Skip to content

Commit

Permalink
Highlight when RequestScoped must be used
Browse files Browse the repository at this point in the history
  • Loading branch information
sberyozkin committed Sep 15, 2024
1 parent 75d8c4a commit 1743603
Showing 1 changed file with 8 additions and 8 deletions.
16 changes: 8 additions & 8 deletions docs/src/main/asciidoc/security-jwt.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,6 @@ Create a REST endpoint in `src/main/java/org/acme/security/jwt/TokenSecuredResou
package org.acme.security.jwt;
import jakarta.annotation.security.PermitAll;
import jakarta.enterprise.context.RequestScoped;
import jakarta.inject.Inject;
import jakarta.ws.rs.GET;
import jakarta.ws.rs.InternalServerErrorException;
Expand Down Expand Up @@ -496,14 +495,14 @@ import org.eclipse.microprofile.jwt.Claims;
import org.eclipse.microprofile.jwt.JsonWebToken;
@Path("/secured")
@RequestScoped
@RequestScoped <1>
public class TokenSecuredResource {
@Inject
JsonWebToken jwt; // <1>
JsonWebToken jwt; // <2>
@Inject
@Claim(standard = Claims.birthdate)
String birthdate; // <2>
String birthdate; // <3>
@GET
@Path("permit-all")
Expand All @@ -526,7 +525,7 @@ public class TokenSecuredResource {
@RolesAllowed("Admin")
@Produces(MediaType.TEXT_PLAIN)
public String helloRolesAllowedAdmin(@Context SecurityContext ctx) {
return getResponseString(ctx) + ", birthdate: " + birthdate; // <3>
return getResponseString(ctx) + ", birthdate: " + birthdate; // <4>
}
private String getResponseString(SecurityContext ctx) {
Expand All @@ -550,9 +549,10 @@ public class TokenSecuredResource {
}
}
----
<1> Here we inject the JsonWebToken.
<2> Here we inject the `birthday` claim as `String` - this is why the `@RequestScoped` scope is now required.
<3> Here we use the injected `birthday` claim to build the final reply.
<1> `RequestScoped` scope is required to support an injection of the `birthday` claim as `String`.
<2> Here we inject the JsonWebToken.
<3> Here we inject the `birthday` claim as `String` - this is why the `@RequestScoped` scope is now required.
<4> Here we use the injected `birthday` claim to build the final reply.

Now generate the token again and run:

Expand Down

0 comments on commit 1743603

Please sign in to comment.