GitHub - earlgrey02/JWT: JWT(JSON Web Token) module for Spring framework

JWT

JWT(JSON Web Token) module for Spring framework

Settings

build.gradle.kts

repositories {
    maven { url = uri("https://jitpack.io") }
}

dependencies {
    implementation("com.github.earlgrey02:JWT:${version}")
}

Add the dependency after add JitPack repository to your build file.

application.yaml

jwt:
  secret: ...
  accessTokenExpire: 30
  refreshTokenExpire: 120

Set secret key and token expiration period in minutes.

JWT Authorization

Spring Web MVC

@EnableWebSecurity
@Configuration
class SecurityConfiguration {
    @Bean
    fun filterChain(
        http: HttpSecurity,
        jwtFilter: JwtFilter
    ): SecurityFilterChain {
        http {
            csrf { disable() }
            formLogin { disable() }
            httpBasic { disable() }
            logout { disable() }
            exceptionHandling { authenticationEntryPoint = HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED) }
            authorizeRequests { authorize(anyRequest, authenticated) }
            addFilterAt<UsernamePasswordAuthenticationFilter>(jwtFilter)
        }

        return http.build()
    }

    @Bean
    fun jwtFilter(jwtProvider: DefaultJwtProvider): JwtFilter = JwtFilter(jwtProvider)
}

Register JwtFilter to SecurityFilterChain.

@RestController
class TestController {
    @GetMapping("/")
    fun test(
        @AuthenticationPrincipal
        Principal principal
    ): ResponseEntity<Int> {
        val jwtAuthentication = principal as DefaultJwtAuthentication

        return ResponseEntity.ok()
            .body(jwtAuthentication.id)
    }
}

You can get JwtAuthentication from the principal in controller.

Spring WebFlux

@EnableWebFluxSecurity
@Configuration
class ReactiveSecurityConfiguration {
    @Bean
    fun filterChain(
        http: ServerHttpSecurity,
        jwtFilter: ReactiveJwtFilter
    ): SecurityWebFilterChain =
        http {
            csrf { disable() }
            formLogin { disable() }
            httpBasic { disable() }
            logout { disable() }
            exceptionHandling { authenticationEntryPoint = HttpStatusServerEntryPoint(HttpStatus.UNAUTHORIZED) }
            authorizeExchange { authorize(anyExchange, authenticated) }
            addFilterAt(jwtFilter, SecurityWebFiltersOrder.AUTHORIZATION)
        }

    @Bean
    fun jwtFilter(jwtProvider: DefaultJwtProvider): ReactiveJwtFilter =
        ReactiveJwtFilter(jwtProvider)
}

register ReactiveJwtFilter to SecurityWebFilterChain.

@Component
class TestHandler {
    fun test(request: ServerRequest): Mono<ServerResponse> =
        request.principal()
            .cast<JwtAuthentication>()
            .flatMap {
                ServerResponse.ok()
                    .bodyValue(it.id)
            }
}

You can get JwtAuthentication from the principal() in WebFlux.fn.

Name		Name	Last commit message	Last commit date
Latest commit History 60 Commits
.github		.github
gradle/wrapper		gradle/wrapper
src		src
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
build.gradle.kts		build.gradle.kts
gradlew		gradlew
gradlew.bat		gradlew.bat
jitpack.yml		jitpack.yml
settings.gradle.kts		settings.gradle.kts

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

JWT

Settings

build.gradle.kts

application.yaml

JWT Authorization

Spring Web MVC

Spring WebFlux

About

Releases 6

Languages

License

earlgrey02/JWT

Folders and files

Latest commit

History

Repository files navigation

JWT

Settings

build.gradle.kts

application.yaml

JWT Authorization

Spring Web MVC

Spring WebFlux

About

Topics

Resources

License

Stars

Watchers

Forks

Releases 6

Languages