUID, addMinutes(new Date(), 10).getTime()))) + JwtSession jwtSession = new JwtSession(USER_LOGIN, SESSION_TOKEN_UUID, addMinutes(new Date(), 10).getTime()); + assertThatThrownBy(() -> underTest.encode(jwtSession)) .isInstanceOf(NullPointerException.class) .hasMessage("org.sonar.server.authentication.JwtSerializer not started"); } @@ -324,14 +327,17 @@ public class JwtSerializerTest { @Test public void refresh_fail_when_not_started() { - assertThatThrownBy(() -> underTest.refresh(new DefaultClaims(), addMinutes(new Date(), 10).getTime())) + Claims claims = new DefaultClaimsBuilder().build(); + long time = addMinutes(new Date(), 10).getTime(); + + assertThatThrownBy(() -> underTest.refresh(claims, time)) .isInstanceOf(NullPointerException.class) .hasMessage("org.sonar.server.authentication.JwtSerializer not started"); } private SecretKey decodeSecretKey(String encodedKey) { byte[] decodedKey = Base64.getDecoder().decode(encodedKey); - return new SecretKeySpec(decodedKey, 0, decodedKey.length, HS256.getJcaName()); + return new SecretKeySpec(decodedKey, 0, decodedKey.length, "HmacSHA256"); } private void setSecretKey(String s) { -- 2.39.5