Page 486 - MDP2022-3
P. 486
@Override
public void configure(HttpSecurity http) {
http.addFilterBefore(
new JwtFilter(jwtTokenProvider),
UsernamePasswordAuthenticationFilter.class
);
}
}
com.webmister.semicolon.jwt.JwtTokenProvider
import com.webmister.semicolon.dto.TokenDto;
import io.jsonwebtoken.*;
import io.jsonwebtoken.io.Decoders;
import io.jsonwebtoken.security.Keys;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.stereotype.Component;
import java.security.Key;
import java.util.Arrays;
import java.util.Collection;
import java.util.Date;
import java.util.stream.Collectors;
@Slf4j
@Component
public class JwtTokenProvider implements InitializingBean {
private static final String AUTHORITIES_KEY = "auth";
private final String secret;
private final long accessTokenValidityInMilliseconds;
private final long refreshTokenValidityInMilliseconds;
private Key key;
public JwtTokenProvider(
@Value("${jwt.secret}") String secret,
@Value("${jwt.access-token-validity-in-seconds}") long
