Sempre retorna false, ja revisei o codigo mas nao consegui encontrar o problema. segue codigo:
TokenService
@Service
public class TokenService {
@Value("${forum.jwt.expiration}")
private String expiration;
@Value("${forum.jwt.secret}")
private String secret;
public String gerarToken(Authentication authentication) {
Usuario logado = (Usuario) authentication.getPrincipal();
Date hoje = new Date();
Date dataExpiracao = new Date(hoje.getTime() + Long.parseLong(expiration));
return Jwts.builder()
.setIssuer("API papapaap")
.setSubject(logado.getId().toString())
.setIssuedAt(hoje)
.setExpiration(dataExpiracao)
.signWith(SignatureAlgorithm.HS256, secret)
.compact();
}
public boolean isTokenValido(String token) {
try {
Jwts.parser().setSigningKey(this.secret).parseClaimsJws(token);
return true;
} catch (Exception e) {
return false;
}
}
}TokenDto:
public class TokenDto {
private String token;
private String tipo;
public TokenDto() {
}
public TokenDto(String token, String tipo) {
this.token = token;
this.tipo = tipo;
}
public String getToken() {
return token;
}
public String getTipo() {
return tipo;
}
}AutenticacaoViaTokenFilter:
public class AutenticacaoViaTokenFilter extends OncePerRequestFilter {
private TokenService tokenService;
public AutenticacaoViaTokenFilter(TokenService tokenService) {
this.tokenService = tokenService;
}
@Override
protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain)
throws ServletException, IOException {
String token = recuperToken(httpServletRequest);
boolean valido = tokenService.isTokenValido(token);
System.out.println(valido);
filterChain.doFilter(httpServletRequest,httpServletResponse);
}
private String recuperToken(HttpServletRequest httpServletRequest) {
String token = httpServletRequest.getHeader("Authorization");
if (token == null || token.isEmpty() || token.startsWith("Bearer ")){
return null;
}
return token.substring(7, token.length());
}
}AutenticacaoController:
@RestController
@RequestMapping("/auth")
public class AutenticacaoController {
@Autowired
private AuthenticationManager authenticationManager;
@Autowired
private TokenService tokenService;
@PostMapping
public ResponseEntity<TokenDto> autenticar(@RequestBody @Valid LoginForm form){
UsernamePasswordAuthenticationToken dadosLogin = form.toUsernamePasswordAuthenticationToken();
try {
Authentication authentication = authenticationManager.authenticate(dadosLogin);
String token = tokenService.gerarToken(authentication);
System.out.println(token);
return ResponseEntity.ok(new TokenDto(token, "Bearer"));
} catch (AuthenticationException e){
return ResponseEntity.badRequest().build();
}
}
}SecurityConfigurations:
@EnableWebSecurity
@Configuration
public class SecurityConfigurations extends WebSecurityConfigurerAdapter {
@Autowired
private AutenticacaoService autenticacaoService;
@Autowired
private TokenService tokenService;
@Override
@Bean
protected AuthenticationManager authenticationManager() throws Exception{
return super.authenticationManager();
}
//configuracoes de autenticacao
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(autenticacaoService).passwordEncoder(new BCryptPasswordEncoder());
}
//configuracao de auterizacao
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers(HttpMethod.GET, "/topicos").permitAll()
.antMatchers(HttpMethod.GET, "/topicos/*").permitAll()
.antMatchers(HttpMethod.POST, "/auth").permitAll()
.anyRequest().authenticated() //
//.and().formLogin();
.and().csrf().disable()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and().addFilterBefore(new AutenticacaoViaTokenFilter(tokenService), UsernamePasswordAuthenticationFilter.class);
}
//configuracoes de recursos estaticos(css, javascript, imagens .....)
@Override
public void configure(WebSecurity web) throws Exception {
}
}
