Creation key private and public

2022-04-10 10:55:53 +02:00 · 2022-04-10 10:55:53 +02:00 · ad04426bec
commit ad04426bec
parent 19c99ade07
2 changed files with 15 additions and 7 deletions
--- a/src/main/java/com/covas/TokenRessource.java
+++ b/src/main/java/com/covas/TokenRessource.java
@ -1,10 +1,11 @@
 package com.covas;

+import java.util.Arrays;
+import java.util.HashSet;
+
 import javax.annotation.security.PermitAll;
 import javax.annotation.security.RolesAllowed;
-import javax.enterprise.context.RequestScoped;
 import javax.inject.Inject;
-import javax.print.attribute.standard.Media;
 import javax.ws.rs.CookieParam;
 import javax.ws.rs.GET;
 import javax.ws.rs.InternalServerErrorException;
@ -35,13 +36,13 @@ public class TokenRessource {
    private String secret = "AyM1SysPpbyDfgZld3umj1qzKObwVMko";

    @GET
-    @Path("generate")
+    @Path("authentificate")
    @Produces(MediaType.APPLICATION_JSON)
    public Response getUserName(@CookieParam("jwt") String jwtCookie) {
-      Response response = null;
      if (jwtCookie == null) {
          // Create a JWT token signed using the 'HS256' algorithm
-          String newJwtCookie = Jwt.upn("Alice").signWithSecret(secret);
+          // String newJwtCookie = Jwt.upn("Alice").groups(new HashSet<>(Arrays.asList("User", "Admin"))).signWithSecret(secret);
+          String newJwtCookie = Jwt.issuer("https://example.com/issuer").upn("Alice").groups(new HashSet<>(Arrays.asList("User", "Admin"))).sign();
          // or create a JWT token encrypted using the 'A256KW' algorithm
          // Jwt.upn("alice").encryptWithSecret(secret);
          
@ -49,7 +50,8 @@ public class TokenRessource {
      } else {
          // All mp.jwt and smallrye.jwt properties are still effective, only the verification key is customized.
          try {
-            JsonWebToken jwt = parser.verify(jwtCookie, secret);
+               // jwt = parser.verify(jwtCookie, secret);
+                jwt = parser.parse(jwtCookie);
          } 
          catch(ParseException p){
              return Response.status(Response.Status.NOT_ACCEPTABLE).entity(new Jwt2("Alice", false, p.getMessage())).build();
@ -73,7 +75,7 @@ public class TokenRessource {
    @Produces(MediaType.APPLICATION_JSON)
    public Token helloRolesAllowed(@Context SecurityContext ctx) {
        Token token = getResponseString(ctx);
-        token.birthday = jwt.getClaim("birthday").toString();
+        token.name = jwt.getName().toString();
        return token;
    }

--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@ -0,0 +1,6 @@
+smallrye.jwt.sign.key.location=privateKey.pem
+
+
+
+mp.jwt.verify.publickey.location=publicKey.pem 
+mp.jwt.verify.issuer=https://example.com/issuer