in library/src/main/java/org/apache/fineract/cn/anubis/token/SystemAccessTokenSerializer.java [80:108]
public TokenSerializationResult build(final Specification specification)
{
final long issued = System.currentTimeMillis();
if (specification.keyTimestamp == null) {
throw new IllegalArgumentException("token signature timestamp must not be null.");
}
if (specification.privateKey == null) {
throw new IllegalArgumentException("token signature privateKey must not be null.");
}
final JwtBuilder jwtBuilder =
Jwts.builder()
.setAudience(specification.targetApplicationName)
.setSubject(specification.tenant)
.claim(TokenConstants.JWT_SIGNATURE_TIMESTAMP_CLAIM, specification.keyTimestamp)
.claim(TokenConstants.JWT_CONTENT_CLAIM, specification.role)
.setIssuer(TokenType.SYSTEM.getIssuer())
.setIssuedAt(new Date(issued))
.signWith(SignatureAlgorithm.RS512, specification.privateKey);
if (specification.secondsToLive <= 0) {
throw new IllegalArgumentException("token secondsToLive must be positive.");
}
final Date expiration = new Date(issued + TimeUnit.SECONDS.toMillis(specification.secondsToLive));
jwtBuilder.setExpiration(expiration);
return new TokenSerializationResult(TokenConstants.PREFIX + jwtBuilder.compact(), expiration);
}