Make role mapping more generic

extensions/smallrye-jwt/deployment/src/main/java/io/quarkus/smallrye/jwt/deployment/SmallRyeJwtProcessor.java

@@ -68,8 +68,6 @@ void registerAdditionalBeans(BuildProducer<AdditionalBeanBuildItem> additionalBe
             unremovable.addBeanClass(MpJwtValidator.class);
             unremovable.addBeanClass(JWTAuthMechanism.class);
             unremovable.addBeanClass(ClaimValueProducer.class);
-            unremovable.addBeanClass(JwtRolesMapper.class);
-            unremovable.addBeanClass(JwtParser.class);
             additionalBeans.produce(unremovable.build());
         }
         AdditionalBeanBuildItem.Builder removable = AdditionalBeanBuildItem.builder();
@@ -79,9 +77,9 @@ void registerAdditionalBeans(BuildProducer<AdditionalBeanBuildItem> additionalBe
         removable.addBeanClass(JsonValueProducer.class);
         removable.addBeanClass(JwtPrincipalProducer.class);
         removable.addBeanClass(JwtTokenUtils.class);
-        removable.addBeanClass(Claim.class);
         removable.addBeanClass(DefaultJwtParser.class);
         removable.addBeanClass(DefaultJwtRolesMapper.class);
+        removable.addBeanClass(Claim.class);
         additionalBeans.produce(removable.build());
 
         reflectiveClasses.produce(new ReflectiveClassBuildItem(true, true, SignatureAlgorithm.class));

extensions/smallrye-jwt/deployment/src/test/java/io/quarkus/jwt/test/PrimitiveInjectionUnitTest.java

@@ -1,7 +1,13 @@
 package io.quarkus.jwt.test;
 
-import io.quarkus.test.QuarkusUnitTest;
-import io.restassured.RestAssured;
+import java.io.StringReader;
+import java.net.HttpURLConnection;
+import java.util.HashMap;
+
+import javax.json.Json;
+import javax.json.JsonObject;
+import javax.json.JsonReader;
+
 import org.eclipse.microprofile.jwt.Claims;
 import org.jboss.shrinkwrap.api.ShrinkWrap;
 import org.jboss.shrinkwrap.api.spec.JavaArchive;
@@ -10,12 +16,8 @@
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.RegisterExtension;
 
-import javax.json.Json;
-import javax.json.JsonObject;
-import javax.json.JsonReader;
-import java.io.StringReader;
-import java.net.HttpURLConnection;
-import java.util.HashMap;
+import io.quarkus.test.QuarkusUnitTest;
+import io.restassured.RestAssured;
 
 /**
  * Tests that claims can be injected as primitive types into @RequestScoped beans

extensions/smallrye-jwt/deployment/src/test/java/io/quarkus/jwt/test/TokenRealmUnitTest.java

@@ -6,7 +6,6 @@
 import java.security.PrivateKey;
 import java.security.PublicKey;
 import java.security.interfaces.RSAPublicKey;
-import java.util.concurrent.Executor;
 
 import org.junit.jupiter.api.Assertions;
 import org.junit.jupiter.api.Test;

extensions/smallrye-jwt/runtime/src/main/java/io/quarkus/smallrye/jwt/runtime/auth/DefaultJwtParser.java

@@ -1,15 +1,15 @@
 package io.quarkus.smallrye.jwt.runtime.auth;
 
 import javax.enterprise.context.ApplicationScoped;
-import javax.enterprise.inject.Default;
 
 import org.jose4j.jwt.consumer.JwtContext;
 
+import io.quarkus.arc.DefaultBean;
 import io.smallrye.jwt.auth.principal.DefaultJWTTokenParser;
 import io.smallrye.jwt.auth.principal.JWTAuthContextInfo;
 import io.smallrye.jwt.auth.principal.ParseException;
 
-@Default
+@DefaultBean
 @ApplicationScoped
 public class DefaultJwtParser implements JwtParser {
     private final DefaultJWTTokenParser parser = new DefaultJWTTokenParser();

extensions/smallrye-jwt/runtime/src/main/java/io/quarkus/smallrye/jwt/runtime/auth/DefaultJwtRolesMapper.java

@@ -1,25 +1,20 @@
 package io.quarkus.smallrye.jwt.runtime.auth;
 
 import java.util.HashSet;
-import java.util.List;
 
 import javax.enterprise.context.ApplicationScoped;
-import javax.enterprise.inject.Default;
 
-@Default
+import org.jose4j.jwt.JwtClaims;
+import org.jose4j.jwt.MalformedClaimException;
+
+import io.quarkus.arc.DefaultBean;
+
+@DefaultBean
 @ApplicationScoped
 public class DefaultJwtRolesMapper implements JwtRolesMapper {
-    @Override
-    public HashSet<String> mapGroupsAndRoles(List<String> groups, List<String> roles) {
-        HashSet<String> groupsAndRoles = new HashSet<>();
 
-        if (groups != null) {
-            groupsAndRoles.addAll(groups);
-        }
-        if (roles != null) {
-            groupsAndRoles.addAll(roles);
-        }
-
-        return groupsAndRoles;
+    @Override
+    public HashSet<String> mapGroupsAndRoles(JwtClaims claims) throws MalformedClaimException {
+        return new HashSet<>(claims.getStringListClaimValue("groups"));
     }
 }

extensions/smallrye-jwt/runtime/src/main/java/io/quarkus/smallrye/jwt/runtime/auth/JwtRolesMapper.java

@@ -1,8 +1,10 @@
 package io.quarkus.smallrye.jwt.runtime.auth;
 
 import java.util.HashSet;
-import java.util.List;
+
+import org.jose4j.jwt.JwtClaims;
+import org.jose4j.jwt.MalformedClaimException;
 
 public interface JwtRolesMapper {
-    HashSet<String> mapGroupsAndRoles(List<String> groups, List<String> roles);
+    HashSet<String> mapGroupsAndRoles(JwtClaims claims) throws MalformedClaimException;
 }

extensions/smallrye-jwt/runtime/src/main/java/io/quarkus/smallrye/jwt/runtime/auth/MpJwtValidator.java

@@ -1,6 +1,5 @@
 package io.quarkus.smallrye.jwt.runtime.auth;
 
-import java.util.HashSet;
 import java.util.concurrent.CompletableFuture;
 import java.util.concurrent.CompletionStage;
 
@@ -60,12 +59,9 @@ public CompletionStage<SecurityIdentity> authenticate(TokenAuthenticationRequest
                 }
             }
             QuarkusJwtCallerPrincipal principal = new QuarkusJwtCallerPrincipal(name, claims);
-            HashSet<String> roles = jwtRolesMapper.mapGroupsAndRoles(
-                    claims.getStringListClaimValue("groups"),
-                    claims.getStringListClaimValue("roles"));
             return CompletableFuture
                     .completedFuture(QuarkusSecurityIdentity.builder().setPrincipal(principal)
-                            .addRoles(roles)
+                            .addRoles(jwtRolesMapper.mapGroupsAndRoles(claims))
                             .addAttribute(SecurityIdentity.USER_ATTRIBUTE, principal).build());
 
         } catch (ParseException | MalformedClaimException e) {