replaced jwt jackson serialization with ODocument.toJson, issue #2229

core/pom.xml

@@ -168,11 +168,6 @@
             <version>3.1.2</version>
         </dependency>
         -->
-        <dependency>
-          <groupId>com.fasterxml.jackson.core</groupId>
-          <artifactId>jackson-annotations</artifactId>
-          <version>2.4.0</version>
-        </dependency>
 
         <dependency>
             <groupId>net.java.dev.jna</groupId>

token-auth-jwt/pom.xml

@@ -36,16 +36,6 @@
 			<version>${project.version}</version>
 			<scope>compile</scope>
 		</dependency>
-		<dependency>
-			<groupId>com.fasterxml.jackson.core</groupId>
-			<artifactId>jackson-databind</artifactId>
-			<version>2.4.2</version>
-		</dependency>
-		<dependency>
-			<groupId>com.fasterxml.jackson.module</groupId>
-			<artifactId>jackson-module-afterburner</artifactId>
-			<version>2.4.2</version>
-		</dependency>
 		<dependency>
 			<groupId>org.testng</groupId>
 			<artifactId>testng</artifactId>

token-auth-jwt/src/main/java/com/orientechnologies/orient/server/jwt/impl/JsonWebToken.java

@@ -2,7 +2,6 @@
 
 import com.orientechnologies.orient.core.db.ODatabaseDocumentInternal;
 import com.orientechnologies.orient.core.id.ORID;
-import com.orientechnologies.orient.core.id.ORecordId;
 import com.orientechnologies.orient.core.metadata.security.OToken;
 import com.orientechnologies.orient.core.metadata.security.OUser;
 import com.orientechnologies.orient.core.metadata.security.jwt.OJsonWebToken;
@@ -77,10 +76,10 @@ public String getDatabase() {
   public long getExpiry() {
     return getPayload().getExpiry();
   }
-  
+
   @Override
   public ORID getUserId() {
-    return new ORecordId(((OrientJwtPayload) payload).getUserRid());
+    return ((OrientJwtPayload) payload).getUserRid();
   }
 
   @Override
@@ -90,9 +89,9 @@ public String getDatabaseType() {
 
   @Override
   public OUser getUser(ODatabaseDocumentInternal db) {
-    String userRid = ((OrientJwtPayload) payload).getUserRid();
+    ORID userRid = ((OrientJwtPayload) payload).getUserRid();
     ODocument result;
-    result = db.load(new ORecordId(userRid), "roles:1");
+    result = db.load(userRid, "roles:1");
     if (!result.getClassName().equals(OUser.CLASS_NAME)) {
       result = null;
     }

token-auth-jwt/src/main/java/com/orientechnologies/orient/server/jwt/impl/JwtTokenHandler.java

@@ -2,35 +2,29 @@
 
 import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
-import java.io.DataInputStream;
 import java.io.IOException;
 import java.io.InputStream;
-import java.io.OutputStream;
+import java.io.UnsupportedEncodingException;
 import java.security.NoSuchAlgorithmException;
 import java.util.Arrays;
-import java.util.Date;
 import java.util.UUID;
 
 import javax.crypto.Mac;
 
-import com.fasterxml.jackson.databind.DeserializationFeature;
-import com.fasterxml.jackson.databind.ObjectMapper;
-import com.fasterxml.jackson.module.afterburner.AfterburnerModule;
 import com.orientechnologies.common.exception.OException;
 import com.orientechnologies.orient.core.db.ODatabaseDocumentInternal;
 import com.orientechnologies.orient.core.id.ORecordId;
 import com.orientechnologies.orient.core.metadata.security.OSecurityUser;
 import com.orientechnologies.orient.core.metadata.security.OToken;
 import com.orientechnologies.orient.core.metadata.security.OTokenHandler;
 import com.orientechnologies.orient.core.metadata.security.jwt.OJwtHeader;
-import com.orientechnologies.orient.core.metadata.security.jwt.OKeyProvider;
 import com.orientechnologies.orient.core.metadata.security.jwt.OJwtPayload;
+import com.orientechnologies.orient.core.metadata.security.jwt.OKeyProvider;
+import com.orientechnologies.orient.core.record.impl.ODocument;
 import com.orientechnologies.orient.core.serialization.OBase64Utils;
 import com.orientechnologies.orient.server.OServer;
 import com.orientechnologies.orient.server.binary.impl.OBinaryToken;
 import com.orientechnologies.orient.server.config.OServerParameterConfiguration;
-import com.orientechnologies.orient.server.jwt.mixin.OJwtHeaderMixin;
-import com.orientechnologies.orient.server.jwt.mixin.OJwtPayloadMixin;
 import com.orientechnologies.orient.server.plugin.OServerPluginAbstract;
 
 /**
@@ -43,7 +37,6 @@ public class JwtTokenHandler extends OServerPluginAbstract implements OTokenHand
 
   private static final String           JWT_TOKEN_HANDLER = "JwtTokenHandler";
 
-  private final ObjectMapper            mapper;
   private OBinaryTokenSerializer        binarySerializer;
 
   protected static final int            JWT_DELIMITER     = '.';
@@ -61,14 +54,6 @@ protected Mac initialValue() {
 
   private OKeyProvider                  keyProvider;
 
-  public JwtTokenHandler() {
-    mapper = new ObjectMapper().registerModule(new AfterburnerModule()).configure(
-        DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
-    mapper.addMixInAnnotations(OJwtHeader.class, OJwtHeaderMixin.class);
-    mapper.addMixInAnnotations(OJwtPayload.class, OJwtPayloadMixin.class);
-
-  }
-
   @Override
   public void config(final OServer iServer, final OServerParameterConfiguration[] iParams) {
 
@@ -166,22 +151,42 @@ public boolean validateBinaryToken(OToken token) {
   }
 
   protected OrientJwtHeader deserializeWebHeader(byte[] decodedHeader) {
+    ODocument doc = new ODocument();
     try {
-      return mapper.readValue(decodedHeader, OrientJwtHeader.class);
-    } catch (Exception e) {
+      doc.fromJSON(new String(decodedHeader, "UTF-8"));
+    } catch (UnsupportedEncodingException e) {
       throw new OException(e);
     }
+    OrientJwtHeader header = new OrientJwtHeader();
+    header.setType((String) doc.field("typ"));
+    header.setAlgorithm((String) doc.field("alg"));
+    header.setKeyId((String) doc.field("kid"));
+    return header;
   }
 
   protected OJwtPayload deserializeWebPayload(String type, byte[] decodedPayload) {
     if (!"OrientDB".equals(type)) {
       throw new OException("Payload class not registered:" + type);
     }
+    ODocument doc = new ODocument();
     try {
-      return mapper.readValue(decodedPayload, OrientJwtPayload.class);
-    } catch (Exception e) {
+      doc.fromJSON(new String(decodedPayload, "UTF-8"));
+    } catch (UnsupportedEncodingException e) {
       throw new OException(e);
     }
+    OrientJwtPayload payload = new OrientJwtPayload();
+    payload.setIssuer((String) doc.field("iss"));
+    payload.setExpiry((Long) doc.field("exp"));
+    payload.setIssuedAt((Long) doc.field("iat"));
+    payload.setNotBefore((Long) doc.field("nbf"));
+    payload.setDatabase((String) doc.field("sub"));
+    payload.setAudience((String) doc.field("aud"));
+    payload.setTokenId((String) doc.field("jti"));
+    int cluster = (Integer) doc.field("uidc");
+    long pos = (Long) doc.field("uidp");
+    payload.setUserRid(new ORecordId(cluster, pos));
+    payload.setDatabaseType((String) doc.field("bdtyp"));
+    return payload;
   }
 
   public byte[] getSignedWebToken(ODatabaseDocumentInternal db, OSecurityUser user) {
@@ -223,23 +228,36 @@ private byte[] signToken(OrientJwtHeader header, byte[] unsignedToken) {
   }
 
   protected byte[] serializeWebHeader(OJwtHeader header) throws Exception {
-    return mapper.writeValueAsBytes(header);
+    ODocument doc = new ODocument();
+    doc.field("typ", header.getType());
+    doc.field("alg", header.getAlgorithm());
+    doc.field("kid", header.getKeyId());
+    return doc.toJSON().getBytes("UTF-8");
   }
 
   protected byte[] serializeWebPayload(OJwtPayload payload) throws Exception {
-    return mapper.writeValueAsBytes(payload);
+    ODocument doc = new ODocument();
+    doc.field("iss", payload.getIssuer());
+    doc.field("exp", payload.getExpiry());
+    doc.field("iat", payload.getIssuedAt());
+    doc.field("nbf", payload.getNotBefore());
+    doc.field("sub", payload.getDatabase());
+    doc.field("aud", payload.getAudience());
+    doc.field("jti", payload.getTokenId());
+    doc.field("uidc", ((OrientJwtPayload) payload).getUserRid().getClusterId());
+    doc.field("uidp", ((OrientJwtPayload) payload).getUserRid().getClusterPosition());
+    doc.field("bdtyp", ((OrientJwtPayload) payload).getDatabaseType());
+    return doc.toJSON().getBytes("UTF-8");
   }
 
   protected OJwtPayload createPayload(ODatabaseDocumentInternal db, OSecurityUser user) {
     OrientJwtPayload payload = new OrientJwtPayload();
     payload.setAudience("OrientDb");
     payload.setDatabase(db.getName());
-    payload.setUserRid(user.getDocument().getIdentity().toString());
+    payload.setUserRid(user.getDocument().getIdentity());
 
     long expiryMinutes = 60000 * 10;
     long currTime = System.currentTimeMillis();
-    // Date issueTime = new Date(currTime);
-    // Date expDate = new Date(currTime + expiryMinutes);
     payload.setIssuedAt(currTime);
     payload.setNotBefore(currTime);
     payload.setUserName(user.getName());

token-auth-jwt/src/main/java/com/orientechnologies/orient/server/jwt/impl/OrientJwtPayload.java

@@ -1,6 +1,6 @@
 package com.orientechnologies.orient.server.jwt.impl;
 
-import com.fasterxml.jackson.annotation.JsonProperty;
+import com.orientechnologies.orient.core.id.ORID;
 import com.orientechnologies.orient.core.metadata.security.jwt.OJwtPayload;
 
 /**
@@ -16,7 +16,7 @@ public class OrientJwtPayload implements OJwtPayload {
   public long   exp;
   public long   iat;
   public long   nbf;
-  public String userRid;
+  public ORID   userRid;
   public String database;
   public String databaseType;
 
@@ -90,22 +90,18 @@ public void setTokenId(String jti) {
     this.jti = jti;
   }
 
-  @JsonProperty(value = "userRid")
-  public String getUserRid() {
+  public ORID getUserRid() {
     return userRid;
   }
 
-  @JsonProperty(value = "userRid")
-  public void setUserRid(String userRid) {
+  public void setUserRid(ORID userRid) {
     this.userRid = userRid;
   }
 
-  @JsonProperty(value = "dbName")
   public String getDatabase() {
     return database;
   }
 
-  @JsonProperty(value = "dbName")
   public void setDatabase(String dbName) {
     this.database = dbName;
   }

token-auth-jwt/src/test/java/com/orientechnologies/orient/server/jwt/impl/JwtTokenHandlerTest.java

@@ -12,6 +12,7 @@
 import org.testng.annotations.Test;
 
 import com.orientechnologies.orient.core.db.document.ODatabaseDocumentTx;
+import com.orientechnologies.orient.core.id.ORecordId;
 import com.orientechnologies.orient.core.metadata.security.OSecurityUser;
 import com.orientechnologies.orient.core.metadata.security.OToken;
 import com.orientechnologies.orient.core.metadata.security.OUser;
@@ -78,7 +79,7 @@ public void testSerializeDeserializeWebHeader() throws Exception {
 
   @Test
   public void testSerializeDeserializeWebPayload() throws Exception {
-    OJwtPayload payload = new OrientJwtPayload();
+    OrientJwtPayload payload = new OrientJwtPayload();
     String ptype = "OrientDB";
     payload.setAudience("audiance");
     payload.setExpiry(1L);
@@ -87,8 +88,8 @@ public void testSerializeDeserializeWebPayload() throws Exception {
     payload.setNotBefore(3L);
     payload.setUserName("the subject");
     payload.setTokenId("aaa");
+    payload.setUserRid(new ORecordId(3, 4));
 
-    // payload.setKeyId("the_key");
     JwtTokenHandler handler = new JwtTokenHandler();
     byte[] payloadbytes = handler.serializeWebPayload(payload);