add token.properties for issuers

Author: deedee

conf/Direct.properties

@@ -17,6 +17,7 @@ JWT_EXPIRATION_SECONDS = @JWT_EXPIRATION_SECONDS@
 LDAP_AUTH0_CONNECTION_NAME = @LDAP_AUTH0_CONNECTION_NAME@
 REDIRECT_URL_AUTH0 = /reg2/callback.action
 REG_SERVER_NAME= @REG_SERVER_NAME@
+JWT_VALID_ISSUERS=@JWT_VALID_ISSUERS@
 
 #Parameter whether we use login processor or not
 USE_LOGIN_PROCESSOR = @useLoginProcessor@

src/java/main/com/topcoder/direct/services/view/interceptors/AuthenticationInterceptor.java

@@ -292,8 +292,7 @@ public String intercept(ActionInvocation invocation) throws Exception {
 
         JWTToken jwtToken = null;
         try {
-            String[] knownIssuers = new String[]{ "https://" + DirectProperties.DOMAIN_AUTH0 };
-            jwtToken = new JWTToken(jwtCookie.getValue(),DirectProperties.CLIENT_SECRET_AUTH0, Arrays.asList(knownIssuers));
+            jwtToken = new JWTToken(jwtCookie.getValue(),DirectProperties.CLIENT_SECRET_AUTH0, DirectProperties.JWT_VALID_ISSUERS);
         } catch (TokenExpiredException e) {
             //refresh token here
             //redirect to loginpage for now

src/java/main/com/topcoder/direct/services/view/util/DirectProperties.java

@@ -138,6 +138,11 @@ public final class DirectProperties {
      */
     public static String USE_LOGIN_PROCESSOR;
 
+    /**
+     * List of known JWT issuers
+     */
+    public static String JWT_VALID_ISSUERS;
+
     /**
      * <p>
      * Initializes non-final static fields for this class with values for the same-named properties from the resource

src/java/main/com/topcoder/direct/services/view/util/jwt/JWTToken.java

@@ -74,10 +74,10 @@ public class JWTToken {
      *
      * @param token token
      * @param secret secret, if algorithm required it
-     * @param knownIssuers  list of known issuers
+     * @param knownIssuers  comma separate known issuers
      * @throws JWTException
      */
-    public JWTToken(String token, String secret, List<String> knownIssuers) throws JWTException{
+    public JWTToken(String token, String secret, String knownIssuers) throws JWTException{
         if (token == null) {
             logger.error("token can not be null");
             throw new IllegalArgumentException("token can not be null");
@@ -87,7 +87,10 @@ public JWTToken(String token, String secret, List<String> knownIssuers) throws J
             throw new IllegalArgumentException("issuers can not be null");
         }
 
-        this.knownIssuers = knownIssuers;
+        for (String issuer : knownIssuers.split("\\s*,\\s*")) {
+            this.knownIssuers.add(issuer.trim());
+        }
+
         setTokenAndSecret(token, secret);
     }
 

token.properties.docker

@@ -326,7 +326,7 @@
 @CLIENT_SECRET_AUTH0@ = ZEEIRf_aLhvbYymAMTFefoEJ_8y7ELrUaboMTmE5fQoJXEo7sxxyg8IW6gtbyKuT
 @REG_SERVER_NAME@= tc.cloud.topcoder.com
 @LDAP_AUTH0_CONNECTION_NAME@=vm-ldap-connection
-
+@JWT_VALID_ISSUERS@ = https://sma.auth0.com, https://newtc.auth0.com
 
 @ApplicationServer.SSO_COOKIE_KEY@=tcsso_vm
 @ApplicationServer.SSO_HASH_SECRET@=GKDKJF80dbdc541fe829898aa01d9e30118bab5d6b9fe94fd052a40069385f5628

token.properties.example

@@ -394,6 +394,7 @@
 @REG_SERVER_NAME@=tc.cloud.topcoder.com
 @LDAP_AUTH0_CONNECTION_NAME@=vm-ldap-connection
 @member.profile.url.base@=http://tc.cloud.topcoder.com
+@JWT_VALID_ISSUERS@ = https://sma.auth0.com, https://newtc.auth0.com
 
 @memberSearchApiUrl@=https://tc-api.cloud.topcoder.com:8443/v3/members/_suggest/
 @groupMemberSearchApiUrl@=https://cockpit.cloud.topcoder.com/direct/group/member?handle=