v4l3n71n/covas-quarkus
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

simplification class token

Browse Source
This commit is contained in:
Valentin CZERYBA 2022-05-15 11:23:20 +02:00
parent 39ad985eae
commit b91b0dd734
1 changed files with 18 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
src/main/java/com/covas/Resources/TokenRessource.java
View File

@ -43,32 +43,25 @@ public class TokenRessource {
String name = "anonymous";
String password = "";
if (jwtCookie == null) {
if(auth == null){
return Response.status(Response.Status.BAD_REQUEST).build();
}
String[] hash = new String(Base64.decode(auth.split(" ")[1]), StandardCharsets.UTF_8).split(":");
name = hash[0];
password = Hash.encryptSHA512(hash[1]);
UsersEntity users = UsersEntity.findByPseudo(name);
if(users != null){
if(password.equals(users.password)){
// Create a JWT token signed using the 'HS256' algorithm
String newJwtCookie = Jwt.issuer("https://example.com/issuer").upn(name).groups(users.roles).claim(Claims.kid, users.id.toString()).sign();
// or create a JWT token encrypted using the 'A256KW' algorithm
// Jwt.upn("alice").encryptWithSecret(secret);
return Response.status(Response.Status.CREATED).cookie(new NewCookie("jwt", newJwtCookie)).build();
} else {
return Response.status(Response.Status.FORBIDDEN).build();
}
}
if(auth == null){
return Response.status(Response.Status.BAD_REQUEST).build();
}
String[] hash = new String(Base64.decode(auth.split(" ")[1]), StandardCharsets.UTF_8).split(":");
name = hash[0];
password = Hash.encryptSHA512(hash[1]);
UsersEntity users = UsersEntity.findByPseudo(name);
if (users == null){
return Response.status(Response.Status.NOT_FOUND).build();
}
if (jwtCookie == null) {
if(!password.equals(users.password)){
return Response.status(Response.Status.FORBIDDEN).build();
}
// Create a JWT token signed using the 'HS256' algorithm
String newJwtCookie = Jwt.issuer("https://example.com/issuer").upn(name).groups(users.roles).claim(Claims.kid, users.id.toString()).sign();
// or create a JWT token encrypted using the 'A256KW' algorithm
// Jwt.upn("alice").encryptWithSecret(secret);
return Response.status(Response.Status.CREATED).cookie(new NewCookie("jwt", newJwtCookie)).build();
}
// All mp.jwt and smallrye.jwt properties are still effective, only the verification key is customized.
try {