Set configurable secret for parsing.

This commit is contained in:
Micah Silverman 2016-06-27 09:21:42 -04:00
parent 14905fae11
commit 6a057f33b1
1 changed files with 7 additions and 3 deletions

View File

@ -5,6 +5,7 @@ import io.jsonwebtoken.Jws;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.jjwtfun.model.JwtResponse;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
@ -18,6 +19,9 @@ import static org.springframework.web.bind.annotation.RequestMethod.GET;
@RestController
public class StaticJWTController extends BaseController {
@Value("#{ @environment['jjwtfun.secret'] ?: 'secret' }")
String secret;
@RequestMapping(value = "/static-builder", method = GET)
public JwtResponse fixedBuilder() throws UnsupportedEncodingException {
@ -38,10 +42,10 @@ public class StaticJWTController extends BaseController {
}
@RequestMapping(value = "/parser", method = GET)
public JwtResponse fixedParser(@RequestParam String jws) throws UnsupportedEncodingException {
public JwtResponse parser(@RequestParam String jwt) throws UnsupportedEncodingException {
Jws<Claims> claims = Jwts.parser()
.setSigningKey("secret".getBytes("UTF-8"))
.parseClaimsJws(jws);
.setSigningKey(secret.getBytes("UTF-8"))
.parseClaimsJws(jwt);
return new JwtResponse(claims);
}