admin/cmc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

27. JWT Token Provider - Part 2 (#2)

Browse Source
This commit is contained in:
Art
2021-09-04 17:32:27 +03:00
parent 8f892c5358
commit c9f2a8390a
1 changed files with 37 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
support-portal-backend/src/main/java/net/shyshkin/study/fullstack/supportportal/backend/utility/JwtTokenProvider.java
View File

@ -1,11 +1,18 @@
package net.shyshkin.study.fullstack.supportportal.backend.utility; package net.shyshkin.study.fullstack.supportportal.backend.utility;
import com.auth0.jwt.JWT; import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm; import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.JWTVerificationException;
import net.shyshkin.study.fullstack.supportportal.backend.domain.UserPrincipal; import net.shyshkin.study.fullstack.supportportal.backend.domain.UserPrincipal;
import org.springframework.beans.factory.annotation.Value; import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import java.util.Arrays;
import java.util.Date; import java.util.Date;
import java.util.List;
import java.util.stream.Collectors;
import static net.shyshkin.study.fullstack.supportportal.backend.constant.SecurityConstants.*; import static net.shyshkin.study.fullstack.supportportal.backend.constant.SecurityConstants.*;
@ -26,7 +33,36 @@ public class JwtTokenProvider {
.sign(Algorithm.HMAC512(secret)); .sign(Algorithm.HMAC512(secret));
} }
public List<GrantedAuthority> getAuthorities(String token) {
String[] claims = getClaimsFromToken(token);
return Arrays.stream(claims)
.map(SimpleGrantedAuthority::new)
.collect(Collectors.toList());
}
private String[] getClaimsFromToken(String token) {
JWTVerifier verifier = getJwtVerifier();
try {
return verifier.verify(token)
.getClaim(AUTHORITIES)
.asArray(String.class);
} catch (JWTVerificationException exception) {
throw new JWTVerificationException(ACCESS_DENIED_MESSAGE);
}
}
private JWTVerifier getJwtVerifier() {
Algorithm algorithm = Algorithm.HMAC256(secret);
return JWT.require(algorithm)
.withIssuer(GET_ARRAYS_LLC)
.build(); //Reusable verifier instance
}
private String[] getClaimsFromUser(UserPrincipal userPrincipal) { private String[] getClaimsFromUser(UserPrincipal userPrincipal) {
return new String[0]; return userPrincipal.getAuthorities()
.stream()
.map(GrantedAuthority::getAuthority)
.toArray(String[]::new);
} }
} }