use of com.auth0.json.mgmt.Role in project toy by gmoon92.
the class JwtUtil method decode.
public User decode(String tokenOfIncludeSchema) {
String token = obtainTokenWithoutSchema(tokenOfIncludeSchema);
verify(token);
DecodedJWT jwt = JWT.decode(token);
String username = jwt.getClaim("username").asString();
Role role = Role.valueOf(jwt.getClaim("role").asString());
return User.create(username, "", role);
}
use of com.auth0.json.mgmt.Role in project Automated-Parking-Lot by ParkingLotDevOps.
the class CustomAuthorizationFilter method doFilterInternal.
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
if (request.getServletPath().equals("/api/login") || request.getServletPath().equals("/api/user/save") || request.getServletPath().equals("/api/token/refresh")) {
filterChain.doFilter(request, response);
} else {
String authorizationHeader = request.getHeader("Authorization");
if (authorizationHeader != null && authorizationHeader.startsWith("Bearer ")) {
try {
String token = authorizationHeader.substring("Bearer ".length());
// TODO : de mutat in fisier de configurare
Algorithm algorithm = Algorithm.HMAC256("secret".getBytes());
JWTVerifier verifier = JWT.require(algorithm).build();
DecodedJWT decodedJWT = verifier.verify(token);
String username = decodedJWT.getSubject();
String[] roles = decodedJWT.getClaim("roles").asArray(String.class);
Collection<SimpleGrantedAuthority> authorities = new ArrayList<>();
stream(roles).forEach(role -> {
authorities.add(new SimpleGrantedAuthority(role));
});
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username, null, authorities);
SecurityContextHolder.getContext().setAuthentication(authenticationToken);
filterChain.doFilter(request, response);
} catch (Exception exception) {
log.error("Error logginn in : {}", exception.getMessage());
response.setHeader("error", exception.getMessage());
response.setStatus(403);
Map<String, String> error = new HashMap<>();
error.put("error", exception.getMessage());
response.setContentType("application/json");
new ObjectMapper().writeValue(response.getOutputStream(), error);
}
} else {
filterChain.doFilter(request, response);
}
}
}
use of com.auth0.json.mgmt.Role in project iet-hf-2022-k-k-k-k-k-k by BME-MIT-IET.
the class JwtAuthorizationFilter method doFilterInternal.
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
if (request.getServletPath().equals("/api/login") || request.getServletPath().equals("/api/hasRightForPage") || request.getServletPath().equals("/api/person/register")) {
filterChain.doFilter(request, response);
} else {
String authorizationHeader = request.getHeader(HttpHeaders.AUTHORIZATION);
if (authorizationHeader != null && authorizationHeader.startsWith("Bearer ")) {
try {
DecodedJWT decodedJWT = JwtUtil.getDecodedJWT(authorizationHeader);
String username = decodedJWT.getSubject();
String[] roles = decodedJWT.getClaim("roles").asArray(String.class);
Collection<SimpleGrantedAuthority> authorities = new ArrayList<>();
stream(roles).forEach(role -> {
authorities.add(new SimpleGrantedAuthority(role));
});
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username, null, authorities);
SecurityContextHolder.getContext().setAuthentication(authenticationToken);
filterChain.doFilter(request, response);
} catch (Exception e) {
response.setHeader("error", e.getMessage());
response.setStatus(HttpStatus.FORBIDDEN.value());
response.setContentType(MediaType.APPLICATION_JSON_VALUE);
Map<String, String> error = new HashMap<>();
error.put("error_message", e.getMessage());
new ObjectMapper().writeValue(response.getOutputStream(), error);
}
} else {
filterChain.doFilter(request, response);
}
}
}
use of com.auth0.json.mgmt.Role in project eagle-oj-api by Eagle-OJ.
the class JWTUtil method decode.
public static boolean decode(String token, String secret) {
try {
Algorithm algorithm = Algorithm.HMAC256(secret);
JWTVerifier verifier = JWT.require(algorithm).build();
DecodedJWT decodedJWT = verifier.verify(token);
int uid = decodedJWT.getClaim("uid").asInt();
int role = decodedJWT.getClaim("role").asInt();
Set<String> permission = new HashSet<>(decodedJWT.getClaim("permission").asList(String.class));
SessionHelper.init(token, uid, role, permission);
return true;
} catch (Exception e) {
return false;
}
}
use of com.auth0.json.mgmt.Role in project eagle-oj-api by Eagle-OJ.
the class JWTUtil method sign.
public static String sign(int uid, int role, Set<String> permission, String secret) {
try {
Date date = new Date(System.currentTimeMillis() + EXPIRE);
Algorithm algorithm = Algorithm.HMAC256(secret);
return JWT.create().withClaim("uid", uid).withClaim("role", role).withArrayClaim("permission", permission.toArray(new String[1])).withExpiresAt(date).sign(algorithm);
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
Aggregations