From 41bd36755d0f9c040b851842f728c46c767d71ec Mon Sep 17 00:00:00 2001 From: Scott Stark Date: Tue, 5 Sep 2017 20:44:28 -0700 Subject: [PATCH] Update section on dependent claim values. Update the revnumber to 1.0-RC10 as proposed final draft Signed-off-by: Scott Stark --- .../main/asciidoc/interoperability.asciidoc | 22 +++++++++---------- .../microprofile-jwt-auth-spec.asciidoc | 6 ++--- spec/src/main/asciidoc/sample-impl.asciidoc | 1 - 3 files changed, 13 insertions(+), 16 deletions(-) diff --git a/spec/src/main/asciidoc/interoperability.asciidoc b/spec/src/main/asciidoc/interoperability.asciidoc index 4c2baba8..732117b8 100644 --- a/spec/src/main/asciidoc/interoperability.asciidoc +++ b/spec/src/main/asciidoc/interoperability.asciidoc @@ -453,7 +453,7 @@ public @interface Claim { } ---- -with `@Dependent` scoping for any CDI defined non-proxyable type. +with `@Dependent` scoping. MP-JWT implementation are required to throw a `DeploymentException` when detecting the ambiguous use of a @Claim qualifier that includes inconsistent non-default values for both the value and standard elements as @@ -470,21 +470,18 @@ public class MyEndpoint { } ---- -For currently defined standard claims, the set of non-proxyable types include: +The set of types one my use for a claim value injection is: * java.lang.String +* java.util.Set * java.lang.Long * java.lang.Boolean -* java.util.Optional * javax.json.JsonValue subtypes +* java.util.Optional wrapper of the above types. +* org.eclipse.microprofile.jwt.ClaimValue wrapper of the above types. - -All other types of claims values should be available with `@RequestScoped` scoping. MP-JWT implementations are required to support injection of the claim values -using any of: -* The raw type associated with the JsonWebToken claim value. -* `org.eclipse.microprofile.jwt.ClaimValue` wrapper. -* `javax.json.JsonValue` JSON-P subtypes. +using any of these types. The `org.eclipse.microprofile.jwt.ClaimValue` interface is: [source,java] @@ -611,9 +608,9 @@ allows for injection to occur in non-RequestScoped contexts. The example shows that one may specify the name of the claim using a string or a `Claims` enum value. The string form would allow for specifying non-standard -claims while the `Claims` enum approach guards against typos and mis-spellings. +claims while the `Claims` enum approach guards against typos. -#### Handling of Non-RequestScoped Injection of Non-Proxyable Claim Values +#### Handling of Non-RequestScoped Injection of Claim Values MP-JWT implementations are required to validate the use of claim value injection into contexts that do not match @RequestScoped. When the target context has @ApplicationScoped or @SessionScoped scope, implementations are required to generate a `javax.enterprise.inject.spi.DeploymentException`. For any other context, implementations @@ -621,7 +618,8 @@ should issue a warning, that may be suppressed by an implementation specific con [NOTE] If one needs to inject a claim value into a scope with a lifetime greater than @RequestScoped, such as -@ApplicationScoped or @SessionScoped, one can use the javax.inject.Provider interface to do so. +@ApplicationScoped or @SessionScoped, one can use the javax.inject.Provider or javax.inject.Instance +interfaces to do so. ### JAX-RS Container API Integration The behavior of the following JAX-RS security related methods is required for diff --git a/spec/src/main/asciidoc/microprofile-jwt-auth-spec.asciidoc b/spec/src/main/asciidoc/microprofile-jwt-auth-spec.asciidoc index a1c0e5c7..89b2469d 100644 --- a/spec/src/main/asciidoc/microprofile-jwt-auth-spec.asciidoc +++ b/spec/src/main/asciidoc/microprofile-jwt-auth-spec.asciidoc @@ -18,9 +18,9 @@ = Interoperable JWT RBAC for Microprofile :author: Scott Stark; Pedro Igor Silva :email: sstark@redhat.com -:revnumber: 1.0 Draft -:revdate: 2017-08-23 -:revremark: Proposal +:revnumber: 1.0-RC10 +:revdate: 2017-09-05 +:revremark: Proposed Final Draft :version-label!: :sectanchors: :doctype: book diff --git a/spec/src/main/asciidoc/sample-impl.asciidoc b/spec/src/main/asciidoc/sample-impl.asciidoc index 4a5d9833..a9417559 100644 --- a/spec/src/main/asciidoc/sample-impl.asciidoc +++ b/spec/src/main/asciidoc/sample-impl.asciidoc @@ -29,7 +29,6 @@ and authorization spec in various container environments. This particular implem * a default implementation of the JsonWebToken interface * a JAX-RS ContainerRequestFilter prototype * JSR-375 IdentityStore and Credential prototypes -* TODO: a JSR-196 ServerAuthModule ### Wildfly Swarm Implementations