Set configurable secret for parsing.

dogeared · dogeared · commit 6a057f33b1e8 · 2016-06-27T09:21:42.000-04:00
diff --git a/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/controller/StaticJWTController.java b/jjwt/src/main/java/io/jsonwebtoken/jjwtfun/controller/StaticJWTController.java
@@ -5,6 +5,7 @@
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.SignatureAlgorithm;
 import io.jsonwebtoken.jjwtfun.model.JwtResponse;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
@@ -18,6 +19,9 @@
 @RestController
 public class StaticJWTController extends BaseController {
 
+    @Value("#{ @environment['jjwtfun.secret'] ?: 'secret' }")
+    String secret;
+
     @RequestMapping(value = "/static-builder", method = GET)
     public JwtResponse fixedBuilder() throws UnsupportedEncodingException {
 
@@ -38,10 +42,10 @@ public JwtResponse fixedBuilder() throws UnsupportedEncodingException {
     }
 
     @RequestMapping(value = "/parser", method = GET)
-    public JwtResponse fixedParser(@RequestParam String jws) throws UnsupportedEncodingException {
+    public JwtResponse parser(@RequestParam String jwt) throws UnsupportedEncodingException {
         Jws<Claims> claims = Jwts.parser()
-            .setSigningKey("secret".getBytes("UTF-8"))
-            .parseClaimsJws(jws);
+            .setSigningKey(secret.getBytes("UTF-8"))
+            .parseClaimsJws(jwt);
 
         return new JwtResponse(claims);
     }
