v4l3n71n/covas-quarkus
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Creation key private and public

Browse Source
This commit is contained in:
Valentin CZERYBA 2022-04-10 10:55:53 +02:00
parent 19c99ade07
commit ad04426bec
2 changed files with 15 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/main/java/com/covas/TokenRessource.java
View File

@ -1,10 +1,11 @@
package com.covas; package com.covas;
import java.util.Arrays;
import java.util.HashSet;
import javax.annotation.security.PermitAll; import javax.annotation.security.PermitAll;
import javax.annotation.security.RolesAllowed; import javax.annotation.security.RolesAllowed;
import javax.enterprise.context.RequestScoped;
import javax.inject.Inject; import javax.inject.Inject;
import javax.print.attribute.standard.Media;
import javax.ws.rs.CookieParam; import javax.ws.rs.CookieParam;
import javax.ws.rs.GET; import javax.ws.rs.GET;
import javax.ws.rs.InternalServerErrorException; import javax.ws.rs.InternalServerErrorException;
@ -35,13 +36,13 @@ public class TokenRessource {
private String secret = "AyM1SysPpbyDfgZld3umj1qzKObwVMko"; private String secret = "AyM1SysPpbyDfgZld3umj1qzKObwVMko";
@GET @GET
@Path("generate") @Path("authentificate")
@Produces(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON)
public Response getUserName(@CookieParam("jwt") String jwtCookie) { public Response getUserName(@CookieParam("jwt") String jwtCookie) {
Response response = null;
if (jwtCookie == null) { if (jwtCookie == null) {
// Create a JWT token signed using the 'HS256' algorithm // Create a JWT token signed using the 'HS256' algorithm
String newJwtCookie = Jwt.upn("Alice").signWithSecret(secret); // String newJwtCookie = Jwt.upn("Alice").groups(new HashSet<>(Arrays.asList("User", "Admin"))).signWithSecret(secret);
String newJwtCookie = Jwt.issuer("https://example.com/issuer").upn("Alice").groups(new HashSet<>(Arrays.asList("User", "Admin"))).sign();
// or create a JWT token encrypted using the 'A256KW' algorithm // or create a JWT token encrypted using the 'A256KW' algorithm
// Jwt.upn("alice").encryptWithSecret(secret); // Jwt.upn("alice").encryptWithSecret(secret);
@ -49,7 +50,8 @@ public class TokenRessource {
} else { } else {
// All mp.jwt and smallrye.jwt properties are still effective, only the verification key is customized. // All mp.jwt and smallrye.jwt properties are still effective, only the verification key is customized.
try { try {
JsonWebToken jwt = parser.verify(jwtCookie, secret); // jwt = parser.verify(jwtCookie, secret);
jwt = parser.parse(jwtCookie);
} }
catch(ParseException p){ catch(ParseException p){
return Response.status(Response.Status.NOT_ACCEPTABLE).entity(new Jwt2("Alice", false, p.getMessage())).build(); return Response.status(Response.Status.NOT_ACCEPTABLE).entity(new Jwt2("Alice", false, p.getMessage())).build();
@ -73,7 +75,7 @@ public class TokenRessource {
@Produces(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON)
public Token helloRolesAllowed(@Context SecurityContext ctx) { public Token helloRolesAllowed(@Context SecurityContext ctx) {
Token token = getResponseString(ctx); Token token = getResponseString(ctx);
token.birthday = jwt.getClaim("birthday").toString(); token.name = jwt.getName().toString();
return token; return token;
} }

6
src/main/resources/application.properties
View File

@ -0,0 +1,6 @@
smallrye.jwt.sign.key.location=privateKey.pem
mp.jwt.verify.publickey.location=publicKey.pem
mp.jwt.verify.issuer=https://example.com/issuer