jomu/shared
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases 7 Activity

made JTW expiration configurable

Browse Source
This commit is contained in:
Joern Muehlencord
2019-02-18 22:17:52 +01:00
parent 70bebd4ef8
commit 7b315f6fd0
1 changed files with 297 additions and 276 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
account/src/main/java/de/muehlencord/shared/account/business/account/boundary/ApiKeyService.java
View File

@ -18,6 +18,7 @@ package de.muehlencord.shared.account.business.account.boundary;
import de.muehlencord.shared.account.business.account.control.AccountControl; import de.muehlencord.shared.account.business.account.control.AccountControl;
import de.muehlencord.shared.account.business.account.entity.AccountEntity; import de.muehlencord.shared.account.business.account.entity.AccountEntity;
import de.muehlencord.shared.account.business.account.entity.ApiKeyEntity; import de.muehlencord.shared.account.business.account.entity.ApiKeyEntity;
import de.muehlencord.shared.account.business.account.entity.ApiKeyObject;
import de.muehlencord.shared.account.business.account.entity.JWTObject; import de.muehlencord.shared.account.business.account.entity.JWTObject;
import de.muehlencord.shared.account.business.config.boundary.ConfigService; import de.muehlencord.shared.account.business.config.boundary.ConfigService;
import de.muehlencord.shared.account.business.config.entity.ConfigException; import de.muehlencord.shared.account.business.config.entity.ConfigException;
@ -71,6 +72,7 @@ public class ApiKeyService implements Serializable {
private String password; private String password;
private String issuer; private String issuer;
private Short expirationInMinutes;
@PostConstruct @PostConstruct
public void init() { public void init() {
@ -81,7 +83,8 @@ public class ApiKeyService implements Serializable {
try { try {
password = configService.getConfigValue("rest.password"); password = configService.getConfigValue("rest.password");
issuer = configService.getConfigValue("rest.issuer"); issuer = configService.getConfigValue("rest.issuer");
} catch (ConfigException ex) { expirationInMinutes = Short.parseShort(configService.getConfigValue("rest.expiration_in_minutes", "120", true));
} catch (ConfigException | NumberFormatException ex) {
if (LOGGER.isDebugEnabled()) { if (LOGGER.isDebugEnabled()) {
LOGGER.debug(ex.toString(), ex); LOGGER.debug(ex.toString(), ex);
} else { } else {
@ -89,6 +92,7 @@ public class ApiKeyService implements Serializable {
} }
password = null; password = null;
issuer = null; issuer = null;
expirationInMinutes = null;
} }
} }
@ -126,12 +130,19 @@ public class ApiKeyService implements Serializable {
@Transactional @Transactional
@Lock(LockType.WRITE) @Lock(LockType.WRITE)
public String createNewApiKey(String userName, short expirationInMinutes) throws ApiKeyException { public ApiKeyObject createNewApiKey(String userName) throws ApiKeyException {
return createNewApiKey(userName, expirationInMinutes);
}
@Transactional
@Lock(LockType.WRITE)
public ApiKeyObject createNewApiKey(String userName, short expirationInMinutes) throws ApiKeyException {
if ((password == null || issuer == null)) { if ((password == null || issuer == null)) {
LOGGER.error("password or issuer not set in, please validate configuration"); LOGGER.error("password or issuer not set in, please validate configuration");
} }
Date now = DateUtil.getCurrentTimeInUTC(); Date now = DateUtil.getCurrentTimeInUTC();
ZonedDateTime zonedDateTime = ZonedDateTime.ofInstant(now.toInstant(), ZoneId.of("UTC")); ZonedDateTime issuedOn = ZonedDateTime.ofInstant(now.toInstant(), ZoneId.of("UTC"));
ZonedDateTime expiresOn = issuedOn.plusMinutes(expirationInMinutes);
String apiKeyString = RandomStringUtils.randomAscii(50); String apiKeyString = RandomStringUtils.randomAscii(50);
ApiKeyEntity apiKey = new ApiKeyEntity(); ApiKeyEntity apiKey = new ApiKeyEntity();
@ -141,9 +152,19 @@ public class ApiKeyService implements Serializable {
apiKey.setExpiration(expirationInMinutes); apiKey.setExpiration(expirationInMinutes);
try { try {
String jwtString = JWTEncoder.encode(password, issuer, zonedDateTime, apiKey.getAccount().getUsername(), apiKey.getApiKey(), apiKey.getExpiration()); String jwtString = JWTEncoder.encode(password, issuer, issuedOn, apiKey.getAccount().getUsername(), apiKey.getApiKey(), apiKey.getExpiration());
em.persist(apiKey); em.persist(apiKey);
return jwtString; if (LOGGER.isDebugEnabled()) {
LOGGER.debug("Created API key for {}, valid for {} minutes", userName, expirationInMinutes);
}
ApiKeyObject apiKeyObject = new ApiKeyObject();
apiKeyObject.setUserName(userName);
apiKeyObject.setIssuedOn(Date.from(apiKey.getIssuedOn().toInstant()));
apiKeyObject.setExpiresOn(Date.from(expiresOn.toInstant()));
apiKeyObject.setAuthToken(jwtString);
return apiKeyObject;
} catch (JWTException ex) { } catch (JWTException ex) {
throw new ApiKeyException("Cannot create apiKey. Reason: " + ex.toString(), ex); throw new ApiKeyException("Cannot create apiKey. Reason: " + ex.toString(), ex);
} }