forked from strimzi/strimzi-kafka-oauth
-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathJsonPathQuery.java
121 lines (112 loc) · 3.46 KB
/
JsonPathQuery.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
/*
* Copyright 2017-2021, Strimzi authors.
* License: Apache License 2.0 (see the file LICENSE or http://apache.org/licenses/LICENSE-2.0.html).
*/
package io.strimzi.kafka.oauth.jsonpath;
import com.fasterxml.jackson.databind.JsonNode;
import com.jayway.jsonpath.Configuration;
import com.jayway.jsonpath.JsonPathException;
import com.jayway.jsonpath.Option;
import com.jayway.jsonpath.ParseContext;
import com.jayway.jsonpath.spi.json.JacksonJsonNodeJsonProvider;
import com.jayway.jsonpath.spi.mapper.JacksonMappingProvider;
import static com.jayway.jsonpath.JsonPath.using;
/**
* This class implements the support for JSONPath querying as implemented by:
*
* https://github.com/json-path/JsonPath
*
* Given the following content of the JWT token:
* <pre>
* {
* "aud": ["uma_authorization", "kafka"],
* "iss": "https://auth-server/sso",
* "iat": 0,
* "exp": 600,
* "sub": "username",
* "custom": "custom-value",
* "roles": {
* "client-roles": {
* "kafka": ["kafka-user"]
* }
* },
* "custom-level": 9
* }
* </pre>
*
* Some examples of valid queries are:
*
* <pre>
* {@literal $}.custom
* {@literal $}['aud']
* {@literal $}.roles.client-roles.kafka
* {@literal $}['roles']['client-roles']['kafka']
* </pre>
*
* See <a href="https://github.com/json-path/JsonPath">Jayway JsonPath project</a> for full syntax.
* <p>
* This class takes a JSONPath expression and applies it as-is.
* <p>
* The JWT token is used in its original payload form, for example:
* <pre>
* {
* "sub": "username",
* "iss": "https://auth-server/sso",
* "custom": "custom value",
* ...
* }
* </pre>
*
* Usage:
* <pre>
* JsonPathQuery query = new JsonPathQuery("$.roles");
* JsonNode result = query.apply(jsonObject);
* </pre>
*
* Query is parsed in the first line and any error during parsing results
* in {@link JsonPathQueryException}.
*
* Matching is thread safe. The normal usage pattern is to initialise the JsonPathFilterQuery object once,
* and query it many times concurrently against json objects.
*
* In addition to filtering this helper can also be used to apply JsonPath query to extract a result containing the matching keys.
*
*/
public class JsonPathQuery {
private final Matcher matcher;
private JsonPathQuery(String query) {
Configuration conf = Configuration.builder()
.jsonProvider(new JacksonJsonNodeJsonProvider())
.mappingProvider(new JacksonMappingProvider())
.options(Option.SUPPRESS_EXCEPTIONS)
.build();
ParseContext ctx = using(conf);
try {
this.matcher = new Matcher(ctx, query, false);
} catch (JsonPathException e) {
throw new JsonPathQueryException("Failed to parse filter query: \"" + query + "\"", e);
}
}
/**
* Construct a new JsonPathQuery
*
* @param query The query using the JSONPath syntax
* @return New JsonPathQuery instance
*/
public static JsonPathQuery parse(String query) {
return new JsonPathQuery(query);
}
/**
* Apply the JsonPath query to passed object
*
* @param jsonObject Jackson DataBind object
* @return The Jackson JsonNode object with the result
*/
public JsonNode apply(JsonNode jsonObject) {
return matcher.apply(jsonObject);
}
@Override
public String toString() {
return matcher.toString();
}
}