Moved TextCodec.BASE64.decode calls into service. Refactored method names to drive home that you're getting bytes back.

dogeared · dogeared · commit 2f6b1ca3181e · 2016-07-14T00:09:53.000-04:00
diff --git a/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/config/CSRFConfig.java b/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/config/CSRFConfig.java
@@ -16,6 +16,6 @@ public class CSRFConfig {
     @Bean
     @ConditionalOnMissingBean
     public CsrfTokenRepository jwtCsrfTokenRepository() {
-        return new JWTCsrfTokenRepository(secretService.getHS256Secret());
+        return new JWTCsrfTokenRepository(secretService.getHS256SecretBytes());
     }
 }
diff --git a/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/config/JWTCsrfTokenRepository.java b/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/config/JWTCsrfTokenRepository.java
@@ -2,7 +2,6 @@
 
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.SignatureAlgorithm;
-import io.jsonwebtoken.impl.TextCodec;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.security.web.csrf.CsrfToken;
@@ -22,8 +21,8 @@ public class JWTCsrfTokenRepository implements CsrfTokenRepository {
     private static final Logger log = LoggerFactory.getLogger(JWTCsrfTokenRepository.class);
     private byte[] secret;
 
-    public JWTCsrfTokenRepository(String base64Secret) {
-        this.secret = TextCodec.BASE64.decode(base64Secret);
+    public JWTCsrfTokenRepository(byte[] secret) {
+        this.secret = secret;
     }
 
     @Override
diff --git a/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/config/WebSecurityConfig.java b/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/config/WebSecurityConfig.java
@@ -2,10 +2,8 @@
 
 import io.jsonwebtoken.JwtException;
 import io.jsonwebtoken.Jwts;
-import io.jsonwebtoken.impl.TextCodec;
 import io.jsonwebtoken.jjwtfun.service.SecretService;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
diff --git a/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/controller/DynamicJWTController.java b/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/controller/DynamicJWTController.java
@@ -31,7 +31,7 @@ public JwtResponse dynamicBuilderGeneric(@RequestBody Map<String, Object> claims
             .setClaims(claims)
             .signWith(
                 SignatureAlgorithm.HS256,
-                secretService.getHS256Secret()
+                secretService.getHS256SecretBytes()
             )
             .compact();
         return new JwtResponse(jws);
@@ -44,7 +44,7 @@ public JwtResponse dynamicBuildercompress(@RequestBody Map<String, Object> claim
             .compressWith(CompressionCodecs.DEFLATE)
             .signWith(
                 SignatureAlgorithm.HS256,
-                secretService.getHS256Secret()
+                secretService.getHS256SecretBytes()
             )
             .compact();
         return new JwtResponse(jws);
@@ -89,7 +89,7 @@ public JwtResponse dynamicBuilderSpecific(@RequestBody Map<String, Object> claim
             }
         });
 
-        builder.signWith(SignatureAlgorithm.HS256, secretService.getHS256Secret());
+        builder.signWith(SignatureAlgorithm.HS256, secretService.getHS256SecretBytes());
 
         return new JwtResponse(builder.compact());
     }
diff --git a/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/controller/StaticJWTController.java b/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/controller/StaticJWTController.java
@@ -4,7 +4,6 @@
 import io.jsonwebtoken.Jws;
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.SignatureAlgorithm;
-import io.jsonwebtoken.impl.TextCodec;
 import io.jsonwebtoken.jjwtfun.model.JwtResponse;
 import io.jsonwebtoken.jjwtfun.service.SecretService;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -35,7 +34,7 @@ public JwtResponse fixedBuilder() throws UnsupportedEncodingException {
             .setExpiration(Date.from(Instant.ofEpochSecond(4622470422L))) // Sat Jun 24 2116 15:33:42 GMT-0400 (EDT)
             .signWith(
                 SignatureAlgorithm.HS256,
-                TextCodec.BASE64.decode(secretService.getHS256Secret())
+                secretService.getHS256SecretBytes()
             )
             .compact();
 
diff --git a/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/service/SecretService.java b/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/service/SecretService.java
@@ -42,23 +42,23 @@ public Map<String, String> getSecrets() {
 
     public void setSecrets(Map<String, String> secrets) {
         Assert.notNull(secrets);
-        Assert.isTrue(secrets.get(SignatureAlgorithm.HS256.getValue()) != null);
-        Assert.isTrue(secrets.get(SignatureAlgorithm.HS384.getValue()) != null);
-        Assert.isTrue(secrets.get(SignatureAlgorithm.HS512.getValue()) != null);
+        Assert.hasText(secrets.get(SignatureAlgorithm.HS256.getValue()));
+        Assert.hasText(secrets.get(SignatureAlgorithm.HS384.getValue()));
+        Assert.hasText(secrets.get(SignatureAlgorithm.HS512.getValue()));
 
         this.secrets = secrets;
     }
 
-    public String getHS256Secret() {
-        return secrets.get(SignatureAlgorithm.HS256.getValue());
+    public byte[] getHS256SecretBytes() {
+        return TextCodec.BASE64.decode(secrets.get(SignatureAlgorithm.HS256.getValue()));
     }
 
-    public String getHS384Secret() {
-        return secrets.get(SignatureAlgorithm.HS384.getValue());
+    public byte[] getHS384SecretBytes() {
+        return TextCodec.BASE64.decode(secrets.get(SignatureAlgorithm.HS384.getValue()));
     }
 
-    public String getHS512Secret() {
-        return secrets.get(SignatureAlgorithm.HS512.getValue());
+    public byte[] getHS512SecretBytes() {
+        return TextCodec.BASE64.decode(secrets.get(SignatureAlgorithm.HS384.getValue()));
     }
 
 
diff --git a/jjwt/src/test/java/io/jsonwebtoken/jjwtfun/DemoApplicationTests.java b/jjwt/src/test/java/io/jsonwebtoken/jjwtfun/DemoApplicationTests.java
@@ -11,8 +11,8 @@
 @WebAppConfiguration
 public class DemoApplicationTests {
 
-	@Test
-	public void contextLoads() {
-	}
+    @Test
+    public void contextLoads() {
+    }
 
 }

Original file line number	Diff line number	Diff line change
`@@ -16,6 +16,6 @@ public class CSRFConfig {`
`16`	`16`	`@Bean`
`17`	`17`	`@ConditionalOnMissingBean`
`18`	`18`	`public CsrfTokenRepository jwtCsrfTokenRepository() {`
`19`		`- return new JWTCsrfTokenRepository(secretService.getHS256Secret());`
	`19`	`+ return new JWTCsrfTokenRepository(secretService.getHS256SecretBytes());`
`20`	`20`	`}`
`21`	`21`	`}`
Original file line number	Diff line number	Diff line change
`@@ -31,7 +31,7 @@ public JwtResponse dynamicBuilderGeneric(@RequestBody Map<String, Object> claims`
`31`	`31`	`.setClaims(claims)`
`32`	`32`	`.signWith(`
`33`	`33`	`SignatureAlgorithm.HS256,`
`34`		`- secretService.getHS256Secret()`
	`34`	`+ secretService.getHS256SecretBytes()`
`35`	`35`	`)`
`36`	`36`	`.compact();`
`37`	`37`	`return new JwtResponse(jws);`
`@@ -44,7 +44,7 @@ public JwtResponse dynamicBuildercompress(@RequestBody Map<String, Object> claim`
`44`	`44`	`.compressWith(CompressionCodecs.DEFLATE)`
`45`	`45`	`.signWith(`
`46`	`46`	`SignatureAlgorithm.HS256,`
`47`		`- secretService.getHS256Secret()`
	`47`	`+ secretService.getHS256SecretBytes()`
`48`	`48`	`)`
`49`	`49`	`.compact();`
`50`	`50`	`return new JwtResponse(jws);`
`@@ -89,7 +89,7 @@ public JwtResponse dynamicBuilderSpecific(@RequestBody Map<String, Object> claim`
`89`	`89`	`}`
`90`	`90`	`});`
`91`	`91`
`92`		`- builder.signWith(SignatureAlgorithm.HS256, secretService.getHS256Secret());`
	`92`	`+ builder.signWith(SignatureAlgorithm.HS256, secretService.getHS256SecretBytes());`
`93`	`93`
`94`	`94`	`return new JwtResponse(builder.compact());`
`95`	`95`	`}`