mcihad · September 18, 2024 10:22
diff --git a/JWTService.java b/JWTService.java
 package com.example.demo.services;

 import io.jsonwebtoken.Claims;
 import io.jsonwebtoken.Jws;
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.SignatureAlgorithm;
 import io.jsonwebtoken.security.Keys;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Service;

 import javax.crypto.SecretKey;
 import javax.crypto.spec.SecretKeySpec;
 import java.security.Key;
 import java.time.Instant;
 import java.time.temporal.ChronoUnit;
 import java.util.Base64;
 import java.util.Date;
 import java.util.List;
 import java.util.UUID;

 @Service
 public class JWTService {

    @Value("${secretKey}")
    private String secretKey;

    public String createJWT() {

        Key key = new SecretKeySpec(Base64.getDecoder().decode(secretKey),
                "HmacSHA256");

        return Jwts.builder()
                .header()
                .keyId(UUID.randomUUID().toString())
                .and()
                .claim("id", UUID.randomUUID().toString())
                .claim("tenantId",UUID.randomUUID().toString())
                .claim("roles", List.of("ADMIN","USER"))
                .issuer("https://www.example.com")
                .signWith(key)
                .issuedAt(Date.from(Instant.now()))
                .expiration(Date.from(Instant.now().plus(10, ChronoUnit.MINUTES)))
                .compact();
    }

    public Jws<Claims> parseJwt(String jwt) {
        Key key = new SecretKeySpec(Base64.getDecoder().decode(secretKey),
                "HmacSHA256");
        var secretKey = Keys.hmacShaKeyFor(Base64.getDecoder().decode(this.secretKey));
        return Jwts.parser()

                .verifyWith(secretKey)
                .build()
                .parseSignedClaims(jwt);
    }
 }
	package com.example.demo.services;

	import io.jsonwebtoken.Claims;
	import io.jsonwebtoken.Jws;
	import io.jsonwebtoken.Jwts;
	import io.jsonwebtoken.SignatureAlgorithm;
	import io.jsonwebtoken.security.Keys;
	import org.springframework.beans.factory.annotation.Value;
	import org.springframework.stereotype.Service;

	import javax.crypto.SecretKey;
	import javax.crypto.spec.SecretKeySpec;
	import java.security.Key;
	import java.time.Instant;
	import java.time.temporal.ChronoUnit;
	import java.util.Base64;
	import java.util.Date;
	import java.util.List;
	import java.util.UUID;

	@Service
	public class JWTService {

	@Value("${secretKey}")
	private String secretKey;

	public String createJWT() {

	Key key = new SecretKeySpec(Base64.getDecoder().decode(secretKey),
	"HmacSHA256");

	return Jwts.builder()
	.header()
	.keyId(UUID.randomUUID().toString())
	.and()
	.claim("id", UUID.randomUUID().toString())
	.claim("tenantId",UUID.randomUUID().toString())
	.claim("roles", List.of("ADMIN","USER"))
	.issuer("https://www.example.com")
	.signWith(key)
	.issuedAt(Date.from(Instant.now()))
	.expiration(Date.from(Instant.now().plus(10, ChronoUnit.MINUTES)))
	.compact();
	}

	public Jws<Claims> parseJwt(String jwt) {
	Key key = new SecretKeySpec(Base64.getDecoder().decode(secretKey),
	"HmacSHA256");
	var secretKey = Keys.hmacShaKeyFor(Base64.getDecoder().decode(this.secretKey));
	return Jwts.parser()

	.verifyWith(secretKey)
	.build()
	.parseSignedClaims(jwt);
	}
	}