public JwtUserPayloadBuilder withPayload(JwtUserPayload payload) { this.userId = payload.getUserId(); this.actions = payload.getActions(); this.networkIds = payload.getNetworkIds(); this.deviceTypeIds = payload.getDeviceTypeIds(); this.expiration = payload.getExpiration(); return this; }
public JwtUserPayload buildPayload() { return new JwtUserPayload(userId, actions, networkIds, deviceTypeIds, expiration, tokenType); } }
if (jwtPayload.isUserPayload()) { JwtUserPayload userJwtPayload = (JwtUserPayload) jwtPayload; if (userJwtPayload.getUserId() != null) { userVO = userService.findById(userJwtPayload.getUserId()); if (!UserStatus.ACTIVE.equals(userVO.getStatus())) { throw new BadCredentialsException("Unauthorized: user is not active"); Set<String> networkIds = userJwtPayload.getNetworkIds(); if (networkIds != null) { if (networkIds.contains("*")) { Set<String> deviceTypeIds = userJwtPayload.getDeviceTypeIds(); if (deviceTypeIds != null) { if (deviceTypeIds.contains("*")) {
@Override public Response tokenRequest(JwtUserPayloadView payloadView) { JwtUserPayload payload = payloadView.convertTo(); hiveValidator.validate(payload); JwtTokenVO responseTokenVO = new JwtTokenVO(); UserVO user = userService.findById(payload.getUserId()); if (user == null) { logger.warn(String.format(USER_NOT_FOUND, payload.getUserId())); return ResponseFactory.response(NOT_FOUND, new ErrorResponse(NOT_FOUND.getStatusCode(), String.format(USER_NOT_FOUND, payload.getUserId()))); } if (!user.getStatus().equals(UserStatus.ACTIVE)) { logger.warn("JwtToken: User with specified id {} is not active", payload.getUserId()); return ResponseFactory.response(FORBIDDEN, new ErrorResponse(FORBIDDEN.getStatusCode(), USER_NOT_ACTIVE)); } logger.debug("JwtToken: generate access and refresh token"); JwtUserPayload.JwtUserPayloadBuilder refreshPayload = JwtUserPayload.newBuilder().withPayload(payload); if (payloadView.getRefreshExpiration() != null) { refreshPayload.withExpirationDate(payloadView.getRefreshExpiration()); } responseTokenVO.setAccessToken(tokenService.generateJwtAccessToken(payload, true)); responseTokenVO.setRefreshToken(tokenService.generateJwtRefreshToken(refreshPayload.buildPayload(), true)); return ResponseFactory.response(CREATED, responseTokenVO, JsonPolicyDef.Policy.JWT_REFRESH_TOKEN_SUBMITTED); }
/** * Generates a JWT token containing all needed claims. These properties are taken from the specified * JwtUserPayload object. * * @param payload the payload entity with which the token will be generated * @return the JWT token */ public String generateToken(JwtUserPayload payload, TokenType tokenType, boolean useExpiration) { long maxAge = tokenType.equals(TokenType.ACCESS) ? accessTokenMaxAge : refreshTokenMaxAge; Date expiration = useExpiration && payload.getExpiration() != null ? payload.getExpiration() : timestampService.getDate(System.currentTimeMillis() + maxAge); JwtUserPayload generatedPayload = JwtUserPayload.newBuilder() .withPayload(payload) .withExpirationDate(expiration) .withTokenType(tokenType.getId()) .buildPayload(); Map<String, Object> jwtMap = new HashMap<>(); jwtMap.put(JwtUserPayload.JWT_CLAIM_KEY, generatedPayload); Claims claims = Jwts.claims(jwtMap); return Jwts.builder() .setClaims(claims) .signWith(SignatureAlgorithm.HS256, jwtSecretService.getJwtSecret()) .compact(); }
private Response getRefreshResponse(JwtUserPayload payload) { UserVO user = userService.findById(payload.getUserId()); if (user == null) { logger.warn("JwtToken: User not found"); return ResponseFactory.response(UNAUTHORIZED); } if (!user.getStatus().equals(UserStatus.ACTIVE)) { logger.warn("JwtToken: User is not active"); return ResponseFactory.response(UNAUTHORIZED); } JwtTokenVO responseTokenVO = new JwtTokenVO(); responseTokenVO.setAccessToken(tokenService.generateJwtAccessToken(payload, false)); userService.refreshUserLoginData(user); logger.debug("JwtToken: access token successfully generated with refresh token"); return ResponseFactory.response(CREATED, responseTokenVO, JsonPolicyDef.Policy.JWT_ACCESS_TOKEN_SUBMITTED); }
JwtUserPayload accessPayload = JwtUserPayload.newBuilder() .withUserId(user.getId()) .withActions(actions) .buildPayload(); JwtUserPayload refreshPayload = JwtUserPayload.newBuilder().withPayload(accessPayload) .buildPayload();
public JwtUserPayload convertTo() { Set<Integer> actionIds = Optional.ofNullable(actions) .map(value -> value.stream() //Here the compatibility with old behavior is provided to ignore not valid actions .map(action -> { if (action instanceof String) { return HiveAction.fromString((String) action); } else if (action instanceof Number && ((Double) action - ((Double) action).intValue() == 0)) { return HiveAction.fromId(((Double) action).intValue()); } else throw new BadRequestException("Actions list should contain only Strings or Integers"); }) .filter(Objects::nonNull) .mapToInt(HiveAction::getId) .boxed() .collect(Collectors.toSet())) .orElse(ImmutableSet.of(NONE.getId())); return new JwtUserPayload(userId, actionIds, networkIds, deviceTypeIds, expiration, null); }