Added endpoints to demonstrate claim enforcement and JWT compression. Updated usage endpoint.

jjwt/src/main/java/io/jsonwebtoken/jjwtfun/config/JWTCsrfTokenRepository.java

@@ -28,7 +28,6 @@ public class JWTCsrfTokenRepository implements CsrfTokenRepository {
 
     @Override
     public CsrfToken generateToken(HttpServletRequest request) {
-
         String id = UUID.randomUUID().toString().replace("-", "");
 
         Date now = new Date();

jjwt/src/main/java/io/jsonwebtoken/jjwtfun/config/WebSecurityConfig.java

@@ -3,7 +3,6 @@ package io.jsonwebtoken.jjwtfun.config;
 import io.jsonwebtoken.JwtException;
 import io.jsonwebtoken.Jwts;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -37,6 +36,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
                 .csrfTokenRepository(jwtCsrfTokenRepository)
                 .ignoringAntMatchers("/dynamic-builder-general")
                 .ignoringAntMatchers("/dynamic-builder-specific")
+                .ignoringAntMatchers("/dynamic-builder-compress")
             .and().authorizeRequests()
                 .antMatchers("/**")
                 .permitAll();

jjwt/src/main/java/io/jsonwebtoken/jjwtfun/controller/DynamicJWTController.java

@@ -1,13 +1,17 @@
 package io.jsonwebtoken.jjwtfun.controller;
 
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.Jws;
 import io.jsonwebtoken.JwtBuilder;
 import io.jsonwebtoken.JwtException;
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.SignatureAlgorithm;
+import io.jsonwebtoken.impl.compression.CompressionCodecs;
 import io.jsonwebtoken.jjwtfun.model.JwtResponse;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
 
 import java.io.UnsupportedEncodingException;
@@ -16,6 +20,7 @@ import java.util.Date;
 import java.util.Map;
 
 import static org.springframework.web.bind.annotation.RequestMethod.POST;
+import static org.springframework.web.bind.annotation.RequestMethod.GET;
 
 @RestController
 public class DynamicJWTController extends BaseController {
@@ -34,6 +39,19 @@ public class DynamicJWTController extends BaseController {
         return new JwtResponse(jws);
     }
 
+    @RequestMapping(value = "/dynamic-builder-compress", method = POST)
+    public JwtResponse dynamicBuildercompress(@RequestBody Map<String, Object> claims) throws UnsupportedEncodingException {
+        String jws =  Jwts.builder()
+            .setClaims(claims)
+            .compressWith(CompressionCodecs.DEFLATE)
+            .signWith(
+                SignatureAlgorithm.HS256,
+                secret.getBytes("UTF-8")
+            )
+            .compact();
+        return new JwtResponse(jws);
+    }
+
     @RequestMapping(value = "/dynamic-builder-specific", method = POST)
     public JwtResponse dynamicBuilderSpecific(@RequestBody Map<String, Object> claims) throws UnsupportedEncodingException {
         JwtBuilder builder = Jwts.builder();

jjwt/src/main/java/io/jsonwebtoken/jjwtfun/controller/HomeController.java

@@ -14,9 +14,11 @@ public class HomeController {
         return "Available commands (assumes httpie - https://github.com/jkbrzt/httpie):\n" +
             "  http " + requestUrl + "/\n\tThis usage message\n" +
             "  http " + requestUrl + "/static-builder\n\tbuild JWT from hardcoded claims\n" +
-            "  http " + requestUrl + "/dynamic-builder-general claim-1=value-1 ... [claim-n=value-n]\n\tbuild JWT from passed in claims (using general claims map)\n" +
+            "  http POST " + requestUrl + "/dynamic-builder-general claim-1=value-1 ... [claim-n=value-n]\n\tbuild JWT from passed in claims (using general claims map)\n" +
-            "  http " + requestUrl + "/dynamic-builder-specific claim-1=value-1 ... [claim-n=value-n]\n\tbuild JWT from passed in claims (using specific claims methods)\n" +
+            "  http POST " + requestUrl + "/dynamic-builder-specific claim-1=value-1 ... [claim-n=value-n]\n\tbuild JWT from passed in claims (using specific claims methods)\n" +
-            "  http " + requestUrl + "/parser?jwt=<jwt>\n\tParse passed in JWT\n";
+            "  http POST " + requestUrl + "/dynamic-builder-compress claim-1=value-1 ... [claim-n=value-n]\n\tbuild DEFLATE compressed JWT from passed in claims\n" +
+            "  http " + requestUrl + "/parser?jwt=<jwt>\n\tParse passed in JWT\n" +
+            "  http " + requestUrl + "/parser-enforce?jwt=<jwt>\n\tParse passed in JWT enforcing the 'iss' registered claim and the 'hasMotorcycle' custom claim\n";
     }
 
     private String getUrl(HttpServletRequest req) {

jjwt/src/main/java/io/jsonwebtoken/jjwtfun/controller/StaticJWTController.java

@@ -49,4 +49,15 @@ public class StaticJWTController extends BaseController {
 
         return new JwtResponse(claims);
     }
+
+    @RequestMapping(value = "/parser-enforce", method = GET)
+    public JwtResponse parserEnforce(@RequestParam String jwt) throws UnsupportedEncodingException {
+        Jws<Claims> claims = Jwts.parser()
+            .requireIssuer("Stormpath")
+            .require("hasMotorcycle", true)
+            .setSigningKey(secret.getBytes("UTF-8"))
+            .parseClaimsJws(jwt);
+
+        return new JwtResponse(claims);
+    }
 }