iSharkFly-Docs/java-tutorials
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Creating a Spring Security Key for Signing a JWT Token

Browse Source
This commit is contained in:
michaelin007 2024-03-12 11:44:53 +00:00
parent 89963eefd7
commit 9e46a49f20
1 changed files with 5 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
spring-security-modules/spring-security-core-2/src/main/java/com/baeldung/jwtsignkey/jwtconfig/JwtUtils.java
View File

@ -16,8 +16,6 @@ import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
import javax.crypto.SecretKey; import javax.crypto.SecretKey;
import java.nio.charset.StandardCharsets;
import java.security.Key;
import java.util.Date; import java.util.Date;
@Component @Component
@ -30,8 +28,6 @@ public class JwtUtils {
@Value("${baeldung.app.jwtExpirationMs}") @Value("${baeldung.app.jwtExpirationMs}")
private int jwtExpirationMs; private int jwtExpirationMs;
SecretKey key = Keys.hmacShaKeyFor(Decoders.BASE64.decode(jwtSecret));
public String generateJwtToken(Authentication authentication) { public String generateJwtToken(Authentication authentication) {
UserDetailsImpl userPrincipal = (UserDetailsImpl) authentication.getPrincipal(); UserDetailsImpl userPrincipal = (UserDetailsImpl) authentication.getPrincipal();
@ -40,19 +36,19 @@ public class JwtUtils {
.subject((userPrincipal.getUsername())) .subject((userPrincipal.getUsername()))
.issuedAt(new Date()) .issuedAt(new Date())
.expiration(new Date((new Date()).getTime() + jwtExpirationMs)) .expiration(new Date((new Date()).getTime() + jwtExpirationMs))
.signWith(key) .signWith(getSigningKey())
.compact(); .compact();
} }
private Key getSigningKey() { private SecretKey getSigningKey() {
byte[] keyBytes = this.jwtSecret.getBytes(StandardCharsets.UTF_8); byte[] keyBytes = Decoders.BASE64.decode(jwtSecret);
return Keys.hmacShaKeyFor(keyBytes); return Keys.hmacShaKeyFor(keyBytes);
} }
public String getUserNameFromJwtToken(String token) { public String getUserNameFromJwtToken(String token) {
return Jwts.parser() return Jwts.parser()
.verifyWith(key) .verifyWith(getSigningKey())
.build() .build()
.parseSignedClaims(token) .parseSignedClaims(token)
.getPayload() .getPayload()
@ -63,7 +59,7 @@ public class JwtUtils {
public boolean validateJwtToken(String authToken) { public boolean validateJwtToken(String authToken) {
try { try {
Jwts.parser() Jwts.parser()
. verifyWith(key) .verifyWith(getSigningKey())
.build() .build()
.parseSignedClaims(authToken); .parseSignedClaims(authToken);
return true; return true;