Integry/IntegryManagementSystem
19
0
Fork 0
Code Actions Packages Projects Releases Activity

Fix su istanze durante il refresh token

Browse Source
This commit is contained in:
Giuseppe Scorrano
2024-01-24 17:02:26 +01:00
parent cd21ef103d
commit 724c69c6c5
1 changed files with 12 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
ems-core/src/main/java/it/integry/security/service/RefreshTokenService.java
View File

@@ -79,17 +79,13 @@ public class RefreshTokenService {
throw new Exception("Dati mancanti in refreshToken.");
}
final StbAuthToken stbAuthToken = jwtTokenCacheComponent.getTokenByRefreshToken(profileDb, refreshToken);
if (stbAuthToken == null)
throw new TokenRefreshException(refreshToken, "Refresh token non riconosciuto. Esegui un nuovo accesso.");
final StbAuthToken oldStbAuthToken = (StbAuthToken) stbAuthToken.clone();
this.verifyExpiration(stbAuthToken);
StbUser user = new StbUser()
.setUserName(stbAuthToken.getUserName());
user.setOperation(OperationType.SELECT_OBJECT);
@@ -103,7 +99,7 @@ public class RefreshTokenService {
String.valueOf(user.getKeyGroup()),
profileDb);
applicationEventPublisher.publishEvent(new TokenExpireEvent(profileDb, oldStbAuthToken.getAccessToken()));
applicationEventPublisher.publishEvent(new TokenExpireEvent(profileDb, stbAuthToken.getAccessToken()));
applicationEventPublisher.publishEvent(new TokenCreateEvent(profileDb, newRefreshToken));
return new JwtResponse()
@@ -125,39 +121,41 @@ public class RefreshTokenService {
}
public StbAuthToken createRefreshTokenIfNotExists(StbAuthToken oldToken, String username, String password, String keyGroup, String profileDb, Long deviceId) throws Exception {
StbAuthToken newToken = oldToken != null ? (StbAuthToken) oldToken.clone() : null;
LocalDateTime expiryDate = LocalDateTime.now().plusDays(settingsModel.getRefreshTokenExpireDays());
if (oldToken == null && deviceId == null)
if (newToken == null && deviceId == null)
throw new Exception("Impossibile creare un refresh token");
if (oldToken == null) {
oldToken = new StbAuthToken()
if (newToken == null) {
newToken = new StbAuthToken()
.setDeviceId(deviceId)
.setUserName(username);
oldToken.setOperation(OperationType.INSERT);
newToken.setOperation(OperationType.INSERT);
} else {
oldToken
newToken
.setOperation(OperationType.UPDATE);
}
UsernamePasswordAuthenticationToken authenticationToken =
createAuthenticationToken(username, password, keyGroup, oldToken.getDeviceId() == null ? deviceId : oldToken.getDeviceId());
createAuthenticationToken(username, password, keyGroup, newToken.getDeviceId() == null ? deviceId : newToken.getDeviceId());
Authentication authentication = authenticationManager.authenticate(authenticationToken);
SecurityContextHolder.getContext().setAuthentication(authentication);
oldToken
newToken
.setExpiryDate(expiryDate)
.setRefreshToken(Encoders.BASE64.encode(Keys.secretKeyFor(SignatureAlgorithm.HS512).getEncoded()))
.setAccessToken(accessTokenProvider.createToken(profileDb));
entityProcessor.processEntity(oldToken, multiDBTransactionManager);
entityProcessor.processEntity(newToken, multiDBTransactionManager);
return oldToken;
return newToken;
}