· 4 years ago · Mar 16, 2021, 11:40 AM
1
2@UtilityClass
3public class TokenManager {
4 private final SecretKey SECRET_KEY = Keys.hmacShaKeyFor("b1c0bf50-d8a0-4c71-a86e-003568ef9371:0bfd3344-ea03-49d6-941d-6145aaf9d56b".getBytes());
5 // private final SecretKey SECRET_KEY = Keys.secretKeyFor(SignatureAlgorithm.HS512);
6 public final String TOKEN_PREFIX = "Bearer ";
7 private final int TOKEN_EXPIRY_DURATION = 1; // in hours
8 private final int REFRESH_TOKEN_EXPIRY_DURATION = 48; // in hours
9
10 public String generateToken(String subject, Collection<? extends GrantedAuthority> authorities) {
11 return Jwts.builder()
12 .setSubject(subject)
13 .setClaims(createClaims(subject, TokenType.AUTH, authorities))
14 .setExpiration(Date.from(ZonedDateTime.now().plusHours(TOKEN_EXPIRY_DURATION).toInstant()))
15 .signWith(SECRET_KEY)
16 .compact();
17 }
18
19 public String generateRefreshToken(String subject) {
20 return Jwts.builder()
21 .setSubject(subject)
22 .setClaims(createClaims(subject, TokenType.REFRESH, Collections.emptyList()))
23 .setExpiration(Date.from(ZonedDateTime.now().plusHours(REFRESH_TOKEN_EXPIRY_DURATION).toInstant()))
24 .signWith(SECRET_KEY)
25 .compact();
26 }
27
28 public String generatePaymentToken(UserResponse user) {
29 return Jwts.builder()
30 .setSubject(user.getId())
31 .setClaims(createClaims(user.getId(), TokenType.PAYMENT, List.of(new SimpleGrantedAuthority("ROLE_PAYMENT")), user))
32 .setExpiration(Date.from(ZonedDateTime.now().plusDays(14).toInstant())) // 2 weeks valid
33 .signWith(SECRET_KEY)
34 .compact();
35 }
36
37 public String rawToken(String header) {
38 return header.replace(TOKEN_PREFIX, "");
39 }
40
41 public String parseToken(String token) {
42 return Jwts.parserBuilder()
43 .setSigningKey(SECRET_KEY)
44 .build()
45 .parseClaimsJws(token)
46 .getBody()
47 .getSubject();
48 }
49
50 public boolean isARefreshToken(String token) {
51 return Jwts.parserBuilder()
52 .setSigningKey(SECRET_KEY)
53 .build()
54 .parseClaimsJws(token.replace(TOKEN_PREFIX, ""))
55 .getBody()
56 .get("type", String.class).equalsIgnoreCase(TokenType.REFRESH.name());
57 }
58
59 public ArrayList<String> getRoles(String token) {
60 return (ArrayList<String>) Jwts.parserBuilder()
61 .setSigningKey(SECRET_KEY)
62 .build()
63 .parseClaimsJws(token.replace(TOKEN_PREFIX, ""))
64 .getBody()
65 .get("roles", ArrayList.class);
66 }
67
68 public TokenType getType(String token) {
69 var typeName = Jwts.parserBuilder()
70 .setSigningKey(SECRET_KEY)
71 .build()
72 .parseClaimsJws(token.replace(TOKEN_PREFIX, ""))
73 .getBody()
74 .get("type", String.class);
75
76 return EnumUtils.getEnum(TokenType.class, typeName);
77 }
78
79 private Map<String, ?> createClaims(String subject, TokenType tokenType, Collection<? extends GrantedAuthority> authorities) {
80 var claims = new HashMap<String, Object>();
81 claims.put("sub", subject);
82 claims.put("type", tokenType);
83 claims.put("randomToken", RandomStringUtils.randomAlphanumeric(35));
84 claims.put("roles", authorities.stream().map(GrantedAuthority::getAuthority).collect(Collectors.toList()));
85
86 return claims;
87 }
88
89 private Map<String, ?> createClaims(String subject, TokenType tokenType,
90 Collection<? extends GrantedAuthority> authorities, UserResponse user) {
91 var claims = new HashMap<String, Object>();
92 claims.put("sub", subject);
93 claims.put("type", tokenType);
94 claims.put("randomToken", RandomStringUtils.randomAlphanumeric(35));
95 claims.put("roles", authorities.stream().map(GrantedAuthority::getAuthority).collect(Collectors.toList()));
96 claims.put("user", user);
97
98 return claims;
99 }
100
101}
102