CPD Results
The following document contains the results of PMD's CPD 6.53.0.
Duplications
| File | Line |
|---|---|
| media/pepperpot/tca/authenticator/JwtAuthenticator.java | 235 |
| media/pepperpot/tca/authenticator/JwtAuthenticator.java | 397 |
jwtProcessor.setJWSKeySelector(keySelector);
String jwtMaxClockSkewString = properties.getProperty(JWT_MAX_CLOCK_SKEW,
JWT_MAX_CLOCK_SKEW_DEFAULT);
String jwtAcceptedAudienceString = properties.getProperty(JWT_ACCEPTED_AUDIENCE);
String jwtRequiredClaimsString = properties.getProperty(JWT_REQUIRED_CLAIMS);
String jwtProhibitedClaimsString = properties.getProperty(JWT_PROHIBITED_CLAIMS);
try {
Set<String> jwtAcceptedAudience = jwtAcceptedAudienceString == null ? null
: Arrays.stream(jwtAcceptedAudienceString.split(",")).map(String::trim)
.collect(Collectors.toSet());
Set<String> jwtRequiredClaims = jwtRequiredClaimsString == null ? null
: Arrays.stream(jwtRequiredClaimsString.split(",")).map(String::trim)
.collect(Collectors.toSet());
Set<String> jwtProhibitedClaims = jwtProhibitedClaimsString == null ? null
: Arrays.stream(jwtProhibitedClaimsString.split(",")).map(String::trim)
.collect(Collectors.toSet());
DefaultJWTClaimsVerifier<SecurityContext> claimsVerifier = new DefaultJWTClaimsVerifier<SecurityContext>(
jwtAcceptedAudience, null, jwtRequiredClaims, jwtProhibitedClaims);
claimsVerifier.setMaxClockSkew(Integer.parseInt(jwtMaxClockSkewString));
jwtProcessor.setJWTClaimsSetVerifier(claimsVerifier);
} catch (NumberFormatException e) {
statuses.add("JWT token is signed, but " + JWT_MAX_CLOCK_SKEW + " could not be parsed: "
+ jwsAlgorithmString + " :" + e.toString());
continue;
}
SecurityContext ctx = null;
try {
claims = jwtProcessor.process(parsed, ctx);
} catch (BadJOSEException e) {
statuses.add("JWT token was signed, but was formatted badly: " + e.toString());
continue;
} catch (JOSEException e) {
statuses.add("JWT token was signed, but was could not be verified: " + e.toString());
continue;
}
} else if (parsed instanceof EncryptedJWT) { | |