Merge pull request #240 from ldclakmal/dev

Make JWT auth providers isolated

gradle.properties

@@ -5,7 +5,7 @@ puppycrawlCheckstyleVersion=8.18
 ballerinaGradlePluginVersion=0.8.2
 
 ballerinaLangVersion=2.0.0-beta.1-20210520-181100-6c7be323
-stdlibCacheVersion=2.1.0-beta.1-20210520-211100-df32f2f
+stdlibCacheVersion=2.1.0-beta.1-20210521-162000-537d4fd
 stdlibCryptoVersion=1.1.0-beta.1-20210521-002900-bc269d5
 stdlibLogVersion=1.1.0-beta.1-20210520-193800-22c12d0
 stdlibRegexVersion=0.7.0-beta.1-20210520-193000-257850b

jwt-ballerina/client_self_signed_jwt_auth_provider.bal

@@ -30,15 +30,15 @@
 #     }
 # });
 # ```
-public class ClientSelfSignedJwtAuthProvider {
+public isolated class ClientSelfSignedJwtAuthProvider {
 
-    IssuerConfig issuerConfig;
+    private final IssuerConfig & readonly issuerConfig;
 
     # Provides authentication based on the provided JWT configurations.
     #
     # + issuerConfig - JWT issuer configurations
     public isolated function init(IssuerConfig issuerConfig) {
-        self.issuerConfig = issuerConfig;
+        self.issuerConfig = issuerConfig.cloneReadOnly();
     }
 
     # Issues a self-signed JWT for authentication.

jwt-ballerina/listener_jwt_auth_provider.bal

@@ -34,34 +34,37 @@ import ballerina/time;
 #     }
 # });
 # ```
-public class ListenerJwtAuthProvider {
+public isolated class ListenerJwtAuthProvider {
 
-    ValidatorConfig validatorConfig;
-    cache:Cache? jwtCache = ();
-    cache:Cache? jwksCache = ();
+    private final ValidatorConfig & readonly validatorConfig;
+    private final cache:Cache? jwtCache;
+    private final cache:Cache? jwksCache;
 
     # Provides authentication based on the provided JWT.
     #
     # + validatorConfig - JWT validator configurations
     public isolated function init(ValidatorConfig validatorConfig) {
-        self.validatorConfig = validatorConfig;
-        cache:CacheConfig? jwtCacheConfig = validatorConfig?.cacheConfig;
+        self.validatorConfig = validatorConfig.cloneReadOnly();
+        cache:CacheConfig? jwtCacheConfig = self.validatorConfig?.cacheConfig;
         if (jwtCacheConfig is cache:CacheConfig) {
             self.jwtCache = new(jwtCacheConfig);
+        } else {
+            self.jwtCache = ();
         }
-        var jwksConfig = validatorConfig?.signatureConfig?.jwksConfig;
+        var jwksConfig = self.validatorConfig?.signatureConfig?.jwksConfig;
         if !(jwksConfig is ()) {
-            string url = <string> jwksConfig?.url;
-            ClientConfiguration clientConfig = <ClientConfiguration> jwksConfig?.clientConfig;
+            ClientConfiguration clientConfig = jwksConfig.clientConfig;
             cache:CacheConfig? jwksCacheConfig = jwksConfig?.cacheConfig;
             if (jwksCacheConfig is cache:CacheConfig) {
                 self.jwksCache = new(jwksCacheConfig);
-                Error? result = preloadJwksToCache(<cache:Cache> (self.jwksCache), url, clientConfig);
+                Error? result = preloadJwksToCache(<cache:Cache> (self.jwksCache), jwksConfig.url, clientConfig);
                 if (result is Error) {
                     panic result;
                 }
+                return;
             }
         }
+        self.jwksCache = ();
     }
 
     # Authenticates the provided JWT.