-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathJwtTokenProvider.java
More file actions
113 lines (93 loc) · 3.83 KB
/
JwtTokenProvider.java
File metadata and controls
113 lines (93 loc) · 3.83 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
package learningFlow.learningFlow_BE.security.jwt;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.JwtException;
import io.jsonwebtoken.Jwts;
import learningFlow.learningFlow_BE.security.auth.PrincipalDetails;
import learningFlow.learningFlow_BE.domain.User;
import learningFlow.learningFlow_BE.service.auth.oauth.OAuth2UserTemp;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Component;
import javax.crypto.SecretKey;
import java.util.Date;
@Slf4j
@Component
@RequiredArgsConstructor
public class JwtTokenProvider {
private final JwtProperties jwtProperties;
private final SecretKey jwtSecretKey;
public String createAccessToken(Authentication authentication) {
PrincipalDetails principalDetails = (PrincipalDetails) authentication.getPrincipal();
User user = principalDetails.getUser();
Date now = new Date();
Date validity = new Date(now.getTime() + jwtProperties.getAccessTokenValidityInSeconds() * 1000);
return Jwts.builder()
.subject(user.getEmail())
.claim("loginId", user.getLoginId())
.claim("role",user.getRole().name())
.issuedAt(now)
.expiration(validity)
.signWith(jwtSecretKey)
.compact();
}
public String createRefreshToken(Authentication authentication) {
PrincipalDetails principalDetails = (PrincipalDetails) authentication.getPrincipal();
User user = principalDetails.getUser();
Date now = new Date();
//Date validity = new Date(now.getTime() + jwtProperties.getRefreshTokenValidityInSeconds() * 1000);
return Jwts.builder()
.subject(user.getEmail())
.issuedAt(now)
//.expiration(validity)
.signWith(jwtSecretKey)
.compact();
}
public String getEmailFromToken(String token) {
return getClaims(token).getSubject();
}
public boolean validateToken(String token) {
try {
Jwts.parser()
.verifyWith(jwtSecretKey)
.build()
.parseSignedClaims(token);
return true;
} catch (JwtException | IllegalArgumentException e) {
log.error("유효하지 않은 JWT 토큰입니다. : {}", e.getMessage());
return false;
}
}
public long getExpirationFromToken(String token) {
return getClaims(token).getExpiration().getTime();
}
public String createTemporaryToken(OAuth2UserTemp oauth2UserTemp) {
Date now = new Date();
Date validity = new Date(now.getTime() + 1800000); // 30분
return Jwts.builder()
.subject(oauth2UserTemp.getEmail())
.claim("name", oauth2UserTemp.getName())
.claim("providerId", oauth2UserTemp.getProviderId())
.claim("socialType", oauth2UserTemp.getSocialType().name())
.claim("isTemporary", true) // 임시 토큰 구분을 위한 클레임
.issuedAt(now)
.expiration(validity)
.signWith(jwtSecretKey)
.compact();
}
// 임시 토큰인지 확인하는 메소드
public boolean isTemporaryToken(String token) {
return Boolean.TRUE.equals(getClaims(token).get("isTemporary", Boolean.class));
}
public Claims getClaims(String token) {
return Jwts.parser()
.verifyWith(jwtSecretKey)
.build()
.parseSignedClaims(token)
.getPayload();
}
public long getRemainingTime(String token) {
Claims claims = getClaims(token);
return claims.getExpiration().getTime() - System.currentTimeMillis();
}
}