Peer-at-Code/peer-at-code-framework
5
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Remove JWT dependency in User

Browse source
This commit is contained in:
jeffcheasey88 2025-02-01 16:17:36 +01:00
parent 012978d759
commit f2ecb3a1eb
2 changed files with 8 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
src/dev/peerat/framework/User.java
View file

@ -1,9 +1,3 @@
package dev.peerat.framework; package dev.peerat.framework;
import org.jose4j.jwt.JwtClaims; public abstract class User{}
public abstract class User{
public abstract void write(JwtClaims claims);
}

15
src/dev/peerat/framework/auth/JwtAuthenticator.java
View file

@ -2,13 +2,14 @@ package dev.peerat.framework.auth;
import java.security.Key; import java.security.Key;
import java.util.Map; import java.util.Map;
import java.util.function.BiConsumer;
import java.util.function.Consumer; import java.util.function.Consumer;
import java.util.function.Function; import java.util.function.Function;
import org.jose4j.jwa.AlgorithmConstraints.ConstraintType; import org.jose4j.jwa.AlgorithmConstraints.ConstraintType;
import org.jose4j.jwk.JsonWebKey.OutputControlLevel;
import org.jose4j.jwk.RsaJsonWebKey; import org.jose4j.jwk.RsaJsonWebKey;
import org.jose4j.jwk.RsaJwkGenerator; import org.jose4j.jwk.RsaJwkGenerator;
import org.jose4j.jwk.JsonWebKey.OutputControlLevel;
import org.jose4j.jws.AlgorithmIdentifiers; import org.jose4j.jws.AlgorithmIdentifiers;
import org.jose4j.jws.JsonWebSignature; import org.jose4j.jws.JsonWebSignature;
import org.jose4j.jwt.JwtClaims; import org.jose4j.jwt.JwtClaims;
@ -23,24 +24,24 @@ public class JwtAuthenticator<U extends User> implements Authenticator<U>{
private RsaJsonWebKey rsaJsonWebKey; private RsaJsonWebKey rsaJsonWebKey;
private JwtConsumer jwtConsumer; private JwtConsumer jwtConsumer;
private Consumer<JwtClaims> claims; private BiConsumer<JwtClaims, U> claims;
private Function<JwtClaims, U> userCreator; private Function<JwtClaims, U> userCreator;
public JwtAuthenticator(){} public JwtAuthenticator(){}
public JwtAuthenticator<U> configure(Consumer<JwtConsumerBuilder> consumer, Consumer<JwtClaims> claims, Function<JwtClaims, U> userCreator) throws Exception{ public JwtAuthenticator<U> configure(Consumer<JwtConsumerBuilder> consumer, BiConsumer<JwtClaims, U> claims, Function<JwtClaims, U> userCreator) throws Exception{
this.rsaJsonWebKey = RsaJwkGenerator.generateJwk(2048); this.rsaJsonWebKey = RsaJwkGenerator.generateJwk(2048);
configureWithKey(consumer, claims, userCreator, this.rsaJsonWebKey.getKey()); configureWithKey(consumer, claims, userCreator, this.rsaJsonWebKey.getKey());
return this; return this;
} }
public JwtAuthenticator<U> configure(Consumer<JwtConsumerBuilder> consumer, Consumer<JwtClaims> claims, Function<JwtClaims, U> userCreator, Map<String, Object> keyParams) throws Exception{ public JwtAuthenticator<U> configure(Consumer<JwtConsumerBuilder> consumer, BiConsumer<JwtClaims, U> claims, Function<JwtClaims, U> userCreator, Map<String, Object> keyParams) throws Exception{
this.rsaJsonWebKey = new RsaJsonWebKey(keyParams); this.rsaJsonWebKey = new RsaJsonWebKey(keyParams);
configureWithKey(consumer, claims, userCreator, this.rsaJsonWebKey.getKey()); configureWithKey(consumer, claims, userCreator, this.rsaJsonWebKey.getKey());
return this; return this;
} }
private JwtAuthenticator<U> configureWithKey(Consumer<JwtConsumerBuilder> consumer, Consumer<JwtClaims> claims, Function<JwtClaims, U> userCreator, Key key) throws Exception{ private JwtAuthenticator<U> configureWithKey(Consumer<JwtConsumerBuilder> consumer, BiConsumer<JwtClaims, U> claims, Function<JwtClaims, U> userCreator, Key key) throws Exception{
JwtConsumerBuilder builder = new JwtConsumerBuilder() JwtConsumerBuilder builder = new JwtConsumerBuilder()
.setRequireExpirationTime() .setRequireExpirationTime()
.setAllowedClockSkewInSeconds(30) .setAllowedClockSkewInSeconds(30)
@ -66,9 +67,7 @@ public class JwtAuthenticator<U extends User> implements Authenticator<U>{
claims.setGeneratedJwtId(); // a unique identifier for the token claims.setGeneratedJwtId(); // a unique identifier for the token
claims.setIssuedAtToNow(); // when the token was issued/created (now) claims.setIssuedAtToNow(); // when the token was issued/created (now)
claims.setNotBeforeMinutesInThePast(2); // time before which the token is not yet valid (2 minutes ago) claims.setNotBeforeMinutesInThePast(2); // time before which the token is not yet valid (2 minutes ago)
this.claims.accept(claims); this.claims.accept(claims, user);
user.write(claims);
JsonWebSignature jws = new JsonWebSignature(); JsonWebSignature jws = new JsonWebSignature();
jws.setPayload(claims.toJson()); jws.setPayload(claims.toJson());