From 776cc99104d5745702e95f239ce3771ea7787671 Mon Sep 17 00:00:00 2001
From: Manuel Spuhler <manuel.spuhler@gmail.com>
Date: Mon, 7 Oct 2019 15:59:06 +0200
Subject: [PATCH] JWT wip

---
 docker/config/application.tmpl                |  1 +
 .../java/eu/hbp/mip/controllers/JWTApi.java   | 23 ++++++++++++++-----
 2 files changed, 18 insertions(+), 6 deletions(-)

diff --git a/docker/config/application.tmpl b/docker/config/application.tmpl
index 2455c2269..0bb7a48b5 100644
--- a/docker/config/application.tmpl
+++ b/docker/config/application.tmpl
@@ -93,3 +93,4 @@ services:
   workflows:
     workflowUrl: {{ default .Env.WORKFLOW_URL "http://localhost:9090" }}
     workflowAuthorization: {{ default .Env.WORKFLOW_AUTHORIZATION "undefined" }}
+    JWTSecret: {{ default .Env.JWT_SECRET "secret" }}
diff --git a/src/main/java/eu/hbp/mip/controllers/JWTApi.java b/src/main/java/eu/hbp/mip/controllers/JWTApi.java
index 3c91544a2..bdc7b7bce 100644
--- a/src/main/java/eu/hbp/mip/controllers/JWTApi.java
+++ b/src/main/java/eu/hbp/mip/controllers/JWTApi.java
@@ -7,7 +7,10 @@ import org.springframework.http.ResponseEntity;
 import org.springframework.http.HttpStatus;
 import com.auth0.jwt.algorithms.Algorithm;
 import com.auth0.jwt.JWT;
-
+import eu.hbp.mip.model.User;
+import eu.hbp.mip.model.UserInfo;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.web.bind.annotation.*;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
@@ -19,17 +22,25 @@ public class JWTApi {
 
     private static final Logger LOGGER = LoggerFactory.getLogger(JWTApi.class);
 
+    @Autowired
+    private UserInfo userInfo;
+
+    @Value("#{'${services.workflows.JWTSecret}'}")
+    private String JWTSecret;
+
     @ApiOperation(value = "Create a JSON Web Token", response = String.class)
     @RequestMapping(method = RequestMethod.POST)
     public ResponseEntity<String> createJWT() {
 
         LOGGER.info("Create a JSON Web Token");
 
-        Algorithm algorithm = Algorithm.HMAC512("secret");
-        String token = JWT.create()
-        .withIssuer("mip.humanbrainproject.eu")
-        .withSubject("subj")
-        .sign(algorithm);
+        User user = userInfo.getUser();
+
+        Algorithm algorithm = Algorithm.HMAC512(JWTSecret);
+        String token = JWT.create().withIssuer("mip.humanbrainproject.eu").withSubject(user.getEmail()).sign(algorithm);
+
+        LOGGER.info(algorithm.toString());
+        LOGGER.info(token);
 
         return ResponseEntity.status(HttpStatus.CREATED).body(token);
     }
-- 
GitLab