Scribd
Upload
11 views2 pages

Hahah

The document is a Java Spring configuration class for handling JWT (JSON Web Tokens) in a RESTful API. It defines beans for encoding and decoding JWTs using a secret key, which is configured via a base64-encoded string. Additionally, it sets up a converter for extracting authorities from the JWT claims for authentication purposes.

Uploaded by

n22dcat016
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
11 views2 pages

Hahah

The document is a Java Spring configuration class for handling JWT (JSON Web Tokens) in a RESTful API. It defines beans for encoding and decoding JWTs using a secret key, which is configured via a base64-encoded string. Additionally, it sets up a converter for extracting authorities from the JWT claims for authentication purposes.

Uploaded by

n22dcat016
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

package com.hoidanit.springrestfulapijobhunter.

config;

import com.hoidanit.springrestfulapijobhunter.util.SecurityUtil;
import com.nimbusds.jose.jwk.source.ImmutableSecret;
import com.nimbusds.jose.util.Base64;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.oauth2.jwt.*;
import
org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticati
onConverter;
import
org.springframework.security.oauth2.server.resource.authentication.JwtGrantedAuth
oritiesConverter;

import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;

@Configuration
public class JWTTokenConfiguration {
@Value("${hoidanit.jwt.base64-secret}")
private String jwtKey;

private SecretKey getSecretKey() {


byte[] keyBytes = Base64.from(jwtKey).decode();
return new SecretKeySpec(keyBytes, 0, keyBytes.length,
SecurityUtil.JWT_ALGORITHM.getName());
}

@Bean
public JwtEncoder jwtEncoder() {
return new NimbusJwtEncoder(new ImmutableSecret<>(getSecretKey()));
}

@Bean
public JwtDecoder jwtDecoder() {
NimbusJwtDecoder jwtDecoder =
NimbusJwtDecoder.withSecretKey(getSecretKey()).macAlgorithm(SecurityUtil.JWT_A
LGORITHM).build();
return token -> {
try {
return jwtDecoder.decode(token);
} catch (JwtException e) {
System.err.println(">>> JWT decoding error: " + e.getMessage());
throw e;
}
};
}

@Bean
public JwtAuthenticationConverter jwtAuthenticationConverter() {
JwtGrantedAuthoritiesConverter grantedAuthoritiesConverter = new
JwtGrantedAuthoritiesConverter();
grantedAuthoritiesConverter.setAuthorityPrefix("");
grantedAuthoritiesConverter.setAuthoritiesClaimName("permissions");

JwtAuthenticationConverter jwtAuthenticationConverter = new


JwtAuthenticationConverter();

jwtAuthenticationConverter.setJwtGrantedAuthoritiesConverter(grantedAuthoritiesC
onverter);
return jwtAuthenticationConverter;
}
}

You might also like