package com.iconplus.smartproc.configuration; import com.iconplus.smartproc.model.token.TokenContent; import io.jsonwebtoken.*; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.stereotype.Component; import java.io.Serializable; import java.security.KeyPair; import java.util.*; import java.util.function.Function; @Component public class JwtTokenUtil implements Serializable { private static final long serialVersionUID = -2550185165626007488L; @Autowired private KeyPair keyPair; //retrieve expiration date from jwt token public Date getExpirationDateFromToken(String token) { return getClaimFromToken(token, Claims::getExpiration); } public T getClaimFromToken(String token, Function claimsResolver) { final Claims claims = getAllClaimsFromToken(token); return claimsResolver.apply(claims); } //for retrieveing any information from token we will need the secret key public Claims getAllClaimsFromToken(String token) { return Jwts.parser().setSigningKey(keyPair.getPublic()).parseClaimsJws(token).getBody(); } private Boolean isTokenExpired(String token) { final Date expiration = getExpirationDateFromToken(token); return expiration.before(new Date()); } public String generateToken(String username, TokenContent tokenContent, Integer expirationInMs) { Map claims = new HashMap<>(); claims.put("authorities", tokenContent.getAccessMenu()); claims.put("nama", tokenContent.getNama()); claims.put("username", tokenContent.getUsername()); claims.put("user_id", tokenContent.getUserId()); claims.put("roleId", tokenContent.getRoleId()); claims.put("role", tokenContent.getRole()); claims.put("instansiId", tokenContent.getInstansiId()); claims.put("instansi", tokenContent.getInstansi()); claims.put("bidangId", tokenContent.getBidangId()); claims.put("bidang", tokenContent.getBidang()); claims.put("jabatanId", tokenContent.getJabatanId()); claims.put("jabatan", tokenContent.getJabatan()); return doGenerateToken(claims, username, expirationInMs); } public String doGenerateToken(Map claims, String subject, Integer expirationInMs) { return Jwts.builder().setClaims(claims).setSubject(subject).setIssuedAt(new Date(System.currentTimeMillis())) .setExpiration(new Date(System.currentTimeMillis() + expirationInMs)) .signWith(SignatureAlgorithm.RS256, keyPair.getPrivate()).compact(); } public Boolean validateToken(String token, UserDetails userDetails) { final String username = getUsernameFromToken(token); return (username.equals(userDetails.getUsername()) && !isTokenExpired(token)); } public boolean validateTokenOnly(String authToken) { try { Jwts.parser().setSigningKey(keyPair.getPublic()).parseClaimsJws(authToken); return true; } catch (SignatureException | MalformedJwtException | UnsupportedJwtException | IllegalArgumentException ex) { throw new BadCredentialsException("INVALID_CREDENTIALS", ex); } catch (ExpiredJwtException ex) { throw ex; } } public String getUsernameFromToken(String token) { Claims claims = Jwts.parser().setSigningKey(keyPair.getPublic()).parseClaimsJws(token).getBody(); return claims.getSubject(); } @SuppressWarnings("squid:S4834") public List getRolesFromToken(String token) { Claims claims = Jwts.parser().setSigningKey(keyPair.getPublic()).parseClaimsJws(token).getBody(); List authorityList = new ArrayList<>(); ArrayList authorities = claims.get("authorities", ArrayList.class); authorities.forEach(c-> authorityList.add(new SimpleGrantedAuthority(c))); return authorityList; } }