BAEL-6002 | Article code (#13172)

2022-12-20 07:57:11 +05:30 · 2022-12-20 07:57:11 +05:30 · 343bc16821
parent 6bb5598904
commit 343bc16821
2 changed files with 161 additions and 0 deletions
--- a/security-modules/jwt/src/main/java/com/baeldung/jwt/auth0/JWTDecode.java
+++ b/security-modules/jwt/src/main/java/com/baeldung/jwt/auth0/JWTDecode.java
@ -0,0 +1,90 @@
+package com.baeldung.jwt.auth0;
+
+import java.util.Date;
+
+import com.auth0.jwt.JWT;
+import com.auth0.jwt.JWTVerifier;
+import com.auth0.jwt.algorithms.Algorithm;
+import com.auth0.jwt.exceptions.JWTDecodeException;
+import com.auth0.jwt.exceptions.JWTVerificationException;
+import com.auth0.jwt.interfaces.DecodedJWT;
+
+public class JWTDecode {
+
+    private static final String SECRET = "baeldung";
+    private static final String ISSUER = "Baeldung";
+    private static final String SUBJECT = "Baeldung Details";
+    private static final long TOKEN_VALIDITY_IN_MILLIS = 500L;
+
+    private static Algorithm algorithm;
+    private static JWTVerifier verifier;
+
+    public static void initialize() {
+        algorithm = Algorithm.HMAC256(SECRET);
+
+        verifier = JWT.require(algorithm)
+          .withIssuer(ISSUER)
+          .build();
+    }
+
+    private static String createJWT() {
+        String jwtToken = JWT.create()
+          .withIssuer(ISSUER)
+          .withSubject(SUBJECT)
+          .withIssuedAt(new Date())
+          .withExpiresAt(new Date(System.currentTimeMillis() + TOKEN_VALIDITY_IN_MILLIS))
+          .sign(algorithm);
+
+        return jwtToken;
+    }
+
+    private static DecodedJWT verifyJWT(String jwtToken) {
+        try {
+            DecodedJWT decodedJWT = verifier.verify(jwtToken);
+            return decodedJWT;
+        } catch (JWTVerificationException e) {
+            System.out.println(e.getMessage());
+        }
+        return null;
+    }
+
+    private static DecodedJWT decodedJWT(String jwtToken) {
+        try {
+            DecodedJWT decodedJWT = JWT.decode(jwtToken);
+            return decodedJWT;
+        } catch (JWTDecodeException e) {
+            System.out.println(e.getMessage());
+        }
+        return null;
+    }
+
+    private static boolean isJWTExpired(DecodedJWT decodedJWT) {
+        Date expiresAt = decodedJWT.getExpiresAt();
+        return expiresAt.before(new Date());
+    }
+
+    public static void main(String args[]) throws InterruptedException {
+
+        initialize();
+
+        String jwtToken = createJWT();
+        System.out.println("Created JWT : " + jwtToken);
+
+        Thread.sleep(1000L);
+
+        DecodedJWT decodedJWT = verifyJWT(jwtToken);
+        if (decodedJWT == null) {
+            System.out.println("JWT Verification Failed");
+        }
+
+        decodedJWT = decodedJWT(jwtToken);
+        if (decodedJWT != null) {
+            System.out.println("Token Issued At : " + decodedJWT.getIssuedAt());
+            System.out.println("Token Expires At : " + decodedJWT.getExpiresAt());
+
+            Boolean isExpired = isJWTExpired(decodedJWT);
+            System.out.println("Is Expired : " + isExpired);
+        }
+    }
+
+}
--- a/security-modules/jwt/src/test/java/com/baeldung/jwt/auth0/JWTDecodeUnitTest.java
+++ b/security-modules/jwt/src/test/java/com/baeldung/jwt/auth0/JWTDecodeUnitTest.java
@ -0,0 +1,71 @@
+package com.baeldung.jwt.auth0;
+
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+import java.util.Date;
+
+import org.junit.jupiter.api.BeforeAll;
+import org.junit.jupiter.api.Test;
+
+import com.auth0.jwt.JWT;
+import com.auth0.jwt.JWTVerifier;
+import com.auth0.jwt.algorithms.Algorithm;
+import com.auth0.jwt.interfaces.DecodedJWT;
+
+public class JWTDecodeUnitTest {
+
+    private static final String SECRET = "baeldung";
+    private static final String ISSUER = "Baeldung";
+    private static final long TOKEN_VALIDITY_IN_MILLIS = 1000L;
+
+    private static Algorithm algorithm;
+    private static JWTVerifier verifier;
+    private static String jwtToken;
+
+    @BeforeAll
+    public static void setUp() {
+        algorithm = Algorithm.HMAC256(SECRET);
+
+        verifier = JWT.require(algorithm)
+          .withIssuer(ISSUER)
+          .build();
+    }
+
+    private static boolean isJWTExpired(DecodedJWT decodedJWT) {
+        Date expiresAt = decodedJWT.getExpiresAt();
+        return expiresAt.before(new Date());
+    }
+
+    private static DecodedJWT decodedJWT(String jwtToken) {
+        return JWT.decode(jwtToken);
+    }
+
+    @Test
+    public void givenNotExpiredJWT_whenDecoded_thenCheckingIfNotExpired() {
+
+        jwtToken = JWT.create()
+          .withIssuer(ISSUER)
+          .withExpiresAt(new Date(System.currentTimeMillis() + TOKEN_VALIDITY_IN_MILLIS))
+          .sign(algorithm);
+
+        DecodedJWT decodedJWT = decodedJWT(jwtToken);
+        assertNotNull(decodedJWT);
+        assertFalse(isJWTExpired(decodedJWT));
+    }
+
+    @Test
+    public void givenExpiredJWT_whenDecoded_thenCheckingIfExpired() {
+
+        jwtToken = JWT.create()
+          .withIssuer(ISSUER)
+          .withExpiresAt(new Date(System.currentTimeMillis() - TOKEN_VALIDITY_IN_MILLIS))
+          .sign(algorithm);
+
+        DecodedJWT decodedJWT = decodedJWT(jwtToken);
+        assertNotNull(decodedJWT);
+        assertTrue(isJWTExpired(decodedJWT));
+    }
+
+}