diff --git a/README.md b/README.md index 813c251..6fce044 100644 --- a/README.md +++ b/README.md @@ -29,6 +29,19 @@ To do this follow the steps below: Please ensure that your Maven `settings.xml` file has been configured with the correct Anypoint Exchange credentials. +For deployment to the EU Control Plane, please update the `` element inside the `pom.xml` as follows: + +```xml + + + Exchange2 + Exchange2 Repository + https://maven.eu1.anypoint.mulesoft.com/api/v1/organizations/${project.groupId}/maven + default + + +``` + ## Usage Once the module has been deployed to Exchange, you can add it to your project by following the steps outlined at [https://docs.mulesoft.com/studio/7.12/add-modules-in-studio-to](https://docs.mulesoft.com/studio/7.12/add-modules-in-studio-to) to make it available in your Mule Palette. @@ -76,11 +89,11 @@ The Sign component can result in one of the following errors occuring, if mis-co This module makes use of the following 3rd party libraries: + The [jwt.io](https://jwt.io/) Java JWT library, [jjwt](https://github.com/jwtk/jjwt) -+ The [org.bouncycastle](https://javadoc.io/doc/org.bouncycastle/bcpkix-jdk15on/latest/index.html) cryptography library ++ The [org.bouncycastle](https://javadoc.io/doc/org.bouncycastle/bcpkix-jdk18on/latest/index.html) cryptography library ## Notes -This module makes use of the BouncyCastle [PEMParser](https://www.bouncycastle.org/docs/pkixdocs1.5on/org/bouncycastle/openssl/PEMParser.html) to parse the `Private Key File`, which expects the private key used for signing to be supplied in [PEM](https://en.wikipedia.org/wiki/Privacy-Enhanced_Mail) format. +This module makes use of the BouncyCastle [PEMParser](https://www.bouncycastle.org/docs/pkixdocs1.8on/org/bouncycastle/openssl/PEMParser.html) to parse the `Private Key File`, which expects the private key used for signing to be supplied in [PEM](https://en.wikipedia.org/wiki/Privacy-Enhanced_Mail) format. Some example private keys, used during automated testing, can be found in this repository at [src/test/resources/cert](https://github.com/mulesoft-catalyst/jwt-module/tree/main/src/test/resources/cert). If you are not sure whether your key meets this requirement, it is recommended to convert it into the [PKCS #8](https://en.wikipedia.org/wiki/PKCS_8) format, using the [`openssl`](https://www.openssl.org/docs/man1.1.1/man1/openssl-pkcs8.html) command line or via online tools such as those at [8gwifi.org](https://8gwifi.org/). \ No newline at end of file diff --git a/pom.xml b/pom.xml index b919ff5..4855b4e 100644 --- a/pom.xml +++ b/pom.xml @@ -12,7 +12,7 @@ ORG_ID_TOKEN jwt-module - 0.7.1 + 1.0.0 mule-extension JWT Module A Mule4 plugin that simplifies the process of generating a signed JSON Web Token @@ -21,6 +21,7 @@ 1.71 0.11.5 1.1.2 + 4.7.0.0 @@ -28,7 +29,7 @@ com.github.spotbugs spotbugs-maven-plugin - 4.5.2.0 + ${spotbugs.version} Max Low diff --git a/src/main/java/uk/org/mule/jwt/internal/JwtOperations.java b/src/main/java/uk/org/mule/jwt/internal/JwtOperations.java index 5e8d6ca..328e6b1 100644 --- a/src/main/java/uk/org/mule/jwt/internal/JwtOperations.java +++ b/src/main/java/uk/org/mule/jwt/internal/JwtOperations.java @@ -71,8 +71,8 @@ else if (object instanceof PEMEncryptedKeyPair) { catch (FileNotFoundException fnfe) { throw new ModuleException(JwtError.FILE_NOT_FOUND, fnfe); } - catch (InvalidKeyException | PEMException ke) { - throw new ModuleException(JwtError.INVALID_KEY, ke); + catch (InvalidKeyException | PEMException ike) { + throw new ModuleException(JwtError.INVALID_KEY, ike); } catch (IOException ioe) { throw new ModuleException(JwtError.IO_ERROR, ioe); @@ -90,9 +90,9 @@ else if (object instanceof PEMEncryptedKeyPair) { return jws; } - private String getJWS(@Optional @Content Map header, - @Content(primary = true) Map payload, - @Config JwtConfiguration config, + private String getJWS(Map header, + Map payload, + JwtConfiguration config, PrivateKeyInfo privateKeyInfo) throws PEMException { String jws = null; if (privateKeyInfo != null) {