- update jwt
- add security
This commit is contained in:
@@ -11,9 +11,9 @@ plugins {
|
||||
|
||||
dependencies {
|
||||
// https://mvnrepository.com/artifact/io.jsonwebtoken/jjwt-api
|
||||
implementation("io.jsonwebtoken:jjwt-api:0.11.2")
|
||||
implementation("io.jsonwebtoken:jjwt-api:0.12.3")
|
||||
|
||||
// https://mvnrepository.com/artifact/io.jsonwebtoken/jjwt-impl
|
||||
runtimeOnly("io.jsonwebtoken:jjwt-impl:0.11.2")
|
||||
runtimeOnly("io.jsonwebtoken:jjwt-jackson:0.11.2")
|
||||
runtimeOnly("io.jsonwebtoken:jjwt-impl:0.12.3")
|
||||
runtimeOnly("io.jsonwebtoken:jjwt-jackson:0.12.3")
|
||||
}
|
||||
|
||||
@@ -29,12 +29,20 @@ public class JwtSample {
|
||||
}
|
||||
|
||||
public static String generateToken() throws InvalidKeyException {
|
||||
return Jwts.builder()
|
||||
/*return Jwts.builder()
|
||||
.setHeaderParam(Header.TYPE, Header.JWT_TYPE)
|
||||
.setIssuer("Elex")
|
||||
.setExpiration(Date.from(Instant.now().plus(3, ChronoUnit.HOURS)))
|
||||
.claim("userId", 3)
|
||||
.signWith(Keys.hmacShaKeyFor(key))
|
||||
.compact();*/
|
||||
return Jwts.builder()
|
||||
.header().type(Header.JWT_TYPE)
|
||||
.and()
|
||||
.issuer("Elex")
|
||||
.expiration(Date.from(Instant.now().plus(3, ChronoUnit.HOURS)))
|
||||
.claim("userId", 3)
|
||||
.signWith(Keys.hmacShaKeyFor(key))
|
||||
.compact();
|
||||
}
|
||||
|
||||
@@ -53,11 +61,16 @@ public class JwtSample {
|
||||
throws UnsupportedJwtException, MalformedJwtException, SignatureException, ExpiredJwtException,
|
||||
MissingClaimException, IncorrectClaimException {
|
||||
|
||||
return Jwts.parserBuilder()
|
||||
/*return Jwts.parserBuilder()
|
||||
.setSigningKey(key)
|
||||
.requireIssuer("Elex") // 토큰의 Issuer 일치 여부 확인
|
||||
.build()
|
||||
.parseClaimsJws(parseHeader(token));
|
||||
.parseClaimsJws(parseHeader(token));*/
|
||||
return Jwts.parser()
|
||||
.verifyWith(Keys.hmacShaKeyFor(key))
|
||||
.requireIssuer("Elex") // 토큰의 Issuer 일치 여부 확인
|
||||
.build()
|
||||
.parseSignedClaims(parseHeader(token));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -84,7 +97,7 @@ public class JwtSample {
|
||||
final String authHeader = "Bearer " + token;
|
||||
Jws<Claims> claims = parseToken(authHeader);
|
||||
System.out.println(claims);
|
||||
final int userId = claims.getBody().get("userId", Integer.class);
|
||||
final int userId = claims.getPayload().get("userId", Integer.class);
|
||||
System.out.println("User Id: " + userId);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -9,10 +9,14 @@ package kr.pe.elex.examples;
|
||||
|
||||
import io.jsonwebtoken.Header;
|
||||
import io.jsonwebtoken.Jwts;
|
||||
import io.jsonwebtoken.io.CompressionAlgorithm;
|
||||
import io.jsonwebtoken.security.Keys;
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
import java.security.Key;
|
||||
import javax.crypto.SecretKey;
|
||||
import java.security.*;
|
||||
import java.security.spec.InvalidKeySpecException;
|
||||
import java.security.spec.X509EncodedKeySpec;
|
||||
import java.time.Instant;
|
||||
import java.time.temporal.ChronoUnit;
|
||||
import java.util.Base64;
|
||||
@@ -24,23 +28,39 @@ import static org.junit.jupiter.api.Assertions.*;
|
||||
class SampleTest {
|
||||
|
||||
@Test
|
||||
void test(){
|
||||
void test() throws NoSuchAlgorithmException, InvalidKeySpecException {
|
||||
byte[] key = new byte[32];
|
||||
new Random().nextBytes(key);
|
||||
final Key signingKey = Keys.hmacShaKeyFor(key);
|
||||
//final SecretKey signingKey = Keys.hmacShaKeyFor(key);
|
||||
KeyPair keyPair = Jwts.SIG.RS384.keyPair().build();
|
||||
PrivateKey privateKey = keyPair.getPrivate();
|
||||
PublicKey publicKey = keyPair.getPublic();
|
||||
String base64PublicKey = Base64.getEncoder().encodeToString(publicKey.getEncoded());
|
||||
|
||||
String jwt = Jwts.builder()
|
||||
.setHeaderParam(Header.TYPE, Header.JWT_TYPE)
|
||||
.setIssuer("Elex")
|
||||
.setExpiration(Date.from(Instant.now().plus(3, ChronoUnit.HOURS)))
|
||||
.header().type("JWT")
|
||||
.and()
|
||||
.issuer("Elex")
|
||||
.expiration(Date.from(Instant.now().plus(3, ChronoUnit.HOURS)))
|
||||
.claim("userId", 3)
|
||||
.signWith(signingKey)
|
||||
.signWith(keyPair.getPrivate())
|
||||
.compact();
|
||||
System.out.println(jwt);
|
||||
String issuer = Jwts.parserBuilder()
|
||||
.setSigningKey(signingKey)
|
||||
//.requireIssuer("Elex") // 토큰의 Issuer 일치 여부 확인
|
||||
|
||||
X509EncodedKeySpec ukeySpec = new X509EncodedKeySpec(Base64.getDecoder().decode(base64PublicKey));
|
||||
PublicKey pKey = KeyFactory.getInstance("RSA").generatePublic(ukeySpec);
|
||||
|
||||
Integer userId = Jwts.parser()
|
||||
.verifyWith(pKey)
|
||||
.requireIssuer("Elex") // 토큰의 Issuer 일치 여부 확인
|
||||
.build()
|
||||
.parseClaimsJws(jwt).getBody().getIssuer();
|
||||
System.out.println(issuer);
|
||||
.parseSignedClaims(jwt).getPayload().get("userId", Integer.class);
|
||||
System.out.println(userId);
|
||||
String alg = Jwts.parser()
|
||||
.verifyWith(pKey)
|
||||
.requireIssuer("Elex") // 토큰의 Issuer 일치 여부 확인
|
||||
.build()
|
||||
.parseSignedClaims(jwt).getHeader().getAlgorithm();
|
||||
System.out.println(alg);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user