From 047a32a67783c34d5e1bdf066a1b4829f8e7fe70 Mon Sep 17 00:00:00 2001 From: Valentin CZERYBA Date: Wed, 4 May 2022 22:42:35 +0200 Subject: [PATCH] Function generate token finish --- src/main/java/com/covas/Json/Jwt2.java | 11 ++----- .../com/covas/Resources/TokenRessource.java | 33 ++++++++++--------- 2 files changed, 19 insertions(+), 25 deletions(-) diff --git a/src/main/java/com/covas/Json/Jwt2.java b/src/main/java/com/covas/Json/Jwt2.java index ac6fbd9..7032135 100644 --- a/src/main/java/com/covas/Json/Jwt2.java +++ b/src/main/java/com/covas/Json/Jwt2.java @@ -8,7 +8,6 @@ public class Jwt2 { public String name; public Boolean status; public String message; - public String password; public Jwt2(){ name = ""; @@ -22,18 +21,12 @@ public class Jwt2 { message = ""; } - public Jwt2(String name, String password){ - this.name = name; - status = true; - this.password = password; - message = ""; - } + - public Jwt2(String name, String password, String message){ + public Jwt2(String name, String message){ this.name = name; this.message = message; status = true; - this.password = password; } public Jwt2(String name, Boolean status, String message){ diff --git a/src/main/java/com/covas/Resources/TokenRessource.java b/src/main/java/com/covas/Resources/TokenRessource.java index 1b36835..ea0554e 100644 --- a/src/main/java/com/covas/Resources/TokenRessource.java +++ b/src/main/java/com/covas/Resources/TokenRessource.java @@ -30,13 +30,9 @@ import io.smallrye.jwt.build.Jwt; import org.eclipse.microprofile.jwt.JsonWebToken; import org.jboss.resteasy.annotations.jaxrs.HeaderParam; import org.postgresql.shaded.com.ongres.scram.common.bouncycastle.base64.Base64; -import org.jboss.logging.Logger; @Path("/token") public class TokenRessource { - - private static final Logger LOGGER = Logger.getLogger(TokenRessource.class); - @Inject JsonWebToken jwt; @@ -52,21 +48,26 @@ public class TokenRessource { if (jwtCookie == null) { String[] hash = new String(Base64.decode(auth.split(" ")[1]), StandardCharsets.UTF_8).split(":"); - String pseudo = hash[0]; + name = hash[0]; password = Hash.encryptSHA512(hash[1]); - UsersEntity users = UsersEntity.findByPseudo(pseudo); + UsersEntity users = UsersEntity.findByPseudo(name); if(users != null){ - - } - - // Create a JWT token signed using the 'HS256' algorithm - String newJwtCookie = Jwt.issuer("https://example.com/issuer").upn("Alice").groups(new HashSet<>(Arrays.asList("User"))).sign(); - // or create a JWT token encrypted using the 'A256KW' algorithm - // Jwt.upn("alice").encryptWithSecret(secret); + if(password.equals(users.password)){ + // Create a JWT token signed using the 'HS256' algorithm + String newJwtCookie = Jwt.issuer("https://example.com/issuer").upn(name).groups(new HashSet<>(Arrays.asList(users.roles))).sign(); + // or create a JWT token encrypted using the 'A256KW' algorithm + // Jwt.upn("alice").encryptWithSecret(secret); + return Response.status(Response.Status.CREATED).entity(new Jwt2(name, "Token is generated")).cookie(new NewCookie("jwt", newJwtCookie)).build(); + } else { + return Response.status(Response.Status.FORBIDDEN).entity(new Jwt2(name, false, "Password is incorrect")).build(); + } + + + } + return Response.status(Response.Status.NOT_FOUND).entity(new Jwt2(name, false, "User not found")).build(); - return Response.status(Response.Status.CREATED).entity(new Jwt2(name, password)).cookie(new NewCookie("jwt", newJwtCookie)).build(); } else { // All mp.jwt and smallrye.jwt properties are still effective, only the verification key is customized. try { @@ -76,7 +77,7 @@ public class TokenRessource { return Response.status(Response.Status.NOT_ACCEPTABLE).entity(new Jwt2(name, false, p.getMessage())).build(); } // or jwt = parser.decrypt(jwtCookie, secret); - return Response.status(Response.Status.OK).entity(new Jwt2(jwt.getName(),password)).build(); + return Response.status(Response.Status.OK).entity(new Jwt2(jwt.getName(),"Token is still valid")).build(); } } @@ -101,7 +102,7 @@ public class TokenRessource { @GET @Path("roles-user") - @RolesAllowed({"Toto"}) + @RolesAllowed({"User"}) @Produces(MediaType.APPLICATION_JSON) public Token helloRolesUser(@Context SecurityContext ctx) { Token token = getResponseString(ctx);