add authentication service based on jwt

zhengyangyong · zhengyangyong · commit c3c3e4ef4f41 · 2018-07-02T10:53:36.000+08:00
Signed-off-by: zhengyangyong &lt;yangyong.zheng@huawei.com&gt;
diff --git a/common/src/main/java/org/apache/servicecomb/scaffold/user/api/AuthenticationService.java b/common/src/main/java/org/apache/servicecomb/scaffold/user/api/AuthenticationService.java
@@ -0,0 +1,5 @@
+package org.apache.servicecomb.scaffold.user.api;
+
+public interface AuthenticationService {
+  boolean validate(String token);
+}
diff --git a/user-service/src/main/java/org/apache/servicecomb/scaffold/user/AuthenticationServiceImpl.java b/user-service/src/main/java/org/apache/servicecomb/scaffold/user/AuthenticationServiceImpl.java
@@ -0,0 +1,25 @@
+package org.apache.servicecomb.scaffold.user;
+
+import org.apache.servicecomb.provider.rest.common.RestSchema;
+import org.apache.servicecomb.scaffold.user.api.AuthenticationService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+
+@RestSchema(schemaId = "authentication")
+@RequestMapping(path = "/")
+public class AuthenticationServiceImpl implements AuthenticationService {
+
+  private final TokenStore tokenStore;
+
+  @Autowired
+  public AuthenticationServiceImpl(TokenStore tokenStore) {
+    this.tokenStore = tokenStore;
+  }
+
+  @Override
+  @GetMapping(path = "validate")
+  public boolean validate(String token) {
+    return tokenStore.validate(token);
+  }
+}
diff --git a/user-service/src/main/java/org/apache/servicecomb/scaffold/user/JwtTokenStore.java b/user-service/src/main/java/org/apache/servicecomb/scaffold/user/JwtTokenStore.java
@@ -0,0 +1,67 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.servicecomb.scaffold.user;
+
+import static io.jsonwebtoken.SignatureAlgorithm.HS512;
+
+import java.time.ZonedDateTime;
+import java.util.Date;
+
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.stereotype.Component;
+
+import io.jsonwebtoken.JwtException;
+import io.jsonwebtoken.Jwts;
+
+@Component
+public class JwtTokenStore implements TokenStore {
+  private static final Logger LOGGER = LoggerFactory.getLogger(JwtTokenStore.class);
+
+  private final String secretKey;
+
+  private final int secondsToExpire;
+
+  public JwtTokenStore() {
+    this.secretKey = "someSecretKeyForAuthentication";
+    this.secondsToExpire = 60 * 60 * 24;
+  }
+
+  public JwtTokenStore(String secretKey, int secondsToExpire) {
+    this.secretKey = secretKey;
+    this.secondsToExpire = secondsToExpire;
+  }
+
+  @Override
+  public String generate(String userName) {
+    return Jwts.builder().setSubject(userName)
+        .setExpiration(Date.from(ZonedDateTime.now().plusSeconds(secondsToExpire).toInstant()))
+        .signWith(HS512, secretKey).compact();
+  }
+
+  @Override
+  public boolean validate(String token) {
+    try {
+      return StringUtils
+          .isNotEmpty(Jwts.parser().setSigningKey(secretKey).parseClaimsJws(token).getBody().getSubject());
+    } catch (JwtException | IllegalArgumentException e) {
+      LOGGER.info("validateToken token : " + token + " failed", e);
+    }
+    return false;
+  }
+}
diff --git a/user-service/src/main/java/org/apache/servicecomb/scaffold/user/TokenStore.java b/user-service/src/main/java/org/apache/servicecomb/scaffold/user/TokenStore.java
@@ -0,0 +1,24 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.servicecomb.scaffold.user;
+
+public interface TokenStore {
+  String generate(String userName);
+
+  boolean validate(String token);
+}
