@HiveWebsocketAuth @PreAuthorize("permitAll") public void processRefresh(JsonObject request, WebSocketSession session) throws IOException { if (request.get("refreshToken") == null) { logger.warn("JwtToken: payload was not found"); throw new HiveException(Messages.PAYLOAD_NOT_FOUND, SC_BAD_REQUEST); } JwtRefreshTokenVO refreshTokenVO = new JwtRefreshTokenVO(); refreshTokenVO.setRefreshToken(request.get("refreshToken").getAsString()); String refreshTokenStr = gson.toJson(refreshTokenVO); JwtTokenVO jwtToken = null; try { jwtToken = httpRestHelper.post(authBaseUrl + "/token/refresh", refreshTokenStr, JwtTokenVO.class, null); } catch (ServiceUnavailableException e) { throw new HiveException(e.getMessage(), SC_SERVICE_UNAVAILABLE); } WebSocketResponse response = new WebSocketResponse(); response.addValue("accessToken", jwtToken.getAccessToken()); clientHandler.sendMessage(request, response, session); } }
@Override public Response refreshTokenRequest(JwtRefreshTokenVO requestTokenVO) { hiveValidator.validate(requestTokenVO); JwtPayload payload; try { payload = tokenService.getPayload(requestTokenVO.getRefreshToken()); } catch (JwtException e) { logger.error(e.getMessage()); return ResponseFactory.response(UNAUTHORIZED); } if (!payload.getTokenType().equals(TokenType.REFRESH.getId())) { logger.warn("JwtToken: refresh token is not valid"); return ResponseFactory.response(UNAUTHORIZED, new ErrorResponse(UNAUTHORIZED.getStatusCode(), INVALID_TOKEN_TYPE)); } if (payload.getExpiration().before(timestampService.getDate())) { logger.warn("JwtToken: refresh token has expired"); return ResponseFactory.response(UNAUTHORIZED, new ErrorResponse(UNAUTHORIZED.getStatusCode(), EXPIRED_TOKEN)); } return payload.isUserPayload() ? getRefreshResponse((JwtUserPayload) payload) : getRefreshResponse((JwtPluginPayload) payload); }