-
Notifications
You must be signed in to change notification settings - Fork 1
/
JwtUtil.java
83 lines (70 loc) · 2.21 KB
/
JwtUtil.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
package com.pj.jwt.security;
import com.pj.jwt.config.CoreProperties;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.security.Keys;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.function.Function;
/**
* JWT utility class that issues and validates JWT tokens
*
* @author Pavan Jadda
* @version 1.0.0
*/
@Service
@Transactional
public class JwtUtil
{
private final CoreProperties coreProperties;
public JwtUtil(CoreProperties coreProperties)
{
this.coreProperties = coreProperties;
}
private boolean isTokenExpired(String token)
{
return extractExpiration(token).before(new Date());
}
public Date extractExpiration(String token)
{
return extractClaim(token, Claims::getExpiration);
}
private <T> T extractClaim(String token, Function<Claims, T> claimsResolver)
{
final Claims claims = extractAllClaims(token);
return claimsResolver.apply(claims);
}
private Claims extractAllClaims(String token)
{
return Jwts.parserBuilder()
.setSigningKey(Keys.hmacShaKeyFor(coreProperties.getJwtSecret().getBytes()))
.build()
.parseClaimsJws(token)
.getBody();
}
public String generateToken(UserDetails userDetails)
{
Map<String, Object> claims = new HashMap<>();
return createToken(claims, userDetails.getUsername());
}
private String createToken(Map<String, Object> claims, String subject)
{
return Jwts.builder().setClaims(claims).setSubject(subject).setIssuedAt(new Date(System.currentTimeMillis()))
.setExpiration(new Date(System.currentTimeMillis() + 1000 * 60 * 60 * 24))
.signWith(Keys.hmacShaKeyFor(coreProperties.getJwtSecret().getBytes()), SignatureAlgorithm.HS512).compact();
}
public boolean validateToken(String token, UserDetails userDetails)
{
final String username = extractUsername(token);
return (username.equals(userDetails.getUsername()) && !isTokenExpired(token));
}
public String extractUsername(String token)
{
return extractClaim(token, Claims::getSubject);
}
}