diff --git a/src/main/java/com/covas/Resources/TokenRessource.java b/src/main/java/com/covas/Resources/TokenRessource.java index f1864f4..2b19a1f 100644 --- a/src/main/java/com/covas/Resources/TokenRessource.java +++ b/src/main/java/com/covas/Resources/TokenRessource.java @@ -21,26 +21,33 @@ import io.smallrye.jwt.auth.principal.JWTParser; import io.smallrye.jwt.auth.principal.ParseException; import io.smallrye.jwt.build.Jwt; + import org.eclipse.microprofile.jwt.JsonWebToken; +import org.jboss.logging.Logger; import org.jboss.resteasy.annotations.jaxrs.HeaderParam; import org.postgresql.shaded.com.ongres.scram.common.bouncycastle.base64.Base64; -@Path("/api") +@Path("/token") public class TokenRessource { @Inject JsonWebToken jwt; + private static final Logger LOGGER = Logger.getLogger(UsersRessources.class); + @Inject JWTParser parser; @GET @Produces(MediaType.APPLICATION_JSON) - @Path("token") public Response getUserName(@HeaderParam("Authorization") String auth, @CookieParam("jwt") String jwtCookie) { String name = "anonymous"; String password = ""; + if (jwtCookie == null) { + if(auth == null){ + return Response.status(Response.Status.BAD_REQUEST).build(); + } String[] hash = new String(Base64.decode(auth.split(" ")[1]), StandardCharsets.UTF_8).split(":"); name = hash[0]; password = Hash.encryptSHA512(hash[1]); @@ -50,7 +57,7 @@ public class TokenRessource { if(password.equals(users.password)){ // Create a JWT token signed using the 'HS256' algorithm - String newJwtCookie = Jwt.issuer("https://example.com/issuer").upn(name).groups(new HashSet<>(Arrays.asList(users.roles))).sign(); + String newJwtCookie = Jwt.issuer("https://example.com/issuer").upn(name).groups(users.roles).sign(); // or create a JWT token encrypted using the 'A256KW' algorithm // Jwt.upn("alice").encryptWithSecret(secret); return Response.status(Response.Status.CREATED).cookie(new NewCookie("jwt", newJwtCookie)).build(); @@ -62,16 +69,16 @@ public class TokenRessource { } return Response.status(Response.Status.NOT_FOUND).build(); - } else { - // All mp.jwt and smallrye.jwt properties are still effective, only the verification key is customized. - try { - jwt = parser.parse(jwtCookie); - } - catch(ParseException p){ - return Response.status(Response.Status.UNAUTHORIZED).build(); - } + } + // All mp.jwt and smallrye.jwt properties are still effective, only the verification key is customized. + try { + jwt = parser.parse(jwtCookie); + } + catch(ParseException p){ + return Response.status(Response.Status.NOT_ACCEPTABLE).build(); + } // or jwt = parser.decrypt(jwtCookie, secret); - return Response.status(Response.Status.OK).build(); - } + return Response.status(Response.Status.OK).build(); } + } diff --git a/src/main/java/com/covas/Resources/UsersRessources.java b/src/main/java/com/covas/Resources/UsersRessources.java index ade1086..1f193fe 100644 --- a/src/main/java/com/covas/Resources/UsersRessources.java +++ b/src/main/java/com/covas/Resources/UsersRessources.java @@ -20,13 +20,13 @@ import org.jboss.logging.Logger; public class UsersRessources { private static final Logger LOGGER = Logger.getLogger(UsersRessources.class); @GET - @RolesAllowed({"Admin"}) + @RolesAllowed("Admin") public Response getUsers(){ return Response.ok(UsersEntity.listAll()).build(); } @GET - @RolesAllowed({"Admin"}) + @RolesAllowed("Admin") @Path("{id}") public Response getSingleUser(@PathParam("id") String id){ UUID uid = UUID.fromString(id); @@ -38,7 +38,7 @@ public class UsersRessources { } @GET - @RolesAllowed({"User"}) + @RolesAllowed("User") @Path("info") public Response getInfoUser(){ return Response.ok().build();