podaac · frankinspace · Jun 27, 2024 · Jun 4, 2024 · Jun 4, 2024 · Jun 4, 2024
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -25,7 +25,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Fixed
      - Cache Fix + Invalidate Change (#40)
 
-
 ## [1.1.0]
 
 ### Added

diff --git a/build.gradle b/build.gradle
@@ -8,7 +8,7 @@ plugins {
 }
 
 group = 'gov.nasa.podaac.swodlr'
-version = '1.2.0'
+version = '1.3.0-alpha3'
 sourceCompatibility = '17'
 
 repositories {

diff --git a/bumpver.toml b/bumpver.toml
@@ -1,5 +1,5 @@
 [bumpver]
-current_version = "1.2.0"
+current_version = "1.3.0-alpha3"
 version_pattern = "MAJOR.MINOR.PATCH[-TAGNUM]"
 commit = true
 tag = true

diff --git a/src/main/java/gov/nasa/podaac/swodlr/security/SwodlrSecurityProperties.java b/src/main/java/gov/nasa/podaac/swodlr/security/SwodlrSecurityProperties.java
@@ -17,6 +17,7 @@ public class SwodlrSecurityProperties {
   private final JWEDecrypter decrypter;
   private final Duration sessionLength;
   private final String edlBaseUrl;
+  private final String edlJwksPath;
   private final String edlClientId;
   private final String edlClientSecret;
 
@@ -31,6 +32,7 @@ public SwodlrSecurityProperties(
       String sessionEncryptionKey,
       Duration sessionLength,
       String edlBaseUrl,
+      String edlJwksPath,
       String edlClientId,
       String edlClientSecret
   ) {
@@ -49,6 +51,7 @@ public SwodlrSecurityProperties(
 
     this.sessionLength = sessionLength;
     this.edlBaseUrl = edlBaseUrl;
+    this.edlJwksPath = edlJwksPath;
     this.edlClientId = edlClientId;
     this.edlClientSecret = edlClientSecret;
   }
@@ -69,6 +72,10 @@ public String edlBaseUrl() {
     return edlBaseUrl;
   }
 
+  public String edlJwksPath() {
+    return edlJwksPath;
+  }
+
   public String edlClientId() {
     return edlClientId;
   }

diff --git a/src/main/java/gov/nasa/podaac/swodlr/security/config/WebSecurityConfig.java b/src/main/java/gov/nasa/podaac/swodlr/security/config/WebSecurityConfig.java
@@ -36,7 +36,7 @@ public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
         .oauth2ResourceServer((resourceServer) -> {
           resourceServer.jwt((jwt) -> {
             ReactiveJwtDecoder jwtDecoder = new NimbusReactiveJwtDecoder(
-                securityProperties.edlBaseUrl() + "/export_edl_jwks"
+                securityProperties.edlBaseUrl() + securityProperties.edlJwksPath()
             );
 
             jwt

diff --git a/terraform/app.tf b/terraform/app.tf
@@ -152,12 +152,18 @@ resource "aws_ssm_parameter" "app_db_password" {
   value = aws_ssm_parameter.db_app_password.value
 }
 
-resource "aws_ssm_parameter" "app_edl_base_path" {
+resource "aws_ssm_parameter" "app_edl_base_url" {
   name = "${local.app_path}/swodlr.security.edl-base-url"
   type = "String"
   value = var.edl_base_url
 }
 
+resource "aws_ssm_parameter" "app_edl_jwks_path" {
+  name = "${local.app_path}/swodlr.security.edl-jwks-path"
+  type = "String"
+  value = var.edl_jwks_path
+}
+
 resource "aws_ssm_parameter" "app_edl_client_id" {
   name = "${local.app_path}/swodlr.security.edl-client-id"
   type = "String"

diff --git a/terraform/environments/ops.env b/terraform/environments/ops.env
@@ -3,4 +3,5 @@ export BUCKET=podaac-services-ops-terraform
 
 export TF_VAR_container_image_tag=main
 export TF_VAR_active_profiles="[\"\"]"
-export TF_VAR_tea_mapping="{\"podaac-swot-ops-swodlr-protected\"=\"archive.swot.podaac.earthdata.nasa.gov\"}"
+export TF_VAR_tea_mapping="{\"podaac-swot-ops-swodlr-protected\"=\"archive.swot.podaac.earthdata.nasa.gov\"}"
+export TF_VAR_edl_jwks_path=".well-known/edl_ops_jwks.json"
diff --git a/terraform/environments/sit.env b/terraform/environments/sit.env
@@ -4,3 +4,4 @@ export BUCKET=podaac-services-sit-terraform
 export TF_VAR_container_image_tag=develop
 export TF_VAR_active_profiles="[\"dev\"]"
 export TF_VAR_tea_mapping="{\"podaac-swot-sit-swodlr-protected\"=\"archive.swot.podaac.sit.earthdata.nasa.gov\"}"
+export TF_VAR_edl_jwks_path=".well-known/edl_ops_jwks.json"
diff --git a/terraform/environments/uat.env b/terraform/environments/uat.env
@@ -4,3 +4,4 @@ export BUCKET=podaac-services-uat-terraform
 export TF_VAR_container_image_tag=develop
 export TF_VAR_active_profiles="[\"\"]"
 export TF_VAR_tea_mapping="{\"podaac-swot-uat-swodlr-protected\"=\"archive.swot.podaac.uat.earthdata.nasa.gov\"}"
+export TF_VAR_edl_jwks_path=".well-known/edl_ops_jwks.json"
diff --git a/terraform/variables.tf b/terraform/variables.tf
@@ -44,6 +44,10 @@ variable "edl_base_url" {
     type = string
 }
 
+variable "edl_jwks_path" {
+    type = string
+}
+
 variable "edl_client_id" {
     type = string
 }