├── src ├── main │ ├── resources │ │ └── application.properties │ └── java │ │ └── com │ │ └── programandoenjava │ │ └── jwt │ │ ├── user │ │ ├── UserResponse.java │ │ ├── UserRepository.java │ │ ├── UserController.java │ │ └── User.java │ │ ├── auth │ │ ├── controller │ │ │ ├── AuthRequest.java │ │ │ ├── RegisterRequest.java │ │ │ ├── TokenResponse.java │ │ │ └── AuthController.java │ │ ├── repository │ │ │ ├── TokenRepository.java │ │ │ └── Token.java │ │ └── service │ │ │ ├── JwtService.java │ │ │ └── AuthService.java │ │ ├── JwtApplication.java │ │ └── config │ │ ├── AppConfig.java │ │ ├── SecurityConfig.java │ │ └── JwtAuthenticationFilter.java └── test │ └── java │ └── com │ └── programandoenjava │ └── jwt │ └── JwtApplicationTests.java ├── .gitignore ├── .mvn └── wrapper │ └── maven-wrapper.properties ├── pom.xml ├── mvnw.cmd └── mvnw /src/main/resources/application.properties: -------------------------------------------------------------------------------- 1 | spring.application.name=jwt 2 | -------------------------------------------------------------------------------- /src/main/java/com/programandoenjava/jwt/user/UserResponse.java: -------------------------------------------------------------------------------- 1 | package com.programandoenjava.jwt.user; 2 | 3 | public record UserResponse( 4 | String name, 5 | String email 6 | ) { 7 | } 8 | -------------------------------------------------------------------------------- /src/main/java/com/programandoenjava/jwt/auth/controller/AuthRequest.java: -------------------------------------------------------------------------------- 1 | package com.programandoenjava.jwt.auth.controller; 2 | 3 | public record AuthRequest( 4 | String email, 5 | String password 6 | ) { 7 | } 8 | -------------------------------------------------------------------------------- /src/main/java/com/programandoenjava/jwt/auth/controller/RegisterRequest.java: -------------------------------------------------------------------------------- 1 | package com.programandoenjava.jwt.auth.controller; 2 | 3 | public record RegisterRequest( 4 | String name, 5 | String email, 6 | String password 7 | ) { 8 | } 9 | -------------------------------------------------------------------------------- /src/test/java/com/programandoenjava/jwt/JwtApplicationTests.java: -------------------------------------------------------------------------------- 1 | package com.programandoenjava.jwt; 2 | 3 | import org.junit.jupiter.api.Test; 4 | import org.springframework.boot.test.context.SpringBootTest; 5 | 6 | @SpringBootTest 7 | class JwtApplicationTests { 8 | 9 | @Test 10 | void contextLoads() { 11 | } 12 | 13 | } 14 | -------------------------------------------------------------------------------- /src/main/java/com/programandoenjava/jwt/user/UserRepository.java: -------------------------------------------------------------------------------- 1 | package com.programandoenjava.jwt.user; 2 | 3 | import org.springframework.data.jpa.repository.JpaRepository; 4 | 5 | import java.util.Optional; 6 | 7 | public interface UserRepository extends JpaRepository { 8 | 9 | Optional findByEmail(String email); 10 | 11 | } 12 | -------------------------------------------------------------------------------- /src/main/java/com/programandoenjava/jwt/auth/controller/TokenResponse.java: -------------------------------------------------------------------------------- 1 | package com.programandoenjava.jwt.auth.controller; 2 | 3 | import com.fasterxml.jackson.annotation.JsonProperty; 4 | 5 | public record TokenResponse( 6 | @JsonProperty("access_token") 7 | String accessToken, 8 | @JsonProperty("refresh_token") 9 | String refreshToken 10 | ) { 11 | } 12 | -------------------------------------------------------------------------------- /src/main/java/com/programandoenjava/jwt/JwtApplication.java: -------------------------------------------------------------------------------- 1 | package com.programandoenjava.jwt; 2 | 3 | import org.springframework.boot.SpringApplication; 4 | import org.springframework.boot.autoconfigure.SpringBootApplication; 5 | 6 | @SpringBootApplication 7 | public class JwtApplication { 8 | 9 | public static void main(String[] args) { 10 | SpringApplication.run(JwtApplication.class, args); 11 | } 12 | 13 | } 14 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | HELP.md 2 | target/ 3 | !.mvn/wrapper/maven-wrapper.jar 4 | !**/src/main/**/target/ 5 | !**/src/test/**/target/ 6 | 7 | ### STS ### 8 | .apt_generated 9 | .classpath 10 | .factorypath 11 | .project 12 | .settings 13 | .springBeans 14 | .sts4-cache 15 | 16 | ### IntelliJ IDEA ### 17 | .idea 18 | *.iws 19 | *.iml 20 | *.ipr 21 | 22 | ### NetBeans ### 23 | /nbproject/private/ 24 | /nbbuild/ 25 | /dist/ 26 | /nbdist/ 27 | /.nb-gradle/ 28 | build/ 29 | !**/src/main/**/build/ 30 | !**/src/test/**/build/ 31 | 32 | ### VS Code ### 33 | .vscode/ 34 | -------------------------------------------------------------------------------- /src/main/java/com/programandoenjava/jwt/auth/repository/TokenRepository.java: -------------------------------------------------------------------------------- 1 | package com.programandoenjava.jwt.auth.repository; 2 | 3 | import org.springframework.data.jpa.repository.JpaRepository; 4 | import org.springframework.data.jpa.repository.Query; 5 | 6 | import java.util.List; 7 | import java.util.Optional; 8 | 9 | public interface TokenRepository extends JpaRepository { 10 | 11 | @Query(value = """ 12 | select t from Token t inner join User u\s 13 | on t.user.id = u.id\s 14 | where u.id = :id and (t.expired = false or t.revoked = false)\s 15 | """) 16 | List findAllValidTokenByUser(Integer id); 17 | 18 | Optional findByToken(String token); 19 | } 20 | -------------------------------------------------------------------------------- /src/main/java/com/programandoenjava/jwt/user/UserController.java: -------------------------------------------------------------------------------- 1 | package com.programandoenjava.jwt.user; 2 | 3 | import lombok.RequiredArgsConstructor; 4 | import org.springframework.web.bind.annotation.GetMapping; 5 | import org.springframework.web.bind.annotation.RequestMapping; 6 | import org.springframework.web.bind.annotation.RestController; 7 | 8 | import java.util.List; 9 | 10 | @RestController 11 | @RequestMapping("/api/v1/users") 12 | @RequiredArgsConstructor 13 | public class UserController { 14 | 15 | private final UserRepository userRepository; 16 | 17 | @GetMapping 18 | public List changePassword() { 19 | return userRepository.findAll() 20 | .stream() 21 | .map(user -> new UserResponse(user.getName(), user.getEmail())) 22 | .toList(); 23 | } 24 | } 25 | -------------------------------------------------------------------------------- /src/main/java/com/programandoenjava/jwt/user/User.java: -------------------------------------------------------------------------------- 1 | package com.programandoenjava.jwt.user; 2 | 3 | import com.programandoenjava.jwt.auth.repository.Token; 4 | import jakarta.persistence.*; 5 | import lombok.AllArgsConstructor; 6 | import lombok.Builder; 7 | import lombok.Data; 8 | import lombok.NoArgsConstructor; 9 | 10 | import java.util.List; 11 | 12 | @Data 13 | @Builder 14 | @NoArgsConstructor 15 | @AllArgsConstructor 16 | @Entity 17 | @Table(name = "users") 18 | public class User { 19 | 20 | @Id 21 | @GeneratedValue 22 | private Integer id; 23 | 24 | @Column(nullable = false) 25 | private String name; 26 | 27 | @Column(nullable = false, unique = true) 28 | private String email; 29 | 30 | @Column(nullable = false) 31 | private String password; 32 | 33 | @OneToMany(mappedBy = "user") 34 | private List tokens; 35 | } 36 | -------------------------------------------------------------------------------- /.mvn/wrapper/maven-wrapper.properties: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one 2 | # or more contributor license agreements. See the NOTICE file 3 | # distributed with this work for additional information 4 | # regarding copyright ownership. The ASF licenses this file 5 | # to you under the Apache License, Version 2.0 (the 6 | # "License"); you may not use this file except in compliance 7 | # with the License. You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, 12 | # software distributed under the License is distributed on an 13 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 14 | # KIND, either express or implied. See the License for the 15 | # specific language governing permissions and limitations 16 | # under the License. 17 | wrapperVersion=3.3.2 18 | distributionType=only-script 19 | distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.9.9/apache-maven-3.9.9-bin.zip 20 | -------------------------------------------------------------------------------- /src/main/java/com/programandoenjava/jwt/auth/repository/Token.java: -------------------------------------------------------------------------------- 1 | package com.programandoenjava.jwt.auth.repository; 2 | 3 | import com.programandoenjava.jwt.user.User; 4 | import jakarta.persistence.*; 5 | import lombok.AllArgsConstructor; 6 | import lombok.Builder; 7 | import lombok.Data; 8 | import lombok.NoArgsConstructor; 9 | 10 | @Data 11 | @Builder 12 | @NoArgsConstructor 13 | @AllArgsConstructor 14 | @Entity 15 | public final class Token { 16 | 17 | @Id 18 | @GeneratedValue 19 | private Integer id; 20 | 21 | @Column(unique = true) 22 | private String token; 23 | 24 | @Enumerated(EnumType.STRING) 25 | @Builder.Default 26 | private TokenType tokenType = TokenType.BEARER; 27 | 28 | @Column(nullable = false) 29 | private Boolean isRevoked; 30 | 31 | @Column(nullable = false) 32 | private Boolean isExpired; 33 | 34 | @ManyToOne(fetch = FetchType.LAZY) 35 | @JoinColumn(name = "user_id") 36 | private User user; 37 | 38 | public enum TokenType { 39 | BEARER 40 | } 41 | 42 | } 43 | -------------------------------------------------------------------------------- /src/main/java/com/programandoenjava/jwt/auth/controller/AuthController.java: -------------------------------------------------------------------------------- 1 | package com.programandoenjava.jwt.auth.controller; 2 | 3 | import com.programandoenjava.jwt.auth.service.AuthService; 4 | import lombok.RequiredArgsConstructor; 5 | import org.springframework.http.HttpHeaders; 6 | import org.springframework.http.ResponseEntity; 7 | import org.springframework.web.bind.annotation.*; 8 | 9 | @RestController 10 | @RequestMapping("/auth") 11 | @RequiredArgsConstructor 12 | public class AuthController { 13 | 14 | private final AuthService service; 15 | 16 | @PostMapping("/register") 17 | public ResponseEntity register(@RequestBody RegisterRequest request) { 18 | final TokenResponse response = service.register(request); 19 | return ResponseEntity.ok(response); 20 | } 21 | 22 | @PostMapping("/login") 23 | public ResponseEntity authenticate(@RequestBody AuthRequest request) { 24 | final TokenResponse response = service.authenticate(request); 25 | return ResponseEntity.ok(response); 26 | } 27 | 28 | @PostMapping("/refresh-token") 29 | public TokenResponse refreshToken( 30 | @RequestHeader(HttpHeaders.AUTHORIZATION) final String authentication 31 | ) { 32 | return service.refreshToken(authentication); 33 | } 34 | 35 | 36 | } 37 | -------------------------------------------------------------------------------- /src/main/java/com/programandoenjava/jwt/config/AppConfig.java: -------------------------------------------------------------------------------- 1 | package com.programandoenjava.jwt.config; 2 | 3 | 4 | import com.programandoenjava.jwt.user.User; 5 | import com.programandoenjava.jwt.user.UserRepository; 6 | import lombok.RequiredArgsConstructor; 7 | import org.springframework.context.annotation.Bean; 8 | import org.springframework.context.annotation.Configuration; 9 | import org.springframework.security.authentication.AuthenticationManager; 10 | import org.springframework.security.authentication.AuthenticationProvider; 11 | import org.springframework.security.authentication.dao.DaoAuthenticationProvider; 12 | import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; 13 | import org.springframework.security.core.userdetails.UserDetailsService; 14 | import org.springframework.security.core.userdetails.UsernameNotFoundException; 15 | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; 16 | import org.springframework.security.crypto.password.PasswordEncoder; 17 | 18 | @Configuration 19 | @RequiredArgsConstructor 20 | public class AppConfig { 21 | 22 | private final UserRepository repository; 23 | 24 | @Bean 25 | public UserDetailsService userDetailsService() { 26 | return username -> { 27 | final User user = repository.findByEmail(username) 28 | .orElseThrow(() -> new UsernameNotFoundException("User not found")); 29 | return org.springframework.security.core.userdetails.User 30 | .builder() 31 | .username(user.getEmail()) 32 | .password(user.getPassword()) 33 | .build(); 34 | }; 35 | } 36 | 37 | @Bean 38 | public AuthenticationProvider authenticationProvider() { 39 | DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider(); 40 | authProvider.setUserDetailsService(userDetailsService()); 41 | authProvider.setPasswordEncoder(passwordEncoder()); 42 | return authProvider; 43 | } 44 | 45 | @Bean 46 | public AuthenticationManager authenticationManager(final AuthenticationConfiguration config) throws Exception { 47 | return config.getAuthenticationManager(); 48 | } 49 | 50 | @Bean 51 | public PasswordEncoder passwordEncoder() { 52 | return new BCryptPasswordEncoder(); 53 | } 54 | 55 | } 56 | -------------------------------------------------------------------------------- /src/main/java/com/programandoenjava/jwt/auth/service/JwtService.java: -------------------------------------------------------------------------------- 1 | package com.programandoenjava.jwt.auth.service; 2 | 3 | import com.programandoenjava.jwt.user.User; 4 | import io.jsonwebtoken.Jwts; 5 | import io.jsonwebtoken.io.Decoders; 6 | import io.jsonwebtoken.security.Keys; 7 | import org.springframework.beans.factory.annotation.Value; 8 | import org.springframework.stereotype.Service; 9 | 10 | import javax.crypto.SecretKey; 11 | import java.util.Date; 12 | import java.util.Map; 13 | 14 | @Service 15 | public class JwtService { 16 | 17 | @Value("${application.security.jwt.secret-key}") 18 | private String secretKey; 19 | @Value("${application.security.jwt.expiration}") 20 | private long jwtExpiration; 21 | @Value("${application.security.jwt.refresh-token.expiration}") 22 | private long refreshExpiration; 23 | 24 | public String extractUsername(String token) { 25 | return Jwts.parser() 26 | .verifyWith(getSignInKey()) 27 | .build() 28 | .parseSignedClaims(token) 29 | .getPayload() 30 | .getSubject(); 31 | } 32 | 33 | public String generateToken(final User user) { 34 | return buildToken(user, jwtExpiration); 35 | } 36 | 37 | public String generateRefreshToken(final User user) { 38 | return buildToken(user, refreshExpiration); 39 | } 40 | 41 | private String buildToken(final User user, final long expiration) { 42 | return Jwts 43 | .builder() 44 | .claims(Map.of("name", user.getName())) 45 | .subject(user.getEmail()) 46 | .issuedAt(new Date(System.currentTimeMillis())) 47 | .expiration(new Date(System.currentTimeMillis() + expiration)) 48 | .signWith(getSignInKey()) 49 | .compact(); 50 | } 51 | 52 | public boolean isTokenValid(String token, User user) { 53 | final String username = extractUsername(token); 54 | return (username.equals(user.getEmail())) && !isTokenExpired(token); 55 | } 56 | 57 | private boolean isTokenExpired(String token) { 58 | return extractExpiration(token).before(new Date()); 59 | } 60 | 61 | private Date extractExpiration(String token) { 62 | return Jwts.parser() 63 | .verifyWith(getSignInKey()) 64 | .build() 65 | .parseSignedClaims(token) 66 | .getPayload() 67 | .getExpiration(); 68 | } 69 | 70 | private SecretKey getSignInKey() { 71 | final byte[] keyBytes = Decoders.BASE64.decode(secretKey); 72 | return Keys.hmacShaKeyFor(keyBytes); 73 | } 74 | } 75 | -------------------------------------------------------------------------------- /src/main/java/com/programandoenjava/jwt/config/SecurityConfig.java: -------------------------------------------------------------------------------- 1 | package com.programandoenjava.jwt.config; 2 | 3 | import com.programandoenjava.jwt.auth.repository.Token; 4 | import com.programandoenjava.jwt.auth.repository.TokenRepository; 5 | import jakarta.servlet.http.HttpServletRequest; 6 | import jakarta.servlet.http.HttpServletResponse; 7 | import lombok.RequiredArgsConstructor; 8 | import org.springframework.context.annotation.Bean; 9 | import org.springframework.context.annotation.Configuration; 10 | import org.springframework.http.HttpHeaders; 11 | import org.springframework.security.authentication.AuthenticationProvider; 12 | import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity; 13 | import org.springframework.security.config.annotation.web.builders.HttpSecurity; 14 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; 15 | import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; 16 | import org.springframework.security.core.Authentication; 17 | import org.springframework.security.core.context.SecurityContextHolder; 18 | import org.springframework.security.web.SecurityFilterChain; 19 | import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; 20 | 21 | import static org.springframework.security.config.http.SessionCreationPolicy.STATELESS; 22 | 23 | @Configuration 24 | @EnableWebSecurity 25 | @RequiredArgsConstructor 26 | @EnableMethodSecurity 27 | public class SecurityConfig { 28 | 29 | private final JwtAuthenticationFilter jwtAuthFilter; 30 | private final AuthenticationProvider authenticationProvider; 31 | private final TokenRepository tokenRepository; 32 | 33 | @Bean 34 | public SecurityFilterChain securityFilterChain(final HttpSecurity http) throws Exception { 35 | http 36 | .csrf(AbstractHttpConfigurer::disable) 37 | .authorizeHttpRequests(req -> 38 | req.requestMatchers("/auth/**") 39 | .permitAll() 40 | .anyRequest() 41 | .authenticated() 42 | ) 43 | .sessionManagement(session -> session.sessionCreationPolicy(STATELESS)) 44 | .authenticationProvider(authenticationProvider) 45 | .addFilterBefore(jwtAuthFilter, UsernamePasswordAuthenticationFilter.class) 46 | .logout(logout -> 47 | logout.logoutUrl("/auth/logout") 48 | .addLogoutHandler(this::logout) 49 | .logoutSuccessHandler((request, response, authentication) -> SecurityContextHolder.clearContext()) 50 | ) 51 | ; 52 | 53 | return http.build(); 54 | } 55 | 56 | private void logout( 57 | final HttpServletRequest request, final HttpServletResponse response, 58 | final Authentication authentication 59 | ) { 60 | 61 | final String authHeader = request.getHeader(HttpHeaders.AUTHORIZATION); 62 | if (authHeader == null || !authHeader.startsWith("Bearer ")) { 63 | return; 64 | } 65 | 66 | final String jwt = authHeader.substring(7); 67 | final Token storedToken = tokenRepository.findByToken(jwt) 68 | .orElse(null); 69 | if (storedToken != null) { 70 | storedToken.setIsExpired(true); 71 | storedToken.setIsRevoked(true); 72 | tokenRepository.save(storedToken); 73 | SecurityContextHolder.clearContext(); 74 | } 75 | } 76 | } 77 | -------------------------------------------------------------------------------- /src/main/java/com/programandoenjava/jwt/config/JwtAuthenticationFilter.java: -------------------------------------------------------------------------------- 1 | package com.programandoenjava.jwt.config; 2 | 3 | import com.programandoenjava.jwt.auth.repository.TokenRepository; 4 | import com.programandoenjava.jwt.auth.service.JwtService; 5 | import com.programandoenjava.jwt.user.User; 6 | import com.programandoenjava.jwt.user.UserRepository; 7 | import jakarta.servlet.FilterChain; 8 | import jakarta.servlet.ServletException; 9 | import jakarta.servlet.http.HttpServletRequest; 10 | import jakarta.servlet.http.HttpServletResponse; 11 | import lombok.RequiredArgsConstructor; 12 | import org.springframework.http.HttpHeaders; 13 | import org.springframework.lang.NonNull; 14 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; 15 | import org.springframework.security.core.Authentication; 16 | import org.springframework.security.core.context.SecurityContextHolder; 17 | import org.springframework.security.core.userdetails.UserDetails; 18 | import org.springframework.security.core.userdetails.UserDetailsService; 19 | import org.springframework.security.web.authentication.WebAuthenticationDetailsSource; 20 | import org.springframework.stereotype.Component; 21 | import org.springframework.web.filter.OncePerRequestFilter; 22 | 23 | import java.io.IOException; 24 | import java.util.Optional; 25 | 26 | @Component 27 | @RequiredArgsConstructor 28 | public class JwtAuthenticationFilter extends OncePerRequestFilter { 29 | 30 | private final JwtService jwtService; 31 | private final UserDetailsService userDetailsService; 32 | private final TokenRepository tokenRepository; 33 | private final UserRepository userRepository; 34 | 35 | @Override 36 | protected void doFilterInternal( 37 | @NonNull HttpServletRequest request, 38 | @NonNull HttpServletResponse response, 39 | @NonNull FilterChain filterChain 40 | ) throws ServletException, IOException { 41 | if (request.getServletPath().contains("/api/v1/auth")) { 42 | filterChain.doFilter(request, response); 43 | return; 44 | } 45 | 46 | final String authHeader = request.getHeader(HttpHeaders.AUTHORIZATION); 47 | if (authHeader == null || !authHeader.startsWith("Bearer ")) { 48 | filterChain.doFilter(request, response); 49 | return; 50 | } 51 | 52 | final String jwt = authHeader.substring(7); 53 | final String userEmail = jwtService.extractUsername(jwt); 54 | final Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); 55 | if (userEmail == null || authentication != null) { 56 | filterChain.doFilter(request, response); 57 | return; 58 | } 59 | 60 | final UserDetails userDetails = this.userDetailsService.loadUserByUsername(userEmail); 61 | final boolean isTokenExpiredOrRevoked = tokenRepository.findByToken(jwt) 62 | .map(token -> !token.getIsExpired() && !token.getIsRevoked()) 63 | .orElse(false); 64 | 65 | 66 | if (isTokenExpiredOrRevoked) { 67 | final Optional user = userRepository.findByEmail(userEmail); 68 | 69 | if (user.isPresent()) { 70 | final boolean isTokenValid = jwtService.isTokenValid(jwt, user.get()); 71 | 72 | if (isTokenValid) { 73 | UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken( 74 | userDetails, 75 | null, 76 | userDetails.getAuthorities() 77 | ); 78 | authToken.setDetails( 79 | new WebAuthenticationDetailsSource().buildDetails(request) 80 | ); 81 | SecurityContextHolder.getContext().setAuthentication(authToken); 82 | } 83 | } 84 | } 85 | 86 | filterChain.doFilter(request, response); 87 | } 88 | } 89 | -------------------------------------------------------------------------------- /src/main/java/com/programandoenjava/jwt/auth/service/AuthService.java: -------------------------------------------------------------------------------- 1 | package com.programandoenjava.jwt.auth.service; 2 | 3 | import com.programandoenjava.jwt.auth.controller.AuthRequest; 4 | import com.programandoenjava.jwt.auth.controller.RegisterRequest; 5 | import com.programandoenjava.jwt.auth.controller.TokenResponse; 6 | import com.programandoenjava.jwt.auth.repository.Token; 7 | import com.programandoenjava.jwt.auth.repository.TokenRepository; 8 | import com.programandoenjava.jwt.user.User; 9 | import com.programandoenjava.jwt.user.UserRepository; 10 | import jakarta.validation.constraints.NotNull; 11 | import lombok.RequiredArgsConstructor; 12 | import org.springframework.security.authentication.AuthenticationManager; 13 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; 14 | import org.springframework.security.crypto.password.PasswordEncoder; 15 | import org.springframework.stereotype.Service; 16 | 17 | import java.util.List; 18 | 19 | @Service 20 | @RequiredArgsConstructor 21 | public class AuthService { 22 | private final UserRepository repository; 23 | private final TokenRepository tokenRepository; 24 | private final PasswordEncoder passwordEncoder; 25 | private final JwtService jwtService; 26 | private final AuthenticationManager authenticationManager; 27 | 28 | public TokenResponse register(final RegisterRequest request) { 29 | final User user = User.builder() 30 | .name(request.name()) 31 | .email(request.email()) 32 | .password(passwordEncoder.encode(request.password())) 33 | .build(); 34 | 35 | final User savedUser = repository.save(user); 36 | final String jwtToken = jwtService.generateToken(savedUser); 37 | final String refreshToken = jwtService.generateRefreshToken(savedUser); 38 | 39 | saveUserToken(savedUser, jwtToken); 40 | return new TokenResponse(jwtToken, refreshToken); 41 | } 42 | 43 | public TokenResponse authenticate(final AuthRequest request) { 44 | authenticationManager.authenticate( 45 | new UsernamePasswordAuthenticationToken( 46 | request.email(), 47 | request.password() 48 | ) 49 | ); 50 | final User user = repository.findByEmail(request.email()) 51 | .orElseThrow(); 52 | final String accessToken = jwtService.generateToken(user); 53 | final String refreshToken = jwtService.generateRefreshToken(user); 54 | revokeAllUserTokens(user); 55 | saveUserToken(user, accessToken); 56 | return new TokenResponse(accessToken, refreshToken); 57 | } 58 | 59 | private void saveUserToken(User user, String jwtToken) { 60 | final Token token = Token.builder() 61 | .user(user) 62 | .token(jwtToken) 63 | .tokenType(Token.TokenType.BEARER) 64 | .isExpired(false) 65 | .isRevoked(false) 66 | .build(); 67 | tokenRepository.save(token); 68 | } 69 | 70 | private void revokeAllUserTokens(final User user) { 71 | final List validUserTokens = tokenRepository.findAllValidTokenByUser(user.getId()); 72 | if (!validUserTokens.isEmpty()) { 73 | validUserTokens.forEach(token -> { 74 | token.setIsExpired(true); 75 | token.setIsRevoked(true); 76 | }); 77 | tokenRepository.saveAll(validUserTokens); 78 | } 79 | } 80 | 81 | public TokenResponse refreshToken(@NotNull final String authentication) { 82 | 83 | if (authentication == null || !authentication.startsWith("Bearer ")) { 84 | throw new IllegalArgumentException("Invalid auth header"); 85 | } 86 | final String refreshToken = authentication.substring(7); 87 | final String userEmail = jwtService.extractUsername(refreshToken); 88 | if (userEmail == null) { 89 | return null; 90 | } 91 | 92 | final User user = this.repository.findByEmail(userEmail).orElseThrow(); 93 | final boolean isTokenValid = jwtService.isTokenValid(refreshToken, user); 94 | if (!isTokenValid) { 95 | return null; 96 | } 97 | 98 | final String accessToken = jwtService.generateRefreshToken(user); 99 | revokeAllUserTokens(user); 100 | saveUserToken(user, accessToken); 101 | 102 | return new TokenResponse(accessToken, refreshToken); 103 | } 104 | } 105 | -------------------------------------------------------------------------------- /pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 4 | 4.0.0 5 | 6 | org.springframework.boot 7 | spring-boot-starter-parent 8 | 3.3.4 9 | 10 | 11 | com.programandoenjava 12 | jwt 13 | 0.0.1-SNAPSHOT 14 | jwt 15 | Proyecto para integrar JWT con Spring Boot 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 17 31 | 32 | 33 | 34 | org.springframework.boot 35 | spring-boot-starter-data-jpa 36 | 3.3.4 37 | 38 | 39 | 40 | org.springframework.boot 41 | spring-boot-starter-security 42 | 3.3.4 43 | 44 | 45 | 46 | org.springframework.boot 47 | spring-boot-starter-web 48 | 3.3.4 49 | 50 | 51 | 52 | org.postgresql 53 | postgresql 54 | 42.7.3 55 | runtime 56 | 57 | 58 | 59 | org.projectlombok 60 | lombok 61 | 1.18.34 62 | true 63 | 64 | 65 | 66 | io.jsonwebtoken 67 | jjwt-api 68 | 0.12.3 69 | 70 | 71 | 72 | io.jsonwebtoken 73 | jjwt-impl 74 | 0.12.6 75 | 76 | 77 | 78 | io.jsonwebtoken 79 | jjwt-jackson 80 | 0.12.5 81 | 82 | 83 | 84 | org.springdoc 85 | springdoc-openapi-starter-webmvc-ui 86 | 2.3.0 87 | 88 | 89 | 90 | org.springframework.boot 91 | spring-boot-starter-validation 92 | 3.3.4 93 | 94 | 95 | 96 | org.springframework.boot 97 | spring-boot-starter-test 98 | 3.3.3 99 | test 100 | 101 | 102 | 103 | org.springframework.security 104 | spring-security-test 105 | 6.3.0 106 | test 107 | 108 | 109 | 110 | 111 | 112 | 113 | org.springframework.boot 114 | spring-boot-maven-plugin 115 | 116 | 117 | 118 | org.projectlombok 119 | lombok 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | -------------------------------------------------------------------------------- /mvnw.cmd: -------------------------------------------------------------------------------- 1 | <# : batch portion 2 | @REM ---------------------------------------------------------------------------- 3 | @REM Licensed to the Apache Software Foundation (ASF) under one 4 | @REM or more contributor license agreements. See the NOTICE file 5 | @REM distributed with this work for additional information 6 | @REM regarding copyright ownership. The ASF licenses this file 7 | @REM to you under the Apache License, Version 2.0 (the 8 | @REM "License"); you may not use this file except in compliance 9 | @REM with the License. You may obtain a copy of the License at 10 | @REM 11 | @REM http://www.apache.org/licenses/LICENSE-2.0 12 | @REM 13 | @REM Unless required by applicable law or agreed to in writing, 14 | @REM software distributed under the License is distributed on an 15 | @REM "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 16 | @REM KIND, either express or implied. See the License for the 17 | @REM specific language governing permissions and limitations 18 | @REM under the License. 19 | @REM ---------------------------------------------------------------------------- 20 | 21 | @REM ---------------------------------------------------------------------------- 22 | @REM Apache Maven Wrapper startup batch script, version 3.3.2 23 | @REM 24 | @REM Optional ENV vars 25 | @REM MVNW_REPOURL - repo url base for downloading maven distribution 26 | @REM MVNW_USERNAME/MVNW_PASSWORD - user and password for downloading maven 27 | @REM MVNW_VERBOSE - true: enable verbose log; others: silence the output 28 | @REM ---------------------------------------------------------------------------- 29 | 30 | @IF "%__MVNW_ARG0_NAME__%"=="" (SET __MVNW_ARG0_NAME__=%~nx0) 31 | @SET __MVNW_CMD__= 32 | @SET __MVNW_ERROR__= 33 | @SET __MVNW_PSMODULEP_SAVE=%PSModulePath% 34 | @SET PSModulePath= 35 | @FOR /F "usebackq tokens=1* delims==" %%A IN (`powershell -noprofile "& {$scriptDir='%~dp0'; $script='%__MVNW_ARG0_NAME__%'; icm -ScriptBlock ([Scriptblock]::Create((Get-Content -Raw '%~f0'))) -NoNewScope}"`) DO @( 36 | IF "%%A"=="MVN_CMD" (set __MVNW_CMD__=%%B) ELSE IF "%%B"=="" (echo %%A) ELSE (echo %%A=%%B) 37 | ) 38 | @SET PSModulePath=%__MVNW_PSMODULEP_SAVE% 39 | @SET __MVNW_PSMODULEP_SAVE= 40 | @SET __MVNW_ARG0_NAME__= 41 | @SET MVNW_USERNAME= 42 | @SET MVNW_PASSWORD= 43 | @IF NOT "%__MVNW_CMD__%"=="" (%__MVNW_CMD__% %*) 44 | @echo Cannot start maven from wrapper >&2 && exit /b 1 45 | @GOTO :EOF 46 | : end batch / begin powershell #> 47 | 48 | $ErrorActionPreference = "Stop" 49 | if ($env:MVNW_VERBOSE -eq "true") { 50 | $VerbosePreference = "Continue" 51 | } 52 | 53 | # calculate distributionUrl, requires .mvn/wrapper/maven-wrapper.properties 54 | $distributionUrl = (Get-Content -Raw "$scriptDir/.mvn/wrapper/maven-wrapper.properties" | ConvertFrom-StringData).distributionUrl 55 | if (!$distributionUrl) { 56 | Write-Error "cannot read distributionUrl property in $scriptDir/.mvn/wrapper/maven-wrapper.properties" 57 | } 58 | 59 | switch -wildcard -casesensitive ( $($distributionUrl -replace '^.*/','') ) { 60 | "maven-mvnd-*" { 61 | $USE_MVND = $true 62 | $distributionUrl = $distributionUrl -replace '-bin\.[^.]*$',"-windows-amd64.zip" 63 | $MVN_CMD = "mvnd.cmd" 64 | break 65 | } 66 | default { 67 | $USE_MVND = $false 68 | $MVN_CMD = $script -replace '^mvnw','mvn' 69 | break 70 | } 71 | } 72 | 73 | # apply MVNW_REPOURL and calculate MAVEN_HOME 74 | # maven home pattern: ~/.m2/wrapper/dists/{apache-maven-,maven-mvnd--}/ 75 | if ($env:MVNW_REPOURL) { 76 | $MVNW_REPO_PATTERN = if ($USE_MVND) { "/org/apache/maven/" } else { "/maven/mvnd/" } 77 | $distributionUrl = "$env:MVNW_REPOURL$MVNW_REPO_PATTERN$($distributionUrl -replace '^.*'+$MVNW_REPO_PATTERN,'')" 78 | } 79 | $distributionUrlName = $distributionUrl -replace '^.*/','' 80 | $distributionUrlNameMain = $distributionUrlName -replace '\.[^.]*$','' -replace '-bin$','' 81 | $MAVEN_HOME_PARENT = "$HOME/.m2/wrapper/dists/$distributionUrlNameMain" 82 | if ($env:MAVEN_USER_HOME) { 83 | $MAVEN_HOME_PARENT = "$env:MAVEN_USER_HOME/wrapper/dists/$distributionUrlNameMain" 84 | } 85 | $MAVEN_HOME_NAME = ([System.Security.Cryptography.MD5]::Create().ComputeHash([byte[]][char[]]$distributionUrl) | ForEach-Object {$_.ToString("x2")}) -join '' 86 | $MAVEN_HOME = "$MAVEN_HOME_PARENT/$MAVEN_HOME_NAME" 87 | 88 | if (Test-Path -Path "$MAVEN_HOME" -PathType Container) { 89 | Write-Verbose "found existing MAVEN_HOME at $MAVEN_HOME" 90 | Write-Output "MVN_CMD=$MAVEN_HOME/bin/$MVN_CMD" 91 | exit $? 92 | } 93 | 94 | if (! $distributionUrlNameMain -or ($distributionUrlName -eq $distributionUrlNameMain)) { 95 | Write-Error "distributionUrl is not valid, must end with *-bin.zip, but found $distributionUrl" 96 | } 97 | 98 | # prepare tmp dir 99 | $TMP_DOWNLOAD_DIR_HOLDER = New-TemporaryFile 100 | $TMP_DOWNLOAD_DIR = New-Item -Itemtype Directory -Path "$TMP_DOWNLOAD_DIR_HOLDER.dir" 101 | $TMP_DOWNLOAD_DIR_HOLDER.Delete() | Out-Null 102 | trap { 103 | if ($TMP_DOWNLOAD_DIR.Exists) { 104 | try { Remove-Item $TMP_DOWNLOAD_DIR -Recurse -Force | Out-Null } 105 | catch { Write-Warning "Cannot remove $TMP_DOWNLOAD_DIR" } 106 | } 107 | } 108 | 109 | New-Item -Itemtype Directory -Path "$MAVEN_HOME_PARENT" -Force | Out-Null 110 | 111 | # Download and Install Apache Maven 112 | Write-Verbose "Couldn't find MAVEN_HOME, downloading and installing it ..." 113 | Write-Verbose "Downloading from: $distributionUrl" 114 | Write-Verbose "Downloading to: $TMP_DOWNLOAD_DIR/$distributionUrlName" 115 | 116 | $webclient = New-Object System.Net.WebClient 117 | if ($env:MVNW_USERNAME -and $env:MVNW_PASSWORD) { 118 | $webclient.Credentials = New-Object System.Net.NetworkCredential($env:MVNW_USERNAME, $env:MVNW_PASSWORD) 119 | } 120 | [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 121 | $webclient.DownloadFile($distributionUrl, "$TMP_DOWNLOAD_DIR/$distributionUrlName") | Out-Null 122 | 123 | # If specified, validate the SHA-256 sum of the Maven distribution zip file 124 | $distributionSha256Sum = (Get-Content -Raw "$scriptDir/.mvn/wrapper/maven-wrapper.properties" | ConvertFrom-StringData).distributionSha256Sum 125 | if ($distributionSha256Sum) { 126 | if ($USE_MVND) { 127 | Write-Error "Checksum validation is not supported for maven-mvnd. `nPlease disable validation by removing 'distributionSha256Sum' from your maven-wrapper.properties." 128 | } 129 | Import-Module $PSHOME\Modules\Microsoft.PowerShell.Utility -Function Get-FileHash 130 | if ((Get-FileHash "$TMP_DOWNLOAD_DIR/$distributionUrlName" -Algorithm SHA256).Hash.ToLower() -ne $distributionSha256Sum) { 131 | Write-Error "Error: Failed to validate Maven distribution SHA-256, your Maven distribution might be compromised. If you updated your Maven version, you need to update the specified distributionSha256Sum property." 132 | } 133 | } 134 | 135 | # unzip and move 136 | Expand-Archive "$TMP_DOWNLOAD_DIR/$distributionUrlName" -DestinationPath "$TMP_DOWNLOAD_DIR" | Out-Null 137 | Rename-Item -Path "$TMP_DOWNLOAD_DIR/$distributionUrlNameMain" -NewName $MAVEN_HOME_NAME | Out-Null 138 | try { 139 | Move-Item -Path "$TMP_DOWNLOAD_DIR/$MAVEN_HOME_NAME" -Destination $MAVEN_HOME_PARENT | Out-Null 140 | } catch { 141 | if (! (Test-Path -Path "$MAVEN_HOME" -PathType Container)) { 142 | Write-Error "fail to move MAVEN_HOME" 143 | } 144 | } finally { 145 | try { Remove-Item $TMP_DOWNLOAD_DIR -Recurse -Force | Out-Null } 146 | catch { Write-Warning "Cannot remove $TMP_DOWNLOAD_DIR" } 147 | } 148 | 149 | Write-Output "MVN_CMD=$MAVEN_HOME/bin/$MVN_CMD" 150 | -------------------------------------------------------------------------------- /mvnw: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # ---------------------------------------------------------------------------- 3 | # Licensed to the Apache Software Foundation (ASF) under one 4 | # or more contributor license agreements. See the NOTICE file 5 | # distributed with this work for additional information 6 | # regarding copyright ownership. The ASF licenses this file 7 | # to you under the Apache License, Version 2.0 (the 8 | # "License"); you may not use this file except in compliance 9 | # with the License. You may obtain a copy of the License at 10 | # 11 | # http://www.apache.org/licenses/LICENSE-2.0 12 | # 13 | # Unless required by applicable law or agreed to in writing, 14 | # software distributed under the License is distributed on an 15 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 16 | # KIND, either express or implied. See the License for the 17 | # specific language governing permissions and limitations 18 | # under the License. 19 | # ---------------------------------------------------------------------------- 20 | 21 | # ---------------------------------------------------------------------------- 22 | # Apache Maven Wrapper startup batch script, version 3.3.2 23 | # 24 | # Optional ENV vars 25 | # ----------------- 26 | # JAVA_HOME - location of a JDK home dir, required when download maven via java source 27 | # MVNW_REPOURL - repo url base for downloading maven distribution 28 | # MVNW_USERNAME/MVNW_PASSWORD - user and password for downloading maven 29 | # MVNW_VERBOSE - true: enable verbose log; debug: trace the mvnw script; others: silence the output 30 | # ---------------------------------------------------------------------------- 31 | 32 | set -euf 33 | [ "${MVNW_VERBOSE-}" != debug ] || set -x 34 | 35 | # OS specific support. 36 | native_path() { printf %s\\n "$1"; } 37 | case "$(uname)" in 38 | CYGWIN* | MINGW*) 39 | [ -z "${JAVA_HOME-}" ] || JAVA_HOME="$(cygpath --unix "$JAVA_HOME")" 40 | native_path() { cygpath --path --windows "$1"; } 41 | ;; 42 | esac 43 | 44 | # set JAVACMD and JAVACCMD 45 | set_java_home() { 46 | # For Cygwin and MinGW, ensure paths are in Unix format before anything is touched 47 | if [ -n "${JAVA_HOME-}" ]; then 48 | if [ -x "$JAVA_HOME/jre/sh/java" ]; then 49 | # IBM's JDK on AIX uses strange locations for the executables 50 | JAVACMD="$JAVA_HOME/jre/sh/java" 51 | JAVACCMD="$JAVA_HOME/jre/sh/javac" 52 | else 53 | JAVACMD="$JAVA_HOME/bin/java" 54 | JAVACCMD="$JAVA_HOME/bin/javac" 55 | 56 | if [ ! -x "$JAVACMD" ] || [ ! -x "$JAVACCMD" ]; then 57 | echo "The JAVA_HOME environment variable is not defined correctly, so mvnw cannot run." >&2 58 | echo "JAVA_HOME is set to \"$JAVA_HOME\", but \"\$JAVA_HOME/bin/java\" or \"\$JAVA_HOME/bin/javac\" does not exist." >&2 59 | return 1 60 | fi 61 | fi 62 | else 63 | JAVACMD="$( 64 | 'set' +e 65 | 'unset' -f command 2>/dev/null 66 | 'command' -v java 67 | )" || : 68 | JAVACCMD="$( 69 | 'set' +e 70 | 'unset' -f command 2>/dev/null 71 | 'command' -v javac 72 | )" || : 73 | 74 | if [ ! -x "${JAVACMD-}" ] || [ ! -x "${JAVACCMD-}" ]; then 75 | echo "The java/javac command does not exist in PATH nor is JAVA_HOME set, so mvnw cannot run." >&2 76 | return 1 77 | fi 78 | fi 79 | } 80 | 81 | # hash string like Java String::hashCode 82 | hash_string() { 83 | str="${1:-}" h=0 84 | while [ -n "$str" ]; do 85 | char="${str%"${str#?}"}" 86 | h=$(((h * 31 + $(LC_CTYPE=C printf %d "'$char")) % 4294967296)) 87 | str="${str#?}" 88 | done 89 | printf %x\\n $h 90 | } 91 | 92 | verbose() { :; } 93 | [ "${MVNW_VERBOSE-}" != true ] || verbose() { printf %s\\n "${1-}"; } 94 | 95 | die() { 96 | printf %s\\n "$1" >&2 97 | exit 1 98 | } 99 | 100 | trim() { 101 | # MWRAPPER-139: 102 | # Trims trailing and leading whitespace, carriage returns, tabs, and linefeeds. 103 | # Needed for removing poorly interpreted newline sequences when running in more 104 | # exotic environments such as mingw bash on Windows. 105 | printf "%s" "${1}" | tr -d '[:space:]' 106 | } 107 | 108 | # parse distributionUrl and optional distributionSha256Sum, requires .mvn/wrapper/maven-wrapper.properties 109 | while IFS="=" read -r key value; do 110 | case "${key-}" in 111 | distributionUrl) distributionUrl=$(trim "${value-}") ;; 112 | distributionSha256Sum) distributionSha256Sum=$(trim "${value-}") ;; 113 | esac 114 | done <"${0%/*}/.mvn/wrapper/maven-wrapper.properties" 115 | [ -n "${distributionUrl-}" ] || die "cannot read distributionUrl property in ${0%/*}/.mvn/wrapper/maven-wrapper.properties" 116 | 117 | case "${distributionUrl##*/}" in 118 | maven-mvnd-*bin.*) 119 | MVN_CMD=mvnd.sh _MVNW_REPO_PATTERN=/maven/mvnd/ 120 | case "${PROCESSOR_ARCHITECTURE-}${PROCESSOR_ARCHITEW6432-}:$(uname -a)" in 121 | *AMD64:CYGWIN* | *AMD64:MINGW*) distributionPlatform=windows-amd64 ;; 122 | :Darwin*x86_64) distributionPlatform=darwin-amd64 ;; 123 | :Darwin*arm64) distributionPlatform=darwin-aarch64 ;; 124 | :Linux*x86_64*) distributionPlatform=linux-amd64 ;; 125 | *) 126 | echo "Cannot detect native platform for mvnd on $(uname)-$(uname -m), use pure java version" >&2 127 | distributionPlatform=linux-amd64 128 | ;; 129 | esac 130 | distributionUrl="${distributionUrl%-bin.*}-$distributionPlatform.zip" 131 | ;; 132 | maven-mvnd-*) MVN_CMD=mvnd.sh _MVNW_REPO_PATTERN=/maven/mvnd/ ;; 133 | *) MVN_CMD="mvn${0##*/mvnw}" _MVNW_REPO_PATTERN=/org/apache/maven/ ;; 134 | esac 135 | 136 | # apply MVNW_REPOURL and calculate MAVEN_HOME 137 | # maven home pattern: ~/.m2/wrapper/dists/{apache-maven-,maven-mvnd--}/ 138 | [ -z "${MVNW_REPOURL-}" ] || distributionUrl="$MVNW_REPOURL$_MVNW_REPO_PATTERN${distributionUrl#*"$_MVNW_REPO_PATTERN"}" 139 | distributionUrlName="${distributionUrl##*/}" 140 | distributionUrlNameMain="${distributionUrlName%.*}" 141 | distributionUrlNameMain="${distributionUrlNameMain%-bin}" 142 | MAVEN_USER_HOME="${MAVEN_USER_HOME:-${HOME}/.m2}" 143 | MAVEN_HOME="${MAVEN_USER_HOME}/wrapper/dists/${distributionUrlNameMain-}/$(hash_string "$distributionUrl")" 144 | 145 | exec_maven() { 146 | unset MVNW_VERBOSE MVNW_USERNAME MVNW_PASSWORD MVNW_REPOURL || : 147 | exec "$MAVEN_HOME/bin/$MVN_CMD" "$@" || die "cannot exec $MAVEN_HOME/bin/$MVN_CMD" 148 | } 149 | 150 | if [ -d "$MAVEN_HOME" ]; then 151 | verbose "found existing MAVEN_HOME at $MAVEN_HOME" 152 | exec_maven "$@" 153 | fi 154 | 155 | case "${distributionUrl-}" in 156 | *?-bin.zip | *?maven-mvnd-?*-?*.zip) ;; 157 | *) die "distributionUrl is not valid, must match *-bin.zip or maven-mvnd-*.zip, but found '${distributionUrl-}'" ;; 158 | esac 159 | 160 | # prepare tmp dir 161 | if TMP_DOWNLOAD_DIR="$(mktemp -d)" && [ -d "$TMP_DOWNLOAD_DIR" ]; then 162 | clean() { rm -rf -- "$TMP_DOWNLOAD_DIR"; } 163 | trap clean HUP INT TERM EXIT 164 | else 165 | die "cannot create temp dir" 166 | fi 167 | 168 | mkdir -p -- "${MAVEN_HOME%/*}" 169 | 170 | # Download and Install Apache Maven 171 | verbose "Couldn't find MAVEN_HOME, downloading and installing it ..." 172 | verbose "Downloading from: $distributionUrl" 173 | verbose "Downloading to: $TMP_DOWNLOAD_DIR/$distributionUrlName" 174 | 175 | # select .zip or .tar.gz 176 | if ! command -v unzip >/dev/null; then 177 | distributionUrl="${distributionUrl%.zip}.tar.gz" 178 | distributionUrlName="${distributionUrl##*/}" 179 | fi 180 | 181 | # verbose opt 182 | __MVNW_QUIET_WGET=--quiet __MVNW_QUIET_CURL=--silent __MVNW_QUIET_UNZIP=-q __MVNW_QUIET_TAR='' 183 | [ "${MVNW_VERBOSE-}" != true ] || __MVNW_QUIET_WGET='' __MVNW_QUIET_CURL='' __MVNW_QUIET_UNZIP='' __MVNW_QUIET_TAR=v 184 | 185 | # normalize http auth 186 | case "${MVNW_PASSWORD:+has-password}" in 187 | '') MVNW_USERNAME='' MVNW_PASSWORD='' ;; 188 | has-password) [ -n "${MVNW_USERNAME-}" ] || MVNW_USERNAME='' MVNW_PASSWORD='' ;; 189 | esac 190 | 191 | if [ -z "${MVNW_USERNAME-}" ] && command -v wget >/dev/null; then 192 | verbose "Found wget ... using wget" 193 | wget ${__MVNW_QUIET_WGET:+"$__MVNW_QUIET_WGET"} "$distributionUrl" -O "$TMP_DOWNLOAD_DIR/$distributionUrlName" || die "wget: Failed to fetch $distributionUrl" 194 | elif [ -z "${MVNW_USERNAME-}" ] && command -v curl >/dev/null; then 195 | verbose "Found curl ... using curl" 196 | curl ${__MVNW_QUIET_CURL:+"$__MVNW_QUIET_CURL"} -f -L -o "$TMP_DOWNLOAD_DIR/$distributionUrlName" "$distributionUrl" || die "curl: Failed to fetch $distributionUrl" 197 | elif set_java_home; then 198 | verbose "Falling back to use Java to download" 199 | javaSource="$TMP_DOWNLOAD_DIR/Downloader.java" 200 | targetZip="$TMP_DOWNLOAD_DIR/$distributionUrlName" 201 | cat >"$javaSource" <<-END 202 | public class Downloader extends java.net.Authenticator 203 | { 204 | protected java.net.PasswordAuthentication getPasswordAuthentication() 205 | { 206 | return new java.net.PasswordAuthentication( System.getenv( "MVNW_USERNAME" ), System.getenv( "MVNW_PASSWORD" ).toCharArray() ); 207 | } 208 | public static void main( String[] args ) throws Exception 209 | { 210 | setDefault( new Downloader() ); 211 | java.nio.file.Files.copy( java.net.URI.create( args[0] ).toURL().openStream(), java.nio.file.Paths.get( args[1] ).toAbsolutePath().normalize() ); 212 | } 213 | } 214 | END 215 | # For Cygwin/MinGW, switch paths to Windows format before running javac and java 216 | verbose " - Compiling Downloader.java ..." 217 | "$(native_path "$JAVACCMD")" "$(native_path "$javaSource")" || die "Failed to compile Downloader.java" 218 | verbose " - Running Downloader.java ..." 219 | "$(native_path "$JAVACMD")" -cp "$(native_path "$TMP_DOWNLOAD_DIR")" Downloader "$distributionUrl" "$(native_path "$targetZip")" 220 | fi 221 | 222 | # If specified, validate the SHA-256 sum of the Maven distribution zip file 223 | if [ -n "${distributionSha256Sum-}" ]; then 224 | distributionSha256Result=false 225 | if [ "$MVN_CMD" = mvnd.sh ]; then 226 | echo "Checksum validation is not supported for maven-mvnd." >&2 227 | echo "Please disable validation by removing 'distributionSha256Sum' from your maven-wrapper.properties." >&2 228 | exit 1 229 | elif command -v sha256sum >/dev/null; then 230 | if echo "$distributionSha256Sum $TMP_DOWNLOAD_DIR/$distributionUrlName" | sha256sum -c >/dev/null 2>&1; then 231 | distributionSha256Result=true 232 | fi 233 | elif command -v shasum >/dev/null; then 234 | if echo "$distributionSha256Sum $TMP_DOWNLOAD_DIR/$distributionUrlName" | shasum -a 256 -c >/dev/null 2>&1; then 235 | distributionSha256Result=true 236 | fi 237 | else 238 | echo "Checksum validation was requested but neither 'sha256sum' or 'shasum' are available." >&2 239 | echo "Please install either command, or disable validation by removing 'distributionSha256Sum' from your maven-wrapper.properties." >&2 240 | exit 1 241 | fi 242 | if [ $distributionSha256Result = false ]; then 243 | echo "Error: Failed to validate Maven distribution SHA-256, your Maven distribution might be compromised." >&2 244 | echo "If you updated your Maven version, you need to update the specified distributionSha256Sum property." >&2 245 | exit 1 246 | fi 247 | fi 248 | 249 | # unzip and move 250 | if command -v unzip >/dev/null; then 251 | unzip ${__MVNW_QUIET_UNZIP:+"$__MVNW_QUIET_UNZIP"} "$TMP_DOWNLOAD_DIR/$distributionUrlName" -d "$TMP_DOWNLOAD_DIR" || die "failed to unzip" 252 | else 253 | tar xzf${__MVNW_QUIET_TAR:+"$__MVNW_QUIET_TAR"} "$TMP_DOWNLOAD_DIR/$distributionUrlName" -C "$TMP_DOWNLOAD_DIR" || die "failed to untar" 254 | fi 255 | printf %s\\n "$distributionUrl" >"$TMP_DOWNLOAD_DIR/$distributionUrlNameMain/mvnw.url" 256 | mv -- "$TMP_DOWNLOAD_DIR/$distributionUrlNameMain" "$MAVEN_HOME" || [ -d "$MAVEN_HOME" ] || die "fail to move MAVEN_HOME" 257 | 258 | clean || : 259 | exec_maven "$@" 260 | --------------------------------------------------------------------------------