spring-boot-3-jwt-security icon indicating copy to clipboard operation
spring-boot-3-jwt-security copied to clipboard
verified publisher icon ali-bouali

JwtService get all claims

Open DevRuibin opened this issue 1 year ago • 3 comments

The method extractAllClaims includes method parseSignedClaims which will throw exception if the token has expired. There is another function to check if the token has expired. it will return true if it doesn't expire. For other claims we want to extract, it doesn't work unless the token doesn't expire. I think this is not so correct in the scenario where I just need to extract claims without checking if it is valid or not.

DevRuibin avatar Feb 25 '24 11:02 DevRuibin

Hi @DevRuibin ,

You are indeed right. The exceptions aren't properly caught.

I have rebuild this repository in a proper manner and added coding standards to it, you can find the repository here: https://github.com/spring-boot-react/full-stack-spring-boot-security-jwt-postgresql-docker-nextjs

The extractClaim method is changed to:

 private <T> T extractClaim(String jwt, Function<Claims, T> claimsResolver) {
    try {
      return claimsResolver.apply(extractAllClaims(jwt));
    } catch (SignatureException e) {
      log.error("Invalid signature: " + e.getMessage());
    } catch (MalformedJwtException e) {
      log.error("Malformed JWT: " + e.getMessage());
    } catch (ExpiredJwtException e) {
      log.error("Expired JWT: " + e.getMessage());
    } catch (UnsupportedJwtException e) {
      log.error("Unsupported JWT: " + e.getMessage());
    }
    return null;
  }

I am currently building a frontend in Next.js 14, which will be committed in the coming week.

ghost avatar Mar 14 '24 08:03 ghost

para las personas que lo quieran en español


private <T> T extractClaim(String jwt, Function<Claims, T> claimsResolver) {
    try {
        return claimsResolver.apply(extractAllClaims(jwt));
    } catch (SignatureException e) {
        log.error("Firma inválida: " + e.getMessage());
    } catch (MalformedJwtException e) {
        log.error("JWT mal formado: " + e.getMessage());
    } catch (ExpiredJwtException e) {
        log.error("JWT expirado: " + e.getMessage());
    } catch (UnsupportedJwtException e) {
        log.error("JWT no compatible: " + e.getMessage());
    }
    return null;
}

JavieSanchezB avatar Mar 15 '24 15:03 JavieSanchezB

@JavieSanchezB ,

Please be informed that the translation i18n implementation is completed in repository: https://github.com/spring-boot-react/full-stack-spring-boot-security-jwt-postgresql-docker-nextjs

By adding another resource bundle within the resources > i18n folder, you are able to add messages in your preferred language. In this case what you could do is the following:

  • add messages_es.properties to the resource bundle
  • copy the key value pairs from another message bundle and change the values to Spanish
  • change the preferred logging language within the .env file to es
  • start the application
  • use an invalid JWT with one of your request and view the result within your terminal

Please do let me know what you think of the implementation.

ghost avatar Mar 16 '24 09:03 ghost