public Authentication getAuthentication(String token) { Claims claims = Jwts.parser().setSigningKey(secretKey).parseClaimsJws(token).getBody(); Collection<? extends GrantedAuthority> authorities = Arrays.stream(claims.get(AUTHORITIES_KEY).toString().split(",")) .map(SimpleGrantedAuthority::new) .collect(Collectors.toList()); User principal = new User(claims.getSubject(), "", authorities); return new UsernamePasswordAuthenticationToken(principal, "", authorities); }
/** Extracts a Date value of the given claim from a token. */ private Date extractDate(Claims claim, String encodedToken) throws InvalidSignatureException { // only IAT and EXP claims contain a Date value according to the JWT spec if (!claim.equals(Claims.IAT) && !claim.equals(Claims.EXP)) { throw new IllegalArgumentException("Only the claims IAT and EXP can be extracted as dates"); } // the date value is defined in UNIX time int value = (int) extractValue(claim, encodedToken); return new Date(value * DateUtils.MILLIS_PER_SECOND); }
/** Extracts a value of the given claim from a token. */ private Object extractValue(Claims claim, String encodedToken) throws InvalidSignatureException { // decode the token Jwt token = JwtHelper.decodeAndVerify(encodedToken, verifier); // parse claims which are encoded as stringified JSON Map<String, Object> map; try { map = jsonMapper.readValue(token.getClaims(), Map.class); } catch (IOException e) { logger.error("Failed to extract json values", e); return null; } return map.get(claim.toString()); }