pass in both the encoded and decoded version of the JWT to retrieveUserForJWT

robotdan · robotdan · commit 76135ce73fe1 · 2025-09-01T17:59:44.000-06:00
diff --git a/build.savant b/build.savant
@@ -29,7 +29,7 @@ logbackVersion = "1.4.14"
 slf4jVersion = "2.0.13"
 testngVersion = "7.8.0"
 
-project(group: "org.primeframework", name: "prime-mvc", version: "4.35.1", licenses: ["ApacheV2_0"]) {
+project(group: "org.primeframework", name: "prime-mvc", version: "4.36.0", licenses: ["ApacheV2_0"]) {
   workflow {
     fetch {
       // Dependency resolution order:
diff --git a/src/main/java/org/primeframework/mvc/security/BaseJWTRefreshTokenCookiesUserLoginSecurityContext.java b/src/main/java/org/primeframework/mvc/security/BaseJWTRefreshTokenCookiesUserLoginSecurityContext.java
@@ -98,7 +98,7 @@ public Object getCurrentUser() {
       return null;
     }
 
-    user = retrieveUserForJWT(tokens.jwt);
+    user = retrieveUserForJWT(tokens.decodedJWT, tokens.jwt);
     if (user == null) {
       jwtCookie.delete(request, response);
     } else {
@@ -207,12 +207,13 @@ protected boolean isRevoked(@SuppressWarnings("unused") JWT jwt) {
   protected abstract String refreshTokenCookieName();
 
   /**
-   * Retrieve a user given an encoded JWT string.
+   * Retrieve a user with the encoded JWT string or the decoded JWT object.
    *
-   * @param jwt the encoded JWT string
+   * @param decodedJWT the decoded JWT object
+   * @param jwt        the encoded JWT string
    * @return a user object.
    */
-  protected abstract Object retrieveUserForJWT(String jwt);
+  protected abstract Object retrieveUserForJWT(JWT decodedJWT, String jwt);
 
   /**
    * The JWT that is passed to this method is known to be valid. The signature has been validated, and the JWT is not expired.
diff --git a/src/test/java/org/primeframework/mvc/security/MockOAuthUserLoginSecurityContext.java b/src/test/java/org/primeframework/mvc/security/MockOAuthUserLoginSecurityContext.java
@@ -20,11 +20,11 @@
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
-import java.util.UUID;
 
 import com.google.inject.Inject;
 import io.fusionauth.http.server.HTTPRequest;
 import io.fusionauth.http.server.HTTPResponse;
+import io.fusionauth.jwt.domain.JWT;
 import org.primeframework.mvc.security.oauth.OAuthConfiguration;
 import org.primeframework.mvc.security.oauth.TokenAuthenticationMethod;
 import org.primeframework.mvc.security.oauth.Tokens;
@@ -111,7 +111,7 @@ protected String refreshTokenCookieName() {
   }
 
   @Override
-  protected Object retrieveUserForJWT(String jwt) {
+  protected Object retrieveUserForJWT(JWT decodedJWT, String jwt) {
     return CurrentUser;
   }
 }

Original file line number	Diff line number	Diff line change
`@@ -20,11 +20,11 @@`
`20`	`20`	`import java.util.List;`
`21`	`21`	`import java.util.Map;`
`22`	`22`	`import java.util.Set;`
`23`		`-import java.util.UUID;`
`24`	`23`
`25`	`24`	`import com.google.inject.Inject;`
`26`	`25`	`import io.fusionauth.http.server.HTTPRequest;`
`27`	`26`	`import io.fusionauth.http.server.HTTPResponse;`
	`27`	`+import io.fusionauth.jwt.domain.JWT;`
`28`	`28`	`import org.primeframework.mvc.security.oauth.OAuthConfiguration;`
`29`	`29`	`import org.primeframework.mvc.security.oauth.TokenAuthenticationMethod;`
`30`	`30`	`import org.primeframework.mvc.security.oauth.Tokens;`
`@@ -111,7 +111,7 @@ protected String refreshTokenCookieName() {`
`111`	`111`	`}`
`112`	`112`
`113`	`113`	`@Override`
`114`		`- protected Object retrieveUserForJWT(String jwt) {`
	`114`	`+ protected Object retrieveUserForJWT(JWT decodedJWT, String jwt) {`
`115`	`115`	`return CurrentUser;`
`116`	`116`	`}`
`117`	`117`	`}`