· 5 years ago · Jun 18, 2020, 04:54 AM
1package org.jleaf.preorderappscore.util;
2
3import java.util.Date;
4import java.util.HashMap;
5import java.util.Map;
6import java.util.function.Function;
7
8import io.jsonwebtoken.Claims;
9import io.jsonwebtoken.Jwts;
10import io.jsonwebtoken.SignatureAlgorithm;
11import org.jleaf.preorderappscore.entity.AuthenticationUser;
12import org.springframework.beans.factory.annotation.Value;
13
14public class JwtUtil {
15
16 @Value("${security.secret_key:secret}")
17 private String SECRET_KEY;
18
19 public String extractSubject(String token) {
20 return extractClaim(token, Claims::getSubject);
21 }
22
23 public Date extractExpiration(String token) {
24 return extractClaim(token, Claims::getExpiration);
25 }
26
27 private <T> T extractClaim(String token, Function<Claims, T> claimResolver) {
28 final Claims claims = extractAllClaims(token);
29 return claimResolver.apply(claims);
30 }
31
32 private Claims extractAllClaims(String token) {
33 return Jwts.parser().setSigningKey(SECRET_KEY).parseClaimsJws(token).getBody();
34 }
35
36 private Boolean isTokenExpired(String token) {
37 return extractExpiration(token).before(new Date());
38 }
39
40 public String generateToken(AuthenticationUser user) {
41 Map<String, Object> claims = new HashMap<>();
42 return createToken(claims, user.getUsername());
43 }
44
45 private String createToken(Map<String, Object> claims, String subject) {
46 return Jwts.builder().setClaims(claims).setSubject(subject).setIssuedAt(new Date(System.currentTimeMillis()))
47 .setExpiration(new Date(System.currentTimeMillis() + 1000 * 60 * 60 * 10))
48 .signWith(SignatureAlgorithm.HS256, SECRET_KEY).compact();
49 }
50
51 public Boolean validateToken(String token, AuthenticationUser user) {
52 final String subject = extractSubject(token);
53 return ((subject.equals(user.getUsername()) || subject.equals(user.getEmail())) && !isTokenExpired(token));
54 }
55}