@Override protected Authenticator getAuthenticator(final Credential credential) { final TokenCredential tokenCredential = (TokenCredential) credential; logger.debug("Locating token secret for service [{}]", tokenCredential.getService()); final RegisteredService service = this.servicesManager.findServiceBy(tokenCredential.getService()); final String signingSecret = getRegisteredServiceJwtSigningSecret(service); final String encryptionSecret = getRegisteredServiceJwtEncryptionSecret(service); if (StringUtils.isNotBlank(signingSecret)) { if (StringUtils.isBlank(encryptionSecret)) { logger.warn("JWT authentication is configured to share a single key for both signing/encryption"); return new JwtAuthenticator(signingSecret); } return new JwtAuthenticator(signingSecret, encryptionSecret); } logger.warn("No token signing secret is defined for service [{}]. Ensure [{}] property is defined for service", service.getServiceId(), TokenConstants.PROPERTY_NAME_TOKEN_SECRET_SIGNING); return null; }
/** * JWT校验器,也就是目前设置的ParameterClient进行的校验器,是rest/或者前后端分离的核心校验器 * * @return */ @Bean protected JwtAuthenticator jwtAuthenticator() { JwtAuthenticator jwtAuthenticator = new JwtAuthenticator(); jwtAuthenticator.addSignatureConfiguration(new SecretSignatureConfiguration(salt)); jwtAuthenticator.addEncryptionConfiguration(new SecretEncryptionConfiguration(salt)); return jwtAuthenticator; }
final JwtAuthenticator a = new JwtAuthenticator(); a.setSignatureConfiguration(new SecretSignatureConfiguration(signingSecret, signingAlg));
val jwtAuthenticator = new JwtAuthenticator(); val secretBytes = getSecretBytes(signingSecret, secretsAreBase64Encoded); jwtAuthenticator.setSignatureConfiguration(new SecretSignatureConfiguration(secretBytes, signingAlg));
final JwtAuthenticator authenticator = new JwtAuthenticator(); authenticator.setSignatureConfiguration(secretSignatureConfiguration); authenticator.setEncryptionConfiguration(secretEncryptionConfiguration);
ParameterClient parameterClient = new ParameterClient("token", new JwtAuthenticator(new SecretSignatureConfiguration(salt))); parameterClient.setSupportGetRequest(true); parameterClient.setSupportPostRequest(false);