保誠-保戶業務員媒合平台
究查 | 歷程 | 修補檔 | 提交 | 提交差異 | 忽略空白
jack
2023-08-11 6bcbe72b43d6fa041d06878d1dae09a6d8903895 
 pamapi/src/main/java/com/pollex/pam/security/jwt/TokenProvider.java


@@ -7,8 +7,12 @@


import java.security.Key;


import java.util.*;


import java.util.stream.Collectors;




import javax.servlet.http.HttpServletResponse;




import org.slf4j.Logger;


import org.slf4j.LoggerFactory;


import org.springframework.beans.factory.annotation.Autowired;


import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;


import org.springframework.security.core.Authentication;


import org.springframework.security.core.GrantedAuthority;


@@ -16,6 +20,10 @@


import org.springframework.security.core.userdetails.User;


import org.springframework.stereotype.Component;


import org.springframework.util.ObjectUtils;




import com.pollex.pam.business.domain.TokenBlackList;


import com.pollex.pam.business.repository.TokenBlackListRepository;




import tech.jhipster.config.JHipsterProperties;




@Component


@@ -24,6 +32,7 @@


    private final Logger log = LoggerFactory.getLogger(TokenProvider.class);




    private static final String AUTHORITIES_KEY = "auth";


    private static final String AUTHORITIES_DETAILS = "details";




    private final Key key;




@@ -32,6 +41,9 @@


    private final long tokenValidityInMilliseconds;




    private final long tokenValidityInMillisecondsForRememberMe;




    @Autowired


    TokenBlackListRepository tokenBlackListRepository;




    public TokenProvider(JHipsterProperties jHipsterProperties) {


        byte[] keyBytes;


@@ -69,6 +81,7 @@


            .builder()


            .setSubject(authentication.getName())


            .claim(AUTHORITIES_KEY, authorities)


            .claim(AUTHORITIES_DETAILS, authentication.getDetails())


            .signWith(key, SignatureAlgorithm.HS512)


            .setExpiration(validity)


            .compact();


@@ -84,8 +97,10 @@


            .collect(Collectors.toList());




        User principal = new User(claims.getSubject(), "", authorities);


        UsernamePasswordAuthenticationToken authInfo = new UsernamePasswordAuthenticationToken(principal, token, authorities);


        authInfo.setDetails(claims.get(AUTHORITIES_DETAILS));




        return new UsernamePasswordAuthenticationToken(principal, token, authorities);


        return authInfo;


    }




    public boolean validateToken(String authToken) {


@@ -98,4 +113,9 @@


        }


        return false;


    }




   public boolean isBlackListToken(String jwt) {


      Optional<TokenBlackList> tokenBlack = tokenBlackListRepository.findById(jwt);


       return tokenBlack.isPresent();


   }


}