59 lines
2.2 KiB
Java
59 lines
2.2 KiB
Java
package pl.edu.amu.wmi.bookapi.security;
|
|
|
|
import com.auth0.jwt.JWT;
|
|
import com.auth0.jwt.algorithms.Algorithm;
|
|
import org.springframework.security.authentication.AuthenticationManager;
|
|
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
|
import org.springframework.security.core.context.SecurityContextHolder;
|
|
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
|
|
|
|
import javax.servlet.FilterChain;
|
|
import javax.servlet.ServletException;
|
|
import javax.servlet.http.HttpServletRequest;
|
|
import javax.servlet.http.HttpServletResponse;
|
|
import java.io.IOException;
|
|
import java.util.ArrayList;
|
|
|
|
import static pl.edu.amu.wmi.bookapi.security.JWTAuthenticationFilter.HEADER_STRING;
|
|
import static pl.edu.amu.wmi.bookapi.security.JWTAuthenticationFilter.SECRET;
|
|
import static pl.edu.amu.wmi.bookapi.security.JWTAuthenticationFilter.TOKEN_PREFIX;
|
|
|
|
public class JWTAuthorizationFilter extends BasicAuthenticationFilter {
|
|
|
|
public JWTAuthorizationFilter(AuthenticationManager authManager) {
|
|
super(authManager);
|
|
}
|
|
|
|
@Override
|
|
protected void doFilterInternal(HttpServletRequest req,
|
|
HttpServletResponse res,
|
|
FilterChain chain) throws IOException, ServletException {
|
|
String header = req.getHeader(HEADER_STRING);
|
|
|
|
if (header == null || !header.startsWith(TOKEN_PREFIX)) {
|
|
chain.doFilter(req, res);
|
|
return;
|
|
}
|
|
|
|
UsernamePasswordAuthenticationToken authentication = getAuthentication(req);
|
|
|
|
SecurityContextHolder.getContext().setAuthentication(authentication);
|
|
chain.doFilter(req, res);
|
|
}
|
|
|
|
private UsernamePasswordAuthenticationToken getAuthentication(HttpServletRequest request) {
|
|
String token = request.getHeader(HEADER_STRING);
|
|
if (token != null) {
|
|
String user = JWT.require(Algorithm.HMAC512(SECRET.getBytes()))
|
|
.build()
|
|
.verify(token.replace(TOKEN_PREFIX, ""))
|
|
.getSubject();
|
|
if (user != null) {
|
|
return new UsernamePasswordAuthenticationToken(user, null, new ArrayList<>());
|
|
}
|
|
return null;
|
|
}
|
|
return null;
|
|
}
|
|
}
|