Moved TextCodec.BASE64.decode calls into service. Refactored method names to drive home that you're getting bytes back.

2016-07-14 00:09:53 -04:00 · 2016-07-14 00:09:53 -04:00 · 2f6b1ca318
parent 6bd3b381d1
commit 2f6b1ca318
7 changed files with 19 additions and 23 deletions
--- a/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/config/CSRFConfig.java
+++ b/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/config/CSRFConfig.java
@ -16,6 +16,6 @@ public class CSRFConfig {
    @Bean
    @ConditionalOnMissingBean
    public CsrfTokenRepository jwtCsrfTokenRepository() {
-        return new JWTCsrfTokenRepository(secretService.getHS256Secret());
+        return new JWTCsrfTokenRepository(secretService.getHS256SecretBytes());
    }
 }
--- a/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/config/JWTCsrfTokenRepository.java
+++ b/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/config/JWTCsrfTokenRepository.java
@ -2,7 +2,6 @@ package io.jsonwebtoken.jjwtfun.config;

 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.SignatureAlgorithm;
-import io.jsonwebtoken.impl.TextCodec;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.security.web.csrf.CsrfToken;
@ -22,8 +21,8 @@ public class JWTCsrfTokenRepository implements CsrfTokenRepository {
    private static final Logger log = LoggerFactory.getLogger(JWTCsrfTokenRepository.class);
    private byte[] secret;

-    public JWTCsrfTokenRepository(String base64Secret) {
-        this.secret = TextCodec.BASE64.decode(base64Secret);
+    public JWTCsrfTokenRepository(byte[] secret) {
+        this.secret = secret;
    }

    @Override
--- a/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/config/WebSecurityConfig.java
+++ b/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/config/WebSecurityConfig.java
@ -2,10 +2,8 @@ package io.jsonwebtoken.jjwtfun.config;

 import io.jsonwebtoken.JwtException;
 import io.jsonwebtoken.Jwts;
-import io.jsonwebtoken.impl.TextCodec;
 import io.jsonwebtoken.jjwtfun.service.SecretService;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
--- a/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/controller/DynamicJWTController.java
+++ b/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/controller/DynamicJWTController.java
@ -31,7 +31,7 @@ public class DynamicJWTController extends BaseController {
            .setClaims(claims)
            .signWith(
                SignatureAlgorithm.HS256,
-                secretService.getHS256Secret()
+                secretService.getHS256SecretBytes()
            )
            .compact();
        return new JwtResponse(jws);
@ -44,7 +44,7 @@ public class DynamicJWTController extends BaseController {
            .compressWith(CompressionCodecs.DEFLATE)
            .signWith(
                SignatureAlgorithm.HS256,
-                secretService.getHS256Secret()
+                secretService.getHS256SecretBytes()
            )
            .compact();
        return new JwtResponse(jws);
@ -89,7 +89,7 @@ public class DynamicJWTController extends BaseController {
            }
        });

-        builder.signWith(SignatureAlgorithm.HS256, secretService.getHS256Secret());
+        builder.signWith(SignatureAlgorithm.HS256, secretService.getHS256SecretBytes());

        return new JwtResponse(builder.compact());
    }
--- a/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/controller/StaticJWTController.java
+++ b/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/controller/StaticJWTController.java
@ -4,7 +4,6 @@ import io.jsonwebtoken.Claims;
 import io.jsonwebtoken.Jws;
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.SignatureAlgorithm;
-import io.jsonwebtoken.impl.TextCodec;
 import io.jsonwebtoken.jjwtfun.model.JwtResponse;
 import io.jsonwebtoken.jjwtfun.service.SecretService;
 import org.springframework.beans.factory.annotation.Autowired;
@ -35,7 +34,7 @@ public class StaticJWTController extends BaseController {
            .setExpiration(Date.from(Instant.ofEpochSecond(4622470422L))) // Sat Jun 24 2116 15:33:42 GMT-0400 (EDT)
            .signWith(
                SignatureAlgorithm.HS256,
-                TextCodec.BASE64.decode(secretService.getHS256Secret())
+                secretService.getHS256SecretBytes()
            )
            .compact();

--- a/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/service/SecretService.java
+++ b/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/service/SecretService.java
@ -42,23 +42,23 @@ public class SecretService {

    public void setSecrets(Map<String, String> secrets) {
        Assert.notNull(secrets);
-        Assert.isTrue(secrets.get(SignatureAlgorithm.HS256.getValue()) != null);
-        Assert.isTrue(secrets.get(SignatureAlgorithm.HS384.getValue()) != null);
-        Assert.isTrue(secrets.get(SignatureAlgorithm.HS512.getValue()) != null);
+        Assert.hasText(secrets.get(SignatureAlgorithm.HS256.getValue()));
+        Assert.hasText(secrets.get(SignatureAlgorithm.HS384.getValue()));
+        Assert.hasText(secrets.get(SignatureAlgorithm.HS512.getValue()));

        this.secrets = secrets;
    }

-    public String getHS256Secret() {
-        return secrets.get(SignatureAlgorithm.HS256.getValue());
+    public byte[] getHS256SecretBytes() {
+        return TextCodec.BASE64.decode(secrets.get(SignatureAlgorithm.HS256.getValue()));
    }

-    public String getHS384Secret() {
-        return secrets.get(SignatureAlgorithm.HS384.getValue());
+    public byte[] getHS384SecretBytes() {
+        return TextCodec.BASE64.decode(secrets.get(SignatureAlgorithm.HS384.getValue()));
    }

-    public String getHS512Secret() {
-        return secrets.get(SignatureAlgorithm.HS512.getValue());
+    public byte[] getHS512SecretBytes() {
+        return TextCodec.BASE64.decode(secrets.get(SignatureAlgorithm.HS384.getValue()));
    }