Parser for public-keys value

[sashaCher]

Desired Outcome

There's a new Fetch*SigningKey family class FetchPublicKeysSigningKey is responsible for parsing public-keys value.

Implemented Changes

• Added new FetchPublicKeysSigningKey class parses the public-keys value
• Added new POJO class PublicSigningKey

Connected Issue/Story

ONYX-15144

Definition of Done

• Desired outcome is achieved

Changelog

• The CHANGELOG has been updated, or
• This PR does not include user-facing changes and doesn't require a
  CHANGELOG update

Test coverage

• This PR includes new unit and integration tests to go with the code
  changes, or
• The changes in this PR do not require tests

Documentation

• Docs (e.g. READMEs) were updated in this PR
• A follow-up issue to update official docs has been filed here: insert issue ID
• This PR does not require updating any documentation

Behavior

• This PR changes product behavior and has been reviewed by a PO, or
• These changes are part of a larger initiative that will be reviewed later, or
• No behavior was changed with this PR

Security

• Security architect has reviewed the changes in this PR,
• These changes are part of a larger initiative with a separate security review, or
• There are no security aspects to these changes

[tzheleznyak]

Can we move this string to const or to part of the loop down there

[sashaCher]

I'll consider to move it to the loop once will finish all use cases...

[sashaCher]

Done

[tzheleznyak]

?

[sashaCher]

Without it all ActiveModel validation exceptions will be masked by i18n exception that the file is invalid.
Adding en: to he file makes it valid and allows to receive original validation exceptions.

[sashaCher]

Actually I've found that removing the file has the same effect.
Initially all lines in file are commented out #....
So I'm removing it instead of adding en: to it...

[tzheleznyak]

It means that our automation will be dependent on the existence of this endpoint?
Its not better this thing be in integration test and with our own endpoint for it?

[sashaCher]

I guess that there're billions things depends this endpoint in the real world :-).
Let's consider UTs as not finished yet but I'm almost sure that I'll keep it because it will be a great indicator of Conjur's compatibility to the real world...

[codeclimate]

Authentication::AuthnJwt::SigningKey::PublicSigningKeys#validate_value_is_jwks calls '@value[:keys]' 2 times

[codeclimate]

Authentication::AuthnJwt::SigningKey::PublicSigningKeys assumes too much for instance variable '@value'

[codeclimate]

Authentication::AuthnJwt::SigningKey::PublicSigningKeys has missing safe method 'validate!'

[eladkug]

We have several error messages for key validation , this one is an addition ? the RFC is not to global (JSON Web Key (JWK))?

[sashaCher]

The validations only for public-keys use case where the value is came from customer and is not fetched directly from keys provider

[tzheleznyak]

Can "the value is not in valid JSON format" be moved to errors.rb

[sashaCher]

Errors at the moment contains only exceptions
It's a variable part of general InvalidPublicKeys exception text...

[tzheleznyak]

LGTM

[tzheleznyak]

LGTM

[codeclimate]

Code Climate has analyzed commit 22cd7a2 and detected 3 issues on this pull request.

Here's the issue category breakdown:

Category	Count
Complexity	3

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 90.9% (0.0% change).

View more on Code Climate.