From 29a33c3407035423a79ead55f14692647ccead0f Mon Sep 17 00:00:00 2001 From: Micah Silverman Date: Mon, 27 Jun 2016 02:30:09 -0400 Subject: [PATCH] Made BaseController to provide uniform exception response. Made JwtResponse for uniform responses. Added ensureType method to enforce type on registered claims. --- .../jjwtfun/JJWTFunApplication.java | 6 +- .../jjwtfun/controller/BaseController.java | 23 ++++++ .../controller/DynamicJWTController.java | 51 ++++++++++---- .../controller/StaticJWTController.java | 35 +++------- .../jjwtfun/model/JwtResponse.java | 70 +++++++++++++++++++ 5 files changed, 143 insertions(+), 42 deletions(-) create mode 100644 jjwt/src/main/java/io/jsonwebtoken/jjwtfun/controller/BaseController.java create mode 100644 jjwt/src/main/java/io/jsonwebtoken/jjwtfun/model/JwtResponse.java diff --git a/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/JJWTFunApplication.java b/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/JJWTFunApplication.java index 7189617d55..5c106aac70 100644 --- a/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/JJWTFunApplication.java +++ b/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/JJWTFunApplication.java @@ -6,7 +6,7 @@ import org.springframework.boot.autoconfigure.SpringBootApplication; @SpringBootApplication public class JJWTFunApplication { - public static void main(String[] args) { - SpringApplication.run(JJWTFunApplication.class, args); - } + public static void main(String[] args) { + SpringApplication.run(JJWTFunApplication.class, args); + } } diff --git a/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/controller/BaseController.java b/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/controller/BaseController.java new file mode 100644 index 0000000000..e1e195c6ab --- /dev/null +++ b/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/controller/BaseController.java @@ -0,0 +1,23 @@ +package io.jsonwebtoken.jjwtfun.controller; + +import io.jsonwebtoken.JwtException; +import io.jsonwebtoken.MalformedJwtException; +import io.jsonwebtoken.SignatureException; +import io.jsonwebtoken.jjwtfun.model.JwtResponse; +import org.springframework.http.HttpStatus; +import org.springframework.web.bind.annotation.ExceptionHandler; +import org.springframework.web.bind.annotation.ResponseStatus; + +public class BaseController { + + @ResponseStatus(HttpStatus.BAD_REQUEST) + @ExceptionHandler({SignatureException.class, MalformedJwtException.class, JwtException.class}) + public JwtResponse exception(Exception e) { + JwtResponse response = new JwtResponse(); + response.setStatus(JwtResponse.Status.ERROR); + response.setMessage(e.getMessage()); + response.setExceptionType(e.getClass().getName()); + + return response; + } +} diff --git a/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/controller/DynamicJWTController.java b/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/controller/DynamicJWTController.java index fff7e1d6a2..72bc491b00 100644 --- a/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/controller/DynamicJWTController.java +++ b/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/controller/DynamicJWTController.java @@ -1,8 +1,10 @@ package io.jsonwebtoken.jjwtfun.controller; import io.jsonwebtoken.JwtBuilder; +import io.jsonwebtoken.JwtException; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.SignatureAlgorithm; +import io.jsonwebtoken.jjwtfun.model.JwtResponse; import org.springframework.beans.factory.annotation.Value; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; @@ -16,47 +18,55 @@ import java.util.Map; import static org.springframework.web.bind.annotation.RequestMethod.POST; @RestController -public class DynamicJWTController { +public class DynamicJWTController extends BaseController { @Value("#{ @environment['jjwtfun.secret'] ?: 'secret' }") String secret; @RequestMapping(value = "/dynamic-builder-general", method = POST) - public String dynamicBuilderGeneric(@RequestBody Map claims) throws UnsupportedEncodingException { - return Jwts.builder() + public JwtResponse dynamicBuilderGeneric(@RequestBody Map claims) throws UnsupportedEncodingException { + String jws = Jwts.builder() .setClaims(claims) .signWith( SignatureAlgorithm.HS256, secret.getBytes("UTF-8") ) .compact(); + return new JwtResponse(jws); } @RequestMapping(value = "/dynamic-builder-specific", method = POST) - public String dynamicBuilderSpecific(@RequestBody Map claims) throws UnsupportedEncodingException { + public JwtResponse dynamicBuilderSpecific(@RequestBody Map claims) throws UnsupportedEncodingException { JwtBuilder builder = Jwts.builder(); claims.forEach((key, value) -> { switch (key) { case "iss": - builder.setIssuer((String)value); + ensureType(key, value, String.class); + builder.setIssuer((String) value); break; case "sub": - builder.setSubject((String)value); + ensureType(key, value, String.class); + builder.setSubject((String) value); break; case "aud": - builder.setAudience((String)value); + ensureType(key, value, String.class); + builder.setAudience((String) value); break; case "exp": - builder.setExpiration(Date.from(Instant.ofEpochSecond(Long.parseLong((String)value)))); + value = ensureType(key, value, Long.class); + builder.setExpiration(Date.from(Instant.ofEpochSecond((Long) value))); break; case "nbf": - builder.setNotBefore(Date.from(Instant.ofEpochSecond(Long.parseLong((String)value)))); + value = ensureType(key, value, Long.class); + builder.setNotBefore(Date.from(Instant.ofEpochSecond((Long) value))); break; case "iat": - builder.setIssuedAt(Date.from(Instant.ofEpochSecond(Long.parseLong((String)value)))); + value = ensureType(key, value, Long.class); + builder.setIssuedAt(Date.from(Instant.ofEpochSecond((Long) value))); break; case "jti": - builder.setId((String)value); + ensureType(key, value, String.class); + builder.setId((String) value); break; default: builder.claim(key, value); @@ -65,6 +75,23 @@ public class DynamicJWTController { builder.signWith(SignatureAlgorithm.HS256, secret.getBytes("UTF-8")); - return builder.compact(); + return new JwtResponse(builder.compact()); + } + + private Object ensureType(String registeredClaim, Object value, Class expectedType) { + // we want to promote Integers to Longs in this case + if (expectedType == Long.class && value instanceof Integer) { + value = ((Integer) value).longValue(); + } + + boolean isCorrectType = expectedType.isInstance(value); + + if (!isCorrectType) { + String msg = "Expected type: " + expectedType.getCanonicalName() + " for registered claim: '" + + registeredClaim + "', but got value: " + value + " of type: " + value.getClass().getCanonicalName(); + throw new JwtException(msg); + } + + return value; } } diff --git a/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/controller/StaticJWTController.java b/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/controller/StaticJWTController.java index 114900285f..960ac46043 100644 --- a/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/controller/StaticJWTController.java +++ b/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/controller/StaticJWTController.java @@ -3,65 +3,46 @@ package io.jsonwebtoken.jjwtfun.controller; import io.jsonwebtoken.Claims; import io.jsonwebtoken.Jws; import io.jsonwebtoken.Jwts; -import io.jsonwebtoken.MalformedJwtException; import io.jsonwebtoken.SignatureAlgorithm; -import io.jsonwebtoken.SignatureException; -import org.springframework.http.HttpStatus; -import org.springframework.web.bind.annotation.ExceptionHandler; +import io.jsonwebtoken.jjwtfun.model.JwtResponse; import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RequestParam; -import org.springframework.web.bind.annotation.ResponseStatus; import org.springframework.web.bind.annotation.RestController; import java.io.UnsupportedEncodingException; import java.time.Instant; -import java.time.temporal.ChronoUnit; import java.util.Date; -import java.util.HashMap; -import java.util.Map; import static org.springframework.web.bind.annotation.RequestMethod.GET; -import static org.springframework.web.bind.annotation.RequestMethod.POST; @RestController -public class StaticJWTController { +public class StaticJWTController extends BaseController { @RequestMapping(value = "/static-builder", method = GET) - public String fixedBuilder() throws UnsupportedEncodingException { + public JwtResponse fixedBuilder() throws UnsupportedEncodingException { String jws = Jwts.builder() .setIssuer("Stormpath") .setSubject("msilverman") .claim("name", "Micah Silverman") .claim("scope", "admins") - .setIssuedAt(Date.from(Instant.ofEpochSecond(1466796822))) // Fri Jun 24 2016 15:33:42 GMT-0400 (EDT) - .setExpiration(Date.from(Instant.ofEpochSecond(1466883222))) // Sat Jun 25 2016 15:33:42 GMT-0400 (EDT) + .setIssuedAt(Date.from(Instant.ofEpochSecond(1466796822L))) // Fri Jun 24 2016 15:33:42 GMT-0400 (EDT) + .setExpiration(Date.from(Instant.ofEpochSecond(4622470422L))) // Sat Jun 24 2116 15:33:42 GMT-0400 (EDT) .signWith( SignatureAlgorithm.HS256, "secret".getBytes("UTF-8") ) .compact(); - return jws; + return new JwtResponse(jws); } @RequestMapping(value = "/parser", method = GET) - public Jws fixedParser(@RequestParam String jws) throws UnsupportedEncodingException { + public JwtResponse fixedParser(@RequestParam String jws) throws UnsupportedEncodingException { Jws claims = Jwts.parser() .setSigningKey("secret".getBytes("UTF-8")) .parseClaimsJws(jws); - return claims; - } - - @ResponseStatus(HttpStatus.BAD_REQUEST) - @ExceptionHandler({SignatureException.class, MalformedJwtException.class}) - public Map exception(Exception e) { - Map response = new HashMap<>(); - response.put("status", "ERROR"); - response.put("message", e.getMessage()); - response.put("exception-type", e.getClass().getName()); - return response; + return new JwtResponse(claims); } } diff --git a/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/model/JwtResponse.java b/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/model/JwtResponse.java new file mode 100644 index 0000000000..4c664bc5f7 --- /dev/null +++ b/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/model/JwtResponse.java @@ -0,0 +1,70 @@ +package io.jsonwebtoken.jjwtfun.model; + +import com.fasterxml.jackson.annotation.JsonInclude; +import io.jsonwebtoken.Claims; +import io.jsonwebtoken.Jws; + +@JsonInclude(JsonInclude.Include.NON_NULL) +public class JwtResponse { + private String message; + private Status status; + private String exceptionType; + private String jwt; + private Jws claims; + + public enum Status { + SUCCESS, ERROR + } + + public JwtResponse() {} + + public JwtResponse(String jwt) { + this.jwt = jwt; + this.status = Status.SUCCESS; + } + + public JwtResponse(Jws claims) { + this.claims = claims; + this.status = Status.SUCCESS; + } + + public String getMessage() { + return message; + } + + public void setMessage(String message) { + this.message = message; + } + + public Status getStatus() { + return status; + } + + public void setStatus(Status status) { + this.status = status; + } + + public String getExceptionType() { + return exceptionType; + } + + public void setExceptionType(String exceptionType) { + this.exceptionType = exceptionType; + } + + public String getJwt() { + return jwt; + } + + public void setJwt(String jwt) { + this.jwt = jwt; + } + + public Jws getClaims() { + return claims; + } + + public void setClaims(Jws claims) { + this.claims = claims; + } +}