Commit 7e9edf1d79f42c8876ef265f7d401f219501b691
1 parent
b20dad3a
Segurança e ajustes nos pacotes
Showing
4 changed files
with
8 additions
and
13 deletions
Show diff stats
demoiselle-security-jwt/src/main/java/org/demoiselle/jee/security/jwt/impl/TokensManagerImpl.java
... | ... | @@ -29,7 +29,7 @@ import org.jose4j.lang.JoseException; |
29 | 29 | * |
30 | 30 | * @author 70744416353 |
31 | 31 | */ |
32 | -@Dependent | |
32 | +@RequestScoped | |
33 | 33 | public class TokensManagerImpl implements TokensManager { |
34 | 34 | |
35 | 35 | @Inject |
... | ... | @@ -49,9 +49,6 @@ public class TokensManagerImpl implements TokensManager { |
49 | 49 | public TokensManagerImpl() throws JoseException { |
50 | 50 | if (rsaJsonWebKey == null) { |
51 | 51 | // RsaJsonWebKey chave = RsaJwkGenerator.generateJwk(2048); |
52 | -// logger.info("Se você quiser usar sua app em cluster, coloque o parametro jwt.key no app.properties e reinicie a aplicacao"); | |
53 | -// logger.log(Level.INFO, "jwt.key={0}", chave); | |
54 | -// logger.info("Se você não usar esse parametro, a cada reinicialização será gerada uma nova chave privada, isso inviabiliza o uso em cluster "); | |
55 | 52 | rsaJsonWebKey = (RsaJsonWebKey) RsaJsonWebKey.Factory.newPublicJwk(RsaJwkGenerator.generateJwk(2048).getKey()); |
56 | 53 | rsaJsonWebKey.setKeyId("demoiselle-security-jwt"); |
57 | 54 | } |
... | ... | @@ -78,13 +75,14 @@ public class TokensManagerImpl implements TokensManager { |
78 | 75 | if (!ip.equalsIgnoreCase((String) jwtClaims.getClaimValue("ip"))) { |
79 | 76 | return null; |
80 | 77 | } |
78 | + return loggedUser; | |
81 | 79 | } catch (InvalidJwtException ex) { |
82 | 80 | loggedUser = null; |
83 | 81 | token.setKey(null); |
84 | 82 | logger.severe(ex.getMessage()); |
85 | 83 | } |
86 | 84 | } |
87 | - return loggedUser; | |
85 | + return null; | |
88 | 86 | } |
89 | 87 | |
90 | 88 | @Override |
... | ... | @@ -110,6 +108,7 @@ public class TokensManagerImpl implements TokensManager { |
110 | 108 | jws.setKeyIdHeaderValue(rsaJsonWebKey.getKeyId()); |
111 | 109 | jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.HMAC_SHA512); |
112 | 110 | token.setKey(jws.getCompactSerialization()); |
111 | + token.setType("JWT"); | |
113 | 112 | } catch (JoseException ex) { |
114 | 113 | ex.printStackTrace(); |
115 | 114 | // logger.severe(ex.getMessage()); | ... | ... |
demoiselle-security-token/src/main/java/org/demoiselle/jee/security/token/impl/TokensManagerImpl.java
... | ... | @@ -5,13 +5,10 @@ |
5 | 5 | */ |
6 | 6 | package org.demoiselle.jee.security.token.impl; |
7 | 7 | |
8 | -import java.util.Iterator; | |
9 | -import java.util.Map; | |
10 | 8 | import java.util.UUID; |
11 | 9 | import java.util.concurrent.ConcurrentHashMap; |
12 | 10 | import java.util.logging.Logger; |
13 | 11 | import javax.enterprise.context.Dependent; |
14 | -import javax.enterprise.context.RequestScoped; | |
15 | 12 | import javax.inject.Inject; |
16 | 13 | import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal; |
17 | 14 | import org.demoiselle.jee.core.interfaces.security.Token; | ... | ... |
demoiselle-security/src/main/java/org/demoiselle/jee/security/impl/DemoisellePrincipalImpl.java
... | ... | @@ -9,6 +9,7 @@ package org.demoiselle.jee.security.impl; |
9 | 9 | import java.util.List; |
10 | 10 | import java.util.Map; |
11 | 11 | import java.util.Objects; |
12 | +import javax.enterprise.context.Dependent; | |
12 | 13 | import javax.enterprise.context.RequestScoped; |
13 | 14 | import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal; |
14 | 15 | ... | ... |
demoiselle-security/src/main/java/org/demoiselle/jee/security/impl/SecurityContextImpl.java
... | ... | @@ -7,14 +7,12 @@ |
7 | 7 | package org.demoiselle.jee.security.impl; |
8 | 8 | |
9 | 9 | import javax.enterprise.context.Dependent; |
10 | +import javax.enterprise.context.RequestScoped; | |
10 | 11 | import javax.inject.Inject; |
11 | -import javax.ws.rs.core.Response; | |
12 | 12 | import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal; |
13 | 13 | |
14 | 14 | import org.demoiselle.jee.core.interfaces.security.SecurityContext; |
15 | 15 | import org.demoiselle.jee.core.interfaces.security.TokensManager; |
16 | -import org.demoiselle.jee.security.exception.DemoiselleSecurityException; | |
17 | -import org.demoiselle.jee.security.message.DemoiselleSecurityMessages; | |
18 | 16 | |
19 | 17 | /** |
20 | 18 | * <p> |
... | ... | @@ -23,7 +21,7 @@ import org.demoiselle.jee.security.message.DemoiselleSecurityMessages; |
23 | 21 | * |
24 | 22 | * @author SERPRO |
25 | 23 | */ |
26 | -@Dependent | |
24 | +@RequestScoped | |
27 | 25 | public class SecurityContextImpl implements SecurityContext { |
28 | 26 | |
29 | 27 | private static final long serialVersionUID = 1L; |
... | ... | @@ -63,7 +61,7 @@ public class SecurityContextImpl implements SecurityContext { |
63 | 61 | */ |
64 | 62 | @Override |
65 | 63 | public boolean isLoggedIn() { |
66 | - return getUser() != null; | |
64 | + return getUser() != null && getUser().getId() != null; | |
67 | 65 | } |
68 | 66 | |
69 | 67 | @Override | ... | ... |