JwtTokenAuthenticationFilter (qlack-fuse-security 3.3.0 API)

java.lang.Object
- org.springframework.web.filter.GenericFilterBean
- - org.springframework.web.filter.OncePerRequestFilter
  - - com.eurodyn.qlack.fuse.security.filters.JwtTokenAuthenticationFilter

All Implemented Interfaces:

javax.servlet.Filter, org.springframework.beans.factory.Aware, org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean, org.springframework.context.EnvironmentAware, org.springframework.core.env.EnvironmentCapable, org.springframework.web.context.ServletContextAware
```
public class JwtTokenAuthenticationFilter
extends org.springframework.web.filter.OncePerRequestFilter
```
An implementation of a filter that runs at least once in every request. It checks if there is a header that contains a JWT. If exists

Author:

EUROPEAN DYNAMICS SA

Field Summary
- Fields inherited from class org.springframework.web.filter.OncePerRequestFilter
  ALREADY_FILTERED_SUFFIX
- Fields inherited from class org.springframework.web.filter.GenericFilterBean
  logger

Constructor Summary

Constructors
Constructor and Description

JwtTokenAuthenticationFilter()

Constructors
Constructor and Description
`JwtTokenAuthenticationFilter()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`afterPropertiesSet()`
`protected void`	`doFilterInternal(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, javax.servlet.FilterChain filterChain)`
`protected void`	`handleNonce(javax.servlet.http.HttpServletRequest request, org.springframework.security.core.Authentication authentication)` Handles nonce functionality.
`boolean`	`isRequireNonce()`
`void`	`setRequireNonce(boolean requireNonce)`

Methods inherited from class org.springframework.web.filter.OncePerRequestFilter
doFilter, doFilterNestedErrorDispatch, getAlreadyFilteredAttributeName, isAsyncDispatch, isAsyncStarted, shouldNotFilter, shouldNotFilterAsyncDispatch, shouldNotFilterErrorDispatch

Methods inherited from class org.springframework.web.filter.GenericFilterBean
addRequiredProperty, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - JwtTokenAuthenticationFilter
```
public JwtTokenAuthenticationFilter()
```
- Method Detail
  - afterPropertiesSet
```
public void afterPropertiesSet()
```
    Specified by:
    
    afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean
    
    Overrides:
    
    afterPropertiesSet in class org.springframework.web.filter.GenericFilterBean
  - doFilterInternal
```
protected void doFilterInternal(javax.servlet.http.HttpServletRequest request,
                                javax.servlet.http.HttpServletResponse response,
                                javax.servlet.FilterChain filterChain)
                         throws javax.servlet.ServletException,
                                IOException
```
    Specified by:
    
    doFilterInternal in class org.springframework.web.filter.OncePerRequestFilter
    
    Throws:
    
    javax.servlet.ServletException
    
    IOException
  - isRequireNonce
```
public boolean isRequireNonce()
```
  - setRequireNonce
```
public void setRequireNonce(boolean requireNonce)
```
  - handleNonce
```
protected void handleNonce(javax.servlet.http.HttpServletRequest request,
                           org.springframework.security.core.Authentication authentication)
```
    Handles nonce functionality. The current implementation requires a mandatory request header (or parameter) that should be unique for every request per user. It uses the configured cache implementation to blacklist nonce values by user and creates a different cache for each user. The nonce value is expected to be in this format: N = n || h(n || p), where: N = nonce n = client generated random UUID h = hash function (e.g. SHA-256) p = hashed user password retrieved from cache or database || = the concatenation symbol
    
    Parameters:
    
    request - HTTP request to acquire the nonce value (from header or parameter)
    
    authentication - Authentication object with user details

Class JwtTokenAuthenticationFilter

Field Summary

Fields inherited from class org.springframework.web.filter.OncePerRequestFilter

Fields inherited from class org.springframework.web.filter.GenericFilterBean

Constructor Summary

Method Summary

Methods inherited from class org.springframework.web.filter.OncePerRequestFilter

Methods inherited from class org.springframework.web.filter.GenericFilterBean

Methods inherited from class java.lang.Object

Constructor Detail

JwtTokenAuthenticationFilter

Method Detail

afterPropertiesSet

doFilterInternal

isRequireNonce

setRequireNonce

handleNonce