Added endpoints to demonstrate claim enforcement and JWT compression. Updated usage endpoint.

This commit is contained in:
Micah Silverman 2016-06-27 22:54:45 -04:00
parent 38e829ef35
commit 50509bf42b
5 changed files with 35 additions and 5 deletions

View File

@ -28,7 +28,6 @@ public class JWTCsrfTokenRepository implements CsrfTokenRepository {
@Override
public CsrfToken generateToken(HttpServletRequest request) {
String id = UUID.randomUUID().toString().replace("-", "");
Date now = new Date();

View File

@ -3,7 +3,6 @@ package io.jsonwebtoken.jjwtfun.config;
import io.jsonwebtoken.JwtException;
import io.jsonwebtoken.Jwts;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@ -37,6 +36,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
.csrfTokenRepository(jwtCsrfTokenRepository)
.ignoringAntMatchers("/dynamic-builder-general")
.ignoringAntMatchers("/dynamic-builder-specific")
.ignoringAntMatchers("/dynamic-builder-compress")
.and().authorizeRequests()
.antMatchers("/**")
.permitAll();

View File

@ -1,13 +1,17 @@
package io.jsonwebtoken.jjwtfun.controller;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jws;
import io.jsonwebtoken.JwtBuilder;
import io.jsonwebtoken.JwtException;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.impl.compression.CompressionCodecs;
import io.jsonwebtoken.jjwtfun.model.JwtResponse;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import java.io.UnsupportedEncodingException;
@ -16,6 +20,7 @@ import java.util.Date;
import java.util.Map;
import static org.springframework.web.bind.annotation.RequestMethod.POST;
import static org.springframework.web.bind.annotation.RequestMethod.GET;
@RestController
public class DynamicJWTController extends BaseController {
@ -34,6 +39,19 @@ public class DynamicJWTController extends BaseController {
return new JwtResponse(jws);
}
@RequestMapping(value = "/dynamic-builder-compress", method = POST)
public JwtResponse dynamicBuildercompress(@RequestBody Map<String, Object> claims) throws UnsupportedEncodingException {
String jws = Jwts.builder()
.setClaims(claims)
.compressWith(CompressionCodecs.DEFLATE)
.signWith(
SignatureAlgorithm.HS256,
secret.getBytes("UTF-8")
)
.compact();
return new JwtResponse(jws);
}
@RequestMapping(value = "/dynamic-builder-specific", method = POST)
public JwtResponse dynamicBuilderSpecific(@RequestBody Map<String, Object> claims) throws UnsupportedEncodingException {
JwtBuilder builder = Jwts.builder();

View File

@ -14,9 +14,11 @@ public class HomeController {
return "Available commands (assumes httpie - https://github.com/jkbrzt/httpie):\n" +
" http " + requestUrl + "/\n\tThis usage message\n" +
" http " + requestUrl + "/static-builder\n\tbuild JWT from hardcoded claims\n" +
" http " + requestUrl + "/dynamic-builder-general claim-1=value-1 ... [claim-n=value-n]\n\tbuild JWT from passed in claims (using general claims map)\n" +
" http " + requestUrl + "/dynamic-builder-specific claim-1=value-1 ... [claim-n=value-n]\n\tbuild JWT from passed in claims (using specific claims methods)\n" +
" http " + requestUrl + "/parser?jwt=<jwt>\n\tParse passed in JWT\n";
" http POST " + requestUrl + "/dynamic-builder-general claim-1=value-1 ... [claim-n=value-n]\n\tbuild JWT from passed in claims (using general claims map)\n" +
" http POST " + requestUrl + "/dynamic-builder-specific claim-1=value-1 ... [claim-n=value-n]\n\tbuild JWT from passed in claims (using specific claims methods)\n" +
" http POST " + requestUrl + "/dynamic-builder-compress claim-1=value-1 ... [claim-n=value-n]\n\tbuild DEFLATE compressed JWT from passed in claims\n" +
" http " + requestUrl + "/parser?jwt=<jwt>\n\tParse passed in JWT\n" +
" http " + requestUrl + "/parser-enforce?jwt=<jwt>\n\tParse passed in JWT enforcing the 'iss' registered claim and the 'hasMotorcycle' custom claim\n";
}
private String getUrl(HttpServletRequest req) {

View File

@ -49,4 +49,15 @@ public class StaticJWTController extends BaseController {
return new JwtResponse(claims);
}
@RequestMapping(value = "/parser-enforce", method = GET)
public JwtResponse parserEnforce(@RequestParam String jwt) throws UnsupportedEncodingException {
Jws<Claims> claims = Jwts.parser()
.requireIssuer("Stormpath")
.require("hasMotorcycle", true)
.setSigningKey(secret.getBytes("UTF-8"))
.parseClaimsJws(jwt);
return new JwtResponse(claims);
}
}