use of com.auth0.json.mgmt.Role in project Toy by gmoon92.
the class JwtUtils method generate.
public String generate(User user) {
try {
ZonedDateTime today = ZonedDateTime.now();
String token = JWT.create().withIssuer(apiVersion).withClaim("username", user.getUsername()).withClaim("role", user.getRole().name()).withIssuedAt(Date.from(today.toInstant())).withExpiresAt(Date.from(today.plusDays(DAY_OF_EXPIRATION).toInstant())).sign(algorithm);
return String.format("%s %s", AuthenticationSchema.BEARER.getName(), token);
} catch (JWTCreationException e) {
throw new JWTCreationException("Invalid Signing configuration or Couldn't convert Claims.", e);
}
}
use of com.auth0.json.mgmt.Role in project Toy by gmoon92.
the class JwtUtil method decode.
public User decode(String tokenOfIncludeSchema) {
String token = obtainTokenWithoutSchema(tokenOfIncludeSchema);
verify(token);
DecodedJWT jwt = JWT.decode(token);
String username = jwt.getClaim("username").asString();
Role role = Role.valueOf(jwt.getClaim("role").asString());
return User.create(username, "", role);
}
use of com.auth0.json.mgmt.Role in project Toy by gmoon92.
the class JwtUtil method generate.
public String generate(User user) {
try {
ZonedDateTime today = ZonedDateTime.now();
String token = JWT.create().withIssuer(apiVersion).withClaim("username", user.getUsername()).withClaim("role", user.getRole().name()).withIssuedAt(Date.from(today.toInstant())).withExpiresAt(Date.from(today.plusDays(DAY_OF_EXPIRATION).toInstant())).sign(algorithm);
return String.format("%s %s", AuthenticationSchema.BEARER.getName(), token);
} catch (JWTCreationException e) {
throw new JWTCreationException("Invalid Signing configuration or Couldn't convert Claims.", e);
}
}
use of com.auth0.json.mgmt.Role in project framework by galasa-dev.
the class JwtAuthFilter method doFilter.
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
if (!(request instanceof HttpServletRequest)) {
chain.doFilter(request, response);
return;
}
HttpServletRequest servletRequest = (HttpServletRequest) request;
HttpServletResponse servletResponse = (HttpServletResponse) response;
if ("/auth".equals(servletRequest.getServletPath())) {
// dont do this for the auth url
chain.doFilter(request, response);
return;
}
Principal principal = servletRequest.getUserPrincipal();
if (principal != null) {
// already authenticated
chain.doFilter(request, response);
return;
}
String authorization = servletRequest.getHeader("Authorization");
if (authorization == null) {
chain.doFilter(request, response);
return;
}
StringTokenizer st = new StringTokenizer(authorization);
if (!st.hasMoreTokens()) {
chain.doFilter(request, response);
return;
}
String bearer = st.nextToken();
if (!"bearer".equalsIgnoreCase(bearer)) {
chain.doFilter(request, response);
return;
}
if (!st.hasMoreTokens()) {
chain.doFilter(request, response);
return;
}
String sJwt = st.nextToken();
Algorithm algorithm = Algorithm.HMAC256(this.configurationProperties.getProperty(SECRET_KEY));
JWTVerifier verifier = JWT.require(algorithm).withIssuer("galasa").build();
try {
DecodedJWT jwt = verifier.verify(sJwt);
String subject = jwt.getSubject();
String role = jwt.getClaim("role").asString();
JwtRequestWrapper wrapper = new JwtRequestWrapper(subject, role, servletRequest);
chain.doFilter(wrapper, servletResponse);
return;
} catch (AlgorithmMismatchException e) {
chain.doFilter(request, response);
invalidAuth(servletRequest, servletResponse, "Incorrect Algorithim " + e);
return;
} catch (SignatureVerificationException e) {
chain.doFilter(request, response);
invalidAuth(servletRequest, servletResponse, "Non valid signature " + e);
} catch (TokenExpiredException e) {
chain.doFilter(request, response);
invalidAuth(servletRequest, servletResponse, "Jwt has expired " + e);
} catch (InvalidClaimException e) {
chain.doFilter(request, response);
invalidAuth(servletRequest, servletResponse, "Invalid Claims " + e);
}
// chain.doFilter(servletRequest, servletResponse);
}
use of com.auth0.json.mgmt.Role in project alf.io by alfio-event.
the class BaseOpenIdAuthenticationManager method updateRoles.
private void updateRoles(Set<Role> roles, String username) {
authorityRepository.revokeAll(username);
var rolesToAdd = roles.stream().map(r -> new MapSqlParameterSource("username", username).addValue("role", r.getRoleName())).toArray(MapSqlParameterSource[]::new);
jdbcTemplate.batchUpdate(authorityRepository.grantAll(), rolesToAdd);
}
Aggregations