From 1da7132cfdddf6e876bc26b1c6e2fb44ed7b7f1d Mon Sep 17 00:00:00 2001
From: gdiazs <diazgbs@gmail.com>
Date: Wed, 6 Feb 2019 15:05:54 -0600
Subject: [PATCH 1/2] Generates a microprofile support jwt

---
 .../commons/boot/security/CommonsSecurity.java |  7 ++++++-
 .../boot/security/jwt/JwtTokenGenerator.java   | 18 ++++++++++++++++++
 src/test/resources/application.properties      |  1 +
 3 files changed, 25 insertions(+), 1 deletion(-)

diff --git a/src/main/java/io/gdiazs/commons/boot/security/CommonsSecurity.java b/src/main/java/io/gdiazs/commons/boot/security/CommonsSecurity.java
index 4657e2c..0dd0c78 100644
--- a/src/main/java/io/gdiazs/commons/boot/security/CommonsSecurity.java
+++ b/src/main/java/io/gdiazs/commons/boot/security/CommonsSecurity.java
@@ -14,10 +14,15 @@ public class CommonsSecurity {
 
 	@Value("${token.expiration}")
 	private String expiration;
+	
+	@Value("${jwt.issuer}")
+	private String issuer;
 
 	@Bean
 	public JwtTokenGenerator tokenUtils() {
-		return new JwtTokenGenerator(secret, new Long(expiration));
+		final JwtTokenGenerator jwtTokenGenerator = new JwtTokenGenerator(secret, new Long(expiration));
+		jwtTokenGenerator.setIssClaim(issuer);
+		return jwtTokenGenerator;
 	}
 
 
diff --git a/src/main/java/io/gdiazs/commons/boot/security/jwt/JwtTokenGenerator.java b/src/main/java/io/gdiazs/commons/boot/security/jwt/JwtTokenGenerator.java
index d04b845..f5de547 100644
--- a/src/main/java/io/gdiazs/commons/boot/security/jwt/JwtTokenGenerator.java
+++ b/src/main/java/io/gdiazs/commons/boot/security/jwt/JwtTokenGenerator.java
@@ -23,6 +23,8 @@ public class JwtTokenGenerator {
 	private String secret = "default";
 
 	private Long expiration = 604800L;
+	
+	private String issClaim;
 
 	public JwtTokenGenerator(String secret, Long expiration) {
 		super();
@@ -111,18 +113,24 @@ private Boolean ignoreTokenExpiration(String token) {
 	public String generateToken(UserDetails userDetails, Device device) {
 		Map<String, Object> claims = new HashMap<String, Object>();
 		claims.put("sub", userDetails.getUsername());
+		claims.put("iss", userDetails.getAuthorities());
 		claims.put("audience", getAudience(device));
 		claims.put("created", this.generateCurrentDate());
 		claims.put("authorities", userDetails.getAuthorities());
+		claims.put("upn", userDetails.getUsername());
+		claims.put("groups", userDetails.getAuthorities());
 		return this.generateToken(claims);
 	}
 
 	public String generateToken(UserDetails userDetails) {
 		Map<String, Object> claims = new HashMap<>();
 		claims.put("sub", userDetails.getUsername());
+		claims.put("iss", userDetails.getAuthorities());
 		claims.put("audience", AUDIENCE_UNKNOWN);
 		claims.put("created", this.generateCurrentDate());
 		claims.put("authorities", userDetails.getAuthorities());
+		claims.put("upn", userDetails.getUsername());
+		claims.put("groups", userDetails.getAuthorities());
 		return this.generateToken(claims);
 	}
 
@@ -177,4 +185,14 @@ private String getAudience(Device device) {
 
 	}
 
+	public String getIssClaim() {
+		return issClaim;
+	}
+
+	public void setIssClaim(String issClaim) {
+		this.issClaim = issClaim;
+	}
+	
+	
+
 }
diff --git a/src/test/resources/application.properties b/src/test/resources/application.properties
index 008ef57..b612885 100644
--- a/src/test/resources/application.properties
+++ b/src/test/resources/application.properties
@@ -9,5 +9,6 @@ spring.datasource.platform=h2
 #JWT security config
 token.secret=secret
 token.expiration=604800
+jwt.issuer=www.banking.com
 
 

From 0a1fbbd35b3e50005224db90db64d7dc8b55a021 Mon Sep 17 00:00:00 2001
From: gdiazs <diazgbs@gmail.com>
Date: Wed, 6 Feb 2019 16:13:27 -0600
Subject: [PATCH 2/2] fix jwt for microprofile

---
 .../boot/security/jwt/JwtTokenGenerator.java  | 24 +++++++++++++++----
 1 file changed, 19 insertions(+), 5 deletions(-)

diff --git a/src/main/java/io/gdiazs/commons/boot/security/jwt/JwtTokenGenerator.java b/src/main/java/io/gdiazs/commons/boot/security/jwt/JwtTokenGenerator.java
index f5de547..12af150 100644
--- a/src/main/java/io/gdiazs/commons/boot/security/jwt/JwtTokenGenerator.java
+++ b/src/main/java/io/gdiazs/commons/boot/security/jwt/JwtTokenGenerator.java
@@ -1,11 +1,15 @@
 package io.gdiazs.commons.boot.security.jwt;
 
+import java.util.ArrayList;
 import java.util.Base64;
+import java.util.Collection;
 import java.util.Date;
 import java.util.HashMap;
+import java.util.List;
 import java.util.Map;
 
 import org.springframework.mobile.device.Device;
+import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.userdetails.UserDetails;
 
 import io.gdiazs.commons.boot.security.user.UserDTO;
@@ -113,24 +117,26 @@ private Boolean ignoreTokenExpiration(String token) {
 	public String generateToken(UserDetails userDetails, Device device) {
 		Map<String, Object> claims = new HashMap<String, Object>();
 		claims.put("sub", userDetails.getUsername());
-		claims.put("iss", userDetails.getAuthorities());
+		claims.put("iss", getIssClaim());
+		claims.put("aud", getAudience(device));
 		claims.put("audience", getAudience(device));
 		claims.put("created", this.generateCurrentDate());
 		claims.put("authorities", userDetails.getAuthorities());
 		claims.put("upn", userDetails.getUsername());
-		claims.put("groups", userDetails.getAuthorities());
+		claims.put("groups", getGroups(userDetails));
 		return this.generateToken(claims);
 	}
 
 	public String generateToken(UserDetails userDetails) {
 		Map<String, Object> claims = new HashMap<>();
 		claims.put("sub", userDetails.getUsername());
-		claims.put("iss", userDetails.getAuthorities());
+		claims.put("iss", getIssClaim());
+		claims.put("aud", AUDIENCE_UNKNOWN);
 		claims.put("audience", AUDIENCE_UNKNOWN);
 		claims.put("created", this.generateCurrentDate());
 		claims.put("authorities", userDetails.getAuthorities());
 		claims.put("upn", userDetails.getUsername());
-		claims.put("groups", userDetails.getAuthorities());
+		claims.put("groups", getGroups(userDetails));
 		return this.generateToken(claims);
 	}
 
@@ -138,7 +144,7 @@ private String generateToken(Map<String, Object> claims) {
 		final String secret = Base64.getEncoder().encodeToString(this.secret.getBytes());
 
 		return Jwts.builder().setClaims(claims).setExpiration(this.generateExpirationDate())
-		    .signWith(SignatureAlgorithm.HS512, secret).compact();
+		    .signWith(SignatureAlgorithm.HS256, secret).compact();
 
 	}
 
@@ -184,6 +190,14 @@ private String getAudience(Device device) {
 		return this.AUDIENCE_UNKNOWN;
 
 	}
+	
+	
+	private static List<String> getGroups(UserDetails userDetails) {
+		List<String> groups = new ArrayList<>();
+		Collection<? extends GrantedAuthority> authorities = userDetails.getAuthorities();
+		authorities.forEach(auth -> groups.add(auth.getAuthority()));
+		return groups;
+	}
 
 	public String getIssClaim() {
 		return issClaim;