├── .gitignore ├── .mvn └── wrapper │ ├── maven-wrapper.jar │ └── maven-wrapper.properties ├── README.md ├── mvnw ├── mvnw.cmd ├── pom.xml └── src ├── main ├── java │ └── com │ │ └── techprimers │ │ └── security │ │ └── jwtsecurity │ │ ├── JwtSecurityApplication.java │ │ ├── config │ │ └── JwtSecurityConfig.java │ │ ├── controller │ │ ├── HelloController.java │ │ └── TokenController.java │ │ ├── model │ │ ├── JwtAuthenticationToken.java │ │ ├── JwtUser.java │ │ └── JwtUserDetails.java │ │ └── security │ │ ├── JwtAuthenticationEntryPoint.java │ │ ├── JwtAuthenticationProvider.java │ │ ├── JwtAuthenticationTokenFilter.java │ │ ├── JwtGenerator.java │ │ ├── JwtSuccessHandler.java │ │ └── JwtValidator.java └── resources │ ├── application.properties │ └── application.yml └── test └── java └── com └── techprimers └── security └── jwtsecurity └── JwtSecurityApplicationTests.java /.gitignore: -------------------------------------------------------------------------------- 1 | target/ 2 | !.mvn/wrapper/maven-wrapper.jar 3 | 4 | ### STS ### 5 | .apt_generated 6 | .classpath 7 | .factorypath 8 | .project 9 | .settings 10 | .springBeans 11 | 12 | ### IntelliJ IDEA ### 13 | .idea 14 | *.iws 15 | *.iml 16 | *.ipr 17 | 18 | ### NetBeans ### 19 | nbproject/private/ 20 | build/ 21 | nbbuild/ 22 | dist/ 23 | nbdist/ 24 | .nb-gradle/ -------------------------------------------------------------------------------- /.mvn/wrapper/maven-wrapper.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechPrimers/jwt-security-example/1ecd8c756762e8271ac95b1e823e3ac2f55670a5/.mvn/wrapper/maven-wrapper.jar -------------------------------------------------------------------------------- /.mvn/wrapper/maven-wrapper.properties: -------------------------------------------------------------------------------- 1 | distributionUrl=https://repo1.maven.org/maven2/org/apache/maven/apache-maven/3.5.0/apache-maven-3.5.0-bin.zip 2 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Spring Security using JWT (Json Web Token) in Spring Boot 2 | 3 | This Project uses JWT to secure the REST endpoints. 4 | 5 | The Following are the REST end points available in the example. 6 | - `/token` - Generates the JWT token based on the JSON sent. Its a POST method which expects the JSON: `{ "username": "name", "id": 123, "role": "admin"}` 7 | - `/rest/hello` - Requires a JWT Token with Header `key - "Authorisation"` and `value - "Token "` -------------------------------------------------------------------------------- /mvnw: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # ---------------------------------------------------------------------------- 3 | # Licensed to the Apache Software Foundation (ASF) under one 4 | # or more contributor license agreements. See the NOTICE file 5 | # distributed with this work for additional information 6 | # regarding copyright ownership. The ASF licenses this file 7 | # to you under the Apache License, Version 2.0 (the 8 | # "License"); you may not use this file except in compliance 9 | # with the License. You may obtain a copy of the License at 10 | # 11 | # http://www.apache.org/licenses/LICENSE-2.0 12 | # 13 | # Unless required by applicable law or agreed to in writing, 14 | # software distributed under the License is distributed on an 15 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 16 | # KIND, either express or implied. See the License for the 17 | # specific language governing permissions and limitations 18 | # under the License. 19 | # ---------------------------------------------------------------------------- 20 | 21 | # ---------------------------------------------------------------------------- 22 | # Maven2 Start Up Batch script 23 | # 24 | # Required ENV vars: 25 | # ------------------ 26 | # JAVA_HOME - location of a JDK home dir 27 | # 28 | # Optional ENV vars 29 | # ----------------- 30 | # M2_HOME - location of maven2's installed home dir 31 | # MAVEN_OPTS - parameters passed to the Java VM when running Maven 32 | # e.g. to debug Maven itself, use 33 | # set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000 34 | # MAVEN_SKIP_RC - flag to disable loading of mavenrc files 35 | # ---------------------------------------------------------------------------- 36 | 37 | if [ -z "$MAVEN_SKIP_RC" ] ; then 38 | 39 | if [ -f /etc/mavenrc ] ; then 40 | . /etc/mavenrc 41 | fi 42 | 43 | if [ -f "$HOME/.mavenrc" ] ; then 44 | . "$HOME/.mavenrc" 45 | fi 46 | 47 | fi 48 | 49 | # OS specific support. $var _must_ be set to either true or false. 50 | cygwin=false; 51 | darwin=false; 52 | mingw=false 53 | case "`uname`" in 54 | CYGWIN*) cygwin=true ;; 55 | MINGW*) mingw=true;; 56 | Darwin*) darwin=true 57 | # Use /usr/libexec/java_home if available, otherwise fall back to /Library/Java/Home 58 | # See https://developer.apple.com/library/mac/qa/qa1170/_index.html 59 | if [ -z "$JAVA_HOME" ]; then 60 | if [ -x "/usr/libexec/java_home" ]; then 61 | export JAVA_HOME="`/usr/libexec/java_home`" 62 | else 63 | export JAVA_HOME="/Library/Java/Home" 64 | fi 65 | fi 66 | ;; 67 | esac 68 | 69 | if [ -z "$JAVA_HOME" ] ; then 70 | if [ -r /etc/gentoo-release ] ; then 71 | JAVA_HOME=`java-config --jre-home` 72 | fi 73 | fi 74 | 75 | if [ -z "$M2_HOME" ] ; then 76 | ## resolve links - $0 may be a link to maven's home 77 | PRG="$0" 78 | 79 | # need this for relative symlinks 80 | while [ -h "$PRG" ] ; do 81 | ls=`ls -ld "$PRG"` 82 | link=`expr "$ls" : '.*-> \(.*\)$'` 83 | if expr "$link" : '/.*' > /dev/null; then 84 | PRG="$link" 85 | else 86 | PRG="`dirname "$PRG"`/$link" 87 | fi 88 | done 89 | 90 | saveddir=`pwd` 91 | 92 | M2_HOME=`dirname "$PRG"`/.. 93 | 94 | # make it fully qualified 95 | M2_HOME=`cd "$M2_HOME" && pwd` 96 | 97 | cd "$saveddir" 98 | # echo Using m2 at $M2_HOME 99 | fi 100 | 101 | # For Cygwin, ensure paths are in UNIX format before anything is touched 102 | if $cygwin ; then 103 | [ -n "$M2_HOME" ] && 104 | M2_HOME=`cygpath --unix "$M2_HOME"` 105 | [ -n "$JAVA_HOME" ] && 106 | JAVA_HOME=`cygpath --unix "$JAVA_HOME"` 107 | [ -n "$CLASSPATH" ] && 108 | CLASSPATH=`cygpath --path --unix "$CLASSPATH"` 109 | fi 110 | 111 | # For Migwn, ensure paths are in UNIX format before anything is touched 112 | if $mingw ; then 113 | [ -n "$M2_HOME" ] && 114 | M2_HOME="`(cd "$M2_HOME"; pwd)`" 115 | [ -n "$JAVA_HOME" ] && 116 | JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`" 117 | # TODO classpath? 118 | fi 119 | 120 | if [ -z "$JAVA_HOME" ]; then 121 | javaExecutable="`which javac`" 122 | if [ -n "$javaExecutable" ] && ! [ "`expr \"$javaExecutable\" : '\([^ ]*\)'`" = "no" ]; then 123 | # readlink(1) is not available as standard on Solaris 10. 124 | readLink=`which readlink` 125 | if [ ! `expr "$readLink" : '\([^ ]*\)'` = "no" ]; then 126 | if $darwin ; then 127 | javaHome="`dirname \"$javaExecutable\"`" 128 | javaExecutable="`cd \"$javaHome\" && pwd -P`/javac" 129 | else 130 | javaExecutable="`readlink -f \"$javaExecutable\"`" 131 | fi 132 | javaHome="`dirname \"$javaExecutable\"`" 133 | javaHome=`expr "$javaHome" : '\(.*\)/bin'` 134 | JAVA_HOME="$javaHome" 135 | export JAVA_HOME 136 | fi 137 | fi 138 | fi 139 | 140 | if [ -z "$JAVACMD" ] ; then 141 | if [ -n "$JAVA_HOME" ] ; then 142 | if [ -x "$JAVA_HOME/jre/sh/java" ] ; then 143 | # IBM's JDK on AIX uses strange locations for the executables 144 | JAVACMD="$JAVA_HOME/jre/sh/java" 145 | else 146 | JAVACMD="$JAVA_HOME/bin/java" 147 | fi 148 | else 149 | JAVACMD="`which java`" 150 | fi 151 | fi 152 | 153 | if [ ! -x "$JAVACMD" ] ; then 154 | echo "Error: JAVA_HOME is not defined correctly." >&2 155 | echo " We cannot execute $JAVACMD" >&2 156 | exit 1 157 | fi 158 | 159 | if [ -z "$JAVA_HOME" ] ; then 160 | echo "Warning: JAVA_HOME environment variable is not set." 161 | fi 162 | 163 | CLASSWORLDS_LAUNCHER=org.codehaus.plexus.classworlds.launcher.Launcher 164 | 165 | # traverses directory structure from process work directory to filesystem root 166 | # first directory with .mvn subdirectory is considered project base directory 167 | find_maven_basedir() { 168 | 169 | if [ -z "$1" ] 170 | then 171 | echo "Path not specified to find_maven_basedir" 172 | return 1 173 | fi 174 | 175 | basedir="$1" 176 | wdir="$1" 177 | while [ "$wdir" != '/' ] ; do 178 | if [ -d "$wdir"/.mvn ] ; then 179 | basedir=$wdir 180 | break 181 | fi 182 | # workaround for JBEAP-8937 (on Solaris 10/Sparc) 183 | if [ -d "${wdir}" ]; then 184 | wdir=`cd "$wdir/.."; pwd` 185 | fi 186 | # end of workaround 187 | done 188 | echo "${basedir}" 189 | } 190 | 191 | # concatenates all lines of a file 192 | concat_lines() { 193 | if [ -f "$1" ]; then 194 | echo "$(tr -s '\n' ' ' < "$1")" 195 | fi 196 | } 197 | 198 | BASE_DIR=`find_maven_basedir "$(pwd)"` 199 | if [ -z "$BASE_DIR" ]; then 200 | exit 1; 201 | fi 202 | 203 | export MAVEN_PROJECTBASEDIR=${MAVEN_BASEDIR:-"$BASE_DIR"} 204 | echo $MAVEN_PROJECTBASEDIR 205 | MAVEN_OPTS="$(concat_lines "$MAVEN_PROJECTBASEDIR/.mvn/jvm.config") $MAVEN_OPTS" 206 | 207 | # For Cygwin, switch paths to Windows format before running java 208 | if $cygwin; then 209 | [ -n "$M2_HOME" ] && 210 | M2_HOME=`cygpath --path --windows "$M2_HOME"` 211 | [ -n "$JAVA_HOME" ] && 212 | JAVA_HOME=`cygpath --path --windows "$JAVA_HOME"` 213 | [ -n "$CLASSPATH" ] && 214 | CLASSPATH=`cygpath --path --windows "$CLASSPATH"` 215 | [ -n "$MAVEN_PROJECTBASEDIR" ] && 216 | MAVEN_PROJECTBASEDIR=`cygpath --path --windows "$MAVEN_PROJECTBASEDIR"` 217 | fi 218 | 219 | WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain 220 | 221 | exec "$JAVACMD" \ 222 | $MAVEN_OPTS \ 223 | -classpath "$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.jar" \ 224 | "-Dmaven.home=${M2_HOME}" "-Dmaven.multiModuleProjectDirectory=${MAVEN_PROJECTBASEDIR}" \ 225 | ${WRAPPER_LAUNCHER} $MAVEN_CONFIG "$@" 226 | -------------------------------------------------------------------------------- /mvnw.cmd: -------------------------------------------------------------------------------- 1 | @REM ---------------------------------------------------------------------------- 2 | @REM Licensed to the Apache Software Foundation (ASF) under one 3 | @REM or more contributor license agreements. See the NOTICE file 4 | @REM distributed with this work for additional information 5 | @REM regarding copyright ownership. The ASF licenses this file 6 | @REM to you under the Apache License, Version 2.0 (the 7 | @REM "License"); you may not use this file except in compliance 8 | @REM with the License. You may obtain a copy of the License at 9 | @REM 10 | @REM http://www.apache.org/licenses/LICENSE-2.0 11 | @REM 12 | @REM Unless required by applicable law or agreed to in writing, 13 | @REM software distributed under the License is distributed on an 14 | @REM "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 | @REM KIND, either express or implied. See the License for the 16 | @REM specific language governing permissions and limitations 17 | @REM under the License. 18 | @REM ---------------------------------------------------------------------------- 19 | 20 | @REM ---------------------------------------------------------------------------- 21 | @REM Maven2 Start Up Batch script 22 | @REM 23 | @REM Required ENV vars: 24 | @REM JAVA_HOME - location of a JDK home dir 25 | @REM 26 | @REM Optional ENV vars 27 | @REM M2_HOME - location of maven2's installed home dir 28 | @REM MAVEN_BATCH_ECHO - set to 'on' to enable the echoing of the batch commands 29 | @REM MAVEN_BATCH_PAUSE - set to 'on' to wait for a key stroke before ending 30 | @REM MAVEN_OPTS - parameters passed to the Java VM when running Maven 31 | @REM e.g. to debug Maven itself, use 32 | @REM set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000 33 | @REM MAVEN_SKIP_RC - flag to disable loading of mavenrc files 34 | @REM ---------------------------------------------------------------------------- 35 | 36 | @REM Begin all REM lines with '@' in case MAVEN_BATCH_ECHO is 'on' 37 | @echo off 38 | @REM enable echoing my setting MAVEN_BATCH_ECHO to 'on' 39 | @if "%MAVEN_BATCH_ECHO%" == "on" echo %MAVEN_BATCH_ECHO% 40 | 41 | @REM set %HOME% to equivalent of $HOME 42 | if "%HOME%" == "" (set "HOME=%HOMEDRIVE%%HOMEPATH%") 43 | 44 | @REM Execute a user defined script before this one 45 | if not "%MAVEN_SKIP_RC%" == "" goto skipRcPre 46 | @REM check for pre script, once with legacy .bat ending and once with .cmd ending 47 | if exist "%HOME%\mavenrc_pre.bat" call "%HOME%\mavenrc_pre.bat" 48 | if exist "%HOME%\mavenrc_pre.cmd" call "%HOME%\mavenrc_pre.cmd" 49 | :skipRcPre 50 | 51 | @setlocal 52 | 53 | set ERROR_CODE=0 54 | 55 | @REM To isolate internal variables from possible post scripts, we use another setlocal 56 | @setlocal 57 | 58 | @REM ==== START VALIDATION ==== 59 | if not "%JAVA_HOME%" == "" goto OkJHome 60 | 61 | echo. 62 | echo Error: JAVA_HOME not found in your environment. >&2 63 | echo Please set the JAVA_HOME variable in your environment to match the >&2 64 | echo location of your Java installation. >&2 65 | echo. 66 | goto error 67 | 68 | :OkJHome 69 | if exist "%JAVA_HOME%\bin\java.exe" goto init 70 | 71 | echo. 72 | echo Error: JAVA_HOME is set to an invalid directory. >&2 73 | echo JAVA_HOME = "%JAVA_HOME%" >&2 74 | echo Please set the JAVA_HOME variable in your environment to match the >&2 75 | echo location of your Java installation. >&2 76 | echo. 77 | goto error 78 | 79 | @REM ==== END VALIDATION ==== 80 | 81 | :init 82 | 83 | @REM Find the project base dir, i.e. the directory that contains the folder ".mvn". 84 | @REM Fallback to current working directory if not found. 85 | 86 | set MAVEN_PROJECTBASEDIR=%MAVEN_BASEDIR% 87 | IF NOT "%MAVEN_PROJECTBASEDIR%"=="" goto endDetectBaseDir 88 | 89 | set EXEC_DIR=%CD% 90 | set WDIR=%EXEC_DIR% 91 | :findBaseDir 92 | IF EXIST "%WDIR%"\.mvn goto baseDirFound 93 | cd .. 94 | IF "%WDIR%"=="%CD%" goto baseDirNotFound 95 | set WDIR=%CD% 96 | goto findBaseDir 97 | 98 | :baseDirFound 99 | set MAVEN_PROJECTBASEDIR=%WDIR% 100 | cd "%EXEC_DIR%" 101 | goto endDetectBaseDir 102 | 103 | :baseDirNotFound 104 | set MAVEN_PROJECTBASEDIR=%EXEC_DIR% 105 | cd "%EXEC_DIR%" 106 | 107 | :endDetectBaseDir 108 | 109 | IF NOT EXIST "%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config" goto endReadAdditionalConfig 110 | 111 | @setlocal EnableExtensions EnableDelayedExpansion 112 | for /F "usebackq delims=" %%a in ("%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config") do set JVM_CONFIG_MAVEN_PROPS=!JVM_CONFIG_MAVEN_PROPS! %%a 113 | @endlocal & set JVM_CONFIG_MAVEN_PROPS=%JVM_CONFIG_MAVEN_PROPS% 114 | 115 | :endReadAdditionalConfig 116 | 117 | SET MAVEN_JAVA_EXE="%JAVA_HOME%\bin\java.exe" 118 | 119 | set WRAPPER_JAR="%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.jar" 120 | set WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain 121 | 122 | %MAVEN_JAVA_EXE% %JVM_CONFIG_MAVEN_PROPS% %MAVEN_OPTS% %MAVEN_DEBUG_OPTS% -classpath %WRAPPER_JAR% "-Dmaven.multiModuleProjectDirectory=%MAVEN_PROJECTBASEDIR%" %WRAPPER_LAUNCHER% %MAVEN_CONFIG% %* 123 | if ERRORLEVEL 1 goto error 124 | goto end 125 | 126 | :error 127 | set ERROR_CODE=1 128 | 129 | :end 130 | @endlocal & set ERROR_CODE=%ERROR_CODE% 131 | 132 | if not "%MAVEN_SKIP_RC%" == "" goto skipRcPost 133 | @REM check for post script, once with legacy .bat ending and once with .cmd ending 134 | if exist "%HOME%\mavenrc_post.bat" call "%HOME%\mavenrc_post.bat" 135 | if exist "%HOME%\mavenrc_post.cmd" call "%HOME%\mavenrc_post.cmd" 136 | :skipRcPost 137 | 138 | @REM pause the script if MAVEN_BATCH_PAUSE is set to 'on' 139 | if "%MAVEN_BATCH_PAUSE%" == "on" pause 140 | 141 | if "%MAVEN_TERMINATE_CMD%" == "on" exit %ERROR_CODE% 142 | 143 | exit /B %ERROR_CODE% 144 | -------------------------------------------------------------------------------- /pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 4 | 4.0.0 5 | 6 | com.techprimers.security 7 | jwt-security 8 | 0.0.1-SNAPSHOT 9 | jar 10 | 11 | jwt-security 12 | Demo project for Spring Boot 13 | 14 | 15 | org.springframework.boot 16 | spring-boot-starter-parent 17 | 1.5.6.RELEASE 18 | 19 | 20 | 21 | 22 | UTF-8 23 | UTF-8 24 | 1.8 25 | 26 | 27 | 28 | 29 | org.springframework.boot 30 | spring-boot-starter-security 31 | 32 | 33 | org.springframework.boot 34 | spring-boot-starter-web 35 | 36 | 37 | 38 | io.jsonwebtoken 39 | jjwt 40 | 0.6.0 41 | 42 | 43 | 44 | org.springframework.boot 45 | spring-boot-starter-test 46 | test 47 | 48 | 49 | org.springframework.security 50 | spring-security-test 51 | test 52 | 53 | 54 | 55 | 56 | 57 | 58 | org.springframework.boot 59 | spring-boot-maven-plugin 60 | 61 | 62 | 63 | 64 | 65 | 66 | -------------------------------------------------------------------------------- /src/main/java/com/techprimers/security/jwtsecurity/JwtSecurityApplication.java: -------------------------------------------------------------------------------- 1 | package com.techprimers.security.jwtsecurity; 2 | 3 | import org.springframework.boot.SpringApplication; 4 | import org.springframework.boot.autoconfigure.SpringBootApplication; 5 | 6 | @SpringBootApplication 7 | public class JwtSecurityApplication { 8 | 9 | public static void main(String[] args) { 10 | SpringApplication.run(JwtSecurityApplication.class, args); 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /src/main/java/com/techprimers/security/jwtsecurity/config/JwtSecurityConfig.java: -------------------------------------------------------------------------------- 1 | package com.techprimers.security.jwtsecurity.config; 2 | 3 | import com.techprimers.security.jwtsecurity.security.JwtAuthenticationEntryPoint; 4 | import com.techprimers.security.jwtsecurity.security.JwtAuthenticationProvider; 5 | import com.techprimers.security.jwtsecurity.security.JwtAuthenticationTokenFilter; 6 | import com.techprimers.security.jwtsecurity.security.JwtSuccessHandler; 7 | import org.springframework.beans.factory.annotation.Autowired; 8 | import org.springframework.context.annotation.Bean; 9 | import org.springframework.context.annotation.Configuration; 10 | import org.springframework.security.authentication.AuthenticationManager; 11 | import org.springframework.security.authentication.ProviderManager; 12 | import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; 13 | import org.springframework.security.config.annotation.web.builders.HttpSecurity; 14 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; 15 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; 16 | import org.springframework.security.config.http.SessionCreationPolicy; 17 | import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; 18 | 19 | import java.util.Collections; 20 | 21 | @EnableGlobalMethodSecurity(prePostEnabled = true) 22 | @EnableWebSecurity 23 | @Configuration 24 | public class JwtSecurityConfig extends WebSecurityConfigurerAdapter { 25 | 26 | 27 | @Autowired 28 | private JwtAuthenticationProvider authenticationProvider; 29 | @Autowired 30 | private JwtAuthenticationEntryPoint entryPoint; 31 | 32 | @Bean 33 | public AuthenticationManager authenticationManager() { 34 | return new ProviderManager(Collections.singletonList(authenticationProvider)); 35 | } 36 | 37 | @Bean 38 | public JwtAuthenticationTokenFilter authenticationTokenFilter() { 39 | JwtAuthenticationTokenFilter filter = new JwtAuthenticationTokenFilter(); 40 | filter.setAuthenticationManager(authenticationManager()); 41 | filter.setAuthenticationSuccessHandler(new JwtSuccessHandler()); 42 | return filter; 43 | } 44 | 45 | 46 | @Override 47 | protected void configure(HttpSecurity http) throws Exception { 48 | 49 | http.csrf().disable() 50 | .authorizeRequests().antMatchers("**/rest/**").authenticated() 51 | .and() 52 | .exceptionHandling().authenticationEntryPoint(entryPoint) 53 | .and() 54 | .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS); 55 | 56 | http.addFilterBefore(authenticationTokenFilter(), UsernamePasswordAuthenticationFilter.class); 57 | http.headers().cacheControl(); 58 | 59 | } 60 | } 61 | -------------------------------------------------------------------------------- /src/main/java/com/techprimers/security/jwtsecurity/controller/HelloController.java: -------------------------------------------------------------------------------- 1 | package com.techprimers.security.jwtsecurity.controller; 2 | 3 | 4 | import org.springframework.web.bind.annotation.GetMapping; 5 | import org.springframework.web.bind.annotation.RequestMapping; 6 | import org.springframework.web.bind.annotation.RestController; 7 | 8 | @RestController 9 | @RequestMapping("/rest/hello") 10 | public class HelloController { 11 | 12 | @GetMapping 13 | public String hello() { 14 | return "Hello World"; 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /src/main/java/com/techprimers/security/jwtsecurity/controller/TokenController.java: -------------------------------------------------------------------------------- 1 | package com.techprimers.security.jwtsecurity.controller; 2 | 3 | import com.techprimers.security.jwtsecurity.model.JwtUser; 4 | import com.techprimers.security.jwtsecurity.security.JwtGenerator; 5 | import org.springframework.web.bind.annotation.PostMapping; 6 | import org.springframework.web.bind.annotation.RequestBody; 7 | import org.springframework.web.bind.annotation.RequestMapping; 8 | import org.springframework.web.bind.annotation.RestController; 9 | 10 | @RestController 11 | @RequestMapping("/token") 12 | public class TokenController { 13 | 14 | 15 | private JwtGenerator jwtGenerator; 16 | 17 | public TokenController(JwtGenerator jwtGenerator) { 18 | this.jwtGenerator = jwtGenerator; 19 | } 20 | 21 | @PostMapping 22 | public String generate(@RequestBody final JwtUser jwtUser) { 23 | 24 | return jwtGenerator.generate(jwtUser); 25 | 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /src/main/java/com/techprimers/security/jwtsecurity/model/JwtAuthenticationToken.java: -------------------------------------------------------------------------------- 1 | package com.techprimers.security.jwtsecurity.model; 2 | 3 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; 4 | 5 | public class JwtAuthenticationToken extends UsernamePasswordAuthenticationToken{ 6 | 7 | private String token; 8 | 9 | public JwtAuthenticationToken(String token) { 10 | super(null, null); 11 | this.token = token; 12 | } 13 | 14 | public String getToken() { 15 | return token; 16 | } 17 | 18 | public void setToken(String token) { 19 | this.token = token; 20 | } 21 | 22 | @Override 23 | public Object getCredentials() { 24 | return null; 25 | } 26 | 27 | @Override 28 | public Object getPrincipal() { 29 | return null; 30 | } 31 | } 32 | -------------------------------------------------------------------------------- /src/main/java/com/techprimers/security/jwtsecurity/model/JwtUser.java: -------------------------------------------------------------------------------- 1 | package com.techprimers.security.jwtsecurity.model; 2 | 3 | public class JwtUser { 4 | private String userName; 5 | private long id; 6 | private String role; 7 | 8 | public void setUserName(String userName) { 9 | this.userName = userName; 10 | } 11 | 12 | public void setId(long id) { 13 | this.id = id; 14 | } 15 | 16 | public void setRole(String role) { 17 | this.role = role; 18 | } 19 | 20 | public String getUserName() { 21 | return userName; 22 | } 23 | 24 | public long getId() { 25 | return id; 26 | } 27 | 28 | public String getRole() { 29 | return role; 30 | } 31 | } 32 | -------------------------------------------------------------------------------- /src/main/java/com/techprimers/security/jwtsecurity/model/JwtUserDetails.java: -------------------------------------------------------------------------------- 1 | package com.techprimers.security.jwtsecurity.model; 2 | 3 | import org.springframework.security.core.GrantedAuthority; 4 | import org.springframework.security.core.userdetails.UserDetails; 5 | 6 | import java.util.Collection; 7 | import java.util.List; 8 | 9 | public class JwtUserDetails implements UserDetails { 10 | 11 | private String userName; 12 | private String token; 13 | private Long id; 14 | private Collection authorities; 15 | 16 | 17 | public JwtUserDetails(String userName, long id, String token, List grantedAuthorities) { 18 | 19 | this.userName = userName; 20 | this.id = id; 21 | this.token= token; 22 | this.authorities = grantedAuthorities; 23 | } 24 | 25 | @Override 26 | public Collection getAuthorities() { 27 | return authorities; 28 | } 29 | 30 | @Override 31 | public String getPassword() { 32 | return null; 33 | } 34 | 35 | @Override 36 | public String getUsername() { 37 | return userName; 38 | } 39 | 40 | @Override 41 | public boolean isAccountNonExpired() { 42 | return true; 43 | } 44 | 45 | @Override 46 | public boolean isAccountNonLocked() { 47 | return true; 48 | } 49 | 50 | @Override 51 | public boolean isCredentialsNonExpired() { 52 | return true; 53 | } 54 | 55 | @Override 56 | public boolean isEnabled() { 57 | return true; 58 | } 59 | 60 | 61 | public String getUserName() { 62 | return userName; 63 | } 64 | 65 | public String getToken() { 66 | return token; 67 | } 68 | 69 | 70 | public Long getId() { 71 | return id; 72 | } 73 | 74 | } 75 | -------------------------------------------------------------------------------- /src/main/java/com/techprimers/security/jwtsecurity/security/JwtAuthenticationEntryPoint.java: -------------------------------------------------------------------------------- 1 | package com.techprimers.security.jwtsecurity.security; 2 | 3 | import org.springframework.security.core.AuthenticationException; 4 | import org.springframework.security.web.AuthenticationEntryPoint; 5 | import org.springframework.stereotype.Component; 6 | 7 | import javax.servlet.ServletException; 8 | import javax.servlet.http.HttpServletRequest; 9 | import javax.servlet.http.HttpServletResponse; 10 | import java.io.IOException; 11 | 12 | @Component 13 | public class JwtAuthenticationEntryPoint implements AuthenticationEntryPoint { 14 | @Override 15 | public void commence(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException e) throws IOException, ServletException { 16 | 17 | httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, "UNAUTHORIZED"); 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /src/main/java/com/techprimers/security/jwtsecurity/security/JwtAuthenticationProvider.java: -------------------------------------------------------------------------------- 1 | package com.techprimers.security.jwtsecurity.security; 2 | 3 | import com.techprimers.security.jwtsecurity.model.JwtAuthenticationToken; 4 | import com.techprimers.security.jwtsecurity.model.JwtUser; 5 | import com.techprimers.security.jwtsecurity.model.JwtUserDetails; 6 | import org.springframework.beans.factory.annotation.Autowired; 7 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; 8 | import org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider; 9 | import org.springframework.security.core.AuthenticationException; 10 | import org.springframework.security.core.GrantedAuthority; 11 | import org.springframework.security.core.authority.AuthorityUtils; 12 | import org.springframework.security.core.userdetails.UserDetails; 13 | import org.springframework.stereotype.Component; 14 | 15 | import java.util.List; 16 | 17 | @Component 18 | public class JwtAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider { 19 | 20 | @Autowired 21 | private JwtValidator validator; 22 | 23 | @Override 24 | protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) throws AuthenticationException { 25 | 26 | } 27 | 28 | @Override 29 | protected UserDetails retrieveUser(String username, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) throws AuthenticationException { 30 | 31 | JwtAuthenticationToken jwtAuthenticationToken = (JwtAuthenticationToken) usernamePasswordAuthenticationToken; 32 | String token = jwtAuthenticationToken.getToken(); 33 | 34 | JwtUser jwtUser = validator.validate(token); 35 | 36 | if (jwtUser == null) { 37 | throw new RuntimeException("JWT Token is incorrect"); 38 | } 39 | 40 | List grantedAuthorities = AuthorityUtils 41 | .commaSeparatedStringToAuthorityList(jwtUser.getRole()); 42 | return new JwtUserDetails(jwtUser.getUserName(), jwtUser.getId(), 43 | token, 44 | grantedAuthorities); 45 | } 46 | 47 | @Override 48 | public boolean supports(Class aClass) { 49 | return (JwtAuthenticationToken.class.isAssignableFrom(aClass)); 50 | } 51 | } 52 | -------------------------------------------------------------------------------- /src/main/java/com/techprimers/security/jwtsecurity/security/JwtAuthenticationTokenFilter.java: -------------------------------------------------------------------------------- 1 | package com.techprimers.security.jwtsecurity.security; 2 | 3 | import com.techprimers.security.jwtsecurity.model.JwtAuthenticationToken; 4 | import org.springframework.security.core.Authentication; 5 | import org.springframework.security.core.AuthenticationException; 6 | import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter; 7 | 8 | import javax.servlet.FilterChain; 9 | import javax.servlet.ServletException; 10 | import javax.servlet.http.HttpServletRequest; 11 | import javax.servlet.http.HttpServletResponse; 12 | import java.io.IOException; 13 | 14 | public class JwtAuthenticationTokenFilter extends AbstractAuthenticationProcessingFilter { 15 | 16 | public JwtAuthenticationTokenFilter() { 17 | super("/rest/**"); 18 | } 19 | 20 | @Override 21 | public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthenticationException, IOException, ServletException { 22 | 23 | String header = httpServletRequest.getHeader("Authorisation"); 24 | 25 | 26 | if (header == null || !header.startsWith("Token ")) { 27 | throw new RuntimeException("JWT Token is missing"); 28 | } 29 | 30 | String authenticationToken = header.substring(6); 31 | 32 | JwtAuthenticationToken token = new JwtAuthenticationToken(authenticationToken); 33 | return getAuthenticationManager().authenticate(token); 34 | } 35 | 36 | 37 | @Override 38 | protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication authResult) throws IOException, ServletException { 39 | super.successfulAuthentication(request, response, chain, authResult); 40 | chain.doFilter(request, response); 41 | } 42 | } 43 | -------------------------------------------------------------------------------- /src/main/java/com/techprimers/security/jwtsecurity/security/JwtGenerator.java: -------------------------------------------------------------------------------- 1 | package com.techprimers.security.jwtsecurity.security; 2 | 3 | import com.techprimers.security.jwtsecurity.model.JwtUser; 4 | import io.jsonwebtoken.Claims; 5 | import io.jsonwebtoken.Jwts; 6 | import io.jsonwebtoken.SignatureAlgorithm; 7 | import org.springframework.stereotype.Component; 8 | 9 | @Component 10 | public class JwtGenerator { 11 | 12 | 13 | public String generate(JwtUser jwtUser) { 14 | 15 | 16 | Claims claims = Jwts.claims() 17 | .setSubject(jwtUser.getUserName()); 18 | claims.put("userId", String.valueOf(jwtUser.getId())); 19 | claims.put("role", jwtUser.getRole()); 20 | 21 | 22 | return Jwts.builder() 23 | .setClaims(claims) 24 | .signWith(SignatureAlgorithm.HS512, "youtube") 25 | .compact(); 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /src/main/java/com/techprimers/security/jwtsecurity/security/JwtSuccessHandler.java: -------------------------------------------------------------------------------- 1 | package com.techprimers.security.jwtsecurity.security; 2 | 3 | 4 | import org.springframework.security.core.Authentication; 5 | import org.springframework.security.web.authentication.AuthenticationSuccessHandler; 6 | 7 | import javax.servlet.ServletException; 8 | import javax.servlet.http.HttpServletRequest; 9 | import javax.servlet.http.HttpServletResponse; 10 | import java.io.IOException; 11 | 12 | public class JwtSuccessHandler implements AuthenticationSuccessHandler{ 13 | @Override 14 | public void onAuthenticationSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException, ServletException { 15 | System.out.println("Successfully Authentication"); 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /src/main/java/com/techprimers/security/jwtsecurity/security/JwtValidator.java: -------------------------------------------------------------------------------- 1 | package com.techprimers.security.jwtsecurity.security; 2 | 3 | import com.techprimers.security.jwtsecurity.model.JwtUser; 4 | import io.jsonwebtoken.Claims; 5 | import io.jsonwebtoken.Jwts; 6 | import org.springframework.stereotype.Component; 7 | 8 | @Component 9 | public class JwtValidator { 10 | 11 | 12 | private String secret = "youtube"; 13 | 14 | public JwtUser validate(String token) { 15 | 16 | JwtUser jwtUser = null; 17 | try { 18 | Claims body = Jwts.parser() 19 | .setSigningKey(secret) 20 | .parseClaimsJws(token) 21 | .getBody(); 22 | 23 | jwtUser = new JwtUser(); 24 | 25 | jwtUser.setUserName(body.getSubject()); 26 | jwtUser.setId(Long.parseLong((String) body.get("userId"))); 27 | jwtUser.setRole((String) body.get("role")); 28 | } 29 | catch (Exception e) { 30 | System.out.println(e); 31 | } 32 | 33 | return jwtUser; 34 | } 35 | } 36 | -------------------------------------------------------------------------------- /src/main/resources/application.properties: -------------------------------------------------------------------------------- 1 | server.port = 8084 -------------------------------------------------------------------------------- /src/main/resources/application.yml: -------------------------------------------------------------------------------- 1 | management: 2 | security: 3 | enabled: true 4 | 5 | 6 | spring: 7 | resources: 8 | chain: 9 | enabled: true -------------------------------------------------------------------------------- /src/test/java/com/techprimers/security/jwtsecurity/JwtSecurityApplicationTests.java: -------------------------------------------------------------------------------- 1 | package com.techprimers.security.jwtsecurity; 2 | 3 | import org.junit.Test; 4 | import org.junit.runner.RunWith; 5 | import org.springframework.boot.test.context.SpringBootTest; 6 | import org.springframework.test.context.junit4.SpringRunner; 7 | 8 | @RunWith(SpringRunner.class) 9 | @SpringBootTest 10 | public class JwtSecurityApplicationTests { 11 | 12 | @Test 13 | public void contextLoads() { 14 | } 15 | 16 | } 17 | --------------------------------------------------------------------------------