Examples with JWT_COOKIE_NAME org.sonatype.nexus.security.JwtHelper.JWT_COOKIE_NAME used on opensource projects

Search in sources :

Example 1 with JWT_COOKIE_NAME

use of org.sonatype.nexus.security.JwtHelper.JWT_COOKIE_NAME in project nexus-public by sonatype.

the class JwtFilter method preHandle.

@Override
protected boolean preHandle(final ServletRequest request, final ServletResponse response) throws Exception {
    Cookie[] cookies = ((HttpServletRequest) request).getCookies();
    if (cookies != null) {
        Optional<Cookie> jwtCookie = stream(cookies).filter(cookie -> cookie.getName().equals(JWT_COOKIE_NAME)).findFirst();
        if (jwtCookie.isPresent()) {
            Cookie cookie = jwtCookie.get();
            String jwt = cookie.getValue();
            if (!Strings2.isEmpty(jwt)) {
                Cookie refreshedToken;
                try {
                    refreshedToken = jwtHelper.verifyAndRefreshJwtCookie(jwt);
                } catch (JwtVerificationException e) {
                    // expire the cookie in case of any issues while JWT verification
                    cookie.setValue("");
                    cookie.setMaxAge(0);
                    WebUtils.toHttp(response).addCookie(cookie);
                    return false;
                }
                WebUtils.toHttp(response).addCookie(refreshedToken);
            }
        }
    }
    return true;
}
Also used : Cookie(javax.servlet.http.Cookie) HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletRequest(javax.servlet.ServletRequest) JwtVerificationException(org.sonatype.nexus.security.jwt.JwtVerificationException) Preconditions.checkNotNull(com.google.common.base.Preconditions.checkNotNull) Singleton(javax.inject.Singleton) WebUtils(org.apache.shiro.web.util.WebUtils) JWT_COOKIE_NAME(org.sonatype.nexus.security.JwtHelper.JWT_COOKIE_NAME) Inject(javax.inject.Inject) HttpServletRequest(javax.servlet.http.HttpServletRequest) Strings2(org.sonatype.nexus.common.text.Strings2) AdviceFilter(org.apache.shiro.web.servlet.AdviceFilter) ServletResponse(javax.servlet.ServletResponse) Optional(java.util.Optional) Named(javax.inject.Named) Cookie(javax.servlet.http.Cookie) Arrays.stream(java.util.Arrays.stream) JwtVerificationException(org.sonatype.nexus.security.jwt.JwtVerificationException)

Example 2 with JWT_COOKIE_NAME

use of org.sonatype.nexus.security.JwtHelper.JWT_COOKIE_NAME in project nexus-public by sonatype.

the class JwtSecurityFilter method createSubject.

@Override
protected WebSubject createSubject(final ServletRequest request, final ServletResponse response) {
    Cookie[] cookies = ((HttpServletRequest) request).getCookies();
    if (cookies != null) {
        Optional<Cookie> jwtCookie = stream(cookies).filter(cookie -> cookie.getName().equals(JWT_COOKIE_NAME)).findFirst();
        if (jwtCookie.isPresent()) {
            Cookie cookie = jwtCookie.get();
            SimpleSession session = new SimpleSession(request.getRemoteHost());
            DecodedJWT decodedJwt;
            String jwt = cookie.getValue();
            if (!Strings2.isEmpty(jwt)) {
                try {
                    decodedJwt = jwtHelper.verifyJwt(jwt);
                } catch (JwtVerificationException e) {
                    log.debug("Expire and reset the JWT cookie due to the error: {}", e.getMessage());
                    cookie.setValue("");
                    cookie.setMaxAge(0);
                    WebUtils.toHttp(response).addCookie(cookie);
                    return super.createSubject(request, response);
                }
                Claim user = decodedJwt.getClaim(USER);
                Claim realm = decodedJwt.getClaim(REALM);
                PrincipalCollection principals = new SimplePrincipalCollection(user.asString(), realm.asString());
                session.setTimeout(TimeUnit.SECONDS.toMillis(jwtHelper.getExpirySeconds()));
                session.setAttribute(JWT_COOKIE_NAME, jwt);
                return new WebDelegatingSubject(principals, true, request.getRemoteHost(), session, true, request, response, getSecurityManager());
            }
        }
    }
    return super.createSubject(request, response);
}
Also used : Cookie(javax.servlet.http.Cookie) REALM(org.sonatype.nexus.security.JwtHelper.REALM) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT) JwtVerificationException(org.sonatype.nexus.security.jwt.JwtVerificationException) WebSecurityManager(org.apache.shiro.web.mgt.WebSecurityManager) WebSubject(org.apache.shiro.web.subject.WebSubject) LoggerFactory(org.slf4j.LoggerFactory) WebDelegatingSubject(org.apache.shiro.web.subject.support.WebDelegatingSubject) Singleton(javax.inject.Singleton) JWT_COOKIE_NAME(org.sonatype.nexus.security.JwtHelper.JWT_COOKIE_NAME) Inject(javax.inject.Inject) HttpServletRequest(javax.servlet.http.HttpServletRequest) PrincipalCollection(org.apache.shiro.subject.PrincipalCollection) Cookie(javax.servlet.http.Cookie) Claim(com.auth0.jwt.interfaces.Claim) SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection) SimpleSession(org.apache.shiro.session.mgt.SimpleSession) ServletRequest(javax.servlet.ServletRequest) Logger(org.slf4j.Logger) Preconditions.checkNotNull(com.google.common.base.Preconditions.checkNotNull) FilterChainResolver(org.apache.shiro.web.filter.mgt.FilterChainResolver) WebUtils(org.apache.shiro.web.util.WebUtils) TimeUnit(java.util.concurrent.TimeUnit) Strings2(org.sonatype.nexus.common.text.Strings2) ServletResponse(javax.servlet.ServletResponse) USER(org.sonatype.nexus.security.JwtHelper.USER) Optional(java.util.Optional) Arrays.stream(java.util.Arrays.stream) PrincipalCollection(org.apache.shiro.subject.PrincipalCollection) SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection) SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection) JwtVerificationException(org.sonatype.nexus.security.jwt.JwtVerificationException) WebDelegatingSubject(org.apache.shiro.web.subject.support.WebDelegatingSubject) HttpServletRequest(javax.servlet.http.HttpServletRequest) SimpleSession(org.apache.shiro.session.mgt.SimpleSession) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT) Claim(com.auth0.jwt.interfaces.Claim)

Aggregations

Preconditions.checkNotNull (com.google.common.base.Preconditions.checkNotNull)2 Arrays.stream (java.util.Arrays.stream)2 Optional (java.util.Optional)2 Inject (javax.inject.Inject)2 Singleton (javax.inject.Singleton)2 ServletRequest (javax.servlet.ServletRequest)2 ServletResponse (javax.servlet.ServletResponse)2 Cookie (javax.servlet.http.Cookie)2 HttpServletRequest (javax.servlet.http.HttpServletRequest)2 WebUtils (org.apache.shiro.web.util.WebUtils)2 Strings2 (org.sonatype.nexus.common.text.Strings2)2 JWT_COOKIE_NAME (org.sonatype.nexus.security.JwtHelper.JWT_COOKIE_NAME)2 JwtVerificationException (org.sonatype.nexus.security.jwt.JwtVerificationException)2 Claim (com.auth0.jwt.interfaces.Claim)1 DecodedJWT (com.auth0.jwt.interfaces.DecodedJWT)1 TimeUnit (java.util.concurrent.TimeUnit)1 Named (javax.inject.Named)1 SimpleSession (org.apache.shiro.session.mgt.SimpleSession)1 PrincipalCollection (org.apache.shiro.subject.PrincipalCollection)1 SimplePrincipalCollection (org.apache.shiro.subject.SimplePrincipalCollection)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial