use of com.auth0.json.mgmt.Role in project learn-center-rest by elbar-org.
the class CustomAuthorizationFilter method doFilterInternal.
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
if (request.getServletPath().equals("/api/v1/login")) {
try {
filterChain.doFilter(request, response);
} catch (Exception e) {
throw new RuntimeException(e.getMessage());
}
} else {
String authorizationHeader = request.getHeader(HttpHeaders.AUTHORIZATION);
if (authorizationHeader != null && authorizationHeader.startsWith("Bearer ")) {
try {
String token = authorizationHeader.substring("Bearer ".length());
DecodedJWT jwt = JWTUtils.getVerifier().verify(token);
String userCode = jwt.getSubject();
List<String> roles;
if (Objects.isNull(jwt.getClaim("roles").asList(String.class)))
roles = new ArrayList<>();
else
roles = jwt.getClaim("roles").asList(String.class);
List<SimpleGrantedAuthority> authorities = new ArrayList<>();
for (String role : roles) {
authorities.add(new SimpleGrantedAuthority(role));
}
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(userCode, null, authorities);
SecurityContextHolder.getContext().setAuthentication(authenticationToken);
filterChain.doFilter(request, response);
} catch (Exception e) {
response.setHeader("error", e.getMessage());
response.setStatus(HttpStatus.FORBIDDEN.value());
Map<String, String> error = new HashMap<>();
error.put("error_message", e.getMessage());
response.setContentType(MediaType.APPLICATION_JSON_VALUE);
new ObjectMapper().writeValue(response.getOutputStream(), error);
}
} else {
filterChain.doFilter(request, response);
}
}
}
use of com.auth0.json.mgmt.Role in project Toy by gmoon92.
the class JwtUtils method decode.
public User decode(String tokenOfIncludeSchema) {
String token = obtainTokenWithoutSchema(tokenOfIncludeSchema);
verify(token);
DecodedJWT jwt = JWT.decode(token);
String username = jwt.getClaim("username").asString();
Role role = Role.valueOf(jwt.getClaim("role").asString());
return User.create(username, "", role);
}
Aggregations