Last active
December 6, 2017 17:30
-
-
Save ugurcemozturk/1855c7372221b8340b5f818a820d37fe to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public class JWTAuthorizationFilter extends BasicAuthenticationFilter { | |
| public JWTAuthorizationFilter(AuthenticationManager authManager) { | |
| super(authManager); | |
| } | |
| @Override | |
| protected void doFilterInternal(HttpServletRequest req, | |
| HttpServletResponse res, | |
| FilterChain chain) throws IOException, ServletException { | |
| String header = req.getHeader(HEADER_STRING); | |
| if (header == null || !header.startsWith(TOKEN_PREFIX)) { | |
| chain.doFilter(req, res); | |
| return; | |
| } | |
| UsernamePasswordAuthenticationToken authentication = getAuthentication(req); | |
| SecurityContextHolder.getContext().setAuthentication(authentication); | |
| chain.doFilter(req, res); | |
| } | |
| private UsernamePasswordAuthenticationToken getAuthentication(HttpServletRequest request) { | |
| String token = request.getHeader(HEADER_STRING); | |
| if (token != null) { | |
| // parse the token. | |
| String user = Jwts.parser() | |
| .setSigningKey(SECRET.getBytes()) | |
| .parseClaimsJws(token.replace(TOKEN_PREFIX, "")) | |
| .getBody() | |
| .getSubject(); | |
| if (user != null) { | |
| return new UsernamePasswordAuthenticationToken(user, null, new ArrayList<>()); | |
| } | |
| return null; | |
| } | |
| return null; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment