Feature/microprofile jwt support

src/main/java/io/gdiazs/commons/boot/security/CommonsSecurity.java

@@ -14,10 +14,15 @@ public class CommonsSecurity {
 
 	@Value("${token.expiration}")
 	private String expiration;
+
+	@Value("${jwt.issuer}")
+	private String issuer;
 
 	@Bean
 	public JwtTokenGenerator tokenUtils() {
-		return new JwtTokenGenerator(secret, new Long(expiration));
+		final JwtTokenGenerator jwtTokenGenerator = new JwtTokenGenerator(secret, new Long(expiration));
+		jwtTokenGenerator.setIssClaim(issuer);
+		return jwtTokenGenerator;
 	}
 
 

src/main/java/io/gdiazs/commons/boot/security/jwt/JwtTokenGenerator.java

@@ -1,11 +1,15 @@
 package io.gdiazs.commons.boot.security.jwt;
 
+import java.util.ArrayList;
 import java.util.Base64;
+import java.util.Collection;
 import java.util.Date;
 import java.util.HashMap;
+import java.util.List;
 import java.util.Map;
 
 import org.springframework.mobile.device.Device;
+import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.userdetails.UserDetails;
 
 import io.gdiazs.commons.boot.security.user.UserDTO;
@@ -23,6 +27,8 @@ public class JwtTokenGenerator {
 	private String secret = "default";
 
 	private Long expiration = 604800L;
+
+	private String issClaim;
 
 	public JwtTokenGenerator(String secret, Long expiration) {
 		super();
@@ -111,26 +117,34 @@ private Boolean ignoreTokenExpiration(String token) {
 	public String generateToken(UserDetails userDetails, Device device) {
 		Map<String, Object> claims = new HashMap<String, Object>();
 		claims.put("sub", userDetails.getUsername());
+		claims.put("iss", getIssClaim());
+		claims.put("aud", getAudience(device));
 		claims.put("audience", getAudience(device));
 		claims.put("created", this.generateCurrentDate());
 		claims.put("authorities", userDetails.getAuthorities());
+		claims.put("upn", userDetails.getUsername());
+		claims.put("groups", getGroups(userDetails));
 		return this.generateToken(claims);
 	}
 
 	public String generateToken(UserDetails userDetails) {
 		Map<String, Object> claims = new HashMap<>();
 		claims.put("sub", userDetails.getUsername());
+		claims.put("iss", getIssClaim());
+		claims.put("aud", AUDIENCE_UNKNOWN);
 		claims.put("audience", AUDIENCE_UNKNOWN);
 		claims.put("created", this.generateCurrentDate());
 		claims.put("authorities", userDetails.getAuthorities());
+		claims.put("upn", userDetails.getUsername());
+		claims.put("groups", getGroups(userDetails));
 		return this.generateToken(claims);
 	}
 
 	private String generateToken(Map<String, Object> claims) {
 		final String secret = Base64.getEncoder().encodeToString(this.secret.getBytes());
 
 		return Jwts.builder().setClaims(claims).setExpiration(this.generateExpirationDate())
-		    .signWith(SignatureAlgorithm.HS512, secret).compact();
+		    .signWith(SignatureAlgorithm.HS256, secret).compact();
 
 	}
 
@@ -176,5 +190,23 @@ private String getAudience(Device device) {
 		return this.AUDIENCE_UNKNOWN;
 
 	}
+
+
+	private static List<String> getGroups(UserDetails userDetails) {
+		List<String> groups = new ArrayList<>();
+		Collection<? extends GrantedAuthority> authorities = userDetails.getAuthorities();
+		authorities.forEach(auth -> groups.add(auth.getAuthority()));
+		return groups;
+	}
+
+	public String getIssClaim() {
+		return issClaim;
+	}
+
+	public void setIssClaim(String issClaim) {
+		this.issClaim = issClaim;
+	}
+
+
 
 }

src/test/resources/application.properties

@@ -9,5 +9,6 @@ spring.datasource.platform=h2
 #JWT security config
 token.secret=secret
 token.expiration=604800
+jwt.issuer=www.banking.com