Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

JwtService get all claims #70

Open
DevRuibin opened this issue Feb 25, 2024 · 3 comments
Open

JwtService get all claims #70

DevRuibin opened this issue Feb 25, 2024 · 3 comments

Comments

@DevRuibin
Copy link

The method extractAllClaims includes method parseSignedClaims which will throw exception if the token has expired. There is another function to check if the token has expired. it will return true if it doesn't expire. For other claims we want to extract, it doesn't work unless the token doesn't expire. I think this is not so correct in the scenario where I just need to extract claims without checking if it is valid or not.
@ghost
Copy link

ghost commented Mar 14, 2024
edited by ghost

Hi @DevRuibin ,

You are indeed right.
The exceptions aren't properly caught.

I have rebuild this repository in a proper manner and added coding standards to it, you can find the repository here:
https://github.com/spring-boot-react/full-stack-spring-boot-security-jwt-postgresql-docker-nextjs

The extractClaim method is changed to:

 private <T> T extractClaim(String jwt, Function<Claims, T> claimsResolver) {
    try {
      return claimsResolver.apply(extractAllClaims(jwt));
    } catch (SignatureException e) {
      log.error("Invalid signature: " + e.getMessage());
    } catch (MalformedJwtException e) {
      log.error("Malformed JWT: " + e.getMessage());
    } catch (ExpiredJwtException e) {
      log.error("Expired JWT: " + e.getMessage());
    } catch (UnsupportedJwtException e) {
      log.error("Unsupported JWT: " + e.getMessage());
    }
    return null;
  }

I am currently building a frontend in Next.js 14, which will be committed in the coming week.

@JavieSanchezB
Copy link

para las personas que lo quieran en español


private <T> T extractClaim(String jwt, Function<Claims, T> claimsResolver) {
    try {
        return claimsResolver.apply(extractAllClaims(jwt));
    } catch (SignatureException e) {
        log.error("Firma inválida: " + e.getMessage());
    } catch (MalformedJwtException e) {
        log.error("JWT mal formado: " + e.getMessage());
    } catch (ExpiredJwtException e) {
        log.error("JWT expirado: " + e.getMessage());
    } catch (UnsupportedJwtException e) {
        log.error("JWT no compatible: " + e.getMessage());
    }
    return null;
}

@ghost
Copy link

ghost commented Mar 16, 2024

@JavieSanchezB ,

Please be informed that the translation i18n implementation is completed in repository: https://github.com/spring-boot-react/full-stack-spring-boot-security-jwt-postgresql-docker-nextjs

By adding another resource bundle within the resources > i18n folder, you are able to add messages in your preferred language.
In this case what you could do is the following:

  • add messages_es.properties to the resource bundle
  • copy the key value pairs from another message bundle and change the values to Spanish
  • change the preferred logging language within the .env file to es
  • start the application
  • use an invalid JWT with one of your request and view the result within your terminal

Please do let me know what you think of the implementation.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@JavieSanchezB @DevRuibin