View Javadoc
1   package com.codecool.bytebattlers.config;
2   
3   import io.jsonwebtoken.Claims;
4   import io.jsonwebtoken.Jwts;
5   import io.jsonwebtoken.io.Decoders;
6   import io.jsonwebtoken.security.Keys;
7   import org.springframework.security.core.userdetails.UserDetails;
8   import org.springframework.stereotype.Service;
9   
10  import javax.crypto.SecretKey;
11  import java.util.Date;
12  import java.util.HashMap;
13  import java.util.Map;
14  import java.util.UUID;
15  import java.util.function.Function;
16  
17  @Service
18  public class JwtService {
19      private static final String SECRET_KEY = System.getenv("SECRET_KEY");
20  
21      private static final long ONE_DAY_EXPIRATION_DATE_IN_MILLISECONDS = 86400000;
22  
23      public String extractUsername(String token) {
24          return extractClaims(token, Claims::getSubject);
25      }
26  
27      public <T> T extractClaims(String token, Function<Claims, T> claimsResolver) {
28          final Claims claims = extractAllClaims(token);
29          return claimsResolver.apply(claims);
30      }
31  
32      public String generateToken(UserDetails userDetails, UUID pubID, String name) {
33          return generateToken(new HashMap<>(), userDetails, pubID, name);
34      }
35  
36  
37      public String generateToken(
38              Map<String, Object> extraClaims,
39              UserDetails userDetails, UUID pubID, String name
40      ) {
41  
42          extraClaims.put("role", userDetails.getAuthorities());
43          extraClaims.put("name",pubID);
44          extraClaims.put("user_name", name);
45          return Jwts.builder()
46                  .claims()
47                  .add(extraClaims)                .subject(userDetails.getUsername())
48                  .issuedAt(new Date(System.currentTimeMillis()))
49                  .expiration(new Date(System.currentTimeMillis() + ONE_DAY_EXPIRATION_DATE_IN_MILLISECONDS))
50                  .and()
51                  .signWith(getSignInKey())
52                  .compact();
53      }
54  
55      public boolean isTokenValid(String token, UserDetails userDetails) {
56          final String username = extractUsername(token);
57          return (username.equals(userDetails.getUsername())) && !isTokenExpired(token);
58      }
59  
60      public boolean isTokenExpired(String token) {
61          return extractExpiration(token).before(new Date());
62      }
63  
64      private Date extractExpiration(String token) {
65          return extractClaims(token, Claims::getExpiration);
66      }
67  
68      private Claims extractAllClaims(String token) {
69          return Jwts.parser()
70                  .verifyWith(getSignInKey())
71                  .build()
72                  .parseSignedClaims(token)
73                  .getPayload();
74      }
75  
76      private SecretKey getSignInKey() {
77          byte[] keyBytes = Decoders.BASE64.decode(SECRET_KEY);
78          return Keys.hmacShaKeyFor(keyBytes);
79      }
80  }