Java Code Examples for com.auth0.jwt.interfaces.Claim#asString()
The following examples show how to use
com.auth0.jwt.interfaces.Claim#asString() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: JWTAuthenticationProvider.java From airsonic with GNU General Public License v3.0 | 6 votes |
|
@Override
public Authentication authenticate(Authentication auth) throws AuthenticationException {
JWTAuthenticationToken authentication = (JWTAuthenticationToken) auth;
if (authentication.getCredentials() == null || !(authentication.getCredentials() instanceof String)) {
LOG.error("Credentials not present");
return null;
}
String rawToken = (String) auth.getCredentials();
DecodedJWT token = JWTSecurityService.verify(jwtKey, rawToken);
Claim path = token.getClaim(JWTSecurityService.CLAIM_PATH);
authentication.setAuthenticated(true);
// TODO:AD This is super unfortunate, but not sure there is a better way when using JSP
if (StringUtils.contains(authentication.getRequestedPath(), "/WEB-INF/jsp/")) {
LOG.warn("BYPASSING AUTH FOR WEB-INF page");
} else if (!roughlyEqual(path.asString(), authentication.getRequestedPath())) {
throw new InsufficientAuthenticationException("Credentials not valid for path " + authentication
.getRequestedPath() + ". They are valid for " + path.asString());
}
List<GrantedAuthority> authorities = new ArrayList<>();
authorities.add(new SimpleGrantedAuthority("IS_AUTHENTICATED_FULLY"));
authorities.add(new SimpleGrantedAuthority("ROLE_TEMP"));
return new JWTAuthenticationToken(authorities, rawToken, authentication.getRequestedPath());
}
Example 2
| Source File: OrderController.java From onenet-iot-project with MIT License | 5 votes |
|
/**
* 获取当前用户的所有订单
*
* @param request 请求
* @return Response
*/
@GetMapping
public Response getAllOrderByCustomer(HttpServletRequest request) {
String token = request.getHeader("token");
if (!VerifyUtil.checkString(token)) {
return ResultUtil.returnStatus(ResponseStatus.NOT_LOGIN);
} else {
try {
// 解析token
Claim claim = tokenUtil.getClaim(token, "account_id");
String customerId = claim.asString();
Account account = accountService.findAccountById(customerId);
if (account != null) {
List<Order> orders = orderService.findAllOrderByCustomer(customerId);
if (orders != null) {
List<HashMap> list = new LinkedList<>();
for (Order order : orders) {
HashMap in = new HashMap();
in.put("order", order);
in.put("status", orderStatusService.getStatusById(order.getOrderId()));
list.add(in);
}
log.info("get orders: {}", list);
return ResultUtil.returnStatusAndData(ResponseStatus.SUCCESS, list);
} else {
return ResultUtil.returnStatus(ResponseStatus.NOT_FOUND);
}
} else {
return ResultUtil.returnStatus(ResponseStatus.VISITED_FORBID);
}
} catch (JWTVerificationException e) {
// 解析失败,token无效
log.error("{}", e);
return ResultUtil.returnStatus(ResponseStatus.NOT_LOGIN);
}
}
}
Example 3
| Source File: JWTSsoService.java From Knowage-Server with GNU Affero General Public License v3.0 | 5 votes |
|
public static String jwtToken2userId(String jwtToken) throws JWTVerificationException {
LogMF.debug(logger, "JWT token in input is [{0}]", jwtToken);
JWTVerifier verifier = JWT.require(algorithm).build();
DecodedJWT decodedJWT = verifier.verify(jwtToken);
logger.debug("JWT token verified properly");
Claim userIdClaim = decodedJWT.getClaim(SsoServiceInterface.USER_ID);
LogMF.debug(logger, "User id detected is [{0}]", userIdClaim.asString());
assertNotEmpty(userIdClaim, "User id information is missing!!!");
String userId = userIdClaim.asString();
LogMF.debug(logger, "User id is [{0}]", userId);
return userId;
}
Example 4
| Source File: JwtSessionConfigurator.java From aceql-http with GNU Lesser General Public License v2.1 | 5 votes |
|
/**
* Extracts the Database from the decoded JWT.
*/
@Override
public String getDatabase(String sessionId) {
try {
DecodedJWT jwt = JWT.decode(sessionId);
Map<String, Claim> claims = jwt.getClaims(); // Key is the Claim
// name
Claim claim = claims.get("dbn");
return claim.asString();
} catch (JWTDecodeException exception) {
System.err.println(exception);
return null;
}
}
Example 5
| Source File: JwtSessionConfigurator.java From aceql-http with GNU Lesser General Public License v2.1 | 5 votes |
|
/**
* Extracts the username from the decoded JWT.
*/
@Override
public String getUsername(String sessionId) {
try {
DecodedJWT jwt = JWT.decode(sessionId);
Map<String, Claim> claims = jwt.getClaims(); // Key is the Claim
// name
Claim claim = claims.get("usr");
return claim.asString();
} catch (JWTDecodeException exception) {
exception.printStackTrace();
return null;
}
}
Example 6
| Source File: CustomerController.java From onenet-iot-project with MIT License | 5 votes |
|
/**
* 通过客户 token 删除客户信息
*
* @param request 请求
* @return Response
*/
@DeleteMapping
public Response deleteCustomer(HttpServletRequest request) {
String token = request.getHeader("token");
if (!VerifyUtil.checkString(token)) {
return ResultUtil.returnStatus(ResponseStatus.NOT_LOGIN);
} else {
try {
// 解析token
Claim claim = tokenUtil.getClaim(token, "account_id");
String customerId = claim.asString();
Account account = accountService.findAccountById(customerId);
// 判断角色是否有权限
if (account != null) {
Integer row = customerService.deleteCustomer(customerId);
log.info("delete customer: {}", row);
return ResultUtil.returnStatusAndData(ResponseStatus.SUCCESS,
MapUtil.create("row", row + ""));
} else {
return ResultUtil.returnStatus(ResponseStatus.VISITED_FORBID);
}
} catch (JWTVerificationException e) {
// 解析失败,token无效
log.error("{}", e);
return ResultUtil.returnStatus(ResponseStatus.NOT_LOGIN);
}
}
}
Example 7
| Source File: CustomerController.java From onenet-iot-project with MIT License | 5 votes |
|
/**
* 通过客户 token 修改客户信息
*
* @param request 请求
* @param name 姓名
* @param phone 电话
* @param email 邮箱
* @param addr 地址
* @return Response
*/
@PutMapping
public Response updateCustomer(HttpServletRequest request,
@RequestParam("name") String name,
@RequestParam("phone") String phone,
@RequestParam("email") String email,
@RequestParam("addr") String addr) {
String token = request.getHeader("token");
if (!VerifyUtil.checkString(token, name, phone, email, addr)) {
return ResultUtil.returnStatus(ResponseStatus.PARAMS_ERROR);
} else {
try {
// 解析token
Claim claim = tokenUtil.getClaim(token, "account_id");
String customerId = claim.asString();
Account account = accountService.findAccountById(customerId);
// 判断角色是否有权限
if (account != null) {
Customer customer = customerService.findCustomerById(customerId);
if (customer == null) {
return ResultUtil.returnStatus(ResponseStatus.NOT_FOUND);
} else {
return ResultUtil.returnStatusAndData(ResponseStatus.SUCCESS,
MapUtil.create("row", customerService.updateCustomer(customerId, name, phone, email, addr) + ""));
}
} else {
return ResultUtil.returnStatus(ResponseStatus.VISITED_FORBID);
}
} catch (JWTVerificationException e) {
// 解析失败,token无效
log.error("{}", e);
return ResultUtil.returnStatus(ResponseStatus.NOT_LOGIN);
}
}
}
Example 8
| Source File: CustomerController.java From onenet-iot-project with MIT License | 5 votes |
|
/**
* 通过 token 获取客户信息
*
* @param request 请求
* @return Response
*/
@GetMapping
public Response getCustomer(HttpServletRequest request) {
String token = request.getHeader("token");
if (!VerifyUtil.checkString(token)) {
return ResultUtil.returnStatus(ResponseStatus.NOT_LOGIN);
} else {
try {
// 解析token
Claim claim = tokenUtil.getClaim(token, "account_id");
String customerId = claim.asString();
Account account = accountService.findAccountById(customerId);
// 判断角色是否有权限
if (account != null) {
Customer customer = customerService.findCustomerById(customerId);
if (customer != null) {
log.info("customer: {}", customer);
return ResultUtil.returnStatusAndData(ResponseStatus.SUCCESS, customer);
} else {
return ResultUtil.returnStatus(ResponseStatus.NOT_FOUND);
}
} else {
return ResultUtil.returnStatus(ResponseStatus.VISITED_FORBID);
}
} catch (JWTVerificationException e) {
// 解析失败,token无效
log.error("{}", e);
return ResultUtil.returnStatus(ResponseStatus.NOT_LOGIN);
}
}
}
Example 9
| Source File: CustomerController.java From onenet-iot-project with MIT License | 5 votes |
|
/**
* 管理员通过 客户ID 获取客户信息
*
* @param request 请求
* @param id 用户 ID
* @return Response
*/
@GetMapping("/{id}")
public Response getCustomerByAdmin(HttpServletRequest request,
@PathVariable String id) {
String token = request.getHeader("token");
if (!VerifyUtil.checkString(id, token)) {
return ResultUtil.returnStatus(ResponseStatus.NOT_LOGIN);
} else {
try {
// 解析token
Claim claim = tokenUtil.getClaim(token, "account_id");
String adminId = claim.asString();
Account account = accountService.findAccountById(adminId);
// 判断角色是否有权限
if (account != null && account.getRole() == Role.ADMIN) {
Customer customer = customerService.findCustomerById(id);
if (customer != null) {
log.info("customer: {}", customer);
return ResultUtil.returnStatusAndData(ResponseStatus.SUCCESS, customer);
} else {
return ResultUtil.returnStatus(ResponseStatus.NOT_FOUND);
}
} else {
return ResultUtil.returnStatus(ResponseStatus.VISITED_FORBID);
}
} catch (JWTVerificationException e) {
// 解析失败,token无效
log.error("{}", e);
return ResultUtil.returnStatus(ResponseStatus.NOT_LOGIN);
}
}
}
Example 10
| Source File: AdminController.java From onenet-iot-project with MIT License | 5 votes |
|
/**
* 通过 token 删除管理员信息
*
* @param request 请求
* @return Response
*/
@DeleteMapping
public Response deleteCustomerById(HttpServletRequest request) {
String token = request.getHeader("token");
if (!VerifyUtil.checkString(token)) {
return ResultUtil.returnStatus(ResponseStatus.NOT_LOGIN);
} else {
try {
// 解析token
Claim claim = tokenUtil.getClaim(token, "account_id");
String adminId = claim.asString();
Account account = accountService.findAccountById(adminId);
// 判断角色是否有权限
if (account != null) {
Integer row = adminService.deleteAdmin(adminId);
log.info("delete customer: {}", row);
return ResultUtil.returnStatusAndData(ResponseStatus.SUCCESS, MapUtil.create("row", row + ""));
} else {
return ResultUtil.returnStatus(ResponseStatus.VISITED_FORBID);
}
} catch (JWTVerificationException e) {
// 解析失败,token无效
log.error("{}", e);
return ResultUtil.returnStatus(ResponseStatus.NOT_LOGIN);
}
}
}
Example 11
| Source File: AdminController.java From onenet-iot-project with MIT License | 5 votes |
|
/**
* 通过 token 修改管理员信息
*
* @param request 请求
* @param name 姓名
* @param email 邮箱
* @param phone 电话
* @return Response
*/
@PutMapping
public Response updateCustomer(HttpServletRequest request,
@RequestParam("name") String name,
@RequestParam("phone") String phone,
@RequestParam("email") String email) {
String token = request.getHeader("token");
if (!VerifyUtil.checkString(token, name, phone, email)) {
return ResultUtil.returnStatus(ResponseStatus.PARAMS_ERROR);
} else {
try {
// 解析token
Claim claim = tokenUtil.getClaim(token, "account_id");
String adminId = claim.asString();
Account account = accountService.findAccountById(adminId);
// 判断角色是否有权限
if (account != null) {
Admin admin = adminService.findAdminById(adminId);
if (admin == null) {
return ResultUtil.returnStatus(ResponseStatus.NOT_FOUND);
} else {
return ResultUtil.returnStatusAndData(ResponseStatus.SUCCESS,
MapUtil.create("row", adminService.updateAdmin(adminId, name, phone, email) + ""));
}
} else {
return ResultUtil.returnStatus(ResponseStatus.VISITED_FORBID);
}
} catch (JWTVerificationException e) {
// 解析失败,token无效
log.error("{}", e);
return ResultUtil.returnStatus(ResponseStatus.NOT_LOGIN);
}
}
}
Example 12
| Source File: AdminController.java From onenet-iot-project with MIT License | 5 votes |
|
/**
* 通过 token 查找管理员信息
*
* @param request 请求
* @return Response
*/
@GetMapping
public Response getCustomer(HttpServletRequest request) {
String token = request.getHeader("token");
if (!VerifyUtil.checkString(token)) {
return ResultUtil.returnStatus(ResponseStatus.NOT_LOGIN);
} else {
try {
// 解析token
Claim claim = tokenUtil.getClaim(token, "account_id");
String adminId = claim.asString();
Account account = accountService.findAccountById(adminId);
// 判断角色是否有权限
if (account != null) {
Admin admin = adminService.findAdminById(adminId);
if (admin != null) {
log.info("admin: {}", admin);
return ResultUtil.returnStatusAndData(ResponseStatus.SUCCESS, admin);
} else {
return ResultUtil.returnStatus(ResponseStatus.NOT_FOUND);
}
} else {
return ResultUtil.returnStatus(ResponseStatus.VISITED_FORBID);
}
} catch (JWTVerificationException e) {
// 解析失败,token无效
log.error("{}", e);
return ResultUtil.returnStatus(ResponseStatus.NOT_LOGIN);
}
}
}
Example 13
| Source File: HandleOrderController.java From onenet-iot-project with MIT License | 5 votes |
|
/**
* 获取所有订单处理信息
*
* @param request 请求
* @return Response
*/
@GetMapping
public Response getAllHandle(HttpServletRequest request) {
String token = request.getHeader("token");
if (!VerifyUtil.checkString(token)) {
return ResultUtil.returnStatus(ResponseStatus.NOT_LOGIN);
} else {
try {
// 解析token
Claim claim = tokenUtil.getClaim(token, "account_id");
String adminId = claim.asString();
Account account = accountService.findAccountById(adminId);
if (account != null && account.getRole() == Role.ADMIN) {
List<Handle> handles = handleService.getAllHandle();
if (handles != null) {
List<HashMap> list = new LinkedList<>();
for (Handle handle : handles) {
HashMap in = new HashMap();
in.put("handle", handle);
in.put("status", orderStatusService.getStatusById(handle.getOrderId()));
list.add(in);
}
return ResultUtil.returnStatusAndData(ResponseStatus.SUCCESS, list);
} else {
return ResultUtil.returnStatus(ResponseStatus.NOT_FOUND);
}
} else {
return ResultUtil.returnStatus(ResponseStatus.VISITED_FORBID);
}
} catch (JWTVerificationException e) {
// 解析失败,token无效
log.error("{}", e);
return ResultUtil.returnStatus(ResponseStatus.NOT_LOGIN);
}
}
}
Example 14
| Source File: OrderController.java From onenet-iot-project with MIT License | 5 votes |
|
/**
* 通过订单 ID 获取订单信息
*
* @param request 请求
* @param id 订单 ID
* @return Response
*/
@GetMapping("/{id}")
public Response getOrderById(HttpServletRequest request,
@PathVariable String id) {
String token = request.getHeader("token");
if (!VerifyUtil.checkString(token, id)) {
return ResultUtil.returnStatus(ResponseStatus.NOT_LOGIN);
} else {
try {
// 解析token
Claim claim = tokenUtil.getClaim(token, "account_id");
String customerId = claim.asString();
Account account = accountService.findAccountById(customerId);
if (account != null) {
Order order = orderService.findOrderById(id, customerId);
if (order != null) {
HashMap in = new HashMap();
in.put("order", order);
in.put("status", orderStatusService.getStatusById(order.getOrderId()));
return ResultUtil.returnStatusAndData(ResponseStatus.SUCCESS, in);
} else {
return ResultUtil.returnStatus(ResponseStatus.NOT_FOUND);
}
} else {
return ResultUtil.returnStatus(ResponseStatus.VISITED_FORBID);
}
} catch (JWTVerificationException e) {
// 解析失败,token无效
log.error("{}", e);
return ResultUtil.returnStatus(ResponseStatus.NOT_LOGIN);
}
}
}
Example 15
| Source File: OrderController.java From onenet-iot-project with MIT License | 5 votes |
|
/**
* 管理员获取所有订单
*
* @param request 请求
* @return Response
*/
@GetMapping("/admin")
public Response getAllOrderByAdmin(HttpServletRequest request) {
String token = request.getHeader("token");
if (!VerifyUtil.checkString(token)) {
return ResultUtil.returnStatus(ResponseStatus.NOT_LOGIN);
} else {
try {
// 解析token
Claim claim = tokenUtil.getClaim(token, "account_id");
String customerId = claim.asString();
Account account = accountService.findAccountById(customerId);
if (account != null && account.getRole() == Role.ADMIN) {
List<Order> orders = orderService.findAllOrderByAdmin();
if (orders != null) {
List<HashMap> list = new LinkedList<>();
for (Order order : orders) {
HashMap in = new HashMap();
in.put("order", order);
in.put("status", orderStatusService.getStatusById(order.getOrderId()));
list.add(in);
}
log.info("get orders: {}", list);
return ResultUtil.returnStatusAndData(ResponseStatus.SUCCESS, list);
} else {
return ResultUtil.returnStatus(ResponseStatus.NOT_FOUND);
}
} else {
return ResultUtil.returnStatus(ResponseStatus.VISITED_FORBID);
}
} catch (JWTVerificationException e) {
// 解析失败,token无效
log.error("{}", e);
return ResultUtil.returnStatus(ResponseStatus.NOT_LOGIN);
}
}
}
Example 16
| Source File: HandleOrderController.java From onenet-iot-project with MIT License | 4 votes |
|
/**
* 管理员通过订单号处理订单
*
* @param request 请求
* @param id 订单号码
* @param status 处理状态
* @return Response
*/
@PutMapping("/{id}")
public Response handleOrder(HttpServletRequest request,
@PathVariable String id,
@RequestParam("status") String status) {
String token = request.getHeader("token");
if (!VerifyUtil.checkString(id, token, status)) {
return ResultUtil.returnStatus(ResponseStatus.PARAMS_ERROR);
} else {
try {
// 解析token
Claim claim = tokenUtil.getClaim(token, "account_id");
String adminId = claim.asString();
Account account = accountService.findAccountById(adminId);
if (account != null && account.getRole() == Role.ADMIN) {
// 添加订单处理记录
Handle handle = handleService.insertHandle(Handle.builder()
.orderId(id)
.adminId(adminId)
.handleTime(new Date())
.handleResult(Objects.requireNonNull(getStatus(status)).name())
.build());
// 修改订单状态
Integer row = orderStatusService.updateStatus(OrderStatus.builder()
.orderId(id)
.orderStatus(getStatus(status))
.build());
log.info("handle order: {}", handle);
log.info("update status: {}", row);
return ResultUtil.returnStatusAndData(ResponseStatus.SUCCESS,
MapUtil.create("row", row + ""));
} else {
return ResultUtil.returnStatus(ResponseStatus.VISITED_FORBID);
}
} catch (JWTVerificationException e) {
// 解析失败,token无效
log.error("{}", e);
return ResultUtil.returnStatus(ResponseStatus.NOT_LOGIN);
}
}
}
Example 17
| Source File: OrderController.java From onenet-iot-project with MIT License | 4 votes |
|
/**
* 通过 ID 修改订单信息
*
* @param request 请求
* @param id 订单 ID
* @param producibleId 可生产的产品信息
* @param number 数量
* @param diameter 直径
* @param length 长度
* @param weight 重量
* @return Response
*/
@PutMapping("/{id}")
public Response updateOrder(HttpServletRequest request,
@PathVariable String id,
@RequestParam("producible_id") String producibleId,
@RequestParam("number") String number,
@RequestParam("diameter") String diameter,
@RequestParam("length") String length,
@RequestParam("weight") String weight) {
String token = request.getHeader("token");
if (!VerifyUtil.checkString(id, token, producibleId, number, diameter, length, weight)) {
return ResultUtil.returnStatus(ResponseStatus.PARAMS_ERROR);
} else {
try {
// 解析token
Claim claim = tokenUtil.getClaim(token, "account_id");
String customerId = claim.asString();
Account account = accountService.findAccountById(customerId);
if (account != null) {
OrderStatus status = orderStatusService.getStatusById(id);
Order order = orderService.findOrderById(id, customerId);
if (order != null) {
if (status.getOrderStatus() == Status.CREATE) {
Integer row = orderService.updateOrder(Order.builder()
.orderId(order.getOrderId())
.customerId(order.getCustomerId())
.producibleId(producibleId)
.number(number)
.diameter(diameter)
.length(length)
.weight(weight)
.updateTime(new Date())
.createTime(order.getCreateTime())
.build());
log.info("update order: {}", row);
return ResultUtil.returnStatusAndData(ResponseStatus.SUCCESS,
MapUtil.create("row", row + ""));
} else {
return ResultUtil.returnStatus(ResponseStatus.UPDATE_FAILED, "订单已被处理,无法修改");
}
} else {
return ResultUtil.returnStatus(ResponseStatus.NOT_FOUND);
}
} else {
return ResultUtil.returnStatus(ResponseStatus.VISITED_FORBID);
}
} catch (JWTVerificationException e) {
// 解析失败,token无效
log.error("{}", e);
return ResultUtil.returnStatus(ResponseStatus.NOT_LOGIN);
}
}
}
Example 18
| Source File: OrderController.java From onenet-iot-project with MIT License | 4 votes |
|
/**
* 创建一条订单
*
* @param request 请求
* @param producibleId 可生产产品ID
* @param number 产品数量
* @param diameter 直径
* @param length 长度
* @param weight 重量
* @return Response
*/
@PostMapping
public Response createOrder(HttpServletRequest request,
@RequestParam("producible_id") String producibleId,
@RequestParam("number") String number,
@RequestParam("diameter") String diameter,
@RequestParam("length") String length,
@RequestParam("weight") String weight) {
String token = request.getHeader("token");
if (!VerifyUtil.checkString(token, producibleId, number, diameter, length, weight)) {
return ResultUtil.returnStatus(ResponseStatus.PARAMS_ERROR);
} else {
try {
// 解析token
Claim claim = tokenUtil.getClaim(token, "account_id");
String customerId = claim.asString();
Account account = accountService.findAccountById(customerId);
if (account != null) {
// 创建订单记录
String orderId = UUIDUtil.getUUID();
Order order = Order.builder()
.orderId(orderId)
.customerId(customerId)
.producibleId(producibleId)
.number(number)
.diameter(diameter)
.length(length)
.weight(weight)
.createTime(new Date())
.updateTime(new Date())
.build();
// 同时创建一条订单状态的记录
OrderStatus status = orderStatusService.saveStatus(OrderStatus.builder()
.orderId(orderId)
.orderStatus(Status.CREATE)
.build());
log.info("create order: {}", order);
log.info("create status: {}", status);
return ResultUtil.returnStatusAndData(orderService.saveOrder(order),
MapUtil.create("id", orderId));
} else {
return ResultUtil.returnStatus(ResponseStatus.VISITED_FORBID);
}
} catch (JWTVerificationException e) {
// 解析失败,token无效
log.error("{}", e);
return ResultUtil.returnStatus(ResponseStatus.NOT_LOGIN);
}
}
}
Example 19
| Source File: TokenService.java From coderadar with MIT License | 4 votes |
|
/**
* Returns username from the tokens claim <code>username</code>.
*
* @param refreshToken a jwt token
*/
public String getUsername(String refreshToken) {
JWT jwt = JWT.decode(refreshToken);
Claim claim = jwt.getClaim("username");
return claim.asString();
}
