implemented generating jwt

vitalii · vitalii · commit b5e1cd08147f · 2020-07-29T14:20:19.000+03:00
diff --git a/modules/authentication/server-java/src/main/java/com/sysgears/authentication/config/AuthConfig.java b/modules/authentication/server-java/src/main/java/com/sysgears/authentication/config/AuthConfig.java
@@ -0,0 +1,15 @@
+package com.sysgears.authentication.config;
+
+import io.jsonwebtoken.security.Keys;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+import java.security.Key;
+
+@Configuration
+public class AuthConfig {
+    @Bean
+    public Key jwtSecretKey(JwtConfig config) {
+        return Keys.hmacShaKeyFor(config.getSecret().getBytes());
+    }
+}
diff --git a/modules/authentication/server-java/src/main/java/com/sysgears/authentication/config/JwtConfig.java b/modules/authentication/server-java/src/main/java/com/sysgears/authentication/config/JwtConfig.java
@@ -0,0 +1,16 @@
+package com.sysgears.authentication.config;
+
+import lombok.Getter;
+import lombok.Setter;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.context.annotation.Configuration;
+
+@Getter
+@Setter
+@Configuration
+@ConfigurationProperties("jwt")
+public class JwtConfig {
+    private String secret;
+    private long accessTokenExpirationInSec;
+    private long refreshTokenExpirationInSec;
+}
diff --git a/modules/authentication/server-java/src/main/java/com/sysgears/authentication/model/jwt/JwtUserIdentity.java b/modules/authentication/server-java/src/main/java/com/sysgears/authentication/model/jwt/JwtUserIdentity.java
@@ -0,0 +1,15 @@
+package com.sysgears.authentication.model.jwt;
+
+import lombok.Data;
+
+@Data
+public class JwtUserIdentity {
+    private final int id;
+    private final String username;
+    private final String passwordHash;
+    private final String role;
+    private final Boolean isActive;
+    private final String email;
+    private final String firstName;
+    private final String lastName;
+}
diff --git a/modules/authentication/server-java/src/main/java/com/sysgears/authentication/service/jwt/JWTGenerator.java b/modules/authentication/server-java/src/main/java/com/sysgears/authentication/service/jwt/JWTGenerator.java
@@ -0,0 +1,60 @@
+package com.sysgears.authentication.service.jwt;
+
+import com.sysgears.authentication.config.JwtConfig;
+import com.sysgears.authentication.model.jwt.JwtUserIdentity;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.SignatureAlgorithm;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.stereotype.Service;
+
+import java.security.Key;
+import java.time.Instant;
+import java.time.temporal.ChronoUnit;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.Map;
+
+@Slf4j
+@Service
+@RequiredArgsConstructor
+public class JWTGenerator {
+    private final Key secretKey;
+    private final JwtConfig jwtConfig;
+
+    //todo: need to separate generation and parsing JWT.
+    public String generateToken(JwtUserIdentity identity) {
+        Map<String, Object> claims = new HashMap<>();
+        claims.put("identity", identity);
+        log.debug("Generating new access JWT for user {}", identity.getId());
+        return Jwts.builder()
+                .setClaims(claims)
+                .setIssuedAt(Date.from(Instant.now()))
+                .setExpiration(Date.from(Instant.now().plus(jwtConfig.getAccessTokenExpirationInSec(), ChronoUnit.SECONDS)))
+                .setHeaderParam("typ", "JWT")
+                .signWith(secretKey, SignatureAlgorithm.HS256)
+                .compact();
+    }
+
+    public String generateRefreshToken(JwtUserIdentity identity) {
+        Map<String, Object> claims = new HashMap<>();
+        claims.put("id", identity.getId());
+        log.debug("Generating new refresh JWT for user {}", identity.getId());
+        return Jwts.builder()
+                .setClaims(claims)
+                .setIssuedAt(Date.from(Instant.now()))
+                .setExpiration(Date.from(Instant.now().plus(jwtConfig.getRefreshTokenExpirationInSec(), ChronoUnit.SECONDS)))
+                .setHeaderParam("typ", "JWT")
+                .signWith(secretKey, SignatureAlgorithm.HS256)
+                .compact();
+    }
+
+
+    public String getAllClaimsFromToken(String token) {
+        return Jwts.parserBuilder()
+                .setSigningKey(secretKey)
+                .build()
+                .parseClaimsJws(token)
+                .toString();
+    }
+}
diff --git a/packages/server-java/app/src/main/resources/application.yml b/packages/server-java/app/src/main/resources/application.yml
@@ -32,4 +32,9 @@ graphiql:
   enabled: true
   endpoint:
     subscriptions: /graphql
-  mapping: /graphiql
+  mapping: /graphiql
+
+jwt:
+  secret: "676918AB4D29BFE59CCB943F3C09F5CC8FB3A8511E23E502B67DE95AB9A9D00C"
+  access-token-expiration-in-sec: 3600
+  refresh-token-expiration-in-sec: 604800
