Skip to content
/ spring-jwt-done-right Public

Example of integration of Spring and jjwt without boilerplate code. Do it right!

4 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

kokorin/spring-jwt-done-right

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
.mvn/wrapper
.mvn/wrapper
 
 
src
src
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
mvnw
mvnw
 
 
mvnw.cmd
mvnw.cmd
 
 
pom.xml
pom.xml
 
 

Repository files navigation

Spring JWT integration done right

On github you can find many examples how to integrate JWT with Spring.

Many of them use OncePerRequestFilter with custom logic to authenticate user which put Authentication into SecurityContextHolder.

Such solutions IMHO are not beautiful and are error-prone.

This repository shows how to do the same but using standard Spring Security filter: UsernamePasswordAuthenticationFilter and AbstractPreAuthenticatedProcessingFilter

How to use

Login (get JWT)

curl -X POST http://localhost:8080/# -v -d username=user -d password=user

Check AUTHORIZATION header

Invoke (use JWT)

curl http://localhost:8080/greet -H "Authorization: Bearer JWT_YOU_RECEIVED_ON_LOGIN" -v

Check JWT expiration

Use the following JWT: eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ1c2VyIiwiaWF0IjoxNTQ5NjM1NjMyLCJleHAiOjE1NDk2MzU2NDIsImF1dGhvcml0aWVzIjoiUk9MRV9VU0VSIn0.aVJVydkEAO-sJ29_7SveFTDipl2yEcmAIZt-DyB6UV0:

curl http://localhost:8080/greet -H "Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ1c2VyIiwiaWF0IjoxNTQ5NjM1NjMyLCJleHAiOjE1NDk2MzU2NDIsImF1dGhvcml0aWVzIjoiUk9MRV9VU0VSIn0.aVJVydkEAO-sJ29_7SveFTDipl2yEcmAIZt-DyB6UV0" -v

About

Example of integration of Spring and jjwt without boilerplate code. Do it right!

Resources

Readme
Activity

Stars

4 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages