use of com.auth0.jwt.interfaces.DecodedJWT in project libresonic by Libresonic.
the class JWTAuthenticationProvider method authenticate.
@Override
public Authentication authenticate(Authentication auth) throws AuthenticationException {
JWTAuthenticationToken authentication = (JWTAuthenticationToken) auth;
if (authentication.getCredentials() == null || !(authentication.getCredentials() instanceof String)) {
logger.error("Credentials not present");
return null;
}
String rawToken = (String) auth.getCredentials();
DecodedJWT token = JWTSecurityService.verify(jwtKey, rawToken);
Claim path = token.getClaim(JWTSecurityService.CLAIM_PATH);
authentication.setAuthenticated(true);
// TODO:AD This is super unfortunate, but not sure there is a better way when using JSP
if (StringUtils.contains(authentication.getRequestedPath(), "/WEB-INF/jsp/")) {
logger.warn("BYPASSING AUTH FOR WEB-INF page");
} else if (!roughlyEqual(path.asString(), authentication.getRequestedPath())) {
throw new InsufficientAuthenticationException("Credentials not valid for path " + authentication.getRequestedPath() + ". They are valid for " + path.asString());
}
List<GrantedAuthority> authorities = new ArrayList<>();
authorities.add(new SimpleGrantedAuthority("IS_AUTHENTICATED_FULLY"));
authorities.add(new SimpleGrantedAuthority("ROLE_TEMP"));
return new JWTAuthenticationToken(authorities, rawToken, authentication.getRequestedPath());
}
use of com.auth0.jwt.interfaces.DecodedJWT in project libresonic by Libresonic.
the class ExternalPlayerController method getSongs.
private List<MediaFileWithUrlInfo> getSongs(HttpServletRequest request, Share share, Player player) throws IOException {
Date expires = null;
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication instanceof JWTAuthenticationToken) {
DecodedJWT token = jwtSecurityService.verify((String) authentication.getCredentials());
expires = token.getExpiresAt();
}
Date finalExpires = expires;
List<MediaFileWithUrlInfo> result = new ArrayList<>();
List<MusicFolder> musicFolders = settingsService.getMusicFoldersForUser(player.getUsername());
if (share != null) {
for (MediaFile file : shareService.getSharedFiles(share.getId(), musicFolders)) {
if (file.getFile().exists()) {
if (file.isDirectory()) {
List<MediaFile> childrenOf = mediaFileService.getChildrenOf(file, true, false, true);
result.addAll(childrenOf.stream().map(mf -> addUrlInfo(request, player, mf, finalExpires)).collect(Collectors.toList()));
} else {
result.add(addUrlInfo(request, player, file, finalExpires));
}
}
}
}
return result;
}
use of com.auth0.jwt.interfaces.DecodedJWT in project libresonic by Libresonic.
the class JWTSecurityServiceTest method addJWTToken.
@Test
public void addJWTToken() throws Exception {
UriComponentsBuilder builder = UriComponentsBuilder.fromUriString(uriString);
String actualUri = service.addJWTToken(builder).build().toUriString();
String jwtToken = UriComponentsBuilder.fromUriString(actualUri).build().getQueryParams().getFirst(JWTSecurityService.JWT_PARAM_NAME);
DecodedJWT verify = verifier.verify(jwtToken);
Claim claim = verify.getClaim(JWTSecurityService.CLAIM_PATH);
assertEquals(expectedClaimString, claim.asString());
}
use of com.auth0.jwt.interfaces.DecodedJWT in project libresonic by Libresonic.
the class JWTSecurityService method verify.
public static DecodedJWT verify(String jwtKey, String token) {
Algorithm algorithm = JWTSecurityService.getAlgorithm(jwtKey);
JWTVerifier verifier = JWT.require(algorithm).build();
return verifier.verify(token);
}
Aggregations