public JwtPluginPayloadBuilder withPayload(JwtPluginPayload payload) { this.actions = payload.getActions(); this.topic = payload.getTopic(); this.withExpirationDate(payload.getExpiration()); return this; }
public Builder withPayload(JwtUserPayloadView<T> payload) { this.userId = payload.getUserId(); this.actions = payload.getActions(); this.networkIds = payload.getNetworkIds(); this.deviceTypeIds = payload.getDeviceTypeIds(); this.expiration = payload.getExpiration(); this.refreshExpiration = payload.getRefreshExpiration(); return this; }
public JwtPluginPayload buildPayload() { return new JwtPluginPayload(actions, topic, expiration, tokenType); } }
/** * Generates a JWT plugin token containing all needed claims. These properties are taken from the specified * JwtUserPayload object. * * @param payload the payload entity with which the token will be generated * @return the JWT plugin token */ public String generateToken(JwtPluginPayload payload, TokenType tokenType, boolean useExpiration) { long maxAge = tokenType.equals(TokenType.ACCESS) ? accessTokenMaxAge : refreshTokenMaxAge; Date expiration = useExpiration && payload.getExpiration() != null ? payload.getExpiration() : timestampService.getDate(System.currentTimeMillis() + maxAge); JwtPluginPayload generatedPayload = (JwtPluginPayload) JwtPluginPayload.newBuilder() .withPayload(payload) .withExpirationDate(expiration) .withTokenType(tokenType.getId()) .buildPayload(); Map<String, Object> jwtMap = new HashMap<>(); jwtMap.put(JwtUserPayload.JWT_CLAIM_KEY, generatedPayload); Claims claims = Jwts.claims(jwtMap); return Jwts.builder() .setClaims(claims) .signWith(SignatureAlgorithm.HS256, jwtSecretService.getJwtSecret()) .compact(); }
/** * Generates a JWT token containing all needed claims. These properties are taken from the specified * JwtUserPayload object. * * @param payload the payload entity with which the token will be generated * @return the JWT token */ public String generateToken(JwtUserPayload payload, TokenType tokenType, boolean useExpiration) { long maxAge = tokenType.equals(TokenType.ACCESS) ? accessTokenMaxAge : refreshTokenMaxAge; Date expiration = useExpiration && payload.getExpiration() != null ? payload.getExpiration() : timestampService.getDate(System.currentTimeMillis() + maxAge); JwtUserPayload generatedPayload = JwtUserPayload.newBuilder() .withPayload(payload) .withExpirationDate(expiration) .withTokenType(tokenType.getId()) .buildPayload(); Map<String, Object> jwtMap = new HashMap<>(); jwtMap.put(JwtUserPayload.JWT_CLAIM_KEY, generatedPayload); Claims claims = Jwts.claims(jwtMap); return Jwts.builder() .setClaims(claims) .signWith(SignatureAlgorithm.HS256, jwtSecretService.getJwtSecret()) .compact(); }
@Override public Response tokenRequest(JwtUserPayloadView payloadView) { JwtUserPayload payload = payloadView.convertTo(); hiveValidator.validate(payload); JwtTokenVO responseTokenVO = new JwtTokenVO(); UserVO user = userService.findById(payload.getUserId()); if (user == null) { logger.warn(String.format(USER_NOT_FOUND, payload.getUserId())); return ResponseFactory.response(NOT_FOUND, new ErrorResponse(NOT_FOUND.getStatusCode(), String.format(USER_NOT_FOUND, payload.getUserId()))); } if (!user.getStatus().equals(UserStatus.ACTIVE)) { logger.warn("JwtToken: User with specified id {} is not active", payload.getUserId()); return ResponseFactory.response(FORBIDDEN, new ErrorResponse(FORBIDDEN.getStatusCode(), USER_NOT_ACTIVE)); } logger.debug("JwtToken: generate access and refresh token"); JwtUserPayload.JwtUserPayloadBuilder refreshPayload = JwtUserPayload.newBuilder().withPayload(payload); if (payloadView.getRefreshExpiration() != null) { refreshPayload.withExpirationDate(payloadView.getRefreshExpiration()); } responseTokenVO.setAccessToken(tokenService.generateJwtAccessToken(payload, true)); responseTokenVO.setRefreshToken(tokenService.generateJwtRefreshToken(refreshPayload.buildPayload(), true)); return ResponseFactory.response(CREATED, responseTokenVO, JsonPolicyDef.Policy.JWT_REFRESH_TOKEN_SUBMITTED); }
public JwtUserPayloadBuilder withPayload(JwtUserPayload payload) { this.userId = payload.getUserId(); this.actions = payload.getActions(); this.networkIds = payload.getNetworkIds(); this.deviceTypeIds = payload.getDeviceTypeIds(); this.expiration = payload.getExpiration(); return this; }
@Cacheable("user-payload") @SuppressWarnings("unchecked") public JwtUserPayload getUserPayload(String jwtToken) { LinkedHashMap<String, Object> payloadMap = getPayloadMap(jwtToken); Long userId = Optional.ofNullable(payloadMap.get(JwtUserPayload.USER_ID)) .map(id -> Long.valueOf(id.toString())) .orElseThrow(() -> new IllegalArgumentException("Not a user payload")); JwtUserPayload.JwtUserPayloadBuilder jwtUserPayloadBuilder = new JwtUserPayload.JwtUserPayloadBuilder() .withUserId(userId); Optional.ofNullable((ArrayList<String>) payloadMap.get(JwtUserPayload.NETWORK_IDS)) .ifPresent(networkIds -> jwtUserPayloadBuilder.withNetworkIds(new HashSet<>(networkIds))); Optional.ofNullable((ArrayList<Integer>) payloadMap.get(JwtUserPayload.ACTIONS)) .ifPresent(actions -> jwtUserPayloadBuilder.withActions(new HashSet<>(actions))); Optional.ofNullable((ArrayList<String>) payloadMap.get(JwtUserPayload.DEVICE_TYPE_IDS)) .ifPresent(deviceTypeIds -> jwtUserPayloadBuilder.withDeviceTypeIds(new HashSet<>(deviceTypeIds))); return (JwtUserPayload) getJwtPayload(jwtUserPayloadBuilder, payloadMap); }
jwtPluginPayload.getTokenType().equals(TokenType.REFRESH.getId())) { logger.warn(INVALID_TOKEN_TYPE); return ResponseFactory.response(UNAUTHORIZED, new ErrorResponse(UNAUTHORIZED.getStatusCode(), INVALID_TOKEN_TYPE)); if (jwtPluginPayload.getExpiration() != null && jwtPluginPayload.getExpiration().before(timestampService.getDate())) { logger.warn(EXPIRED_TOKEN); return ResponseFactory.response(UNAUTHORIZED, if (jwtPluginPayload.getTopic() != null) { PluginVO pluginVO = pluginService.findByTopic(jwtPluginPayload.getTopic()); if (pluginVO == null) { logger.warn(PLUGIN_NOT_FOUND);
@Override public Response refreshTokenRequest(JwtRefreshTokenVO requestTokenVO) { hiveValidator.validate(requestTokenVO); JwtPayload payload; try { payload = tokenService.getPayload(requestTokenVO.getRefreshToken()); } catch (JwtException e) { logger.error(e.getMessage()); return ResponseFactory.response(UNAUTHORIZED); } if (!payload.getTokenType().equals(TokenType.REFRESH.getId())) { logger.warn("JwtToken: refresh token is not valid"); return ResponseFactory.response(UNAUTHORIZED, new ErrorResponse(UNAUTHORIZED.getStatusCode(), INVALID_TOKEN_TYPE)); } if (payload.getExpiration().before(timestampService.getDate())) { logger.warn("JwtToken: refresh token has expired"); return ResponseFactory.response(UNAUTHORIZED, new ErrorResponse(UNAUTHORIZED.getStatusCode(), EXPIRED_TOKEN)); } return payload.isUserPayload() ? getRefreshResponse((JwtUserPayload) payload) : getRefreshResponse((JwtPluginPayload) payload); }
@Cacheable("plugin-payload") @SuppressWarnings("unchecked") public JwtPluginPayload getPluginPayload(String jwtToken) { LinkedHashMap<String, Object> payloadMap = getPayloadMap(jwtToken); String topic = Optional.ofNullable((String)payloadMap.get(JwtPluginPayload.TOPIC)) .orElseThrow(() -> new IllegalArgumentException("Not a plugin payload")); JwtPluginPayload.JwtPluginPayloadBuilder jwtPluginPayloadBuilder = new JwtPluginPayload.JwtPluginPayloadBuilder() .withTopic(topic); Optional.ofNullable((ArrayList<Integer>) payloadMap.get(JwtUserPayload.ACTIONS)) .ifPresent(actions -> jwtPluginPayloadBuilder.withActions(new HashSet<>(actions))); return (JwtPluginPayload) getJwtPayload(jwtPluginPayloadBuilder, payloadMap); }
private JwtPayload getJwtPayload(JwtPayload.JwtPayloadBuilder jwtPayloadBuilder, LinkedHashMap<String, Object> payloadMap) { Optional<Long> expiration = Optional.ofNullable((Long)payloadMap.get(EXPIRATION)); Optional<Integer> tokenType = Optional.ofNullable((Integer) payloadMap.get(TOKEN_TYPE)); if (!tokenType.isPresent() && !expiration.isPresent()) { throw new MalformedJwtException("Token type and expiration date should be provided in the token"); } else { if (tokenType.isPresent()) jwtPayloadBuilder.withTokenType(tokenType.get()); else throw new MalformedJwtException("Token type should be provided in the token"); if (expiration.isPresent()) jwtPayloadBuilder.withExpirationDate(new Date(expiration.get())); else throw new MalformedJwtException("Expiration date should be provided in the token"); return jwtPayloadBuilder.buildPayload(); } }
private Response getRefreshResponse(JwtUserPayload payload) { UserVO user = userService.findById(payload.getUserId()); if (user == null) { logger.warn("JwtToken: User not found"); return ResponseFactory.response(UNAUTHORIZED); } if (!user.getStatus().equals(UserStatus.ACTIVE)) { logger.warn("JwtToken: User is not active"); return ResponseFactory.response(UNAUTHORIZED); } JwtTokenVO responseTokenVO = new JwtTokenVO(); responseTokenVO.setAccessToken(tokenService.generateJwtAccessToken(payload, false)); userService.refreshUserLoginData(user); logger.debug("JwtToken: access token successfully generated with refresh token"); return ResponseFactory.response(CREATED, responseTokenVO, JsonPolicyDef.Policy.JWT_ACCESS_TOKEN_SUBMITTED); }
public static JwtPluginPayloadBuilder newBuilder() { return new JwtPluginPayloadBuilder(); }
public static JwtUserPayloadBuilder newBuilder() { return new JwtUserPayloadBuilder(); }
public JwtUserPayload buildPayload() { return new JwtUserPayload(userId, actions, networkIds, deviceTypeIds, expiration, tokenType); } }
public JwtUserPayloadView<T> buildPayload() { return new JwtUserPayloadView<T>(userId, actions, networkIds, deviceTypeIds, expiration, refreshExpiration, tokenType); } }
public static Builder newBuilder() { return new Builder(); }
private JwtTokenVO createPluginTokens(String topicName, String authorization) { JwtPluginPayload jwtPluginPayload = new JwtPluginPayload(Collections.singleton(MANAGE_PLUGIN.getId()), topicName, null, null); JwtTokenVO jwtToken = null; try { jwtToken = httpRestHelper.post(authBaseUrl + "/token/plugin/create", gson.toJson(jwtPluginPayload), JwtTokenVO.class, authorization); } catch (ServiceUnavailableException e) { logger.error("Authentication service is not available"); throw new HiveException(e.getMessage(), SERVICE_UNAVAILABLE.getStatusCode()); } return jwtToken; }