API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 3rd, 2017
108
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.74 KB | None | 0 0
raw download clone embed print report
  1. package g3enterprises;
  2.  
  3. import com.auth0.jwt.*;
  4. import com.auth0.jwt.algorithms.Algorithm;
  5. import com.auth0.jwt.exceptions.JWTVerificationException;
  6. import com.auth0.jwt.interfaces.DecodedJWT;
  7. import java.util.HashMap;
  8.  
  9. public class G3JWT {
  10. HashMap<String, Object> headers;
  11. String user, pass;
  12. Algorithm algo;
  13. long iat = 0;
  14. final long EXPIRATION = 1209600L;
  15. final private String
  16. ISSUER = "SOME-ISSUER-STUFFS",
  17. SECRET = "SECRET",
  18. AUDIENCE = "SOME-AUDIENCE",
  19. V_USER = "USER",
  20. V_PASS = "PASS",
  21. NAME = "name",
  22. PASS = "pass",
  23. EXP = "exp",
  24. IAT = "iat",
  25. AUD = "aud",
  26. INVALID = "Invalid Credentials";
  27.  
  28. private G3JWT() {
  29. this.algo = getAlgorithm();
  30. }
  31.  
  32. public String getNewToken(String _user, String _pass) {
  33. this.user = _user;
  34. this.pass = _pass;
  35.  
  36. if (isInvalidUser(user, pass)) {
  37. return INVALID;
  38. }
  39.  
  40. /*
  41. * puts our own stuff inside the token
  42. */
  43. headers = getHeaders();
  44.  
  45. return JWT.create()
  46. .withIssuer(ISSUER)
  47. .withHeader(headers)
  48. .sign(algo);
  49. }
  50.  
  51. public String verifyToken(String token) {
  52. try {
  53. DecodedJWT jwt = getVerifier().verify(token);
  54. String token_user = jwt.getHeaderClaim(NAME).asString();
  55. String token_pass = jwt.getHeaderClaim(PASS).asString();
  56. long token_exp = jwt.getHeaderClaim(EXP).asInt();
  57.  
  58. /*
  59. * is this user unauthorized
  60. */
  61. if (isInvalidUser(token_user, token_pass)) {
  62. return INVALID;
  63. }
  64.  
  65. /*
  66. * if expired it returns invalid which will force the user to log
  67. * back in
  68. */
  69. if (token_exp < getCurrentTime()) {
  70. return INVALID;
  71. }
  72.  
  73. /*
  74. * if all passed then refresh token
  75. */
  76. return this.getNewToken(token_user, token_pass);
  77.  
  78. } catch (JWTVerificationException e) {
  79. e.printStackTrace();
  80. return INVALID;
  81. }
  82. }
  83.  
  84. /*
  85. * creates the header info for the token
  86. */
  87. public HashMap<String, Object> getHeaders() {
  88. HashMap<String, Object> headers = new HashMap<String, Object>();
  89. iat = getCurrentTime();
  90. headers.put(AUD, AUDIENCE);
  91. headers.put(NAME, user);
  92. headers.put(PASS, pass);
  93. headers.put(EXP, iat + EXPIRATION);
  94. headers.put(IAT, iat);
  95. return headers;
  96. }
  97.  
  98. /*
  99. * returns token verifier object
  100. */
  101. private JWTVerifier getVerifier() {
  102. return JWT.require(this.algo)
  103. .withIssuer(this.ISSUER)
  104. .build();
  105. }
  106.  
  107. /*
  108. * returns encryption algorithm
  109. */
  110. public Algorithm getAlgorithm() {
  111. try {
  112. return Algorithm.HMAC256(SECRET);
  113. } catch (Exception e) {
  114. e.printStackTrace();
  115. }
  116. return null;
  117. }
  118.  
  119. public long getCurrentTime() {
  120. return System.currentTimeMillis() / 1000l;
  121. }
  122.  
  123. /*
  124. * checks if NOT authorized
  125. */
  126. public boolean isInvalidUser(String user, String pass) {
  127. /* if either doesn't match */
  128. return (!user.equals(V_USER) || !pass.equals(V_PASS));
  129. }
  130. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!