Skip to content
Snippets Groups Projects
Select Git revision
  • cbdaef7ad72575bfe0e323365f702721ec60ea75
  • master default protected
  • react
3 results

TokenController.java

Blame
  • Code owners
    Assign users and groups as approvers for specific file changes. Learn more.
    TokenController.java 3.07 KiB
    /*
    * Copyright (C) 2020 by Savoir-faire Linux
    * Authors: William Enright <william.enright@savoirfairelinux.com>
    *          Ndeye Anna Ndiaye <anna.ndiaye@savoirfairelinux.com>
    *          Johnny Flores <johnny.flores@savoirfairelinux.com>
    *          Mohammed Raza <mohammed.raza@savoirfairelinux.com>
    *          Felix Sidokhine <felix.sidokhine@savoirfairelinux.com>
    *
    *
    * This program is free software; you can redistribute it and/or modify
    * it under the terms of the GNU General Public License as published by
    * the Free Software Foundation; either version 3 of the License, or
    * (at your option) any later version.
    *
    * This program is distributed in the hope that it will be useful,
    * but WITHOUT ANY WARRANTY; without even the implied warranty of
    * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    * GNU General Public License for more details.
    *
    * You should have received a copy of the GNU General Public License
    * along with this program.  If not, see <https://www.gnu.org/licenses/>.
    */
    package net.jami.jams.authmodule;
    
    import com.nimbusds.jose.JOSEObjectType;
    import com.nimbusds.jose.JWSAlgorithm;
    import com.nimbusds.jose.JWSHeader;
    import com.nimbusds.jose.crypto.RSASSASigner;
    import com.nimbusds.jwt.JWTClaimsSet;
    import com.nimbusds.jwt.SignedJWT;
    import net.jami.jams.common.authmodule.AuthScope;
    import net.jami.jams.common.authmodule.AuthTokenResponse;
    import net.jami.jams.common.objects.user.User;
    
    import java.security.PrivateKey;
    import java.util.Date;
    import java.util.UUID;
    
    public class TokenController{
    
        private static PrivateKey signingKey;
    
        public TokenController(PrivateKey signingKey) {
            TokenController.signingKey = signingKey;
        }
    
        public AuthTokenResponse getToken(User user, AuthScope authScope) {
            AuthTokenResponse authTokenResponse = new AuthTokenResponse();
            JWSHeader jwsHeader = new JWSHeader.Builder(JWSAlgorithm.RS256).type(JOSEObjectType.JWT).build();
            JWTClaimsSet.Builder builder = new JWTClaimsSet.Builder()
                    .issuer("JAMS")
                    .subject(user.getUsername())
                    .audience("JAMS")
                    .claim("oneTimePassword",user.getNeedsPasswordReset())
                    .expirationTime(new Date(System.currentTimeMillis() + 30*60*1000))
                    .notBeforeTime(new Date(System.currentTimeMillis()))
                    .issueTime(new Date(System.currentTimeMillis()))
                    .jwtID(UUID.randomUUID().toString());
            if(authScope == null) builder.claim("scope",user.getAccessLevel());
            else builder.claim("scope",authScope);
            JWTClaimsSet jwtClaims =  builder.build();
            SignedJWT signedJWT = new SignedJWT(jwsHeader, jwtClaims);
            try {
                signedJWT.sign(new RSASSASigner(signingKey));
                authTokenResponse.setAccess_token(signedJWT.serialize());
                authTokenResponse.setExpires_in(30*60*1000L);
                authTokenResponse.setScope(user.getAccessLevel());
                authTokenResponse.setToken_type("Bearer");
                return authTokenResponse;
            }
            catch (Exception e){
                return null;
            }
        }
    
    
    
    
    
    }