AndriDiki/smartproc-be
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
861b838102863ecd0e96d2086501ece8405832a7
smartproc-be/src/main/java/com/iconplus/smartproc/configuration/JwtRequestFilter.java
dirgantarasiahaan 9f1a9b9004 fix forgot password
2023-05-28 18:08:10 +07:00

80 lines
3.3 KiB
Java
Raw Blame History

package com.iconplus.smartproc.configuration;
import com.iconplus.smartproc.exception.BusinessException;
import com.iconplus.smartproc.model.request.PostAccessTokenRequest;
import com.iconplus.smartproc.service.authentication.PostCheckAccessTokenService;
import io.jsonwebtoken.ExpiredJwtException;
import org.springframework.http.HttpStatus;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;
import org.springframework.web.filter.OncePerRequestFilter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
@Component
public class JwtRequestFilter extends OncePerRequestFilter {
private final JwtTokenUtil jwtTokenUtil;
private final PostCheckAccessTokenService postCheckAccessTokenService;
public JwtRequestFilter(JwtTokenUtil jwtTokenUtil,
PostCheckAccessTokenService postCheckAccessTokenService) {
this.jwtTokenUtil = jwtTokenUtil;
this.postCheckAccessTokenService = postCheckAccessTokenService;
}
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
throws ServletException, IOException {
try {
String jwtToken = extractJwtFromRequest(request);
if (StringUtils.hasText(jwtToken) && jwtTokenUtil.validateTokenOnly(jwtToken)) {
isValidToken(request, jwtToken);
UserDetails userDetails = new org.springframework.security.core.userdetails.User(jwtTokenUtil.getUsernameFromToken(jwtToken), "",
jwtTokenUtil.getRolesFromToken(jwtToken));
UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(
userDetails, null, userDetails.getAuthorities());
SecurityContextHolder.getContext().setAuthentication(usernamePasswordAuthenticationToken);
}
} catch(ExpiredJwtException | BadCredentialsException ex)
{
request.setAttribute("exception", ex);
}
chain.doFilter(request, response);
}
private void isValidToken(HttpServletRequest request, String jwtToken) {
String requestUrl = request.getRequestURI();
String refreshTokenUrl = "/api/authentication/refresh-token";
String forgotPasswordUrl = "/api/authentication/forgot-password";
if (!org.apache.commons.lang3.StringUtils.equalsAnyIgnoreCase(requestUrl, refreshTokenUrl, forgotPasswordUrl)) {
var isValid = isValidAuthenticateToken(jwtToken);
if (!isValid) {
throw new BusinessException(HttpStatus.UNAUTHORIZED, "Invalid Access Token");
}
}
}
private boolean isValidAuthenticateToken(String jwtToken) {
return postCheckAccessTokenService.execute(PostAccessTokenRequest.builder()
.accessToken(jwtToken)
.build()).getIsValid();
}
private String extractJwtFromRequest(HttpServletRequest request) {
String bearerToken = request.getHeader("Authorization");
if (StringUtils.hasText(bearerToken) && bearerToken.startsWith("Bearer ")) {
return bearerToken.substring(7);
}
return null;
}
}
Reference in New Issue View Git Blame Copy Permalink