add PrivateJwtService

README.md

@@ -2,6 +2,16 @@
 
 In quiet chambers of learning, where minds are aglow, A ledger of endorsements, the authenticity to bestow. Each certificate approved, with scrutiny and might, Their legitimacy confirmed, in the light of day and night. From manuscripts to databases, knowledge is refined, Librarians and experts, their judgment to define. The Approval Archive, a sacred trust to hold, A testament to credentials, where merit is told.
 
+## Properties
+
+The following properties can be used to configure the deployment of your application. If specified, these properties will load their respective services.
+
+| name            | info                                                                                                                                       |
+|-----------------|--------------------------------------------------------------------------------------------------------------------------------------------|
+| jwt.private-key | Location of the private key file. If specified, the `PrivateJwtService` will be loaded with the provided private key for signing purposes. |
+
+**Note:** The `jwt.private-key` property is optional and corresponds to the `PrivateJwtService`. If specified, this service will be loaded for signing purposes.
+
 ## Releasing library
 
 Run `release.sh` script from `master` branch.

src/main/kotlin/ltd/hlaeja/jwt/service/PrivateJwtService.kt

@@ -0,0 +1,26 @@
+package ltd.hlaeja.jwt.service
+
+import io.jsonwebtoken.Jwts
+import java.security.interfaces.RSAPrivateKey
+import ltd.hlaeja.jwt.util.PrivateKeyProvider
+import org.springframework.beans.factory.annotation.Value
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty
+import org.springframework.stereotype.Service
+
+@Service
+@ConditionalOnProperty(prefix = "jwt", name = ["private-key"])
+class PrivateJwtService(
+    @Value("\${jwt.private-key}") jwtPrivateKey: String,
+) {
+
+    private var privateKey: RSAPrivateKey = PrivateKeyProvider.load(jwtPrivateKey)
+
+    fun sign(
+        vararg claim: Pair<String, Any>,
+    ): String = Jwts.builder()
+        .claims()
+        .also { claims -> claim.forEach { claims.add(it.first, it.second) } }
+        .and()
+        .signWith(privateKey)
+        .compact()
+}

src/test/kotlin/ltd/hlaeja/jwt/service/PrivateJwtServiceTest.kt

@@ -0,0 +1,54 @@
+package ltd.hlaeja.jwt.service
+
+import java.util.Base64
+import org.assertj.core.api.Assertions.assertThat
+import org.junit.jupiter.api.BeforeEach
+import org.junit.jupiter.api.Test
+
+class PrivateJwtServiceTest {
+
+    private lateinit var service: PrivateJwtService
+
+    @BeforeEach
+    fun setup() {
+        service = PrivateJwtService("cert/valid-private-key.pem")
+    }
+
+    @Test
+    fun `make token with claims`() {
+        // given
+        val claim1 = "claim1" to "value1"
+        val claim2 = "claim2" to 123
+
+        // when
+        val token = service.sign(claim1, claim2)
+
+        // then
+        assertThat(token).isNotEmpty()
+
+        val parts = token.split("\\.".toRegex())
+        assertThat(parts).hasSize(3)
+
+        val header = String(Base64.getDecoder().decode(parts[0]))
+        val payload = String(Base64.getDecoder().decode(parts[1]))
+        assertThat(header).contains("RS256")
+        assertThat(payload).contains("\"claim1\":\"value1\"", "\"claim2\":123")
+    }
+
+    @Test
+    fun `make token with no claims`() {
+        // when
+        val token = service.sign()
+
+        // then
+        assertThat(token).isNotEmpty()
+
+        val parts = token.split("\\.".toRegex())
+        assertThat(parts).hasSize(3)
+
+        val header = String(Base64.getDecoder().decode(parts[0]))
+        val payload = String(Base64.getDecoder().decode(parts[1]))
+        assertThat(header).contains("RS256")
+        assertThat(payload).isEmpty()
+    }
+}