Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
D
dawn-java-common
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Iterations
Wiki
Requirements
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Locked files
Build
Pipelines
Jobs
Pipeline schedules
Test cases
Artifacts
Deploy
Releases
Package Registry
Container Registry
Model registry
Operate
Environments
Terraform modules
Monitor
Incidents
Service Desk
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Code review analytics
Issue analytics
Insights
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
dawn
java
dawn-java-common
Commits
9372af93
Commit
9372af93
authored
2 years ago
by
Tucker Gary Siegel
Browse files
Options
Downloads
Plain Diff
Merge branch 'develop' of gitlab.cs.umd.edu:dawn/java/dawn-java-common into develop
parents
3a764971
20264181
No related branches found
Branches containing commit
Tags
0.7.1
Tags containing commit
No related merge requests found
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
changelog/0.7.0.yaml
+6
-0
6 additions, 0 deletions
changelog/0.7.0.yaml
src/main/java/edu/umd/dawn/common/interceptor/JWTInterceptor.java
+56
-0
56 additions, 0 deletions
.../java/edu/umd/dawn/common/interceptor/JWTInterceptor.java
with
62 additions
and
0 deletions
changelog/0.7.0.yaml
0 → 100644
+
6
−
0
View file @
9372af93
author
:
tgsiegel
change_type
:
Feature
commit
:
add jwt interceptor
date
:
'
2023-04-06'
merge_request
:
https://gitlab.cs.umd.edu/dawn/java/dawn-java-common/-/merge_requests/6
version
:
0.7.0
This diff is collapsed.
Click to expand it.
src/main/java/edu/umd/dawn/common/interceptor/JWTInterceptor.java
0 → 100644
+
56
−
0
View file @
9372af93
package
edu.umd.dawn.common.interceptor
;
import
edu.umd.dawn.common.jwt.Claims
;
import
edu.umd.dawn.common.jwt.JWTUtil
;
import
jakarta.servlet.http.HttpServletRequest
;
import
jakarta.servlet.http.HttpServletResponse
;
import
lombok.extern.log4j.Log4j2
;
import
org.springframework.web.servlet.HandlerInterceptor
;
/**
* interceptor to pull the claims and token for a jwt
* @implNote This does NOT throw any error if a jwt is not provided
*/
@Log4j2
public
class
JWTInterceptor
implements
HandlerInterceptor
{
private
boolean
local
;
private
boolean
warn
;
private
String
accessSecret
;
/**
*
* @param accessSecret JWT Access Secret from configuration
* @param local is the environment a local env or not
* @param warn should a warning be thrown if no jwt is provided
*/
public
JWTInterceptor
(
String
accessSecret
,
boolean
local
,
boolean
warn
)
{
this
.
local
=
local
;
this
.
accessSecret
=
accessSecret
;
this
.
warn
=
warn
;
}
@Override
public
boolean
preHandle
(
HttpServletRequest
request
,
HttpServletResponse
response
,
Object
handler
)
throws
Exception
{
if
(!
local
)
{
String
token
=
request
.
getHeader
(
"Authorization"
);
if
(
token
!=
null
&&
!
token
.
equals
(
""
))
{
if
(
token
.
startsWith
(
"Bearer "
))
{
token
=
token
.
replace
(
"Bearer "
,
""
);
}
Claims
claims
=
JWTUtil
.
parse
(
accessSecret
,
token
).
getClaims
();
request
.
setAttribute
(
"claims"
,
claims
);
request
.
setAttribute
(
"token"
,
token
);
}
else
if
(
warn
)
{
log
.
warn
(
"No jwt provided"
);
}
}
else
{
log
.
warn
(
"JWT interceptor has been disabled - if this is a production environment, consider this a"
+
" critical security error"
);
}
return
true
;
}
}
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
