• Home
• pl.touk.nussknacker
• nussknacker-security_2.12
• 1.18.1
• source code
• RawJwtToken.scala

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

pl.touk.nussknacker.ui.security.oauth2.jwt.RawJwtToken.scala Maven / Gradle / Ivy

package pl.touk.nussknacker.ui.security.oauth2.jwt

import pdi.jwt.JwtUtils
import pdi.jwt.exceptions.JwtLengthException
import pl.touk.nussknacker.engine.util.SensitiveDataMasker

final case class RawJwtToken(token: String) {

  // claim can have some personal data like e-mail and signature can be used for session hijacking
  def masked: String =
    (List(header, SensitiveDataMasker.mask(claim)) ::: sigOpt.map(SensitiveDataMasker.mask) :: Nil).mkString(".")

  lazy val (header, claim, sigOpt) = {
    val parts = JwtUtils.splitString(token, '.')

    val signature = parts.length match {
      case 2 => None
      case 3 => Some(parts(2))
      case _ =>
        throw new JwtLengthException(
          s"Expected token [$token] to be composed of 2 or 3 parts separated by dots."
        )
    }

    (parts(0), parts(1), signature)
  }

}