Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- //package controller;
- import java.security.Key;
- import java.util.Date;
- import java.util.Enumeration;
- import java.util.concurrent.TimeUnit;
- import javax.crypto.spec.SecretKeySpec;
- import javax.servlet.http.HttpServletRequest;
- import javax.servlet.http.HttpServletResponse;
- import javax.ws.rs.Consumes;
- import javax.ws.rs.FormParam;
- import javax.ws.rs.GET;
- import javax.ws.rs.POST;
- import javax.ws.rs.Path;
- import javax.ws.rs.PathParam;
- import javax.ws.rs.Produces;
- import javax.ws.rs.core.Context;
- import javax.ws.rs.core.HttpHeaders;
- import javax.ws.rs.core.MediaType;
- import javax.ws.rs.core.Response;
- import javax.ws.rs.core.Response.Status;
- import javax.xml.bind.DatatypeConverter;
- import org.hibernate.SessionFactory;
- import dao.UtilisateurDAO;
- import io.jsonwebtoken.Claims;
- import io.jsonwebtoken.JwtBuilder;
- import io.jsonwebtoken.Jwts;
- import model.Utilisateur;
- @Path("/login")
- public class LoginController {
- SessionFactory sessionFactory = SessionConfig.getSessionFactory();
- UtilisateurDAO uDAO = new UtilisateurDAO(sessionFactory);
- String key = "pyviJ5z14Lcvb0qG6jcnmA==";
- @POST
- @Produces(MediaType.APPLICATION_JSON)
- @Consumes(MediaType.APPLICATION_FORM_URLENCODED)
- public Response login(@FormParam("username") String username, @FormParam("password") String password)
- //throws JsonGenerationException, JsonMappingException, IOException {
- {
- if (username == null) {
- return Response.status(
- Status.PRECONDITION_FAILED.getStatusCode())
- .build();
- }
- if (password == null) {
- return Response.status(
- Status.PRECONDITION_FAILED.getStatusCode())
- .build();
- }
- Utilisateur user = uDAO.getUserAuthenticated(username,password);
- if (user == null) {
- return Response.status(Status.FORBIDDEN.getStatusCode())
- .build();
- }
- String token = createJWT(user.getId()+"","http://vm-11.iutrs.unistra.fr:8080/TrocTonSavoir/api/",user.getPseudo(),TimeUnit.DAYS.toMillis(365));
- return Response.status(200).entity(token).build();
- }
- @GET
- @Path("/whoiam")
- @Produces(MediaType.APPLICATION_JSON)
- public Response whoiam(@Context HttpHeaders headers)
- {
- String token = headers.getRequestHeader("bearer").get(0);
- Claims claims = null;
- boolean error = false;
- boolean trouve = false;
- if(null != token){
- try{
- //This line will throw an exception if it is not a signed JWS (as expected)
- claims = Jwts.parser()
- .setSigningKey(DatatypeConverter.parseBase64Binary(key))
- .parseClaimsJws(token).getBody();
- }
- catch(Exception e){
- error = true;
- }
- }
- if(null != claims){
- return Response.status(200).entity(claims.getId()).build();
- }
- else{
- return Response.status(Status.FORBIDDEN.getStatusCode())
- .build();
- }
- }
- private String createJWT(String id, String issuer, String subject, long ttlMillis) {
- //The JWT signature algorithm we will be using to sign the token
- io.jsonwebtoken.SignatureAlgorithm signatureAlgorithm = io.jsonwebtoken.SignatureAlgorithm.HS256;
- long nowMillis = System.currentTimeMillis();
- Date now = new Date(nowMillis);
- //We will sign our JWT with our ApiKey secret
- byte[] apiKeySecretBytes = DatatypeConverter.parseBase64Binary(key);
- Key signingKey = new SecretKeySpec(apiKeySecretBytes, signatureAlgorithm.getJcaName());
- //Let's set the JWT Claims
- JwtBuilder builder = Jwts.builder().setId(id)
- .setIssuedAt(now)
- .setSubject(subject)
- .setIssuer(issuer)
- .signWith(signatureAlgorithm, signingKey);
- //if it has been specified, let's add the expiration
- if (ttlMillis >= 0) {
- long expMillis = nowMillis + ttlMillis;
- Date exp = new Date(expMillis);
- builder.setExpiration(exp);
- }
- //Builds the JWT and serializes it to a compact, URL-safe string
- return builder.compact();
- }
- // @POST
- // @Path("/logout")
- // @Produces(MediaType.APPLICATION_JSON)
- // public Login logout(Login login){
- // login.setSuccess(false);
- // login.setUname("");
- // return login;
- // }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
