public Authentication getAuthentication(String token) {
Claims claims = Jwts.parser().setSigningKey(secretKey).parseClaimsJws(token).getBody();
Collection<? extends GrantedAuthority> authorities =
Arrays.stream(claims.get(AUTHORITIES_KEY).toString().split(","))
.map(SimpleGrantedAuthority::new)
.collect(Collectors.toList());
User principal = new User(claims.getSubject(), "", authorities);
return new UsernamePasswordAuthenticationToken(principal, "", authorities);
}
/** Extracts a Date value of the given claim from a token. */
private Date extractDate(Claims claim, String encodedToken) throws InvalidSignatureException {
// only IAT and EXP claims contain a Date value according to the JWT spec
if (!claim.equals(Claims.IAT) && !claim.equals(Claims.EXP)) {
throw new IllegalArgumentException("Only the claims IAT and EXP can be extracted as dates");
}
// the date value is defined in UNIX time
int value = (int) extractValue(claim, encodedToken);
return new Date(value * DateUtils.MILLIS_PER_SECOND);
}
/** Extracts a value of the given claim from a token. */
private Object extractValue(Claims claim, String encodedToken) throws InvalidSignatureException {
// decode the token
Jwt token = JwtHelper.decodeAndVerify(encodedToken, verifier);
// parse claims which are encoded as stringified JSON
Map<String, Object> map;
try {
map = jsonMapper.readValue(token.getClaims(), Map.class);
} catch (IOException e) {
logger.error("Failed to extract json values", e);
return null;
}
return map.get(claim.toString());
}
