Examples with Role com.auth0.json.mgmt.Role used on opensource projects

Search in sources :

Example 11 with Role

use of com.auth0.json.mgmt.Role in project toy by gmoon92.

the class JwtUtil method generate.

public String generate(User user) {
    try {
        ZonedDateTime today = ZonedDateTime.now();
        String token = JWT.create().withIssuer(apiVersion).withClaim("username", user.getUsername()).withClaim("role", user.getRole().name()).withIssuedAt(Date.from(today.toInstant())).withExpiresAt(Date.from(today.plusDays(DAY_OF_EXPIRATION).toInstant())).sign(algorithm);
        return String.format("%s %s", AuthenticationSchema.BEARER.getName(), token);
    } catch (JWTCreationException e) {
        throw new JWTCreationException("Invalid Signing configuration or Couldn't convert Claims.", e);
    }
}
Also used : ZonedDateTime(java.time.ZonedDateTime) JWTCreationException(com.auth0.jwt.exceptions.JWTCreationException)

Example 12 with Role

use of com.auth0.json.mgmt.Role in project Automated-Parking-Lot by ParkingLotDevOps.

the class RoleToUserForm method refreshToken.

@GetMapping("/token/refresh")
public void refreshToken(HttpServletRequest request, HttpServletResponse response) throws IOException {
    String authorizationHeader = request.getHeader("Authorization");
    if (authorizationHeader != null && authorizationHeader.startsWith("Bearer ")) {
        try {
            String refresh_token = authorizationHeader.substring("Bearer ".length());
            // TODO : de mutat in fisier de configurare
            Algorithm algorithm = Algorithm.HMAC256("secret".getBytes());
            JWTVerifier verifier = JWT.require(algorithm).build();
            DecodedJWT decodedJWT = verifier.verify(refresh_token);
            String username = decodedJWT.getSubject();
            AppUser user = appUserService.getUser(username);
            String access_token = JWT.create().withSubject(user.getEmail()).withExpiresAt(new Date(System.currentTimeMillis() + 30 * 60 * 1000)).withIssuer(request.getRequestURL().toString()).withClaim("roles", user.getRoles().stream().map(Role::getName).collect(Collectors.toList())).sign(algorithm);
            Map<String, String> tokens = new HashMap<>();
            tokens.put("access_token", access_token);
            tokens.put("refresh_token", refresh_token);
            response.setContentType("application/json");
            new ObjectMapper().writeValue(response.getOutputStream(), tokens);
        } catch (Exception exception) {
            response.setHeader("error", exception.getMessage());
            response.setStatus(403);
            Map<String, String> error = new HashMap<>();
            error.put("error", exception.getMessage());
            response.setContentType("application/json");
            new ObjectMapper().writeValue(response.getOutputStream(), error);
        }
    }
}
Also used : AppUser(b3.spl.splb.model.AppUser) Algorithm(com.auth0.jwt.algorithms.Algorithm) JWTVerifier(com.auth0.jwt.JWTVerifier) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) IOException(java.io.IOException)

Example 13 with Role

use of com.auth0.json.mgmt.Role in project iet-hf-2022-k-k-k-k-k-k by BME-MIT-IET.

the class TokenController method post.

@ApiOperation("AuthChecking")
@PostMapping("/hasRightForPage")
public ResponseEntity<PageAuthorizationResponse> post(@RequestHeader HttpHeaders headers, @RequestBody PageAuthorizationRequest body) {
    String authHeader = headers.getFirst(HttpHeaders.AUTHORIZATION);
    String route = body.getRoute();
    if (PageAuthorizationChecker.noRightPages().contains(route)) {
        return new ResponseEntity<>(PageAuthorizationResponse.hasRight, HttpStatus.OK);
    }
    if (authHeader == null) {
        return new ResponseEntity<>(PageAuthorizationResponse.tokenExpired, HttpStatus.OK);
    } else if (authHeader.startsWith("Bearer") && authHeader.length() < 7) {
        return new ResponseEntity<>(PageAuthorizationResponse.tokenExpired, HttpStatus.OK);
    }
    try {
        DecodedJWT jwt = JwtUtil.getDecodedJWT(authHeader);
        if (jwt.getExpiresAt().before(new Date())) {
            return new ResponseEntity<>(PageAuthorizationResponse.tokenExpired, HttpStatus.OK);
        }
        Collection<Role> rolesOfUser = this.personService.getByUsername(JwtUtil.getUsernameFromJwt(authHeader)).getRoles();
        if (PageAuthorizationChecker.hasRightForPage(route, rolesOfUser)) {
            return new ResponseEntity<>(PageAuthorizationResponse.hasRight, HttpStatus.OK);
        } else {
            return new ResponseEntity<>(PageAuthorizationResponse.noRight, HttpStatus.OK);
        }
    } catch (Exception e) {
        return new ResponseEntity<>(PageAuthorizationResponse.tokenExpired, HttpStatus.OK);
    }
}
Also used : Role(com.adja.evchargerappserver.api.role.Role) ResponseEntity(org.springframework.http.ResponseEntity) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT) Date(java.util.Date) IOException(java.io.IOException) ApiOperation(io.swagger.annotations.ApiOperation)

Example 14 with Role

use of com.auth0.json.mgmt.Role in project Team_BbungCles_Devnity_BE by prgrms-web-devcourse.

the class Jwt method sign.

public String sign(Claims claims) {
    Date now = new Date();
    JWTCreator.Builder builder = com.auth0.jwt.JWT.create();
    builder.withIssuer(issuer);
    builder.withIssuedAt(now);
    if (expirySeconds > 0) {
        builder.withExpiresAt(new Date(now.getTime() + expirySeconds * 1_000L));
    }
    builder.withClaim("userId", claims.userId);
    builder.withClaim("email", claims.email);
    builder.withClaim("role", claims.role);
    return builder.sign(algorithm);
}
Also used : JWTCreator(com.auth0.jwt.JWTCreator) Date(java.util.Date)

Example 15 with Role

use of com.auth0.json.mgmt.Role in project gravitee-management-rest-api by gravitee-io.

the class AuthenticationSuccessFilter method doFilter.

@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
    final HttpServletRequest req = (HttpServletRequest) servletRequest;
    final Optional<Cookie> optionalStringToken;
    if (req.getCookies() == null) {
        optionalStringToken = Optional.empty();
    } else {
        optionalStringToken = Arrays.stream(req.getCookies()).filter(cookie -> HttpHeaders.AUTHORIZATION.equals(cookie.getName())).filter(cookie -> cookie.getValue() != null && !cookie.getValue().isEmpty()).findAny();
    }
    final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    if (authentication != null && !optionalStringToken.isPresent()) {
        // JWT signer
        final Map<String, Object> claims = new HashMap<>();
        claims.put(Claims.ISSUER, jwtIssuer);
        final UserDetails userDetails = (UserDetails) authentication.getPrincipal();
        // Manage authorities, initialize it with dynamic permissions from the IDP
        Set<GrantedAuthority> authorities = new HashSet<>(userDetails.getAuthorities());
        // We must also load permissions from repository for configured management or portal role
        RoleEntity role = membershipService.getRole(MembershipReferenceType.MANAGEMENT, MembershipDefaultReferenceId.DEFAULT.toString(), userDetails.getUsername(), RoleScope.MANAGEMENT);
        if (role != null) {
            authorities.add(new SimpleGrantedAuthority(role.getScope().toString() + ':' + role.getName()));
        }
        role = membershipService.getRole(MembershipReferenceType.PORTAL, MembershipDefaultReferenceId.DEFAULT.toString(), userDetails.getUsername(), RoleScope.PORTAL);
        if (role != null) {
            authorities.add(new SimpleGrantedAuthority(role.getScope().toString() + ':' + role.getName()));
        }
        claims.put(Claims.PERMISSIONS, authorities);
        claims.put(Claims.SUBJECT, userDetails.getUsername());
        claims.put(Claims.EMAIL, userDetails.getEmail());
        claims.put(Claims.FIRSTNAME, userDetails.getFirstname());
        claims.put(Claims.LASTNAME, userDetails.getLastname());
        final JWTSigner.Options options = new JWTSigner.Options();
        options.setExpirySeconds(jwtExpireAfter);
        options.setIssuedAt(true);
        options.setJwtId(true);
        final Cookie bearerCookie = jwtCookieGenerator.generate("Bearer " + new JWTSigner(jwtSecret).sign(claims, options));
        ((HttpServletResponse) servletResponse).addCookie(bearerCookie);
    }
    filterChain.doFilter(servletRequest, servletResponse);
}
Also used : Cookie(javax.servlet.http.Cookie) JWTCookieGenerator(io.gravitee.management.security.cookies.JWTCookieGenerator) UserDetails(io.gravitee.management.idp.api.authentication.UserDetails) RoleScope(io.gravitee.repository.management.model.RoleScope) FilterChain(javax.servlet.FilterChain) ServletRequest(javax.servlet.ServletRequest) java.util(java.util) HttpHeaders(io.gravitee.common.http.HttpHeaders) RoleEntity(io.gravitee.management.model.RoleEntity) ServletException(javax.servlet.ServletException) MembershipDefaultReferenceId(io.gravitee.repository.management.model.MembershipDefaultReferenceId) HttpServletResponse(javax.servlet.http.HttpServletResponse) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) IOException(java.io.IOException) GrantedAuthority(org.springframework.security.core.GrantedAuthority) HttpServletRequest(javax.servlet.http.HttpServletRequest) MembershipService(io.gravitee.management.service.MembershipService) ServletResponse(javax.servlet.ServletResponse) GenericFilterBean(org.springframework.web.filter.GenericFilterBean) JWTSigner(com.auth0.jwt.JWTSigner) Claims(io.gravitee.management.service.common.JWTHelper.Claims) MembershipReferenceType(io.gravitee.repository.management.model.MembershipReferenceType) Authentication(org.springframework.security.core.Authentication) SecurityContextHolder(org.springframework.security.core.context.SecurityContextHolder) Cookie(javax.servlet.http.Cookie) JWTSigner(com.auth0.jwt.JWTSigner) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) GrantedAuthority(org.springframework.security.core.GrantedAuthority) HttpServletResponse(javax.servlet.http.HttpServletResponse) HttpServletRequest(javax.servlet.http.HttpServletRequest) RoleEntity(io.gravitee.management.model.RoleEntity) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) UserDetails(io.gravitee.management.idp.api.authentication.UserDetails) Authentication(org.springframework.security.core.Authentication)

Aggregations

Algorithm (com.auth0.jwt.algorithms.Algorithm)20 DecodedJWT (com.auth0.jwt.interfaces.DecodedJWT)17 IOException (java.io.IOException)17 java.util (java.util)14 JWT (com.auth0.jwt.JWT)13 Maps (io.gravitee.common.util.Maps)12 DEFAULT_JWT_ISSUER (io.gravitee.rest.api.service.common.JWTHelper.DefaultValues.DEFAULT_JWT_ISSUER)12 Duration (java.time.Duration)12 Instant (java.time.Instant)12 GraviteeContext (io.gravitee.rest.api.service.common.GraviteeContext)10 JWTHelper (io.gravitee.rest.api.service.common.JWTHelper)10 HttpServletResponse (javax.servlet.http.HttpServletResponse)10 Authentication (org.springframework.security.core.Authentication)10 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)9 HashMap (java.util.HashMap)9 Collectors (java.util.stream.Collectors)9 Cookie (javax.servlet.http.Cookie)9 SecurityContextHolder (org.springframework.security.core.context.SecurityContextHolder)9 UserDetails (io.gravitee.rest.api.idp.api.authentication.UserDetails)8 CookieGenerator (io.gravitee.rest.api.security.cookies.CookieGenerator)8
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial