package com.farriver.bwf.web.initializer.config; import io.jsonwebtoken.Claims; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.security.Keys; import io.jsonwebtoken.security.SecureDigestAlgorithm; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Configurable; import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.stereotype.Component; import javax.crypto.SecretKey; import java.util.ArrayList; import java.util.Date; import java.util.List; @Component @Configurable @ConfigurationProperties("jwt") public class JwtConfig { private static final Logger logger = LoggerFactory.getLogger(JwtConfig.class); private Boolean tokenSwitch = false; private String header = "Authorization"; private long expire = 3600; private String secret = "farriver"; private List ignoredStatic; private List ignoredApi; private List ignoreCheckTokenUriList = new ArrayList<>(); public List getIgnoredStatic() { return ignoredStatic; } public void setIgnoredStatic(List ignoredStatic) { this.ignoredStatic = ignoredStatic; InitIgnoreCheckTokenUriList(ignoredStatic); } public List getIgnoredApi() { return ignoredApi; } public void setIgnoredApi(List ignoredApi) { this.ignoredApi = ignoredApi; InitIgnoreCheckTokenUriList(ignoredApi); } public List getIgnoreCheckTokenUriList() { InitIgnoreCheckTokenUriList(this.ignoredStatic); InitIgnoreCheckTokenUriList(this.ignoredApi); return ignoreCheckTokenUriList; } public String getSecret() { return secret; } public void setSecret(String secret) { this.secret = secret; } public long getExpire() { return expire; } public void setExpire(long expire) { this.expire = expire; } public String getHeader() { return header; } public void setHeader(String header) { this.header = header; } public Boolean getTokenSwitch() { return tokenSwitch; } public void setTokenSwitch(Boolean tokenSwitch) { this.tokenSwitch = tokenSwitch; } //Methods public String getToken(String identityId) { Date nowDate = new Date(); SecureDigestAlgorithm algorithm = Jwts.SIG.HS256; SecretKey key = Keys.hmacShaKeyFor(secret.getBytes()); Date expireDate = new Date(nowDate.getTime() + expire * 1000); return Jwts.builder() .header().add("typ", "JWT").and() .subject(identityId) .issuedAt(nowDate) .expiration(expireDate) .signWith(key, algorithm) .compact(); } public Claims getTokenClaim(String token) { try { SecretKey key = Keys.hmacShaKeyFor(secret.getBytes()); return Jwts.parser() .verifyWith(key) .build() .parseSignedClaims(token) .getPayload(); } catch (Exception e) { logger.debug(e.getMessage()); } return null; } public boolean isTokenExpired(Date expirationTime) { return expirationTime.before(new Date()); } public void InitIgnoreCheckTokenUriList(List ignorelist) { try { if (ignorelist != null && !ignorelist.isEmpty()) { if (ignoreCheckTokenUriList == null) { ignoreCheckTokenUriList = new ArrayList<>(); } for (String ignore : ignorelist) { if (!ignoreCheckTokenUriList.contains(ignore)) ignoreCheckTokenUriList.add(ignore); } } } catch (Exception ex) { logger.error(ex.getMessage()); } } public boolean isIgnoredUri(String uri) { for (String ignoreUriPath : getIgnoreCheckTokenUriList()) { try { ignoreUriPath = ignoreUriPath.trim(); if (ignoreUriPath.endsWith("*")) { String[] prefixArr = ignoreUriPath.split("\\*"); String prefix = prefixArr[0]; if (uri.startsWith(prefix)) { return true; } } else { if (uri.contains(ignoreUriPath)) { return true; } } } catch (Exception ex) { logger.error(ex.getMessage()); } } return false; } }