-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path09-JwtFactory.kt
48 lines (44 loc) · 1.54 KB
/
09-JwtFactory.kt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
@Service
class JwtFactory(
private val tokenKeyRsa: RSAKey,
private val props: JwtProps,
) {
fun buildAccessToken(user: UserDetailsDto): String {
val claims = JWTClaimsSet.Builder()
.audience("app")
.issuer("Auth-Service")
.issueTime(Date())
.expirationTime(Date().addMinutes(props.accessTokenExpiresMin))
.subject(user.id.toString())
.claim("name", user.name)
.claim("perm", user.permissions)
if (user.lastAccountId != null) {
claims.claim(
"acc", mapOf(
"id" to user.lastAccountId?.toString(),
"name" to user.lastAccountName,
"role" to user.lastAccountRole?.name,
)
)
}
val jwt = SignedJWT(buildHeader(), claims.build())
jwt.sign(RSASSASigner(tokenKeyRsa))
return jwt.serialize()
}
fun buildRefreshToken(value: String?): String {
val jwt = JWSObject(buildHeader(), Payload(value))
jwt.sign(RSASSASigner(tokenKeyRsa))
return jwt.serialize()
}
fun parseRefreshToken(value: String?): String? {
val jwt = JWSObject.parse(value)
if (!jwt.verify(RSASSAVerifier(tokenKeyRsa))) return null
return jwt.payload.toString()
}
private fun buildHeader() =
JWSHeader.Builder(JWSAlgorithm.RS256)
.keyID(tokenKeyRsa.keyID)
.build()
private fun Date.addMinutes(minutes: Int) =
DateUtils.addMinutes(this, minutes)
}