Commit parziale 2

app/src/main/java/models/API/API.java

@@ -2,18 +2,19 @@
 
 import android.util.Log;
 
-import io.jsonwebtoken.Claims;
 import io.jsonwebtoken.Jwt;
 import io.jsonwebtoken.JwtParser;
 import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.io.Parser;
+import io.jsonwebtoken.security.Jwk;
+import io.jsonwebtoken.security.Jwks;
 import org.conscrypt.BuildConfig;
 import org.jetbrains.annotations.NotNull;
 import org.json.JSONException;
 import org.json.JSONObject;
 
 import java.io.IOException;
-import java.sql.Date;
-import java.time.Instant;
+import java.security.PublicKey;
 import java.util.concurrent.CompletableFuture;
 
 import okhttp3.Call;
@@ -28,6 +29,7 @@ public class API {
     private OkHttpClient client;
 
     private Jwt<?, ?> jwt;
+    private Jwk<?> jwk;
     private boolean isLogged = false;
     public static final String BASE_URL = "https://esse3.unive.it/e3rest/api/";
 
@@ -39,6 +41,32 @@ public static API getInstance(){
         return instance == null ? instance = new API() : instance;
     }
 
+
+    @NotNull
+    public static CompletableFuture<Boolean> saveJwk() {
+        Request request = new Request.Builder()
+                .url(BASE_URL + "jwt/jwk")
+                .build();
+
+        final CompletableFuture<Boolean> future = new CompletableFuture<>();
+        API.getInstance().client.newCall(request).enqueue(new Callback() {
+            @Override
+            public void onFailure(@NotNull Call call, @NotNull IOException e) {
+                future.complete(false);
+            }
+
+            @Override
+            public void onResponse(@NotNull Call call, @NotNull Response response) throws IOException {
+                Parser<Jwk<?>> parser = Jwks.parser().build();
+                API.getInstance().jwk = parser.parse(response.body().string());
+                future.complete(true);
+            }
+        });
+
+        return future;
+    }
+
+    @NotNull
     public static CompletableFuture<Boolean> login (String username, String password) {
         String auth = Credentials.basic(
                 username,
@@ -63,18 +91,34 @@ public void onResponse(@NotNull Call call, @NotNull Response response) throws IO
                 if(response.code() == 200){
                     try {
                         //log data to console
-                        System.out.println(response);
+                        Log.i("API_TAG", response.toString());
 
                         JSONObject json = new JSONObject(response.body().string());
 
+                        boolean hasJwk = false;
+                        if (API.getInstance().jwk == null) {
+                            hasJwk = API.saveJwk().join();
+                        }
+
+                        if (!hasJwk)
+                            throw new RuntimeException("Diocane");
+                        JwtParser parser = Jwts.parser()
+                                .verifyWith(API.getInstance().jwk.toKey())
+                                .build();
+
+
+
+                        try {
+                            Jwt<?, ?> j = parser.parse(json.getString("jwt"));
 
-                        JwtParser parser = Jwts.parser().build();
-                        Jwt<?, ?> j = parser.parse(json.getString("jwt"));
+                            // API.getInstance().jwt = json.getString("jwt");
+                            API.getInstance().jwt = j;
+                        } catch (Exception e) {
+                            Log.w("TAG_API", "JWT not parsed", e);
+                        }
 
 
 
-                        // API.getInstance().jwt = json.getString("jwt");
-                        API.getInstance().jwt = j;
 
 
                         // Meglio mettere qui isLogged in modo che se si lancia un'eccezione resta false