admin/cmc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

30. JWT Authorization Filter - Part 2 (#2)

Browse Source
This commit is contained in:
Art
2021-09-05 13:00:53 +03:00
parent 4e4548b216
commit 81fc3d5a80
1 changed files with 12 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
support-portal-backend/src/main/java/net/shyshkin/study/fullstack/supportportal/backend/filter/JwtAuthorizationFilter.java
View File

@ -5,6 +5,8 @@ import net.shyshkin.study.fullstack.supportportal.backend.constant.SecurityConst
import net.shyshkin.study.fullstack.supportportal.backend.utility.JwtTokenProvider; import net.shyshkin.study.fullstack.supportportal.backend.utility.JwtTokenProvider;
import org.springframework.http.HttpHeaders; import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod; import org.springframework.http.HttpMethod;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;
import org.springframework.web.filter.OncePerRequestFilter; import org.springframework.web.filter.OncePerRequestFilter;
import javax.servlet.FilterChain; import javax.servlet.FilterChain;
@ -13,6 +15,7 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import java.io.IOException; import java.io.IOException;
@Component
@RequiredArgsConstructor @RequiredArgsConstructor
public class JwtAuthorizationFilter extends OncePerRequestFilter { public class JwtAuthorizationFilter extends OncePerRequestFilter {
@ -23,7 +26,15 @@ public class JwtAuthorizationFilter extends OncePerRequestFilter {
if (!request.getMethod().equalsIgnoreCase(HttpMethod.OPTIONS.name())) { if (!request.getMethod().equalsIgnoreCase(HttpMethod.OPTIONS.name())) {
String authHeader = request.getHeader(HttpHeaders.AUTHORIZATION); String authHeader = request.getHeader(HttpHeaders.AUTHORIZATION);
if (authHeader != null && authHeader.startsWith(SecurityConstants.TOKEN_PREFIX)) { if (authHeader != null && authHeader.startsWith(SecurityConstants.TOKEN_PREFIX)) {
String token = authHeader.replace(SecurityConstants.TOKEN_PREFIX, "").trim();
String username = jwtTokenProvider.getSubject(token);
if (jwtTokenProvider.isTokenValid(username, token)) {
var authorities = jwtTokenProvider.getAuthorities(token);
var authentication = jwtTokenProvider.getAuthentication(username, authorities, request);
SecurityContextHolder.getContext().setAuthentication(authentication);
} else {
SecurityContextHolder.clearContext();
}
} }
} }
filterChain.doFilter(request, response); filterChain.doFilter(request, response);