├── .gitignore
├── mvnw
├── mvnw.cmd
├── pom.xml
└── src
    └── main
        ├── java
            └── dev
            │   └── struchkov
            │       └── example
            │           └── jwt
            │               └── server
            │                   ├── ServerJwtApplication.java
            │                   ├── config
            │                       └── SecurityConfig.java
            │                   ├── controller
            │                       ├── AuthController.java
            │                       └── Controller.java
            │                   ├── domain
            │                       ├── JwtAuthentication.java
            │                       ├── JwtRequest.java
            │                       ├── JwtResponse.java
            │                       ├── RefreshJwtRequest.java
            │                       ├── Role.java
            │                       └── User.java
            │                   ├── exception
            │                       └── AuthException.java
            │                   ├── filter
            │                       └── JwtFilter.java
            │                   ├── service
            │                       ├── AuthService.java
            │                       ├── JwtProvider.java
            │                       ├── JwtUtils.java
            │                       └── UserService.java
            │                   └── util
            │                       └── GenerateKeys.java
        └── resources
            ├── application.properties
            └── postman_collection.json


/.gitignore:
--------------------------------------------------------------------------------
 1 | HELP.md
 2 | target/
 3 | !.mvn/wrapper/maven-wrapper.jar
 4 | !**/src/main/**/target/
 5 | !**/src/test/**/target/
 6 | 
 7 | ### STS ###
 8 | .apt_generated
 9 | .classpath
10 | .factorypath
11 | .project
12 | .settings
13 | .springBeans
14 | .sts4-cache
15 | 
16 | ### IntelliJ IDEA ###
17 | .idea
18 | *.iws
19 | *.iml
20 | *.ipr
21 | 
22 | ### NetBeans ###
23 | /nbproject/private/
24 | /nbbuild/
25 | /dist/
26 | /nbdist/
27 | /.nb-gradle/
28 | build/
29 | !**/src/main/**/build/
30 | !**/src/test/**/build/
31 | 
32 | ### VS Code ###
33 | .vscode/
34 | *.class
35 | *.log
36 | *.ctxt
37 | .mtj.tmp/
38 | *.jar
39 | *.war
40 | *.nar
41 | *.ear
42 | *.zip
43 | *.tar.gz
44 | *.rar
45 | hs_err_pid*
46 | pom.xml.tag
47 | pom.xml.releaseBackup
48 | pom.xml.versionsBackup
49 | pom.xml.next
50 | release.properties
51 | dependency-reduced-pom.xml
52 | buildNumber.properties
53 | .mvn/timing.properties
54 | .mvn/wrapper/maven-wrapper.jar
55 | .idea/**/workspace.xml
56 | .idea/**/tasks.xml
57 | .idea/**/usage.statistics.xml
58 | .idea/**/dictionaries
59 | .idea/**/shelf
60 | .idea/**/contentModel.xml
61 | .idea/**/dataSources/
62 | .idea/**/dataSources.ids
63 | .idea/**/dataSources.local.xml
64 | .idea/**/sqlDataSources.xml
65 | .idea/**/dynamic.xml
66 | .idea/**/uiDesigner.xml
67 | .idea/**/dbnavigator.xml
68 | .idea/**/gradle.xml
69 | .idea/**/libraries
70 | cmake-build-*/
71 | .idea/**/mongoSettings.xml
72 | out/
73 | .idea_modules/
74 | atlassian-ide-plugin.xml
75 | .idea/replstate.xml
76 | com_crashlytics_export_strings.xml
77 | crashlytics.properties
78 | crashlytics-build.properties
79 | fabric.properties
80 | .idea/httpRequests
81 | .idea/caches/build_file_checksums.ser
82 | 


--------------------------------------------------------------------------------
/mvnw:
--------------------------------------------------------------------------------
  1 | #!/bin/sh
  2 | # ----------------------------------------------------------------------------
  3 | # Licensed to the Apache Software Foundation (ASF) under one
  4 | # or more contributor license agreements.  See the NOTICE file
  5 | # distributed with this work for additional information
  6 | # regarding copyright ownership.  The ASF licenses this file
  7 | # to you under the Apache License, Version 2.0 (the
  8 | # "License"); you may not use this file except in compliance
  9 | # with the License.  You may obtain a copy of the License at
 10 | #
 11 | #    https://www.apache.org/licenses/LICENSE-2.0
 12 | #
 13 | # Unless required by applicable law or agreed to in writing,
 14 | # software distributed under the License is distributed on an
 15 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 16 | # KIND, either express or implied.  See the License for the
 17 | # specific language governing permissions and limitations
 18 | # under the License.
 19 | # ----------------------------------------------------------------------------
 20 | 
 21 | # ----------------------------------------------------------------------------
 22 | # Maven Start Up Batch script
 23 | #
 24 | # Required ENV vars:
 25 | # ------------------
 26 | #   JAVA_HOME - location of a JDK home dir
 27 | #
 28 | # Optional ENV vars
 29 | # -----------------
 30 | #   M2_HOME - location of maven2's installed home dir
 31 | #   MAVEN_OPTS - parameters passed to the Java VM when running Maven
 32 | #     e.g. to debug Maven itself, use
 33 | #       set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000
 34 | #   MAVEN_SKIP_RC - flag to disable loading of mavenrc files
 35 | # ----------------------------------------------------------------------------
 36 | 
 37 | if [ -z "$MAVEN_SKIP_RC" ] ; then
 38 | 
 39 |   if [ -f /etc/mavenrc ] ; then
 40 |     . /etc/mavenrc
 41 |   fi
 42 | 
 43 |   if [ -f "$HOME/.mavenrc" ] ; then
 44 |     . "$HOME/.mavenrc"
 45 |   fi
 46 | 
 47 | fi
 48 | 
 49 | # OS specific support.  $var _must_ be set to either true or false.
 50 | cygwin=false;
 51 | darwin=false;
 52 | mingw=false
 53 | case "`uname`" in
 54 |   CYGWIN*) cygwin=true ;;
 55 |   MINGW*) mingw=true;;
 56 |   Darwin*) darwin=true
 57 |     # Use /usr/libexec/java_home if available, otherwise fall back to /Library/Java/Home
 58 |     # See https://developer.apple.com/library/mac/qa/qa1170/_index.html
 59 |     if [ -z "$JAVA_HOME" ]; then
 60 |       if [ -x "/usr/libexec/java_home" ]; then
 61 |         export JAVA_HOME="`/usr/libexec/java_home`"
 62 |       else
 63 |         export JAVA_HOME="/Library/Java/Home"
 64 |       fi
 65 |     fi
 66 |     ;;
 67 | esac
 68 | 
 69 | if [ -z "$JAVA_HOME" ] ; then
 70 |   if [ -r /etc/gentoo-release ] ; then
 71 |     JAVA_HOME=`java-config --jre-home`
 72 |   fi
 73 | fi
 74 | 
 75 | if [ -z "$M2_HOME" ] ; then
 76 |   ## resolve links - $0 may be a link to maven's home
 77 |   PRG="$0"
 78 | 
 79 |   # need this for relative symlinks
 80 |   while [ -h "$PRG" ] ; do
 81 |     ls=`ls -ld "$PRG"`
 82 |     link=`expr "$ls" : '.*-> \(.*\)$'`
 83 |     if expr "$link" : '/.*' > /dev/null; then
 84 |       PRG="$link"
 85 |     else
 86 |       PRG="`dirname "$PRG"`/$link"
 87 |     fi
 88 |   done
 89 | 
 90 |   saveddir=`pwd`
 91 | 
 92 |   M2_HOME=`dirname "$PRG"`/..
 93 | 
 94 |   # make it fully qualified
 95 |   M2_HOME=`cd "$M2_HOME" && pwd`
 96 | 
 97 |   cd "$saveddir"
 98 |   # echo Using m2 at $M2_HOME
 99 | fi
100 | 
101 | # For Cygwin, ensure paths are in UNIX format before anything is touched
102 | if $cygwin ; then
103 |   [ -n "$M2_HOME" ] &&
104 |     M2_HOME=`cygpath --unix "$M2_HOME"`
105 |   [ -n "$JAVA_HOME" ] &&
106 |     JAVA_HOME=`cygpath --unix "$JAVA_HOME"`
107 |   [ -n "$CLASSPATH" ] &&
108 |     CLASSPATH=`cygpath --path --unix "$CLASSPATH"`
109 | fi
110 | 
111 | # For Mingw, ensure paths are in UNIX format before anything is touched
112 | if $mingw ; then
113 |   [ -n "$M2_HOME" ] &&
114 |     M2_HOME="`(cd "$M2_HOME"; pwd)`"
115 |   [ -n "$JAVA_HOME" ] &&
116 |     JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`"
117 | fi
118 | 
119 | if [ -z "$JAVA_HOME" ]; then
120 |   javaExecutable="`which javac`"
121 |   if [ -n "$javaExecutable" ] && ! [ "`expr \"$javaExecutable\" : '\([^ ]*\)'`" = "no" ]; then
122 |     # readlink(1) is not available as standard on Solaris 10.
123 |     readLink=`which readlink`
124 |     if [ ! `expr "$readLink" : '\([^ ]*\)'` = "no" ]; then
125 |       if $darwin ; then
126 |         javaHome="`dirname \"$javaExecutable\"`"
127 |         javaExecutable="`cd \"$javaHome\" && pwd -P`/javac"
128 |       else
129 |         javaExecutable="`readlink -f \"$javaExecutable\"`"
130 |       fi
131 |       javaHome="`dirname \"$javaExecutable\"`"
132 |       javaHome=`expr "$javaHome" : '\(.*\)/bin'`
133 |       JAVA_HOME="$javaHome"
134 |       export JAVA_HOME
135 |     fi
136 |   fi
137 | fi
138 | 
139 | if [ -z "$JAVACMD" ] ; then
140 |   if [ -n "$JAVA_HOME"  ] ; then
141 |     if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
142 |       # IBM's JDK on AIX uses strange locations for the executables
143 |       JAVACMD="$JAVA_HOME/jre/sh/java"
144 |     else
145 |       JAVACMD="$JAVA_HOME/bin/java"
146 |     fi
147 |   else
148 |     JAVACMD="`which java`"
149 |   fi
150 | fi
151 | 
152 | if [ ! -x "$JAVACMD" ] ; then
153 |   echo "Error: JAVA_HOME is not defined correctly." >&2
154 |   echo "  We cannot execute $JAVACMD" >&2
155 |   exit 1
156 | fi
157 | 
158 | if [ -z "$JAVA_HOME" ] ; then
159 |   echo "Warning: JAVA_HOME environment variable is not set."
160 | fi
161 | 
162 | CLASSWORLDS_LAUNCHER=org.codehaus.plexus.classworlds.launcher.Launcher
163 | 
164 | # traverses directory structure from process work directory to filesystem root
165 | # first directory with .mvn subdirectory is considered project base directory
166 | find_maven_basedir() {
167 | 
168 |   if [ -z "$1" ]
169 |   then
170 |     echo "Path not specified to find_maven_basedir"
171 |     return 1
172 |   fi
173 | 
174 |   basedir="$1"
175 |   wdir="$1"
176 |   while [ "$wdir" != '/' ] ; do
177 |     if [ -d "$wdir"/.mvn ] ; then
178 |       basedir=$wdir
179 |       break
180 |     fi
181 |     # workaround for JBEAP-8937 (on Solaris 10/Sparc)
182 |     if [ -d "${wdir}" ]; then
183 |       wdir=`cd "$wdir/.."; pwd`
184 |     fi
185 |     # end of workaround
186 |   done
187 |   echo "${basedir}"
188 | }
189 | 
190 | # concatenates all lines of a file
191 | concat_lines() {
192 |   if [ -f "$1" ]; then
193 |     echo "$(tr -s '\n' ' ' < "$1")"
194 |   fi
195 | }
196 | 
197 | BASE_DIR=`find_maven_basedir "$(pwd)"`
198 | if [ -z "$BASE_DIR" ]; then
199 |   exit 1;
200 | fi
201 | 
202 | ##########################################################################################
203 | # Extension to allow automatically downloading the maven-wrapper.jar from Maven-central
204 | # This allows using the maven wrapper in projects that prohibit checking in binary data.
205 | ##########################################################################################
206 | if [ -r "$BASE_DIR/.mvn/wrapper/maven-wrapper.jar" ]; then
207 |     if [ "$MVNW_VERBOSE" = true ]; then
208 |       echo "Found .mvn/wrapper/maven-wrapper.jar"
209 |     fi
210 | else
211 |     if [ "$MVNW_VERBOSE" = true ]; then
212 |       echo "Couldn't find .mvn/wrapper/maven-wrapper.jar, downloading it ..."
213 |     fi
214 |     if [ -n "$MVNW_REPOURL" ]; then
215 |       jarUrl="$MVNW_REPOURL/io/takari/maven-wrapper/0.5.6/maven-wrapper-0.5.6.jar"
216 |     else
217 |       jarUrl="https://repo.maven.apache.org/maven2/io/takari/maven-wrapper/0.5.6/maven-wrapper-0.5.6.jar"
218 |     fi
219 |     while IFS="=" read key value; do
220 |       case "$key" in (wrapperUrl) jarUrl="$value"; break ;;
221 |       esac
222 |     done < "$BASE_DIR/.mvn/wrapper/maven-wrapper.properties"
223 |     if [ "$MVNW_VERBOSE" = true ]; then
224 |       echo "Downloading from: $jarUrl"
225 |     fi
226 |     wrapperJarPath="$BASE_DIR/.mvn/wrapper/maven-wrapper.jar"
227 |     if $cygwin; then
228 |       wrapperJarPath=`cygpath --path --windows "$wrapperJarPath"`
229 |     fi
230 | 
231 |     if command -v wget > /dev/null; then
232 |         if [ "$MVNW_VERBOSE" = true ]; then
233 |           echo "Found wget ... using wget"
234 |         fi
235 |         if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then
236 |             wget "$jarUrl" -O "$wrapperJarPath"
237 |         else
238 |             wget --http-user=$MVNW_USERNAME --http-password=$MVNW_PASSWORD "$jarUrl" -O "$wrapperJarPath"
239 |         fi
240 |     elif command -v curl > /dev/null; then
241 |         if [ "$MVNW_VERBOSE" = true ]; then
242 |           echo "Found curl ... using curl"
243 |         fi
244 |         if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then
245 |             curl -o "$wrapperJarPath" "$jarUrl" -f
246 |         else
247 |             curl --user $MVNW_USERNAME:$MVNW_PASSWORD -o "$wrapperJarPath" "$jarUrl" -f
248 |         fi
249 | 
250 |     else
251 |         if [ "$MVNW_VERBOSE" = true ]; then
252 |           echo "Falling back to using Java to download"
253 |         fi
254 |         javaClass="$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.java"
255 |         # For Cygwin, switch paths to Windows format before running javac
256 |         if $cygwin; then
257 |           javaClass=`cygpath --path --windows "$javaClass"`
258 |         fi
259 |         if [ -e "$javaClass" ]; then
260 |             if [ ! -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then
261 |                 if [ "$MVNW_VERBOSE" = true ]; then
262 |                   echo " - Compiling MavenWrapperDownloader.java ..."
263 |                 fi
264 |                 # Compiling the Java class
265 |                 ("$JAVA_HOME/bin/javac" "$javaClass")
266 |             fi
267 |             if [ -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then
268 |                 # Running the downloader
269 |                 if [ "$MVNW_VERBOSE" = true ]; then
270 |                   echo " - Running MavenWrapperDownloader.java ..."
271 |                 fi
272 |                 ("$JAVA_HOME/bin/java" -cp .mvn/wrapper MavenWrapperDownloader "$MAVEN_PROJECTBASEDIR")
273 |             fi
274 |         fi
275 |     fi
276 | fi
277 | ##########################################################################################
278 | # End of extension
279 | ##########################################################################################
280 | 
281 | export MAVEN_PROJECTBASEDIR=${MAVEN_BASEDIR:-"$BASE_DIR"}
282 | if [ "$MVNW_VERBOSE" = true ]; then
283 |   echo $MAVEN_PROJECTBASEDIR
284 | fi
285 | MAVEN_OPTS="$(concat_lines "$MAVEN_PROJECTBASEDIR/.mvn/jvm.config") $MAVEN_OPTS"
286 | 
287 | # For Cygwin, switch paths to Windows format before running java
288 | if $cygwin; then
289 |   [ -n "$M2_HOME" ] &&
290 |     M2_HOME=`cygpath --path --windows "$M2_HOME"`
291 |   [ -n "$JAVA_HOME" ] &&
292 |     JAVA_HOME=`cygpath --path --windows "$JAVA_HOME"`
293 |   [ -n "$CLASSPATH" ] &&
294 |     CLASSPATH=`cygpath --path --windows "$CLASSPATH"`
295 |   [ -n "$MAVEN_PROJECTBASEDIR" ] &&
296 |     MAVEN_PROJECTBASEDIR=`cygpath --path --windows "$MAVEN_PROJECTBASEDIR"`
297 | fi
298 | 
299 | # Provide a "standardized" way to retrieve the CLI args that will
300 | # work with both Windows and non-Windows executions.
301 | MAVEN_CMD_LINE_ARGS="$MAVEN_CONFIG $@"
302 | export MAVEN_CMD_LINE_ARGS
303 | 
304 | WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain
305 | 
306 | exec "$JAVACMD" \
307 |   $MAVEN_OPTS \
308 |   -classpath "$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.jar" \
309 |   "-Dmaven.home=${M2_HOME}" "-Dmaven.multiModuleProjectDirectory=${MAVEN_PROJECTBASEDIR}" \
310 |   ${WRAPPER_LAUNCHER} $MAVEN_CONFIG "$@"
311 | 


--------------------------------------------------------------------------------
/mvnw.cmd:
--------------------------------------------------------------------------------
  1 | @REM ----------------------------------------------------------------------------
  2 | @REM Licensed to the Apache Software Foundation (ASF) under one
  3 | @REM or more contributor license agreements.  See the NOTICE file
  4 | @REM distributed with this work for additional information
  5 | @REM regarding copyright ownership.  The ASF licenses this file
  6 | @REM to you under the Apache License, Version 2.0 (the
  7 | @REM "License"); you may not use this file except in compliance
  8 | @REM with the License.  You may obtain a copy of the License at
  9 | @REM
 10 | @REM    https://www.apache.org/licenses/LICENSE-2.0
 11 | @REM
 12 | @REM Unless required by applicable law or agreed to in writing,
 13 | @REM software distributed under the License is distributed on an
 14 | @REM "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 15 | @REM KIND, either express or implied.  See the License for the
 16 | @REM specific language governing permissions and limitations
 17 | @REM under the License.
 18 | @REM ----------------------------------------------------------------------------
 19 | 
 20 | @REM ----------------------------------------------------------------------------
 21 | @REM Maven Start Up Batch script
 22 | @REM
 23 | @REM Required ENV vars:
 24 | @REM JAVA_HOME - location of a JDK home dir
 25 | @REM
 26 | @REM Optional ENV vars
 27 | @REM M2_HOME - location of maven2's installed home dir
 28 | @REM MAVEN_BATCH_ECHO - set to 'on' to enable the echoing of the batch commands
 29 | @REM MAVEN_BATCH_PAUSE - set to 'on' to wait for a keystroke before ending
 30 | @REM MAVEN_OPTS - parameters passed to the Java VM when running Maven
 31 | @REM     e.g. to debug Maven itself, use
 32 | @REM set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000
 33 | @REM MAVEN_SKIP_RC - flag to disable loading of mavenrc files
 34 | @REM ----------------------------------------------------------------------------
 35 | 
 36 | @REM Begin all REM lines with '@' in case MAVEN_BATCH_ECHO is 'on'
 37 | @echo off
 38 | @REM set title of command window
 39 | title %0
 40 | @REM enable echoing by setting MAVEN_BATCH_ECHO to 'on'
 41 | @if "%MAVEN_BATCH_ECHO%" == "on"  echo %MAVEN_BATCH_ECHO%
 42 | 
 43 | @REM set %HOME% to equivalent of $HOME
 44 | if "%HOME%" == "" (set "HOME=%HOMEDRIVE%%HOMEPATH%")
 45 | 
 46 | @REM Execute a user defined script before this one
 47 | if not "%MAVEN_SKIP_RC%" == "" goto skipRcPre
 48 | @REM check for pre script, once with legacy .bat ending and once with .cmd ending
 49 | if exist "%HOME%\mavenrc_pre.bat" call "%HOME%\mavenrc_pre.bat"
 50 | if exist "%HOME%\mavenrc_pre.cmd" call "%HOME%\mavenrc_pre.cmd"
 51 | :skipRcPre
 52 | 
 53 | @setlocal
 54 | 
 55 | set ERROR_CODE=0
 56 | 
 57 | @REM To isolate internal variables from possible post scripts, we use another setlocal
 58 | @setlocal
 59 | 
 60 | @REM ==== START VALIDATION ====
 61 | if not "%JAVA_HOME%" == "" goto OkJHome
 62 | 
 63 | echo.
 64 | echo Error: JAVA_HOME not found in your environment. >&2
 65 | echo Please set the JAVA_HOME variable in your environment to match the >&2
 66 | echo location of your Java installation. >&2
 67 | echo.
 68 | goto error
 69 | 
 70 | :OkJHome
 71 | if exist "%JAVA_HOME%\bin\java.exe" goto init
 72 | 
 73 | echo.
 74 | echo Error: JAVA_HOME is set to an invalid directory. >&2
 75 | echo JAVA_HOME = "%JAVA_HOME%" >&2
 76 | echo Please set the JAVA_HOME variable in your environment to match the >&2
 77 | echo location of your Java installation. >&2
 78 | echo.
 79 | goto error
 80 | 
 81 | @REM ==== END VALIDATION ====
 82 | 
 83 | :init
 84 | 
 85 | @REM Find the project base dir, i.e. the directory that contains the folder ".mvn".
 86 | @REM Fallback to current working directory if not found.
 87 | 
 88 | set MAVEN_PROJECTBASEDIR=%MAVEN_BASEDIR%
 89 | IF NOT "%MAVEN_PROJECTBASEDIR%"=="" goto endDetectBaseDir
 90 | 
 91 | set EXEC_DIR=%CD%
 92 | set WDIR=%EXEC_DIR%
 93 | :findBaseDir
 94 | IF EXIST "%WDIR%"\.mvn goto baseDirFound
 95 | cd ..
 96 | IF "%WDIR%"=="%CD%" goto baseDirNotFound
 97 | set WDIR=%CD%
 98 | goto findBaseDir
 99 | 
100 | :baseDirFound
101 | set MAVEN_PROJECTBASEDIR=%WDIR%
102 | cd "%EXEC_DIR%"
103 | goto endDetectBaseDir
104 | 
105 | :baseDirNotFound
106 | set MAVEN_PROJECTBASEDIR=%EXEC_DIR%
107 | cd "%EXEC_DIR%"
108 | 
109 | :endDetectBaseDir
110 | 
111 | IF NOT EXIST "%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config" goto endReadAdditionalConfig
112 | 
113 | @setlocal EnableExtensions EnableDelayedExpansion
114 | for /F "usebackq delims=" %%a in ("%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config") do set JVM_CONFIG_MAVEN_PROPS=!JVM_CONFIG_MAVEN_PROPS! %%a
115 | @endlocal & set JVM_CONFIG_MAVEN_PROPS=%JVM_CONFIG_MAVEN_PROPS%
116 | 
117 | :endReadAdditionalConfig
118 | 
119 | SET MAVEN_JAVA_EXE="%JAVA_HOME%\bin\java.exe"
120 | set WRAPPER_JAR="%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.jar"
121 | set WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain
122 | 
123 | set DOWNLOAD_URL="https://repo.maven.apache.org/maven2/io/takari/maven-wrapper/0.5.6/maven-wrapper-0.5.6.jar"
124 | 
125 | FOR /F "tokens=1,2 delims==" %%A IN ("%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.properties") DO (
126 |     IF "%%A"=="wrapperUrl" SET DOWNLOAD_URL=%%B
127 | )
128 | 
129 | @REM Extension to allow automatically downloading the maven-wrapper.jar from Maven-central
130 | @REM This allows using the maven wrapper in projects that prohibit checking in binary data.
131 | if exist %WRAPPER_JAR% (
132 |     if "%MVNW_VERBOSE%" == "true" (
133 |         echo Found %WRAPPER_JAR%
134 |     )
135 | ) else (
136 |     if not "%MVNW_REPOURL%" == "" (
137 |         SET DOWNLOAD_URL="%MVNW_REPOURL%/io/takari/maven-wrapper/0.5.6/maven-wrapper-0.5.6.jar"
138 |     )
139 |     if "%MVNW_VERBOSE%" == "true" (
140 |         echo Couldn't find %WRAPPER_JAR%, downloading it ...
141 |         echo Downloading from: %DOWNLOAD_URL%
142 |     )
143 | 
144 |     powershell -Command "&{"^
145 | 		"$webclient = new-object System.Net.WebClient;"^
146 | 		"if (-not ([string]::IsNullOrEmpty('%MVNW_USERNAME%') -and [string]::IsNullOrEmpty('%MVNW_PASSWORD%'))) {"^
147 | 		"$webclient.Credentials = new-object System.Net.NetworkCredential('%MVNW_USERNAME%', '%MVNW_PASSWORD%');"^
148 | 		"}"^
149 | 		"[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; $webclient.DownloadFile('%DOWNLOAD_URL%', '%WRAPPER_JAR%')"^
150 | 		"}"
151 |     if "%MVNW_VERBOSE%" == "true" (
152 |         echo Finished downloading %WRAPPER_JAR%
153 |     )
154 | )
155 | @REM End of extension
156 | 
157 | @REM Provide a "standardized" way to retrieve the CLI args that will
158 | @REM work with both Windows and non-Windows executions.
159 | set MAVEN_CMD_LINE_ARGS=%*
160 | 
161 | %MAVEN_JAVA_EXE% %JVM_CONFIG_MAVEN_PROPS% %MAVEN_OPTS% %MAVEN_DEBUG_OPTS% -classpath %WRAPPER_JAR% "-Dmaven.multiModuleProjectDirectory=%MAVEN_PROJECTBASEDIR%" %WRAPPER_LAUNCHER% %MAVEN_CONFIG% %*
162 | if ERRORLEVEL 1 goto error
163 | goto end
164 | 
165 | :error
166 | set ERROR_CODE=1
167 | 
168 | :end
169 | @endlocal & set ERROR_CODE=%ERROR_CODE%
170 | 
171 | if not "%MAVEN_SKIP_RC%" == "" goto skipRcPost
172 | @REM check for post script, once with legacy .bat ending and once with .cmd ending
173 | if exist "%HOME%\mavenrc_post.bat" call "%HOME%\mavenrc_post.bat"
174 | if exist "%HOME%\mavenrc_post.cmd" call "%HOME%\mavenrc_post.cmd"
175 | :skipRcPost
176 | 
177 | @REM pause the script if MAVEN_BATCH_PAUSE is set to 'on'
178 | if "%MAVEN_BATCH_PAUSE%" == "on" pause
179 | 
180 | if "%MAVEN_TERMINATE_CMD%" == "on" exit %ERROR_CODE%
181 | 
182 | exit /B %ERROR_CODE%
183 | 


--------------------------------------------------------------------------------
/pom.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 3 |          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
 4 |     <modelVersion>4.0.0</modelVersion>
 5 |     <parent>
 6 |         <groupId>org.springframework.boot</groupId>
 7 |         <artifactId>spring-boot-starter-parent</artifactId>
 8 |         <version>2.7.0</version>
 9 |         <relativePath/> <!-- lookup parent from repository -->
10 |     </parent>
11 | 
12 |     <groupId>dev.struchkiov.example</groupId>
13 |     <artifactId>server-jwt</artifactId>
14 |     <version>0.0.1-SNAPSHOT</version>
15 | 
16 |     <name>server-jwt</name>
17 |     <description>server-jwt</description>
18 | 
19 |     <properties>
20 |         <java.version>17</java.version>
21 |         <maven.compiler.source>${java.version}</maven.compiler.source>
22 |         <maven.compiler.target>${java.version}</maven.compiler.target>
23 |         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
24 |         <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
25 |     </properties>
26 | 
27 |     <dependencies>
28 |         <dependency>
29 |             <groupId>org.springframework.boot</groupId>
30 |             <artifactId>spring-boot-starter-web</artifactId>
31 |         </dependency>
32 |         <dependency>
33 |             <groupId>org.springframework.boot</groupId>
34 |             <artifactId>spring-boot-starter-security</artifactId>
35 |         </dependency>
36 | 
37 |         <dependency>
38 |             <groupId>org.projectlombok</groupId>
39 |             <artifactId>lombok</artifactId>
40 |             <optional>true</optional>
41 |         </dependency>
42 | 
43 |         <dependency>
44 |             <groupId>io.jsonwebtoken</groupId>
45 |             <artifactId>jjwt-api</artifactId>
46 |             <version>0.11.5</version>
47 |         </dependency>
48 |         <dependency>
49 |             <groupId>io.jsonwebtoken</groupId>
50 |             <artifactId>jjwt-impl</artifactId>
51 |             <version>0.11.5</version>
52 |             <scope>runtime</scope>
53 |         </dependency>
54 |         <dependency>
55 |             <groupId>io.jsonwebtoken</groupId>
56 |             <artifactId>jjwt-jackson</artifactId>
57 |             <version>0.11.5</version>
58 |             <scope>runtime</scope>
59 |         </dependency>
60 | 
61 |         <dependency>
62 |             <groupId>javax.xml.bind</groupId>
63 |             <artifactId>jaxb-api</artifactId>
64 |             <version>2.3.1</version>
65 |         </dependency>
66 |     </dependencies>
67 | 
68 |     <build>
69 |         <plugins>
70 |             <plugin>
71 |                 <groupId>org.springframework.boot</groupId>
72 |                 <artifactId>spring-boot-maven-plugin</artifactId>
73 |                 <configuration>
74 |                     <excludes>
75 |                         <exclude>
76 |                             <groupId>org.projectlombok</groupId>
77 |                             <artifactId>lombok</artifactId>
78 |                         </exclude>
79 |                     </excludes>
80 |                 </configuration>
81 |             </plugin>
82 |         </plugins>
83 |     </build>
84 | 
85 | </project>
86 | 


--------------------------------------------------------------------------------
/src/main/java/dev/struchkov/example/jwt/server/ServerJwtApplication.java:
--------------------------------------------------------------------------------
 1 | package dev.struchkov.example.jwt.server;
 2 | 
 3 | import org.springframework.boot.SpringApplication;
 4 | import org.springframework.boot.autoconfigure.SpringBootApplication;
 5 | 
 6 | @SpringBootApplication
 7 | public class ServerJwtApplication {
 8 | 
 9 |     public static void main(String[] args) {
10 |         SpringApplication.run(ServerJwtApplication.class, args);
11 |     }
12 | 
13 | }
14 | 


--------------------------------------------------------------------------------
/src/main/java/dev/struchkov/example/jwt/server/config/SecurityConfig.java:
--------------------------------------------------------------------------------
 1 | package dev.struchkov.example.jwt.server.config;
 2 | 
 3 | import dev.struchkov.example.jwt.server.filter.JwtFilter;
 4 | import lombok.RequiredArgsConstructor;
 5 | import org.springframework.context.annotation.Bean;
 6 | import org.springframework.context.annotation.Configuration;
 7 | import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 8 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 9 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
10 | import org.springframework.security.config.http.SessionCreationPolicy;
11 | import org.springframework.security.web.SecurityFilterChain;
12 | import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
13 | 
14 | @Configuration
15 | @EnableWebSecurity
16 | @RequiredArgsConstructor
17 | @EnableGlobalMethodSecurity(prePostEnabled = true)
18 | public class SecurityConfig {
19 | 
20 |     private final JwtFilter jwtFilter;
21 | 
22 |     @Bean
23 |     public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
24 |         return http
25 |                 .httpBasic().disable()
26 |                 .csrf().disable()
27 |                 .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
28 |                 .and()
29 |                 .authorizeHttpRequests(
30 |                         authz -> authz
31 |                                 .antMatchers("/api/auth/login", "/api/auth/token").permitAll()
32 |                                 .anyRequest().authenticated()
33 |                                 .and()
34 |                                 .addFilterAfter(jwtFilter, UsernamePasswordAuthenticationFilter.class)
35 |                 ).build();
36 |     }
37 | 
38 | }
39 | 


--------------------------------------------------------------------------------
/src/main/java/dev/struchkov/example/jwt/server/controller/AuthController.java:
--------------------------------------------------------------------------------
 1 | package dev.struchkov.example.jwt.server.controller;
 2 | 
 3 | import dev.struchkov.example.jwt.server.domain.JwtResponse;
 4 | import dev.struchkov.example.jwt.server.domain.RefreshJwtRequest;
 5 | import dev.struchkov.example.jwt.server.service.AuthService;
 6 | import lombok.RequiredArgsConstructor;
 7 | import dev.struchkov.example.jwt.server.domain.JwtRequest;
 8 | import org.springframework.http.ResponseEntity;
 9 | import org.springframework.web.bind.annotation.PostMapping;
10 | import org.springframework.web.bind.annotation.RequestBody;
11 | import org.springframework.web.bind.annotation.RequestMapping;
12 | import org.springframework.web.bind.annotation.RestController;
13 | 
14 | @RestController
15 | @RequestMapping("api/auth")
16 | @RequiredArgsConstructor
17 | public class AuthController {
18 | 
19 |     private final AuthService authService;
20 | 
21 |     @PostMapping("login")
22 |     public ResponseEntity<JwtResponse> login(@RequestBody JwtRequest authRequest) {
23 |         final JwtResponse token = authService.login(authRequest);
24 |         return ResponseEntity.ok(token);
25 |     }
26 | 
27 |     @PostMapping("token")
28 |     public ResponseEntity<JwtResponse> getNewAccessToken(@RequestBody RefreshJwtRequest request) {
29 |         final JwtResponse token = authService.getAccessToken(request.getRefreshToken());
30 |         return ResponseEntity.ok(token);
31 |     }
32 | 
33 |     @PostMapping("refresh")
34 |     public ResponseEntity<JwtResponse> getNewRefreshToken(@RequestBody RefreshJwtRequest request) {
35 |         final JwtResponse token = authService.refresh(request.getRefreshToken());
36 |         return ResponseEntity.ok(token);
37 |     }
38 | 
39 | }
40 | 


--------------------------------------------------------------------------------
/src/main/java/dev/struchkov/example/jwt/server/controller/Controller.java:
--------------------------------------------------------------------------------
 1 | package dev.struchkov.example.jwt.server.controller;
 2 | 
 3 | import dev.struchkov.example.jwt.server.service.AuthService;
 4 | import lombok.RequiredArgsConstructor;
 5 | import dev.struchkov.example.jwt.server.domain.JwtAuthentication;
 6 | import org.springframework.http.ResponseEntity;
 7 | import org.springframework.security.access.prepost.PreAuthorize;
 8 | import org.springframework.web.bind.annotation.GetMapping;
 9 | import org.springframework.web.bind.annotation.RequestMapping;
10 | import org.springframework.web.bind.annotation.RestController;
11 | 
12 | @RestController
13 | @RequestMapping("api")
14 | @RequiredArgsConstructor
15 | public class Controller {
16 | 
17 |     private final AuthService authService;
18 | 
19 |     @PreAuthorize("hasAuthority('USER')")
20 |     @GetMapping("hello/user")
21 |     public ResponseEntity<String> helloUser() {
22 |         final JwtAuthentication authInfo = authService.getAuthInfo();
23 |         return ResponseEntity.ok("Hello user " + authInfo.getPrincipal() + "!");
24 |     }
25 | 
26 |     @PreAuthorize("hasAuthority('ADMIN')")
27 |     @GetMapping("hello/admin")
28 |     public ResponseEntity<String> helloAdmin() {
29 |         final JwtAuthentication authInfo = authService.getAuthInfo();
30 |         return ResponseEntity.ok("Hello admin " + authInfo.getPrincipal() + "!");
31 |     }
32 | 
33 | }


--------------------------------------------------------------------------------
/src/main/java/dev/struchkov/example/jwt/server/domain/JwtAuthentication.java:
--------------------------------------------------------------------------------
 1 | package dev.struchkov.example.jwt.server.domain;
 2 | 
 3 | import lombok.Getter;
 4 | import lombok.Setter;
 5 | import org.springframework.security.core.Authentication;
 6 | import org.springframework.security.core.GrantedAuthority;
 7 | 
 8 | import java.util.Collection;
 9 | import java.util.Set;
10 | 
11 | @Getter
12 | @Setter
13 | public class JwtAuthentication implements Authentication {
14 | 
15 |     private boolean authenticated;
16 |     private String username;
17 |     private String firstName;
18 |     private Set<Role> roles;
19 | 
20 |     @Override
21 |     public Collection<? extends GrantedAuthority> getAuthorities() { return roles; }
22 | 
23 |     @Override
24 |     public Object getCredentials() { return null; }
25 | 
26 |     @Override
27 |     public Object getDetails() { return null; }
28 | 
29 |     @Override
30 |     public Object getPrincipal() { return username; }
31 | 
32 |     @Override
33 |     public boolean isAuthenticated() { return authenticated; }
34 | 
35 |     @Override
36 |     public void setAuthenticated(boolean isAuthenticated) throws IllegalArgumentException {
37 |         this.authenticated = isAuthenticated;
38 |     }
39 | 
40 |     @Override
41 |     public String getName() { return firstName; }
42 | 
43 | }


--------------------------------------------------------------------------------
/src/main/java/dev/struchkov/example/jwt/server/domain/JwtRequest.java:
--------------------------------------------------------------------------------
 1 | package dev.struchkov.example.jwt.server.domain;
 2 | 
 3 | import lombok.Getter;
 4 | import lombok.Setter;
 5 | 
 6 | @Setter
 7 | @Getter
 8 | public class JwtRequest {
 9 | 
10 |     private String login;
11 |     private String password;
12 | 
13 | }
14 | 


--------------------------------------------------------------------------------
/src/main/java/dev/struchkov/example/jwt/server/domain/JwtResponse.java:
--------------------------------------------------------------------------------
 1 | package dev.struchkov.example.jwt.server.domain;
 2 | 
 3 | import lombok.AllArgsConstructor;
 4 | import lombok.Getter;
 5 | 
 6 | @Getter
 7 | @AllArgsConstructor
 8 | public class JwtResponse {
 9 | 
10 |     private final String type = "Bearer";
11 |     private String accessToken;
12 |     private String refreshToken;
13 | 
14 | }
15 | 


--------------------------------------------------------------------------------
/src/main/java/dev/struchkov/example/jwt/server/domain/RefreshJwtRequest.java:
--------------------------------------------------------------------------------
 1 | package dev.struchkov.example.jwt.server.domain;
 2 | 
 3 | import lombok.Getter;
 4 | import lombok.Setter;
 5 | 
 6 | @Getter
 7 | @Setter
 8 | public class RefreshJwtRequest {
 9 | 
10 |     public String refreshToken;
11 | 
12 | }
13 | 


--------------------------------------------------------------------------------
/src/main/java/dev/struchkov/example/jwt/server/domain/Role.java:
--------------------------------------------------------------------------------
 1 | package dev.struchkov.example.jwt.server.domain;
 2 | 
 3 | import lombok.RequiredArgsConstructor;
 4 | import org.springframework.security.core.GrantedAuthority;
 5 | 
 6 | @RequiredArgsConstructor
 7 | public enum Role implements GrantedAuthority {
 8 | 
 9 |     ADMIN("ADMIN"),
10 |     USER("USER");
11 | 
12 |     private final String vale;
13 | 
14 |     @Override
15 |     public String getAuthority() {
16 |         return vale;
17 |     }
18 | 
19 | }
20 | 


--------------------------------------------------------------------------------
/src/main/java/dev/struchkov/example/jwt/server/domain/User.java:
--------------------------------------------------------------------------------
 1 | package dev.struchkov.example.jwt.server.domain;
 2 | 
 3 | import lombok.AllArgsConstructor;
 4 | import lombok.Getter;
 5 | import lombok.NoArgsConstructor;
 6 | import lombok.Setter;
 7 | 
 8 | import java.util.Set;
 9 | 
10 | @Getter
11 | @Setter
12 | @NoArgsConstructor
13 | @AllArgsConstructor
14 | public class User {
15 | 
16 |     private String login;
17 |     private String password;
18 |     private String firstName;
19 |     private String lastName;
20 |     private Set<Role> roles;
21 | 
22 | }
23 | 


--------------------------------------------------------------------------------
/src/main/java/dev/struchkov/example/jwt/server/exception/AuthException.java:
--------------------------------------------------------------------------------
 1 | package dev.struchkov.example.jwt.server.exception;
 2 | 
 3 | /**
 4 |  * Исключение используется для ошибок аутентификации и авторизациит.
 5 |  *
 6 |  * @author upagge 21.06.2022
 7 |  */
 8 | public class AuthException extends RuntimeException {
 9 | 
10 |     public AuthException(String message) {
11 |         super(message);
12 |     }
13 | 
14 | }
15 | 


--------------------------------------------------------------------------------
/src/main/java/dev/struchkov/example/jwt/server/filter/JwtFilter.java:
--------------------------------------------------------------------------------
 1 | package dev.struchkov.example.jwt.server.filter;
 2 | 
 3 | import dev.struchkov.example.jwt.server.service.JwtProvider;
 4 | import dev.struchkov.example.jwt.server.service.JwtUtils;
 5 | import io.jsonwebtoken.Claims;
 6 | import lombok.RequiredArgsConstructor;
 7 | import lombok.extern.slf4j.Slf4j;
 8 | import dev.struchkov.example.jwt.server.domain.JwtAuthentication;
 9 | import org.springframework.security.core.context.SecurityContextHolder;
10 | import org.springframework.stereotype.Component;
11 | import org.springframework.util.StringUtils;
12 | import org.springframework.web.filter.GenericFilterBean;
13 | 
14 | import javax.servlet.FilterChain;
15 | import javax.servlet.ServletException;
16 | import javax.servlet.ServletRequest;
17 | import javax.servlet.ServletResponse;
18 | import javax.servlet.http.HttpServletRequest;
19 | import java.io.IOException;
20 | 
21 | @Slf4j
22 | @Component
23 | @RequiredArgsConstructor
24 | public class JwtFilter extends GenericFilterBean {
25 | 
26 |     private static final String AUTHORIZATION = "Authorization";
27 | 
28 |     private final JwtProvider jwtProvider;
29 | 
30 |     @Override
31 |     public void doFilter(ServletRequest request, ServletResponse response, FilterChain fc)
32 |             throws IOException, ServletException {
33 |         final String token = getTokenFromRequest((HttpServletRequest) request);
34 |         if (token != null && jwtProvider.validateAccessToken(token)) {
35 |             final Claims claims = jwtProvider.getAccessClaims(token);
36 |             final JwtAuthentication jwtInfoToken = JwtUtils.generate(claims);
37 |             jwtInfoToken.setAuthenticated(true);
38 |             SecurityContextHolder.getContext().setAuthentication(jwtInfoToken);
39 |         }
40 |         fc.doFilter(request, response);
41 |     }
42 | 
43 |     private String getTokenFromRequest(HttpServletRequest request) {
44 |         final String bearer = request.getHeader(AUTHORIZATION);
45 |         if (StringUtils.hasText(bearer) && bearer.startsWith("Bearer ")) {
46 |             return bearer.substring(7);
47 |         }
48 |         return null;
49 |     }
50 | 
51 | }


--------------------------------------------------------------------------------
/src/main/java/dev/struchkov/example/jwt/server/service/AuthService.java:
--------------------------------------------------------------------------------
 1 | package dev.struchkov.example.jwt.server.service;
 2 | 
 3 | import io.jsonwebtoken.Claims;
 4 | import lombok.NonNull;
 5 | import lombok.RequiredArgsConstructor;
 6 | import dev.struchkov.example.jwt.server.domain.JwtAuthentication;
 7 | import dev.struchkov.example.jwt.server.domain.JwtRequest;
 8 | import dev.struchkov.example.jwt.server.domain.JwtResponse;
 9 | import dev.struchkov.example.jwt.server.domain.User;
10 | import dev.struchkov.example.jwt.server.exception.AuthException;
11 | import org.springframework.security.core.context.SecurityContextHolder;
12 | import org.springframework.stereotype.Service;
13 | 
14 | import java.util.HashMap;
15 | import java.util.Map;
16 | 
17 | @Service
18 | @RequiredArgsConstructor
19 | public class AuthService {
20 | 
21 |     private final UserService userService;
22 |     private final Map<String, String> refreshStorage = new HashMap<>();
23 |     private final JwtProvider jwtProvider;
24 | 
25 |     public JwtResponse login(@NonNull JwtRequest authRequest) {
26 |         final User user = userService.getByLogin(authRequest.getLogin())
27 |                 .orElseThrow(() -> new AuthException("Пользователь не найден"));
28 |         if (user.getPassword().equals(authRequest.getPassword())) {
29 |             final String accessToken = jwtProvider.generateAccessToken(user);
30 |             final String refreshToken = jwtProvider.generateRefreshToken(user);
31 |             refreshStorage.put(user.getLogin(), refreshToken);
32 |             return new JwtResponse(accessToken, refreshToken);
33 |         } else {
34 |             throw new AuthException("Неправильный пароль");
35 |         }
36 |     }
37 | 
38 |     public JwtResponse getAccessToken(@NonNull String refreshToken) {
39 |         if (jwtProvider.validateRefreshToken(refreshToken)) {
40 |             final Claims claims = jwtProvider.getRefreshClaims(refreshToken);
41 |             final String login = claims.getSubject();
42 |             final String saveRefreshToken = refreshStorage.get(login);
43 |             if (saveRefreshToken != null && saveRefreshToken.equals(refreshToken)) {
44 |                 final User user = userService.getByLogin(login)
45 |                         .orElseThrow(() -> new AuthException("Пользователь не найден"));
46 |                 final String accessToken = jwtProvider.generateAccessToken(user);
47 |                 return new JwtResponse(accessToken, null);
48 |             }
49 |         }
50 |         return new JwtResponse(null, null);
51 |     }
52 | 
53 |     public JwtResponse refresh(@NonNull String refreshToken) {
54 |         if (jwtProvider.validateRefreshToken(refreshToken)) {
55 |             final Claims claims = jwtProvider.getRefreshClaims(refreshToken);
56 |             final String login = claims.getSubject();
57 |             final String saveRefreshToken = refreshStorage.get(login);
58 |             if (saveRefreshToken != null && saveRefreshToken.equals(refreshToken)) {
59 |                 final User user = userService.getByLogin(login)
60 |                         .orElseThrow(() -> new AuthException("Пользователь не найден"));
61 |                 final String accessToken = jwtProvider.generateAccessToken(user);
62 |                 final String newRefreshToken = jwtProvider.generateRefreshToken(user);
63 |                 refreshStorage.put(user.getLogin(), newRefreshToken);
64 |                 return new JwtResponse(accessToken, newRefreshToken);
65 |             }
66 |         }
67 |         throw new AuthException("Невалидный JWT токен");
68 |     }
69 | 
70 |     public JwtAuthentication getAuthInfo() {
71 |         return (JwtAuthentication) SecurityContextHolder.getContext().getAuthentication();
72 |     }
73 | 
74 | }
75 | 


--------------------------------------------------------------------------------
/src/main/java/dev/struchkov/example/jwt/server/service/JwtProvider.java:
--------------------------------------------------------------------------------
  1 | package dev.struchkov.example.jwt.server.service;
  2 | 
  3 | import io.jsonwebtoken.Claims;
  4 | import io.jsonwebtoken.ExpiredJwtException;
  5 | import io.jsonwebtoken.Jwts;
  6 | import io.jsonwebtoken.MalformedJwtException;
  7 | import io.jsonwebtoken.UnsupportedJwtException;
  8 | import io.jsonwebtoken.io.Decoders;
  9 | import io.jsonwebtoken.security.Keys;
 10 | import io.jsonwebtoken.security.SignatureException;
 11 | import lombok.NonNull;
 12 | import lombok.extern.slf4j.Slf4j;
 13 | import dev.struchkov.example.jwt.server.domain.User;
 14 | import org.springframework.beans.factory.annotation.Value;
 15 | import org.springframework.stereotype.Component;
 16 | 
 17 | import javax.crypto.SecretKey;
 18 | import java.security.Key;
 19 | import java.time.Instant;
 20 | import java.time.LocalDateTime;
 21 | import java.time.ZoneId;
 22 | import java.util.Date;
 23 | 
 24 | @Slf4j
 25 | @Component
 26 | public class JwtProvider {
 27 | 
 28 |     private final SecretKey jwtAccessSecret;
 29 |     private final SecretKey jwtRefreshSecret;
 30 | 
 31 |     public JwtProvider(
 32 |             @Value("${jwt.secret.access}") String jwtAccessSecret,
 33 |             @Value("${jwt.secret.refresh}") String jwtRefreshSecret
 34 |     ) {
 35 |         this.jwtAccessSecret = Keys.hmacShaKeyFor(Decoders.BASE64.decode(jwtAccessSecret));
 36 |         this.jwtRefreshSecret = Keys.hmacShaKeyFor(Decoders.BASE64.decode(jwtRefreshSecret));
 37 |     }
 38 | 
 39 |     public String generateAccessToken(@NonNull User user) {
 40 |         final LocalDateTime now = LocalDateTime.now();
 41 |         final Instant accessExpirationInstant = now.plusMinutes(5).atZone(ZoneId.systemDefault()).toInstant();
 42 |         final Date accessExpiration = Date.from(accessExpirationInstant);
 43 |         return Jwts.builder()
 44 |                 .setSubject(user.getLogin())
 45 |                 .setExpiration(accessExpiration)
 46 |                 .signWith(jwtAccessSecret)
 47 |                 .claim("roles", user.getRoles())
 48 |                 .claim("firstName", user.getFirstName())
 49 |                 .compact();
 50 |     }
 51 | 
 52 |     public String generateRefreshToken(@NonNull User user) {
 53 |         final LocalDateTime now = LocalDateTime.now();
 54 |         final Instant refreshExpirationInstant = now.plusDays(30).atZone(ZoneId.systemDefault()).toInstant();
 55 |         final Date refreshExpiration = Date.from(refreshExpirationInstant);
 56 |         return Jwts.builder()
 57 |                 .setSubject(user.getLogin())
 58 |                 .setExpiration(refreshExpiration)
 59 |                 .signWith(jwtRefreshSecret)
 60 |                 .compact();
 61 |     }
 62 | 
 63 |     public boolean validateAccessToken(@NonNull String accessToken) {
 64 |         return validateToken(accessToken, jwtAccessSecret);
 65 |     }
 66 | 
 67 |     public boolean validateRefreshToken(@NonNull String refreshToken) {
 68 |         return validateToken(refreshToken, jwtRefreshSecret);
 69 |     }
 70 | 
 71 |     private boolean validateToken(@NonNull String token, @NonNull Key secret) {
 72 |         try {
 73 |             Jwts.parserBuilder()
 74 |                     .setSigningKey(secret)
 75 |                     .build()
 76 |                     .parseClaimsJws(token);
 77 |             return true;
 78 |         } catch (ExpiredJwtException expEx) {
 79 |             log.error("Token expired", expEx);
 80 |         } catch (UnsupportedJwtException unsEx) {
 81 |             log.error("Unsupported jwt", unsEx);
 82 |         } catch (MalformedJwtException mjEx) {
 83 |             log.error("Malformed jwt", mjEx);
 84 |         } catch (SignatureException sEx) {
 85 |             log.error("Invalid signature", sEx);
 86 |         } catch (Exception e) {
 87 |             log.error("invalid token", e);
 88 |         }
 89 |         return false;
 90 |     }
 91 | 
 92 |     public Claims getAccessClaims(@NonNull String token) {
 93 |         return getClaims(token, jwtAccessSecret);
 94 |     }
 95 | 
 96 |     public Claims getRefreshClaims(@NonNull String token) {
 97 |         return getClaims(token, jwtRefreshSecret);
 98 |     }
 99 | 
100 |     private Claims getClaims(@NonNull String token, @NonNull Key secret) {
101 |         return Jwts.parserBuilder()
102 |                 .setSigningKey(secret)
103 |                 .build()
104 |                 .parseClaimsJws(token)
105 |                 .getBody();
106 |     }
107 | 
108 | }
109 | 


--------------------------------------------------------------------------------
/src/main/java/dev/struchkov/example/jwt/server/service/JwtUtils.java:
--------------------------------------------------------------------------------
 1 | package dev.struchkov.example.jwt.server.service;
 2 | 
 3 | import io.jsonwebtoken.Claims;
 4 | import lombok.AccessLevel;
 5 | import lombok.NoArgsConstructor;
 6 | import dev.struchkov.example.jwt.server.domain.JwtAuthentication;
 7 | import dev.struchkov.example.jwt.server.domain.Role;
 8 | 
 9 | import java.util.List;
10 | import java.util.Set;
11 | import java.util.stream.Collectors;
12 | 
13 | @NoArgsConstructor(access = AccessLevel.PRIVATE)
14 | public final class JwtUtils {
15 | 
16 |     public static JwtAuthentication generate(Claims claims) {
17 |         final JwtAuthentication jwtInfoToken = new JwtAuthentication();
18 |         jwtInfoToken.setRoles(getRoles(claims));
19 |         jwtInfoToken.setFirstName(claims.get("firstName", String.class));
20 |         jwtInfoToken.setUsername(claims.getSubject());
21 |         return jwtInfoToken;
22 |     }
23 | 
24 |     private static Set<Role> getRoles(Claims claims) {
25 |         final List<String> roles = claims.get("roles", List.class);
26 |         return roles.stream()
27 |                 .map(Role::valueOf)
28 |                 .collect(Collectors.toSet());
29 |     }
30 | 
31 | }
32 | 


--------------------------------------------------------------------------------
/src/main/java/dev/struchkov/example/jwt/server/service/UserService.java:
--------------------------------------------------------------------------------
 1 | package dev.struchkov.example.jwt.server.service;
 2 | 
 3 | import lombok.NonNull;
 4 | import lombok.RequiredArgsConstructor;
 5 | import dev.struchkov.example.jwt.server.domain.Role;
 6 | import dev.struchkov.example.jwt.server.domain.User;
 7 | import org.springframework.stereotype.Service;
 8 | 
 9 | import java.util.Collections;
10 | import java.util.List;
11 | import java.util.Optional;
12 | 
13 | @Service
14 | @RequiredArgsConstructor
15 | public class UserService {
16 | 
17 |     private final List<User> users;
18 | 
19 |     public UserService() {
20 |         this.users = List.of(
21 |                 new User("anton", "1234", "Антон", "Иванов", Collections.singleton(Role.USER)),
22 |                 new User("ivan", "12345", "Сергей", "Петров", Collections.singleton(Role.ADMIN))
23 |         );
24 |     }
25 | 
26 |     public Optional<User> getByLogin(@NonNull String login) {
27 |         return users.stream()
28 |                 .filter(user -> login.equals(user.getLogin()))
29 |                 .findFirst();
30 |     }
31 | 
32 | }


--------------------------------------------------------------------------------
/src/main/java/dev/struchkov/example/jwt/server/util/GenerateKeys.java:
--------------------------------------------------------------------------------
 1 | package dev.struchkov.example.jwt.server.util;
 2 | 
 3 | import io.jsonwebtoken.SignatureAlgorithm;
 4 | import io.jsonwebtoken.io.Encoders;
 5 | import io.jsonwebtoken.security.Keys;
 6 | 
 7 | public class GenerateKeys {
 8 | 
 9 |     public static void main(String[] args) {
10 |         System.out.println(generateKey());
11 |         System.out.println(generateKey());
12 |     }
13 | 
14 |     private static String generateKey() {
15 |         return Encoders.BASE64.encode(Keys.secretKeyFor(SignatureAlgorithm.HS512).getEncoded());
16 |     }
17 | 
18 | }
19 | 


--------------------------------------------------------------------------------
/src/main/resources/application.properties:
--------------------------------------------------------------------------------
1 | jwt.secret.access=qBTmv4oXFFR2GwjexDJ4t6fsIUIUhhXqlktXjXdkcyygs8nPVEwMfo29VDRRepYDVV5IkIxBMzr7OEHXEHd37w==
2 | jwt.secret.refresh=zL1HB3Pch05Avfynovxrf/kpF9O2m4NCWKJUjEp27s9J2jEG3ifiKCGylaZ8fDeoONSTJP/wAzKawB8F9rOMNg==


--------------------------------------------------------------------------------
/src/main/resources/postman_collection.json:
--------------------------------------------------------------------------------
  1 | {
  2 | 	"info": {
  3 | 		"_postman_id": "7be0f05f-b637-4296-a2ab-9ae2e622fa16",
  4 | 		"name": "JWT",
  5 | 		"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json",
  6 | 		"_exporter_id": "16442716"
  7 | 	},
  8 | 	"item": [
  9 | 		{
 10 | 			"name": "Auth Service",
 11 | 			"item": [
 12 | 				{
 13 | 					"name": "Login User",
 14 | 					"request": {
 15 | 						"method": "POST",
 16 | 						"header": [],
 17 | 						"body": {
 18 | 							"mode": "raw",
 19 | 							"raw": "{\n    \"login\": \"anton\",\n    \"password\": \"1234\"\n}",
 20 | 							"options": {
 21 | 								"raw": {
 22 | 									"language": "json"
 23 | 								}
 24 | 							}
 25 | 						},
 26 | 						"url": {
 27 | 							"raw": "http://localhost:8080/api/auth/login",
 28 | 							"protocol": "http",
 29 | 							"host": [
 30 | 								"localhost"
 31 | 							],
 32 | 							"port": "8080",
 33 | 							"path": [
 34 | 								"api",
 35 | 								"auth",
 36 | 								"login"
 37 | 							]
 38 | 						}
 39 | 					},
 40 | 					"response": []
 41 | 				},
 42 | 				{
 43 | 					"name": "Login Admin",
 44 | 					"request": {
 45 | 						"method": "POST",
 46 | 						"header": [],
 47 | 						"body": {
 48 | 							"mode": "raw",
 49 | 							"raw": "{\n    \"login\": \"anton\",\n    \"password\": \"1234\"\n}",
 50 | 							"options": {
 51 | 								"raw": {
 52 | 									"language": "json"
 53 | 								}
 54 | 							}
 55 | 						},
 56 | 						"url": {
 57 | 							"raw": "http://localhost:8080/api/auth/login",
 58 | 							"protocol": "http",
 59 | 							"host": [
 60 | 								"localhost"
 61 | 							],
 62 | 							"port": "8080",
 63 | 							"path": [
 64 | 								"api",
 65 | 								"auth",
 66 | 								"login"
 67 | 							]
 68 | 						}
 69 | 					},
 70 | 					"response": []
 71 | 				},
 72 | 				{
 73 | 					"name": "Get new access token",
 74 | 					"request": {
 75 | 						"method": "POST",
 76 | 						"header": [],
 77 | 						"body": {
 78 | 							"mode": "raw",
 79 | 							"raw": "{\n    \"refreshToken\": \"eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJhbnRvbiIsImV4cCI6MTY1ODM4NTcwMH0.35Xfw495acquYKcHKK2MrRU_dPlNqPQC7N3-vxA2d0zayWD1Ify6J-xYl5tWkm-8qdyXqPCri3uEfpzx1Lc7WA\"\n}",
 80 | 							"options": {
 81 | 								"raw": {
 82 | 									"language": "json"
 83 | 								}
 84 | 							}
 85 | 						},
 86 | 						"url": {
 87 | 							"raw": "http://localhost:8080/api/auth/token",
 88 | 							"protocol": "http",
 89 | 							"host": [
 90 | 								"localhost"
 91 | 							],
 92 | 							"port": "8080",
 93 | 							"path": [
 94 | 								"api",
 95 | 								"auth",
 96 | 								"token"
 97 | 							]
 98 | 						}
 99 | 					},
100 | 					"response": []
101 | 				},
102 | 				{
103 | 					"name": "Get new access and refresh tokens",
104 | 					"request": {
105 | 						"auth": {
106 | 							"type": "bearer",
107 | 							"bearer": [
108 | 								{
109 | 									"key": "token",
110 | 									"value": "eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJhbnRvbiIsImV4cCI6MTY1NTc5NDE2NCwicm9sZXMiOlsiVVNFUiJdLCJmaXJzdE5hbWUiOiLQkNC90YLQvtC9In0.hJ_j6BjysvP2Qv2Lt06m8FwE-U4AHRjVQ9BpBy6fJIycUDZxBSAhoeFucaOGFgukTMfICZbgEvna9OuwqYzzwQ",
111 | 									"type": "string"
112 | 								}
113 | 							]
114 | 						},
115 | 						"method": "POST",
116 | 						"header": [],
117 | 						"body": {
118 | 							"mode": "raw",
119 | 							"raw": "{\n    \"refreshToken\": \"eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJhbnRvbiIsImV4cCI6MTY1ODM4NTg2NH0.gfE8Gr_1Sp_Um3vXG2EaDgqz6p9iLo1_wZgKksme13pg2q4cXVyShBtMTZ0ApfdcGzXcJ2MUoFHtTJCMj8ROUQ\"\n}",
120 | 							"options": {
121 | 								"raw": {
122 | 									"language": "json"
123 | 								}
124 | 							}
125 | 						},
126 | 						"url": {
127 | 							"raw": "http://localhost:8080/api/auth/refresh",
128 | 							"protocol": "http",
129 | 							"host": [
130 | 								"localhost"
131 | 							],
132 | 							"port": "8080",
133 | 							"path": [
134 | 								"api",
135 | 								"auth",
136 | 								"refresh"
137 | 							]
138 | 						}
139 | 					},
140 | 					"response": []
141 | 				}
142 | 			]
143 | 		},
144 | 		{
145 | 			"name": "Service One",
146 | 			"item": [
147 | 				{
148 | 					"name": "Hello User Request",
149 | 					"protocolProfileBehavior": {
150 | 						"disableBodyPruning": true
151 | 					},
152 | 					"request": {
153 | 						"auth": {
154 | 							"type": "bearer",
155 | 							"bearer": [
156 | 								{
157 | 									"key": "token",
158 | 									"value": "eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJhbnRvbiIsImV4cCI6MTY1NTc5NTEyMCwicm9sZXMiOlsiVVNFUiJdLCJmaXJzdE5hbWUiOiLQkNC90YLQvtC9In0.tLFtJ0oPLq493u7EJe2Tb4kLxAFGCYgIWrmMq1XiHNhihbh2sV9-yVQyXOFwIpArw4ReAuUoP-6F2B_6YYzx4Q",
159 | 									"type": "string"
160 | 								}
161 | 							]
162 | 						},
163 | 						"method": "GET",
164 | 						"header": [],
165 | 						"body": {
166 | 							"mode": "raw",
167 | 							"raw": "",
168 | 							"options": {
169 | 								"raw": {
170 | 									"language": "json"
171 | 								}
172 | 							}
173 | 						},
174 | 						"url": {
175 | 							"raw": "http://localhost:8080/api/hello/user",
176 | 							"protocol": "http",
177 | 							"host": [
178 | 								"localhost"
179 | 							],
180 | 							"port": "8080",
181 | 							"path": [
182 | 								"api",
183 | 								"hello",
184 | 								"user"
185 | 							]
186 | 						}
187 | 					},
188 | 					"response": []
189 | 				},
190 | 				{
191 | 					"name": "Hello Admin Request",
192 | 					"protocolProfileBehavior": {
193 | 						"disableBodyPruning": true
194 | 					},
195 | 					"request": {
196 | 						"auth": {
197 | 							"type": "bearer",
198 | 							"bearer": [
199 | 								{
200 | 									"key": "token",
201 | 									"value": "eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJhbnRvbiIsImV4cCI6MTY1NTc5MzYxNiwicm9sZXMiOlsiVVNFUiJdLCJmaXJzdE5hbWUiOiLQkNC90YLQvtC9In0.2JBqOWBOmO9a93nwiBgFvf6LvATMw-DALRlSwjFbshhu5RP110NIg5Aod_V0r1WtNDAbuzsHFxk7N-chy4sHQg",
202 | 									"type": "string"
203 | 								}
204 | 							]
205 | 						},
206 | 						"method": "GET",
207 | 						"header": [],
208 | 						"body": {
209 | 							"mode": "raw",
210 | 							"raw": "",
211 | 							"options": {
212 | 								"raw": {
213 | 									"language": "json"
214 | 								}
215 | 							}
216 | 						},
217 | 						"url": {
218 | 							"raw": "http://localhost:8080/api/hello/admin",
219 | 							"protocol": "http",
220 | 							"host": [
221 | 								"localhost"
222 | 							],
223 | 							"port": "8080",
224 | 							"path": [
225 | 								"api",
226 | 								"hello",
227 | 								"admin"
228 | 							]
229 | 						}
230 | 					},
231 | 					"response": []
232 | 				}
233 | 			]
234 | 		},
235 | 		{
236 | 			"name": "Service Two",
237 | 			"item": [
238 | 				{
239 | 					"name": "Hello User Request",
240 | 					"protocolProfileBehavior": {
241 | 						"disableBodyPruning": true
242 | 					},
243 | 					"request": {
244 | 						"auth": {
245 | 							"type": "bearer",
246 | 							"bearer": [
247 | 								{
248 | 									"key": "token",
249 | 									"value": "",
250 | 									"type": "string"
251 | 								}
252 | 							]
253 | 						},
254 | 						"method": "GET",
255 | 						"header": [],
256 | 						"body": {
257 | 							"mode": "raw",
258 | 							"raw": "",
259 | 							"options": {
260 | 								"raw": {
261 | 									"language": "json"
262 | 								}
263 | 							}
264 | 						},
265 | 						"url": {
266 | 							"raw": "http://localhost:8099/api/hello/user",
267 | 							"protocol": "http",
268 | 							"host": [
269 | 								"localhost"
270 | 							],
271 | 							"port": "8099",
272 | 							"path": [
273 | 								"api",
274 | 								"hello",
275 | 								"user"
276 | 							]
277 | 						}
278 | 					},
279 | 					"response": []
280 | 				},
281 | 				{
282 | 					"name": "Hello Admin Request",
283 | 					"protocolProfileBehavior": {
284 | 						"disableBodyPruning": true
285 | 					},
286 | 					"request": {
287 | 						"auth": {
288 | 							"type": "bearer",
289 | 							"bearer": [
290 | 								{
291 | 									"key": "token",
292 | 									"value": "eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJhbnRvbiIsImV4cCI6MTY1NTc1NjQyNSwicm9sZXMiOlsiVVNFUiJdLCJmaXJzdE5hbWUiOiLQkNC90YLQvtC9In0.y40_c0QGAMzf3tq19UtfNHdYcU7KS_xCqzzxBDLeUMZ5ait7LfWbLv8hCHyKGNBHOYLuquu5ylTiNBT4DBgr3A",
293 | 									"type": "string"
294 | 								}
295 | 							]
296 | 						},
297 | 						"method": "GET",
298 | 						"header": [],
299 | 						"body": {
300 | 							"mode": "raw",
301 | 							"raw": "",
302 | 							"options": {
303 | 								"raw": {
304 | 									"language": "json"
305 | 								}
306 | 							}
307 | 						},
308 | 						"url": {
309 | 							"raw": "http://localhost:8099/api/hello/user",
310 | 							"protocol": "http",
311 | 							"host": [
312 | 								"localhost"
313 | 							],
314 | 							"port": "8099",
315 | 							"path": [
316 | 								"api",
317 | 								"hello",
318 | 								"user"
319 | 							]
320 | 						}
321 | 					},
322 | 					"response": []
323 | 				}
324 | 			]
325 | 		}
326 | 	]
327 | }


--------------------------------------------------------------------------------