added JWT support
This commit is contained in:
@ -0,0 +1,84 @@
|
||||
/*
|
||||
* To change this license header, choose License Headers in Project Properties.
|
||||
* To change this template file, choose Tools | Templates
|
||||
* and open the template in the editor.
|
||||
*/
|
||||
package de.muehlencord.shared.jeeutil.jwt;
|
||||
|
||||
import java.time.ZonedDateTime;
|
||||
import org.primeframework.jwt.Verifier;
|
||||
import org.primeframework.jwt.domain.JWT;
|
||||
import org.primeframework.jwt.domain.JWTException;
|
||||
import org.primeframework.jwt.hmac.HMACVerifier;
|
||||
|
||||
/**
|
||||
*
|
||||
* @author Joern Muehlencord <joern at muehlencord.de>
|
||||
*/
|
||||
public class JWTDecoder {
|
||||
|
||||
private boolean parsedSuccessfully = false;
|
||||
private JWT jwt = null;
|
||||
|
||||
public JWTDecoder(String password, String issuer, String jwtString) throws JWTException {
|
||||
if ((password == null) || (issuer == null) || (jwtString == null)) {
|
||||
throw new JWTException("password, issuer and jwt must not be null");
|
||||
}
|
||||
Verifier verifier = HMACVerifier.newVerifier(password);
|
||||
// Verifier verifier = RSAVerifier.newVerifier(new String(Files.readAllBytes(Paths.get("public_key.pem"))));
|
||||
try {
|
||||
jwt = JWT.getDecoder().decode(jwtString, verifier);
|
||||
parsedSuccessfully = jwt.issuer.equals(issuer);
|
||||
} catch (JWTException ex) {
|
||||
jwt = null;
|
||||
}
|
||||
}
|
||||
|
||||
public String getIssuer() {
|
||||
if (jwt == null) {
|
||||
return null;
|
||||
} else {
|
||||
return jwt.issuer;
|
||||
}
|
||||
}
|
||||
|
||||
public ZonedDateTime getIssuedAt() {
|
||||
if (jwt == null) {
|
||||
return null;
|
||||
} else {
|
||||
return jwt.issuedAt;
|
||||
}
|
||||
}
|
||||
|
||||
public String getSubject() {
|
||||
if (jwt == null) {
|
||||
return null;
|
||||
} else {
|
||||
return jwt.subject;
|
||||
}
|
||||
}
|
||||
|
||||
public String getUniqueId() {
|
||||
if (jwt == null) {
|
||||
return null;
|
||||
} else {
|
||||
return jwt.uniqueId;
|
||||
}
|
||||
}
|
||||
|
||||
public ZonedDateTime getExpiration() {
|
||||
if (jwt == null) {
|
||||
return null;
|
||||
} else {
|
||||
return jwt.expiration;
|
||||
}
|
||||
}
|
||||
|
||||
public boolean isValid() {
|
||||
if ((jwt == null) || (jwt.isExpired())) {
|
||||
return false;
|
||||
} else {
|
||||
return this.parsedSuccessfully;
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,36 @@
|
||||
/*
|
||||
* To change this license header, choose License Headers in Project Properties.
|
||||
* To change this template file, choose Tools | Templates
|
||||
* and open the template in the editor.
|
||||
*/
|
||||
package de.muehlencord.shared.jeeutil.jwt;
|
||||
|
||||
import java.time.ZonedDateTime;
|
||||
import org.primeframework.jwt.Signer;
|
||||
import org.primeframework.jwt.domain.JWT;
|
||||
import org.primeframework.jwt.hmac.HMACSigner;
|
||||
|
||||
/**
|
||||
*
|
||||
* @author Joern Muehlencord <joern at muehlencord.de>
|
||||
*/
|
||||
public abstract class JWTEncoder {
|
||||
|
||||
public static String encode(String password, String issuer, ZonedDateTime issuedAt, String subject, String uniqueId, short expirationInMinutes ) throws JWTException {
|
||||
if ((password == null) || (issuer == null)) {
|
||||
throw new JWTException("password and issuer must not be null");
|
||||
}
|
||||
Signer signer = HMACSigner.newSHA256Signer(password);
|
||||
// Signer signer = RSASigner.newSHA256Signer(new String(Files.readAllBytes(Paths.get("private_key.pem"))));
|
||||
|
||||
|
||||
JWT jwt = new JWT().setIssuer(issuer) // FIXME - make configurable
|
||||
.setIssuedAt(issuedAt)
|
||||
.setSubject(subject)
|
||||
.setUniqueId(uniqueId)
|
||||
.setExpiration(issuedAt.plusMinutes(expirationInMinutes));
|
||||
return JWT.getEncoder().encode(jwt, signer);
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,40 @@
|
||||
/*
|
||||
* To change this license header, choose License Headers in Project Properties.
|
||||
* To change this template file, choose Tools | Templates
|
||||
* and open the template in the editor.
|
||||
*/
|
||||
|
||||
package de.muehlencord.shared.jeeutil.jwt;
|
||||
|
||||
/**
|
||||
*
|
||||
* @author Joern Muehlencord <joern at muehlencord.de>
|
||||
*/
|
||||
public class JWTException extends Exception {
|
||||
|
||||
private static final long serialVersionUID = 423992803027530544L;
|
||||
|
||||
/**
|
||||
* Creates a new instance of <code>JWTException</code> without detail message.
|
||||
*/
|
||||
public JWTException() {
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Constructs an instance of <code>JWTException</code> with the specified detail message.
|
||||
* @param msg the detail message.
|
||||
*/
|
||||
public JWTException(String msg) {
|
||||
super(msg);
|
||||
}
|
||||
|
||||
/**
|
||||
* Constructs an instance of <code>JWTException</code> with the specified detail message and root cause.
|
||||
* @param msg the detail message.
|
||||
* @param th the root cause
|
||||
*/
|
||||
public JWTException(String msg, Throwable th) {
|
||||
super(msg,th);
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,25 @@
|
||||
/*
|
||||
* To change this license header, choose License Headers in Project Properties.
|
||||
* To change this template file, choose Tools | Templates
|
||||
* and open the template in the editor.
|
||||
*/
|
||||
package de.muehlencord.shared.jeeutil.jwt;
|
||||
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import org.apache.shiro.web.filter.authc.AuthenticationFilter;
|
||||
|
||||
/**
|
||||
*
|
||||
* @author Joern Muehlencord <joern at muehlencord.de>
|
||||
*/
|
||||
public class JWTGuard extends AuthenticationFilter {
|
||||
|
||||
@Override
|
||||
protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
|
||||
HttpServletResponse httpResponse = (HttpServletResponse) response;
|
||||
httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user