use of com.auth0.json.mgmt.Role in project toy by gmoon92.
the class JwtUtil method generate.
public String generate(User user) {
try {
ZonedDateTime today = ZonedDateTime.now();
String token = JWT.create().withIssuer(apiVersion).withClaim("username", user.getUsername()).withClaim("role", user.getRole().name()).withIssuedAt(Date.from(today.toInstant())).withExpiresAt(Date.from(today.plusDays(DAY_OF_EXPIRATION).toInstant())).sign(algorithm);
return String.format("%s %s", AuthenticationSchema.BEARER.getName(), token);
} catch (JWTCreationException e) {
throw new JWTCreationException("Invalid Signing configuration or Couldn't convert Claims.", e);
}
}
use of com.auth0.json.mgmt.Role in project Automated-Parking-Lot by ParkingLotDevOps.
the class RoleToUserForm method refreshToken.
@GetMapping("/token/refresh")
public void refreshToken(HttpServletRequest request, HttpServletResponse response) throws IOException {
String authorizationHeader = request.getHeader("Authorization");
if (authorizationHeader != null && authorizationHeader.startsWith("Bearer ")) {
try {
String refresh_token = authorizationHeader.substring("Bearer ".length());
// TODO : de mutat in fisier de configurare
Algorithm algorithm = Algorithm.HMAC256("secret".getBytes());
JWTVerifier verifier = JWT.require(algorithm).build();
DecodedJWT decodedJWT = verifier.verify(refresh_token);
String username = decodedJWT.getSubject();
AppUser user = appUserService.getUser(username);
String access_token = JWT.create().withSubject(user.getEmail()).withExpiresAt(new Date(System.currentTimeMillis() + 30 * 60 * 1000)).withIssuer(request.getRequestURL().toString()).withClaim("roles", user.getRoles().stream().map(Role::getName).collect(Collectors.toList())).sign(algorithm);
Map<String, String> tokens = new HashMap<>();
tokens.put("access_token", access_token);
tokens.put("refresh_token", refresh_token);
response.setContentType("application/json");
new ObjectMapper().writeValue(response.getOutputStream(), tokens);
} catch (Exception exception) {
response.setHeader("error", exception.getMessage());
response.setStatus(403);
Map<String, String> error = new HashMap<>();
error.put("error", exception.getMessage());
response.setContentType("application/json");
new ObjectMapper().writeValue(response.getOutputStream(), error);
}
}
}
use of com.auth0.json.mgmt.Role in project iet-hf-2022-k-k-k-k-k-k by BME-MIT-IET.
the class TokenController method post.
@ApiOperation("AuthChecking")
@PostMapping("/hasRightForPage")
public ResponseEntity<PageAuthorizationResponse> post(@RequestHeader HttpHeaders headers, @RequestBody PageAuthorizationRequest body) {
String authHeader = headers.getFirst(HttpHeaders.AUTHORIZATION);
String route = body.getRoute();
if (PageAuthorizationChecker.noRightPages().contains(route)) {
return new ResponseEntity<>(PageAuthorizationResponse.hasRight, HttpStatus.OK);
}
if (authHeader == null) {
return new ResponseEntity<>(PageAuthorizationResponse.tokenExpired, HttpStatus.OK);
} else if (authHeader.startsWith("Bearer") && authHeader.length() < 7) {
return new ResponseEntity<>(PageAuthorizationResponse.tokenExpired, HttpStatus.OK);
}
try {
DecodedJWT jwt = JwtUtil.getDecodedJWT(authHeader);
if (jwt.getExpiresAt().before(new Date())) {
return new ResponseEntity<>(PageAuthorizationResponse.tokenExpired, HttpStatus.OK);
}
Collection<Role> rolesOfUser = this.personService.getByUsername(JwtUtil.getUsernameFromJwt(authHeader)).getRoles();
if (PageAuthorizationChecker.hasRightForPage(route, rolesOfUser)) {
return new ResponseEntity<>(PageAuthorizationResponse.hasRight, HttpStatus.OK);
} else {
return new ResponseEntity<>(PageAuthorizationResponse.noRight, HttpStatus.OK);
}
} catch (Exception e) {
return new ResponseEntity<>(PageAuthorizationResponse.tokenExpired, HttpStatus.OK);
}
}
use of com.auth0.json.mgmt.Role in project Team_BbungCles_Devnity_BE by prgrms-web-devcourse.
the class Jwt method sign.
public String sign(Claims claims) {
Date now = new Date();
JWTCreator.Builder builder = com.auth0.jwt.JWT.create();
builder.withIssuer(issuer);
builder.withIssuedAt(now);
if (expirySeconds > 0) {
builder.withExpiresAt(new Date(now.getTime() + expirySeconds * 1_000L));
}
builder.withClaim("userId", claims.userId);
builder.withClaim("email", claims.email);
builder.withClaim("role", claims.role);
return builder.sign(algorithm);
}
use of com.auth0.json.mgmt.Role in project gravitee-management-rest-api by gravitee-io.
the class AuthenticationSuccessFilter method doFilter.
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
final HttpServletRequest req = (HttpServletRequest) servletRequest;
final Optional<Cookie> optionalStringToken;
if (req.getCookies() == null) {
optionalStringToken = Optional.empty();
} else {
optionalStringToken = Arrays.stream(req.getCookies()).filter(cookie -> HttpHeaders.AUTHORIZATION.equals(cookie.getName())).filter(cookie -> cookie.getValue() != null && !cookie.getValue().isEmpty()).findAny();
}
final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication != null && !optionalStringToken.isPresent()) {
// JWT signer
final Map<String, Object> claims = new HashMap<>();
claims.put(Claims.ISSUER, jwtIssuer);
final UserDetails userDetails = (UserDetails) authentication.getPrincipal();
// Manage authorities, initialize it with dynamic permissions from the IDP
Set<GrantedAuthority> authorities = new HashSet<>(userDetails.getAuthorities());
// We must also load permissions from repository for configured management or portal role
RoleEntity role = membershipService.getRole(MembershipReferenceType.MANAGEMENT, MembershipDefaultReferenceId.DEFAULT.toString(), userDetails.getUsername(), RoleScope.MANAGEMENT);
if (role != null) {
authorities.add(new SimpleGrantedAuthority(role.getScope().toString() + ':' + role.getName()));
}
role = membershipService.getRole(MembershipReferenceType.PORTAL, MembershipDefaultReferenceId.DEFAULT.toString(), userDetails.getUsername(), RoleScope.PORTAL);
if (role != null) {
authorities.add(new SimpleGrantedAuthority(role.getScope().toString() + ':' + role.getName()));
}
claims.put(Claims.PERMISSIONS, authorities);
claims.put(Claims.SUBJECT, userDetails.getUsername());
claims.put(Claims.EMAIL, userDetails.getEmail());
claims.put(Claims.FIRSTNAME, userDetails.getFirstname());
claims.put(Claims.LASTNAME, userDetails.getLastname());
final JWTSigner.Options options = new JWTSigner.Options();
options.setExpirySeconds(jwtExpireAfter);
options.setIssuedAt(true);
options.setJwtId(true);
final Cookie bearerCookie = jwtCookieGenerator.generate("Bearer " + new JWTSigner(jwtSecret).sign(claims, options));
((HttpServletResponse) servletResponse).addCookie(bearerCookie);
}
filterChain.doFilter(servletRequest, servletResponse);
}
Aggregations