{"id":22191649,"url":"https://github.com/leosimoes/java-spring-jjwt","last_synced_at":"2026-05-16T08:33:26.528Z","repository":{"id":230920077,"uuid":"780458439","full_name":"leosimoes/Java-Spring-JJWT","owner":"leosimoes","description":"Java project with Spring and Gradle for authentication using Java JSON Web Token (JJWT).","archived":false,"fork":false,"pushed_at":"2024-04-04T17:24:40.000Z","size":2173,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-03-24T20:43:37.476Z","etag":null,"topics":["autentication","authorization","java","jwt","spring"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/leosimoes.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-04-01T14:25:31.000Z","updated_at":"2024-04-02T21:55:06.000Z","dependencies_parsed_at":"2025-03-24T20:43:39.530Z","dependency_job_id":"aa903970-50fb-41fd-a026-0e3b70aab01c","html_url":"https://github.com/leosimoes/Java-Spring-JJWT","commit_stats":null,"previous_names":["leosimoes/java-spring-jjwt"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/leosimoes/Java-Spring-JJWT","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leosimoes%2FJava-Spring-JJWT","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leosimoes%2FJava-Spring-JJWT/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leosimoes%2FJava-Spring-JJWT/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leosimoes%2FJava-Spring-JJWT/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/leosimoes","download_url":"https://codeload.github.com/leosimoes/Java-Spring-JJWT/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leosimoes%2FJava-Spring-JJWT/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":263687149,"owners_count":23496088,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["autentication","authorization","java","jwt","spring"],"created_at":"2024-12-02T12:17:04.752Z","updated_at":"2026-05-16T08:33:21.487Z","avatar_url":"https://github.com/leosimoes.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Spring Security - Java JSON Web Token (JJWT)\nJava project with Spring and Gradle for authentication using Java JSON Web Token (JJWT).\n\n![Img-14-UML-Classes-Total](images/Img-14-UML-Classes-Total.png)\n\n\n## Steps\nThe steps of project implementation:\n\n1. Create project (in IntelliJ) with:\n- Java language (17);\n- Spring Framework (6.2.3);\n- Dependencies: Web, Security, DevTools, JPA, H2, Lombok, Actuator, Validation.\n\n![Image-01-IntelliJ](images/Img-01-IntelliJ.png)\n\n2. Add Auth0 java-jwt dependency obtained from\n   [Maven Repository](https://mvnrepository.com/artifact/com.auth0/java-jwt/4.4.0)\n   for the `build.gradle` (or `pom.xml`) file:\n\n```groovy\nimplementation group: 'com.auth0', name: 'java-jwt', version: '4.4.0'\n```\nor\n```groovy\nimplementation 'com.auth0:java-jwt:4.4.0'\n```\nor\n```xml\n\u003cdependency\u003e\n    \u003cgroupId\u003ecom.auth0\u003c/groupId\u003e\n    \u003cartifactId\u003ejava-jwt\u003c/artifactId\u003e\n    \u003cversion\u003e4.4.0\u003c/version\u003e\n\u003c/dependency\u003e\n```\n\n3. Add datasource, jpa and h2 settings in `application.properties`:\n\n```properties\n# ===================================================================\n#                   APPLICATION\n# ===================================================================\nspring.application.name=Java-Spring-JJWT\n# ===================================================================\n#                   DATASOURCE AND H2 DATABASE\n# ===================================================================\n# H2 - Datasource\nspring.datasource.url=jdbc:h2:mem:jjwtapp\nspring.datasource.driverClassName=org.h2.Driver\nspring.datasource.username=admin\nspring.datasource.password=admin\n# H2 - Console\nspring.h2.console.enabled=true\nspring.h2.console.path=/h2\n# Hibernate\n# spring.jpa.database-platform=org.hibernate.dialect.H2Dialect\n#spring.jpa.hibernate.ddl-auto=create-drop\nspring.jpa.hibernate.ddl-auto=update\n# http://localhost:8080/h2/\n```\n\n4. Add `Role` Enum which can be `ROLE_USER` or `ROLE_ADMIN`:\n\n![Img-02-Role](images/Img-02-Role.png)\n\n5. Add `JJWTUser` Class:\n- annotated with `@Entity`, `@Table(name=\"jjwt_users\")`, `@Data`, `@NoArgsConstructor`, `@AllArgsConstructor`;\n- with attributes `id`, `name`, `login`, `password`, `roles`.\n\n![Img-03-JJWTUser](images/Img-03-JJWTUser.png)\n\n6. Add `JJWTUserRepository` Interface:\n- annotated with `@Repository`;\n- extends `JpaRepository\u003cJJWTUser, String\u003e`;\n- has the method `Optional\u003cJJWTUser\u003e findByLogin(String login)`;\n\n![Img-04-JJWTRepository](images/Img-04-JJWTRepository.png)\n\n7. Add a value for `api.security.token.secret` in `application.properties`:\n\n```properties\n# ===================================================================\n#                   SECURITY\n# ===================================================================\napi.security.token.secret=chaveSecreta\n```\n\n8. Add `JJWTTokenService` Class:\n- in the `security` package;\n- with the attributes `secret`, `ISSUER`, `EXPIRATION_HOURS` and `ZONE_OFFSET`;\n- with the private methods `Instant calculateExpiration()` and `Algorithm getAlgorithm()`;\n- with public methods `String generateToken(JJWTUser jjwtUser)` and `String validateToken(String token)`.\n\n![Img-05-JJWTTokenService](images/Img-05-JJWTTokenService.png)\n\n9. Add `JJWTUserDetailsService` Class:\n- in the `security` package;\n- implements `UserDetailsService`;\n- with attribute `JJWTUserRepository jjwtUserRepository`;\n- with a constructor with the injected attribute;\n- with a public method `UserDetails loadUserByUsername(String username)`;\n- with a private method `Collection\u003c? extends GrantedAuthority\u003e mapRolesToAuthorities(Set\u003cRole\u003e roles)`.\n\n![Img-06-JJWTUserDetailsService](images/Img-06-JJWTUserDetailsService.png)\n\n10. Add `JJWTSecurityFilter` Class:\n- in the `security` package;\n- annotated with `@Component`;\n- extends `OncePerRequestFilter`;\n- with attributes `jjwtTokenService` and `jjwtUserDetailsService`;\n- with a constructor with injected attributes;\n- with a protected method `void doFilterInternal()`;\n- with a private method `String recoverToken(HttpServletRequest request)`.\n\n![Img-07-JJWTSecurityFilter](images/Img-07-JJWTSecurityFilter.png)\n\n11. Add `JJWTSecurityConfig` Class:\n- in the `security` package;\n- annotated with `@Configuration`, `@EnableWebSecurity`;\n- with attributes `jjwtSecurityFilter` and `jjwtUserDetailsService`;\n- with a constructor with injected attributes;\n- with the public methods `SecurityFilterChain securityFilterChain`, `PasswordEncoder passwordEncoder()`,\n  `AuthenticationManager authenticationManager` annotated with `@Bean`;\n\n![Img-08-JJWTSecurityConfig](images/Img-08-JJWTSecurityConfig.png)\n\n12. Add records DTOs:\n- in the `dtos` package;\n- `LoginRequestDTO` contains `login` and `password`;\n- `LoginResponseDTO` contains `name` and `token`;\n- `RegisterRequestDTO` contains `name`, `login` and `password`;\n- `RegisterResponseDTO` contains `name` and `token`.\n\n![Img-09-RequestResponseDTO](images/Img-09-RequestResponseDTO.png)\n\n13. Add `AuthService` Interface:\n- in the `services` package;\n- with methods `LoginResponseDTO login(LoginRequestDTO loginRequestDTO)` and\n  `RegisterResponseDTO register(RegisterRequestDTO registerRequestDTO)`.\n\n14. Add `AuthServiceImpl` Class:\n- in the `services` package;\n- annotated with `@Service`;\n- implements `AuthService`;\n- with attributes `PasswordEncoder passwordEncoder`, `JJWTUserRepository jjwtUserRepository` and\n  `JJWTTokenService jjwtTokenService`;\n- with a constructor with injected attributes;\n\n![Img-10-AuthServiceImpl](images/Img-10-AuthServiceImpl.png)\n\n15. Add `AuthController` Class:\n- in the `controllers` package;\n- annotated with `@RestController` and `@RequestMapping(\"/auth\")`;\n- with the `AuthService authService` attribute;\n- with a constructor with the injected attribute;\n- with the methods:\n    * `ResponseEntity\u003cLoginResponseDTO\u003e login(@RequestBody LoginRequestDTO loginRequestDTO)` to `@PostMapping(\"/login\")`;\n    * `ResponseEntity\u003cRegisterResponseDTO\u003e register(@RequestBody RegisterRequestDTO registerRequestDTO)` for\n      `@PostMapping(\"/register\")`.\n    * `ResponseEntity\u003cString\u003e authenticatedUsers()` for `@GetMapping(\"/users\")`;\n    * `ResponseEntity\u003cString\u003e authenticatedAdmins()` for `@GetMapping(\"/admins\")`.\n  \n![Img-11-AuthController](images/Img-11-AuthController.png)\n\n16. Add routes and their permissions in the `securityFilterChain` method of `JJWTSecurityConfig`.\n\n17. Test routes, authentication and authorization with POSTMAN:\n\n![Img-12-Test-AuthRegister](images/Img-12-Test-AuthRegister.png)\n\n![Img-13-Test-AuthUsers](images/Img-13-Test-AuthUsers.png)\n\n\n## References\nMaven Repository - Auth0 - Java JWT:\nhttps://mvnrepository.com/artifact/com.auth0/java-jwt/4.4.0\n\nFernanda Kipper | Dev - PROJETO FULLSTACK COM LOGIN USANDO SPRING SECURITY + JWT | BACKEND:\nhttps://www.youtube.com/watch?v=tJCyNV1G0P4  |  \nhttps://github.com/Fernanda-Kipper/login-app-backend/tree/main\n\nFernanda Kipper | Dev - Autenticação e Autorização com Spring Security, JWT Tokens e Roles:\nhttps://www.youtube.com/watch?v=5w-YCcOjPD0\n\nGitBook - Auth Database - Gleyson Sampaio:\nhttps://glysns.gitbook.io/spring-framework/spring-security/auth-database\n\nGitBook - JWT - JSON Web Token - Gleyson Sampaio:\nhttps://glysns.gitbook.io/spring-framework/spring-security/spring-security-e-jwt","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fleosimoes%2Fjava-spring-jjwt","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fleosimoes%2Fjava-spring-jjwt","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fleosimoes%2Fjava-spring-jjwt/lists"}