diff --git a/quartz-manager-parent/quartz-manager-starter-security/src/main/java/it/fabioformosa/quartzmanager/api/security/helpers/impl/JwtTokenHelper.java b/quartz-manager-parent/quartz-manager-starter-security/src/main/java/it/fabioformosa/quartzmanager/api/security/helpers/impl/JwtTokenHelper.java index 6ea31d6..03903df 100644 --- a/quartz-manager-parent/quartz-manager-starter-security/src/main/java/it/fabioformosa/quartzmanager/api/security/helpers/impl/JwtTokenHelper.java +++ b/quartz-manager-parent/quartz-manager-starter-security/src/main/java/it/fabioformosa/quartzmanager/api/security/helpers/impl/JwtTokenHelper.java @@ -18,30 +18,28 @@ import java.util.Date; import java.util.Map; /** - * * @author Fabio.Formosa - * */ public class JwtTokenHelper { - private static final Logger log = LoggerFactory.getLogger(JwtTokenHelper.class); + private static final Logger log = LoggerFactory.getLogger(JwtTokenHelper.class); - private static String base64EncodeSecretKey(String secretKey) { - return Base64.getEncoder().encodeToString(secretKey.getBytes(StandardCharsets.UTF_8)); - } + private static String base64EncodeSecretKey(String secretKey) { + return Base64.getEncoder().encodeToString(secretKey.getBytes(StandardCharsets.UTF_8)); + } - private final String appName; + private final String appName; - private final JwtSecurityProperties jwtSecurityProps; + private final JwtSecurityProperties jwtSecurityProps; - private SignatureAlgorithm SIGNATURE_ALGORITHM = SignatureAlgorithm.HS512; + private SignatureAlgorithm SIGNATURE_ALGORITHM = SignatureAlgorithm.HS512; - public JwtTokenHelper(String appName, JwtSecurityProperties jwtSecurityProps) { - super(); - this.appName = appName; - this.jwtSecurityProps = jwtSecurityProps; - } + public JwtTokenHelper(String appName, JwtSecurityProperties jwtSecurityProps) { + super(); + this.appName = appName; + this.jwtSecurityProps = jwtSecurityProps; + } public Boolean canTokenBeRefreshed(String token) { try { @@ -54,104 +52,97 @@ public class JwtTokenHelper { } } - private Date generateCurrentDate() { - return new Date(getCurrentTimeMillis()); + private Date generateCurrentDate() { + return new Date(getCurrentTimeMillis()); + } + + private Date generateExpirationDate() { + return new Date(getCurrentTimeMillis() + jwtSecurityProps.getExpirationInSec() * 1000); + } + + private String generateToken(Map claims) { + return Jwts.builder().setClaims(claims).setExpiration(generateExpirationDate()) + .signWith(SIGNATURE_ALGORITHM, base64EncodeSecretKey(jwtSecurityProps.getSecret())).compact(); + } + + public String generateToken(String username) { + return Jwts.builder().setIssuer(appName).setSubject(username).setIssuedAt(generateCurrentDate()) + .setExpiration(generateExpirationDate()) + .signWith(SIGNATURE_ALGORITHM, base64EncodeSecretKey(jwtSecurityProps.getSecret())).compact(); + } + + private Claims verifyAndGetClaimsFromToken(String token) { + Claims claims; + try { + claims = Jwts.parser().setSigningKey(base64EncodeSecretKey(jwtSecurityProps.getSecret())) + .parseClaimsJws(token).getBody(); + } catch (Exception e) { + log.error("Error getting claims from jwt token due to " + e.getMessage(), e); + throw e; + } + if(claims == null) + throw new IllegalStateException("Not found any claims into the JWT token!"); + return claims; + } + + /** + * Find a specific HTTP cookie in a request. + * + * @param request The HTTP request object. + * @param name The cookie name to look for. + * @return The cookie, or null if not found. + */ + public Cookie getCookieValueByName(HttpServletRequest request, String name) { + if (request.getCookies() == null) + return null; + for (int i = 0; i < request.getCookies().length; i++) + if (request.getCookies()[i].getName().equals(name)) + return request.getCookies()[i]; + return null; + } + + private long getCurrentTimeMillis() { + return LocalDateTime.now().atZone(ZoneId.of("Europe/Rome")).toInstant().toEpochMilli(); + } + + public String verifyTokenAndExtractUsername(String token) { + final Claims claims = verifyAndGetClaimsFromToken(token); + return claims.getSubject(); + } + + public String refreshToken(String token) { + String refreshedToken; + try { + final Claims claims = verifyAndGetClaimsFromToken(token); + claims.setIssuedAt(generateCurrentDate()); + refreshedToken = generateToken(claims); + } catch (Exception e) { + log.error("Error refreshing jwt token due to " + e.getMessage(), e); + refreshedToken = null; + } + return refreshedToken; + } + + public String retrieveToken(HttpServletRequest request) { + if (jwtSecurityProps.getCookieStrategy().isEnabled()) { + Cookie authCookie = getCookieValueByName(request, jwtSecurityProps.getCookieStrategy().getCookie()); + if (authCookie != null) + return authCookie.getValue(); } - private Date generateExpirationDate() { - return new Date(getCurrentTimeMillis() + jwtSecurityProps.getExpirationInSec() * 1000); + if (jwtSecurityProps.getHeaderStrategy().isEnabled()) { + String authHeader = request.getHeader(jwtSecurityProps.getHeaderStrategy().getHeader()); + if (authHeader != null && authHeader.startsWith("Bearer ")) + return authHeader.substring(7); } - private String generateToken(Map claims) { - return Jwts.builder().setClaims(claims).setExpiration(generateExpirationDate()) - .signWith(SIGNATURE_ALGORITHM, base64EncodeSecretKey(jwtSecurityProps.getSecret())).compact(); - } + if (request.getParameter("access_token") != null) + return request.getParameter("access_token"); - public String generateToken(String username) { - return Jwts.builder().setIssuer(appName).setSubject(username).setIssuedAt(generateCurrentDate()) - .setExpiration(generateExpirationDate()) - .signWith(SIGNATURE_ALGORITHM, base64EncodeSecretKey(jwtSecurityProps.getSecret())).compact(); - } + return null; + } - private Claims verifyAndGetClaimsFromToken(String token) { - Claims claims; - try { - claims = Jwts.parser().setSigningKey(base64EncodeSecretKey(jwtSecurityProps.getSecret())) - .parseClaimsJws(token).getBody(); - } catch (Exception e) { - claims = null; - log.error("Error getting claims from jwt token due to " + e.getMessage(), e); - } - return claims; - } - - /** - * Find a specific HTTP cookie in a request. - * - * @param request - * The HTTP request object. - * @param name - * The cookie name to look for. - * @return The cookie, or null if not found. - */ - public Cookie getCookieValueByName(HttpServletRequest request, String name) { - if (request.getCookies() == null) - return null; - for (int i = 0; i < request.getCookies().length; i++) - if (request.getCookies()[i].getName().equals(name)) - return request.getCookies()[i]; - return null; - } - - private long getCurrentTimeMillis() { - return LocalDateTime.now().atZone(ZoneId.of("Europe/Rome")).toInstant().toEpochMilli(); - } - - public String verifyTokenAndExtractUsername(String token) { - String username; - try { - final Claims claims = verifyAndGetClaimsFromToken(token); - username = claims.getSubject(); - } catch (Exception e) { - log.error("Error getting claims from jwt token due to " + e.getMessage(), e); - throw e; - } - return username; - } - - public String refreshToken(String token) { - String refreshedToken; - try { - final Claims claims = verifyAndGetClaimsFromToken(token); - claims.setIssuedAt(generateCurrentDate()); - refreshedToken = generateToken(claims); - } catch (Exception e) { - log.error("Error refreshing jwt token due to " + e.getMessage(), e); - refreshedToken = null; - } - return refreshedToken; - } - - public String retrieveToken(HttpServletRequest request) { - if (jwtSecurityProps.getCookieStrategy().isEnabled()) { - Cookie authCookie = getCookieValueByName(request, jwtSecurityProps.getCookieStrategy().getCookie()); - if (authCookie != null) - return authCookie.getValue(); - } - - if (jwtSecurityProps.getHeaderStrategy().isEnabled()) { - String authHeader = request.getHeader(jwtSecurityProps.getHeaderStrategy().getHeader()); - if (authHeader != null && authHeader.startsWith("Bearer ")) - return authHeader.substring(7); - } - - if(request.getParameter("access_token") != null) - return request.getParameter("access_token"); - - return null; - } - - public void setHeader(HttpServletResponse response, String token) { - response.addHeader(jwtSecurityProps.getHeaderStrategy().getHeader(), "Bearer " + token); - } + public void setHeader(HttpServletResponse response, String token) { + response.addHeader(jwtSecurityProps.getHeaderStrategy().getHeader(), "Bearer " + token); + } }