import java.io.IOException; import javax.servlet.FilterChain; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.springframework.web.filter.OncePerRequestFilter; public class AutenticacaoViaTokenFilter extends OncePerRequestFilter{ private TokenService tokenService; public AutenticacaoViaTokenFilter(TokenService tokenService) { this.tokenService = tokenService; } @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { String token = recuperarToken(request); boolean valido = TokenService.isTokenValido(token); System.out.println(valido); filterChain.doFilter(request, response); }
private String recuperarToken(HttpServletRequest request) {
String token = request.getHeader("Authorization");
if(token == null || token.isEmpty() || !token.startsWith("Bearer ")) {
return null;
}
return token.substring(7, token.length());
}}
public boolean isTokenValido(String token) {
try {
Jwts.parser().setSigningKey(this.secret).parseClaimsJws(token);
return true;
}catch(Exception e) {
return false;
}
}import java.util.Date; import org.springframework.beans.factory.annotation.Value; import org.springframework.security.core.Authentication; import org.springframework.stereotype.Service; import br.com.forum.modelo.Usuario; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.SignatureAlgorithm;
@Service public class TokenService {
@Value("${forum.jwt.expiration}")
private String expiration;
@Value("${forum.jwt.secret}")
private String secret;
public String geraToken(Authentication authentication) {
Usuario logado = (Usuario)authentication.getPrincipal();
Date hoje = new Date();
Date dataExpiracao = new Date(hoje.getTime() + Long.parseLong(expiration));
return Jwts.builder()
.setIssuer("API do Forúm")
.setSubject(logado.getId().toString())
.setIssuedAt(hoje)
.setExpiration(dataExpiracao)
.signWith(SignatureAlgorithm.HS256, secret)
.compact();
}
public boolean isTokenValido(String token) {
try {
Jwts.parser().setSigningKey(this.secret).parseClaimsJws(token);
return true;
}catch(Exception e) {
return false;
}
}}
import java.io.IOException; import javax.servlet.FilterChain; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.springframework.web.filter.OncePerRequestFilter; public class AutenticacaoViaTokenFilter extends OncePerRequestFilter{
private TokenService tokenService;
public AutenticacaoViaTokenFilter(TokenService tokenService) {
this.tokenService = tokenService;
}
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
throws ServletException, IOException {
String token = recuperarToken(request);
boolean valido = TokenService.isTokenValido(token);
System.out.println(valido);
filterChain.doFilter(request, response);
}
private String recuperarToken(HttpServletRequest request) {
String token = request.getHeader("Authorization");
if(token == null || token.isEmpty() || !token.startsWith("Bearer ")) {
return null;
}
return token.substring(7, token.length());
}}
