fi.evolver.basics.spring.auth.entity.JwtToken Maven / Gradle / Ivy
package fi.evolver.basics.spring.auth.entity;
import java.util.Arrays;
import java.util.List;
import java.util.Objects;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import com.fasterxml.jackson.annotation.JsonAutoDetect;
import com.fasterxml.jackson.annotation.JsonAutoDetect.Visibility;
import com.fasterxml.jackson.annotation.JsonGetter;
import com.fasterxml.jackson.annotation.JsonProperty;
import com.fasterxml.jackson.annotation.JsonSetter;
import jakarta.persistence.Column;
import jakarta.persistence.Entity;
import jakarta.persistence.GeneratedValue;
import jakarta.persistence.GenerationType;
import jakarta.persistence.Id;
import jakarta.persistence.Table;
import jakarta.persistence.Transient;
@Entity
@Table(name = "jwt_token")
@JsonAutoDetect(fieldVisibility = Visibility.NONE, setterVisibility = Visibility.NONE, getterVisibility = Visibility.NONE, isGetterVisibility = Visibility.NONE, creatorVisibility = Visibility.NONE)
public class JwtToken {
private static final Logger LOG = LoggerFactory.getLogger(JwtToken.class);
public static final String DEFAULT_JWT_ID = "DEFAULT";
public static final JwtToken INVALID = new JwtToken("INVALID", "Invalid JWT token");
public static final JwtToken UNKNOWN = new JwtToken("UNKNOWN", "Unknown JWT token");
public static final JwtToken UNCHECKED = new JwtToken("UNCHECKED", "Authorization disabled", Pattern.compile(".*"));
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
@JsonProperty
private Long id;
@Column(name = "jwt_id")
@JsonProperty
private String jwtId;
@Column(name = "owner")
@JsonProperty
private String owner;
@Column(name = "permission_validators")
private String permissionValidators;
@Transient
private List permissionPatterns;
public JwtToken() {
}
private JwtToken(String jwtId, String owner, Pattern... permissionValidators) {
this.jwtId = jwtId;
this.owner = owner;
this.permissionPatterns = Arrays.asList(permissionValidators);
}
public Long getId() {
return id;
}
public String getJwtId() {
return jwtId;
}
public String getOwner() {
return owner;
}
public boolean isFullyAuthenticated() {
return this != INVALID && this != UNKNOWN && this != UNCHECKED && !DEFAULT_JWT_ID.equals(jwtId);
}
public boolean hasPermission(String permission) {
return getPermissionValidators().stream()
.anyMatch(p -> p.matcher(permission).matches());
}
@JsonGetter("permissionValidators")
private List getPermissionValidators() {
if (permissionPatterns == null) {
permissionPatterns = Arrays.stream(permissionValidators.split(","))
.map(String::trim)
.filter(s -> !s.isEmpty())
.map(this::createPattern)
.filter(Objects::nonNull)
.collect(Collectors.toList());
}
return permissionPatterns;
}
@JsonSetter("permissionValidators")
public void setPermissionValidators(List permissionValidators) {
this.permissionPatterns = permissionValidators;
this.permissionValidators = permissionValidators.stream()
.map(Pattern::pattern)
.collect(Collectors.joining(","));
}
private Pattern createPattern(String regex) {
try {
return Pattern.compile(regex);
} catch (RuntimeException e) {
LOG.warn("AuthorizationToken {} has invalid permission pattern '{}': IGNORE", owner, regex);
return null;
}
}
@Override
public String toString() {
StringBuilder builder = new StringBuilder();
builder.append("{\n");
builder.append("\tjwtId: ").append(jwtId).append(",\n");
builder.append("\towner: ").append(owner).append(",\n");
builder.append("\tpermissionValidators: [ ")
.append(getPermissionValidators().stream().map(Pattern::pattern).collect(Collectors.joining(",\n\t\t")))
.append(" ]\n");
builder.append("}");
return builder.toString();
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy