MP-JWT Injection of Principal test

[Arjan Tijms]

Hi,

Users can inject a principal in CDI as follows:

@Inject

private Principal principal;

Since JsonWebToken inherits from Principal, implementors should be careful not to introduce a Bean<T> for this that also returns Principal as type.

WildFly Swam for instance doesn't seem to do this, causing the following error:

2018-02-11 23:29:19,270 ERROR [stderr] (main)     Caused by: org.jboss.weld.exceptions.DeploymentException: WELD-001409: Ambiguous dependencies for type Principal with qualifiers @Default

2018-02-11 23:29:19,270 ERROR [stderr] (main)   at injection point [BackedAnnotatedField] @Inject private org.eclipse.microprofile12.jwtauth.jaxrs.Resource.principal

2018-02-11 23:29:19,270 ERROR [stderr] (main)   at org.eclipse.microprofile12.jwtauth.jaxrs.Resource.principal(Resource.java:0)

2018-02-11 23:29:19,270 ERROR [stderr] (main)   Possible dependencies: 

2018-02-11 23:29:19,271 ERROR [stderr] (main)   - Producer Method [JsonWebToken] with qualifiers [@Any @Default] declared as [[UnbackedAnnotatedMethod] @Produces @RequestScoped org.wildfly.swarm.microprofile.jwtauth.deployment.auth.cdi.MPJWTProducer.currentPrincipalOrNull()],

2018-02-11 23:29:19,271 ERROR [stderr] (main)   - Built-in Bean [java.security.Principal] with qualifiers [@Default]

(see https://github.com/MicroProfileJWT/microprofile-jwt-auth-wfswarm/blob/master/src/main/java/org/eclipse/microprofile/jwt/wfswarm/cdi/MPJWTProducer.java#L67)

I've personally implemented this as follows: 

https://github.com/payara/Payara/blob/Payara-5/appserver/payara-appserver-modules/microprofile/jwt-auth/src/main/java/fish/payara/microprofile/jwtauth/cdi/CdiInitEventHandler.java#L114

Note that the Principal type is explicitly omitted from the list of types.

It would probably be a good idea to add a TCK test for this that tests that Principal can indeed still be injected.

Kind regards,

Arjan Tijms

(p.s. where can WildFly MP bugs be reported?)

[Jean-Louis Monteiro]

Good catch Arjan!

--

Jean-Louis Monteiro
http://twitter.com/jlouismonteiro
http://www.tomitribe.com

--
You received this message because you are subscribed to the Google Groups "Eclipse MicroProfile" group.
To unsubscribe from this group and stop receiving emails from it, send an email to microprofile+unsubscribe@googlegroups.com.
To post to this group, send email to microp...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/microprofile/d8dcdcee-7947-493e-9d72-d558231d6c0c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Scott Stark]

You can create issues https://issues.jboss.org/projects/SWARM/ if you have a jboss-developer account. Select the microprofile component to flag the issue as related to the MicroProfile implementation. I have created the following issue for this:

https://issues.jboss.org/browse/SWARM-1869

as well as this issue to add an additional test to the TCK:

https://github.com/eclipse/microprofile-jwt-auth/issues/68

[Cristofo Vilares]

Hi Arjan,

we are running into the same Issue... What did you do to workaraound or to solve this? Unfortunatly your Github url doesn't work...

Thank you for a reply...

Best Regards,

Cris

[Scott Stark]

We have made a new 1.1.1 release that relaxes the requirements around the Principal injection type based on feedback from implementations and the non-obvious way to override the CDI Principal bean. It is available on maven central, and github:

https://github.com/eclipse/microprofile-jwt-auth/releases/tag/1.1.1