Package de.digitalcollections.commons.springsecurity.jwt

Class TokenAuthenticationService

  • public class TokenAuthenticationService
extends Object

    • Constructor Detail

      • TokenAuthenticationService

        public TokenAuthenticationService​(String secret)
        Configure the service with a string secret.
        Parameters:
        secret - a secret

      • TokenAuthenticationService

        public TokenAuthenticationService​(PrivateKey privateKey,
                                  PublicKey publicKey)
        Configure the service with a public/private key pair. The pair must have been generated with the RSA cipher, e.g. with `keytool`: $ keytool -keyalg RSA -keystore my-keystore.jks -genkeypair
        Parameters:
        privateKey - the private key
        publicKey - the public key

      • TokenAuthenticationService

        public TokenAuthenticationService​(PublicKey publicKey)
        Configure the service with a public key. This has the effect that the service can no longer issue tokens, but only verify them. Can be useful in scenarios where a single entity is issuing tokens and services that wish to authenticate users do not have access to the secret key.
        Parameters:
        publicKey - the public key

      • TokenAuthenticationService

        public TokenAuthenticationService​(String secret,
                                  long expirationTime)

    • Method Detail

      • canIssueTokens

        public boolean canIssueTokens()

      • addAuthentication

        public void addAuthentication​(javax.servlet.http.HttpServletResponse response,
                              String username)

      • getAuthentication

        public org.springframework.security.core.Authentication getAuthentication​(javax.servlet.http.HttpServletRequest request)