From 437f808c0ecd0e757f0abd4c05d1f227bc68c70d Mon Sep 17 00:00:00 2001
From: heutelbeck <dheutelbeck@ftk.de>
Date: Tue, 18 Feb 2020 13:10:18 +0100
Subject: [PATCH 1/6] adding version declaration to compiler plugin

---
 pom.xml | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/pom.xml b/pom.xml
index 8bfb64c..26b8f95 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1,5 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
 	<modelVersion>4.0.0</modelVersion>
 
 	<groupId>edu.uoc.elc.lti</groupId>
@@ -56,11 +58,12 @@
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-compiler-plugin</artifactId>
+				<version>3.8.1</version>
 				<configuration>
 					<source>1.8</source>
 					<target>1.8</target>
 				</configuration>
 			</plugin>
 		</plugins>
-	</build>	
+	</build>
 </project>

From 9fa0f2600fb75ddae361d66753128977a4c9be74 Mon Sep 17 00:00:00 2001
From: heutelbeck <dheutelbeck@ftk.de>
Date: Tue, 18 Feb 2020 13:10:28 +0100
Subject: [PATCH 2/6] cleanup of imports

---
 src/main/java/edu/uoc/lti/jwt/AlgorithmFactory.java      | 8 ++++----
 src/main/java/edu/uoc/lti/jwt/LtiSigningKeyResolver.java | 9 +++++----
 .../java/edu/uoc/lti/jwt/claims/JWSClaimAccessor.java    | 4 ++--
 .../lti/jwt/client/JWSClientCredentialsTokenBuilder.java | 5 ++---
 .../java/edu/uoc/lti/jwt/deeplink/JWSTokenBuilder.java   | 6 +++---
 5 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/src/main/java/edu/uoc/lti/jwt/AlgorithmFactory.java b/src/main/java/edu/uoc/lti/jwt/AlgorithmFactory.java
index 481d877..28509b9 100644
--- a/src/main/java/edu/uoc/lti/jwt/AlgorithmFactory.java
+++ b/src/main/java/edu/uoc/lti/jwt/AlgorithmFactory.java
@@ -1,9 +1,5 @@
 package edu.uoc.lti.jwt;
 
-import lombok.Getter;
-import sun.security.util.DerInputStream;
-import sun.security.util.DerValue;
-
 import java.io.IOException;
 import java.math.BigInteger;
 import java.security.GeneralSecurityException;
@@ -14,6 +10,10 @@
 import java.security.spec.X509EncodedKeySpec;
 import java.util.Base64;
 
+import lombok.Getter;
+import sun.security.util.DerInputStream;
+import sun.security.util.DerValue;
+
 /**
  * @author xaracil@uoc.edu
  */
diff --git a/src/main/java/edu/uoc/lti/jwt/LtiSigningKeyResolver.java b/src/main/java/edu/uoc/lti/jwt/LtiSigningKeyResolver.java
index ab1cb6b..3afe5f8 100644
--- a/src/main/java/edu/uoc/lti/jwt/LtiSigningKeyResolver.java
+++ b/src/main/java/edu/uoc/lti/jwt/LtiSigningKeyResolver.java
@@ -1,18 +1,19 @@
 package edu.uoc.lti.jwt;
 
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.security.Key;
+
 import com.auth0.jwk.Jwk;
 import com.auth0.jwk.JwkException;
 import com.auth0.jwk.JwkProvider;
 import com.auth0.jwk.UrlJwkProvider;
+
 import io.jsonwebtoken.Claims;
 import io.jsonwebtoken.JwsHeader;
 import io.jsonwebtoken.SigningKeyResolverAdapter;
 import lombok.RequiredArgsConstructor;
 
-import java.net.MalformedURLException;
-import java.net.URL;
-import java.security.Key;
-
 /**
  * @author xaracil@uoc.edu
  */
diff --git a/src/main/java/edu/uoc/lti/jwt/claims/JWSClaimAccessor.java b/src/main/java/edu/uoc/lti/jwt/claims/JWSClaimAccessor.java
index 062b36e..e991393 100644
--- a/src/main/java/edu/uoc/lti/jwt/claims/JWSClaimAccessor.java
+++ b/src/main/java/edu/uoc/lti/jwt/claims/JWSClaimAccessor.java
@@ -1,5 +1,7 @@
 package edu.uoc.lti.jwt.claims;
 
+import java.util.Date;
+
 import com.fasterxml.jackson.databind.ObjectMapper;
 
 import edu.uoc.lti.claims.ClaimAccessor;
@@ -9,8 +11,6 @@
 import io.jsonwebtoken.Jws;
 import io.jsonwebtoken.Jwts;
 
-import java.util.Date;
-
 /**
  * @author xaracil@uoc.edu
  */
diff --git a/src/main/java/edu/uoc/lti/jwt/client/JWSClientCredentialsTokenBuilder.java b/src/main/java/edu/uoc/lti/jwt/client/JWSClientCredentialsTokenBuilder.java
index ee27159..1dc5204 100644
--- a/src/main/java/edu/uoc/lti/jwt/client/JWSClientCredentialsTokenBuilder.java
+++ b/src/main/java/edu/uoc/lti/jwt/client/JWSClientCredentialsTokenBuilder.java
@@ -1,14 +1,13 @@
 package edu.uoc.lti.jwt.client;
 
-import io.jsonwebtoken.Jwts;
-import lombok.RequiredArgsConstructor;
-
 import java.util.Date;
 import java.util.UUID;
 
 import edu.uoc.lti.clientcredentials.ClientCredentialsRequest;
 import edu.uoc.lti.clientcredentials.ClientCredentialsTokenBuilder;
 import edu.uoc.lti.jwt.AlgorithmFactory;
+import io.jsonwebtoken.Jwts;
+import lombok.RequiredArgsConstructor;
 
 /**
  * @author xaracil@uoc.edu
diff --git a/src/main/java/edu/uoc/lti/jwt/deeplink/JWSTokenBuilder.java b/src/main/java/edu/uoc/lti/jwt/deeplink/JWSTokenBuilder.java
index b315528..bea8e35 100644
--- a/src/main/java/edu/uoc/lti/jwt/deeplink/JWSTokenBuilder.java
+++ b/src/main/java/edu/uoc/lti/jwt/deeplink/JWSTokenBuilder.java
@@ -1,16 +1,16 @@
 package edu.uoc.lti.jwt.deeplink;
 
+import java.util.Date;
+
+import edu.uoc.lti.ResponseMessageTypeEnum;
 import edu.uoc.lti.claims.ClaimsEnum;
 import edu.uoc.lti.deeplink.DeepLinkingResponse;
 import edu.uoc.lti.deeplink.DeepLinkingTokenBuilder;
 import edu.uoc.lti.jwt.AlgorithmFactory;
-import edu.uoc.lti.ResponseMessageTypeEnum;
 import io.jsonwebtoken.JwtBuilder;
 import io.jsonwebtoken.Jwts;
 import lombok.RequiredArgsConstructor;
 
-import java.util.Date;
-
 /**
  * @author xaracil@uoc.edu
  */

From a9ae21b72bd0cd2d084d14bd64b1a5c45b1092ed Mon Sep 17 00:00:00 2001
From: heutelbeck <dheutelbeck@ftk.de>
Date: Wed, 26 Feb 2020 20:35:22 +0100
Subject: [PATCH 3/6] Cleanup of Lombok use and logging

---
 .../edu/uoc/lti/jwt/AlgorithmFactory.java     | 119 +++++++++---------
 .../uoc/lti/jwt/LtiSigningKeyResolver.java    |  88 ++++++-------
 2 files changed, 104 insertions(+), 103 deletions(-)

diff --git a/src/main/java/edu/uoc/lti/jwt/AlgorithmFactory.java b/src/main/java/edu/uoc/lti/jwt/AlgorithmFactory.java
index 28509b9..3ab62d8 100644
--- a/src/main/java/edu/uoc/lti/jwt/AlgorithmFactory.java
+++ b/src/main/java/edu/uoc/lti/jwt/AlgorithmFactory.java
@@ -1,59 +1,60 @@
-package edu.uoc.lti.jwt;
-
-import java.io.IOException;
-import java.math.BigInteger;
-import java.security.GeneralSecurityException;
-import java.security.KeyFactory;
-import java.security.interfaces.RSAPrivateKey;
-import java.security.interfaces.RSAPublicKey;
-import java.security.spec.RSAPrivateCrtKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-import java.util.Base64;
-
-import lombok.Getter;
-import sun.security.util.DerInputStream;
-import sun.security.util.DerValue;
-
-/**
- * @author xaracil@uoc.edu
- */
-public class AlgorithmFactory {
-	private final RSAPublicKey publicKey;
-	@Getter
-	private final RSAPrivateKey privateKey;
-
-	public AlgorithmFactory(String publicKey, String privateKey) {
-		KeyFactory kf;
-		try {
-			kf = KeyFactory.getInstance("RSA");
-			byte[] encodedPb = Base64.getDecoder().decode(publicKey);
-			X509EncodedKeySpec keySpecPb = new X509EncodedKeySpec(encodedPb);
-			this.publicKey = (RSAPublicKey) kf.generatePublic(keySpecPb);
-
-			DerInputStream derReader = new DerInputStream(Base64.getDecoder().decode(privateKey));
-
-			DerValue[] seq = derReader.getSequence(0);
-
-			if (seq.length < 9) {
-				throw new GeneralSecurityException("Could not parse a PKCS1 private key.");
-			}
-
-			// skip version seq[0];
-			BigInteger modulus = seq[1].getBigInteger();
-			BigInteger publicExp = seq[2].getBigInteger();
-			BigInteger privateExp = seq[3].getBigInteger();
-			BigInteger prime1 = seq[4].getBigInteger();
-			BigInteger prime2 = seq[5].getBigInteger();
-			BigInteger exp1 = seq[6].getBigInteger();
-			BigInteger exp2 = seq[7].getBigInteger();
-			BigInteger crtCoef = seq[8].getBigInteger();
-
-			RSAPrivateCrtKeySpec keySpecPv = new RSAPrivateCrtKeySpec(modulus, publicExp, privateExp, prime1, prime2, exp1, exp2, crtCoef);
-
-			this.privateKey = (RSAPrivateKey) kf.generatePrivate(keySpecPv);
-
-		} catch (GeneralSecurityException | IOException e) {
-			throw new BadToolProviderConfigurationException(e);
-		}
-	}
-}
+package edu.uoc.lti.jwt;
+
+import java.io.IOException;
+import java.math.BigInteger;
+import java.security.GeneralSecurityException;
+import java.security.KeyFactory;
+import java.security.interfaces.RSAPrivateKey;
+import java.security.interfaces.RSAPublicKey;
+import java.security.spec.RSAPrivateCrtKeySpec;
+import java.security.spec.X509EncodedKeySpec;
+import java.util.Base64;
+
+import lombok.Getter;
+import sun.security.util.DerInputStream;
+import sun.security.util.DerValue;
+
+/**
+ * @author xaracil@uoc.edu
+ */
+@Getter
+public class AlgorithmFactory {
+	private final RSAPublicKey publicKey;
+	private final RSAPrivateKey privateKey;
+
+	public AlgorithmFactory(String publicKey, String privateKey) {
+		KeyFactory kf;
+		try {
+			kf = KeyFactory.getInstance("RSA");
+			byte[] encodedPb = Base64.getDecoder().decode(publicKey);
+			X509EncodedKeySpec keySpecPb = new X509EncodedKeySpec(encodedPb);
+			this.publicKey = (RSAPublicKey) kf.generatePublic(keySpecPb);
+
+			DerInputStream derReader = new DerInputStream(Base64.getDecoder().decode(privateKey));
+
+			DerValue[] seq = derReader.getSequence(0);
+
+			if (seq.length < 9) {
+				throw new GeneralSecurityException("Could not parse a PKCS1 private key.");
+			}
+
+			// skip version seq[0];
+			BigInteger modulus = seq[1].getBigInteger();
+			BigInteger publicExp = seq[2].getBigInteger();
+			BigInteger privateExp = seq[3].getBigInteger();
+			BigInteger prime1 = seq[4].getBigInteger();
+			BigInteger prime2 = seq[5].getBigInteger();
+			BigInteger exp1 = seq[6].getBigInteger();
+			BigInteger exp2 = seq[7].getBigInteger();
+			BigInteger crtCoef = seq[8].getBigInteger();
+
+			RSAPrivateCrtKeySpec keySpecPv = new RSAPrivateCrtKeySpec(modulus, publicExp, privateExp, prime1, prime2,
+					exp1, exp2, crtCoef);
+
+			this.privateKey = (RSAPrivateKey) kf.generatePrivate(keySpecPv);
+
+		} catch (GeneralSecurityException | IOException e) {
+			throw new BadToolProviderConfigurationException(e);
+		}
+	}
+}
diff --git a/src/main/java/edu/uoc/lti/jwt/LtiSigningKeyResolver.java b/src/main/java/edu/uoc/lti/jwt/LtiSigningKeyResolver.java
index 3afe5f8..68f0cd7 100644
--- a/src/main/java/edu/uoc/lti/jwt/LtiSigningKeyResolver.java
+++ b/src/main/java/edu/uoc/lti/jwt/LtiSigningKeyResolver.java
@@ -1,44 +1,44 @@
-package edu.uoc.lti.jwt;
-
-import java.net.MalformedURLException;
-import java.net.URL;
-import java.security.Key;
-
-import com.auth0.jwk.Jwk;
-import com.auth0.jwk.JwkException;
-import com.auth0.jwk.JwkProvider;
-import com.auth0.jwk.UrlJwkProvider;
-
-import io.jsonwebtoken.Claims;
-import io.jsonwebtoken.JwsHeader;
-import io.jsonwebtoken.SigningKeyResolverAdapter;
-import lombok.RequiredArgsConstructor;
-
-/**
- * @author xaracil@uoc.edu
- */
-@RequiredArgsConstructor
-public class LtiSigningKeyResolver extends SigningKeyResolverAdapter  {
-	private final String keysetUrl;
-
-	@Override
-	public Key resolveSigningKey(JwsHeader header, Claims claims) {
-		String keyId = header.getKeyId();
-
-		if (keyId == null) {
-			return null;
-		}
-
-		Key key = null;
-		try {
-			JwkProvider provider = new UrlJwkProvider(new URL(keysetUrl));
-			Jwk jwk = provider.get(keyId);
-			key = jwk.getPublicKey();
-		} catch (MalformedURLException e) {
-			e.printStackTrace();
-		} catch (JwkException e) {
-			e.printStackTrace();
-		}
-		return key;
-	}
-}
+package edu.uoc.lti.jwt;
+
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.security.Key;
+
+import com.auth0.jwk.Jwk;
+import com.auth0.jwk.JwkException;
+import com.auth0.jwk.JwkProvider;
+import com.auth0.jwk.UrlJwkProvider;
+
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.JwsHeader;
+import io.jsonwebtoken.SigningKeyResolverAdapter;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.java.Log;
+
+/**
+ * @author xaracil@uoc.edu
+ */
+@Log
+@RequiredArgsConstructor
+public class LtiSigningKeyResolver extends SigningKeyResolverAdapter {
+	private final String keysetUrl;
+
+	@Override
+	public Key resolveSigningKey(JwsHeader header, Claims claims) {
+		String keyId = header.getKeyId();
+
+		if (keyId == null) {
+			return null;
+		}
+
+		Key key = null;
+		try {
+			JwkProvider provider = new UrlJwkProvider(new URL(keysetUrl));
+			Jwk jwk = provider.get(keyId);
+			key = jwk.getPublicKey();
+		} catch (MalformedURLException | JwkException e) {
+			log.warning("Signing key cannot be resolved: " + e.getMessage());
+		}
+		return key;
+	}
+}

From 76dfd7c93aa2fc6b12777e08b3264a1dd4aadf20 Mon Sep 17 00:00:00 2001
From: heutelbeck <dheutelbeck@ftk.de>
Date: Wed, 26 Feb 2020 20:48:50 +0100
Subject: [PATCH 4/6] fixed regression. bad lombok version

---
 pom.xml | 138 ++++++++++++++++++++++++++++----------------------------
 1 file changed, 69 insertions(+), 69 deletions(-)

diff --git a/pom.xml b/pom.xml
index 26b8f95..ce9e39e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1,69 +1,69 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0"
-	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
-	<modelVersion>4.0.0</modelVersion>
-
-	<groupId>edu.uoc.elc.lti</groupId>
-	<artifactId>lti-1.3-jwt</artifactId>
-	<version>0.0.2</version>
-	<packaging>jar</packaging>
-
-	<name>lti-1.3-jwt</name>
-	<description>Library with JWT implementations of LTI's JWT interfaces</description>
-
-	<properties>
-		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-		<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
-		<java.version>1.8</java.version>
-	</properties>
-
-	<dependencies>
-		<dependency>
-			<groupId>edu.uoc.elc.lti</groupId>
-			<artifactId>lti-1.3-core</artifactId>
-			<version>0.0.2</version>
-		</dependency>
-		<dependency>
-			<groupId>com.auth0</groupId>
-			<artifactId>jwks-rsa</artifactId>
-			<version>0.6.1</version>
-		</dependency>
-		<dependency>
-			<groupId>io.jsonwebtoken</groupId>
-			<artifactId>jjwt-api</artifactId>
-			<version>0.10.5</version>
-		</dependency>
-		<dependency>
-			<groupId>io.jsonwebtoken</groupId>
-			<artifactId>jjwt-impl</artifactId>
-			<version>0.10.5</version>
-			<scope>compile</scope>
-		</dependency>
-		<dependency>
-			<groupId>io.jsonwebtoken</groupId>
-			<artifactId>jjwt-jackson</artifactId>
-			<version>0.10.5</version>
-			<scope>compile</scope>
-		</dependency>
-		<dependency>
-			<groupId>org.projectlombok</groupId>
-			<artifactId>lombok</artifactId>
-			<version>1.16.10</version>
-			<scope>provided</scope>
-		</dependency>
-	</dependencies>
-	<build>
-		<plugins>
-			<plugin>
-				<groupId>org.apache.maven.plugins</groupId>
-				<artifactId>maven-compiler-plugin</artifactId>
-				<version>3.8.1</version>
-				<configuration>
-					<source>1.8</source>
-					<target>1.8</target>
-				</configuration>
-			</plugin>
-		</plugins>
-	</build>
-</project>
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+
+	<groupId>edu.uoc.elc.lti</groupId>
+	<artifactId>lti-1.3-jwt</artifactId>
+	<version>0.0.2</version>
+	<packaging>jar</packaging>
+
+	<name>lti-1.3-jwt</name>
+	<description>Library with JWT implementations of LTI's JWT interfaces</description>
+
+	<properties>
+		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+		<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
+		<java.version>1.8</java.version>
+	</properties>
+
+	<dependencies>
+		<dependency>
+			<groupId>edu.uoc.elc.lti</groupId>
+			<artifactId>lti-1.3-core</artifactId>
+			<version>0.0.2</version>
+		</dependency>
+		<dependency>
+			<groupId>com.auth0</groupId>
+			<artifactId>jwks-rsa</artifactId>
+			<version>0.6.1</version>
+		</dependency>
+		<dependency>
+			<groupId>io.jsonwebtoken</groupId>
+			<artifactId>jjwt-api</artifactId>
+			<version>0.10.5</version>
+		</dependency>
+		<dependency>
+			<groupId>io.jsonwebtoken</groupId>
+			<artifactId>jjwt-impl</artifactId>
+			<version>0.10.5</version>
+			<scope>compile</scope>
+		</dependency>
+		<dependency>
+			<groupId>io.jsonwebtoken</groupId>
+			<artifactId>jjwt-jackson</artifactId>
+			<version>0.10.5</version>
+			<scope>compile</scope>
+		</dependency>
+		<dependency>
+			<groupId>org.projectlombok</groupId>
+			<artifactId>lombok</artifactId>
+			<version>1.18.12</version>
+			<scope>provided</scope>
+		</dependency>
+	</dependencies>
+	<build>
+		<plugins>
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-compiler-plugin</artifactId>
+				<version>3.8.1</version>
+				<configuration>
+					<source>1.8</source>
+					<target>1.8</target>
+				</configuration>
+			</plugin>
+		</plugins>
+	</build>
+</project>

From 90caafea08364831c532a17cf77d8295187e0c5f Mon Sep 17 00:00:00 2001
From: heutelbeck <dheutelbeck@ftk.de>
Date: Wed, 26 Feb 2020 21:11:21 +0100
Subject: [PATCH 5/6] fixed configuration of JDK selection

---
 pom.xml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pom.xml b/pom.xml
index ce9e39e..a52a4d8 100644
--- a/pom.xml
+++ b/pom.xml
@@ -60,8 +60,8 @@
 				<artifactId>maven-compiler-plugin</artifactId>
 				<version>3.8.1</version>
 				<configuration>
-					<source>1.8</source>
-					<target>1.8</target>
+					<source>${java.version}</source>
+					<source>${java.version}</source>
 				</configuration>
 			</plugin>
 		</plugins>

From 98f5c49802f46f6fd74c30bc5c2ac21defdb545f Mon Sep 17 00:00:00 2001
From: heutelbeck <dheutelbeck@ftk.de>
Date: Wed, 26 Feb 2020 21:16:17 +0100
Subject: [PATCH 6/6] pom fixed

---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index a52a4d8..1c2f85d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -61,7 +61,7 @@
 				<version>3.8.1</version>
 				<configuration>
 					<source>${java.version}</source>
-					<source>${java.version}</source>
+					<target>${java.version}</target>
 				</configuration>
 			</plugin>
 		</plugins>