Merge branch 'master' into develop

ems-core/src/main/java/it/integry/security/controller/AuthController.java

@@ -61,6 +61,22 @@ public class AuthController {
         }
     }
 
+    @RequestMapping(value = "/create-app-token", method = RequestMethod.POST)
+    public ServiceRestResponse createAppToken(HttpServletRequest request, HttpServletResponse response,
+                                              @RequestBody LoginRequestDTO loginRequestDTO) {
+        try {
+            String profileDb = multiDBTransactionManager.getPrimaryConnection().getProfileName();
+            return ServiceRestResponse.createPositiveResponse(authService.createAppToken(profileDb, loginRequestDTO));
+        } catch (AuthorizationExpriredException ex) {
+            logger.error(request.getRequestURI(), ex);
+            response.setStatus(420);
+            return ServiceRestResponse.createNegativeResponse(ex);
+        } catch (Exception e) {
+            logger.error(request.getRequestURI(), e);
+            return ServiceRestResponse.createNegativeResponse(e);
+        }
+    }
+
     @RequestMapping(value = "/me", method = RequestMethod.GET)
     @PreAuthorize("isAuthenticated()")
     public ServiceRestResponse user(@RequestParam(CommonConstants.PROFILE_DB) String profileDb) {

ems-core/src/main/java/it/integry/security/service/AuthService.java

@@ -60,25 +60,27 @@ public class AuthService {
     private SettingsModel settingsModel;
 
 
-
+    public JwtResponse createAppToken(String profileDb, LoginRequestDTO loginRequestDTO) throws Exception {
+        return login(profileDb, loginRequestDTO, true);
+    }
 
 
     public JwtResponse login(String profileDb, LoginRequestDTO loginRequestDTO) throws Exception {
-        if (UtilityString.isNullOrEmpty(loginRequestDTO.getUsername())) {
+        return login(profileDb, loginRequestDTO, false);
+    }
+
+    private JwtResponse login(String profileDb, LoginRequestDTO loginRequestDTO, boolean disableExpiration) throws Exception {
+        if (UtilityString.isNullOrEmpty(loginRequestDTO.getUsername()))
             throw new Exception("Username mancante.");
-        }
 
-        if (UtilityString.isNullOrEmpty(loginRequestDTO.getPassword())) {
+        if (UtilityString.isNullOrEmpty(loginRequestDTO.getPassword()))
             throw new Exception("Password mancante.");
-        }
 
-        if (UtilityString.isNullOrEmpty(loginRequestDTO.getDeviceId())) {
+        if (UtilityString.isNullOrEmpty(loginRequestDTO.getDeviceId()))
             throw new Exception("Device id mancante.");
-        }
 
-        if (requestDataDTO.getApplication() == null) {
+        if (requestDataDTO.getApplication() == null)
             throw new Exception("X-App-Token mancante.");
-        }
 
         String username = loginRequestDTO.getUsername();
         String password = loginRequestDTO.getPassword();
@@ -113,12 +115,14 @@ public class AuthService {
                 stbDevices.getId()
         );
 
-        String oldAccessToken = UtilityDB.executeSimpleQueryOnlyFirstRowFirstColumn(multiDBTransactionManager.getPrimaryConnection(), sql);
-
         String primaryProfileDb = multiDBTransactionManager.getPrimaryConnection().getProfileName();
 
-        if (!UtilityString.isNullOrEmpty(oldAccessToken)) {
-            applicationEventPublisher.publishEvent(new TokenExpireEvent(primaryProfileDb, oldAccessToken));
+        if (!disableExpiration) {
+            String oldAccessToken = UtilityDB.executeSimpleQueryOnlyFirstRowFirstColumn(multiDBTransactionManager.getPrimaryConnection(), sql);
+
+            if (!UtilityString.isNullOrEmpty(oldAccessToken)) {
+                applicationEventPublisher.publishEvent(new TokenExpireEvent(primaryProfileDb, oldAccessToken));
+            }
         }
 
         // Ricreo token di accesso e refresh
@@ -127,7 +131,8 @@ public class AuthService {
                 password,
                 foundUser.getKeyGroup(),
                 primaryProfileDb,
-                stbDevices.getId()
+                stbDevices.getId(),
+                disableExpiration
         );
 
         applicationEventPublisher.publishEvent(new TokenCreateEvent(primaryProfileDb, stbAuthToken));
@@ -139,6 +144,7 @@ public class AuthService {
                 .setExpireIn(ChronoUnit.SECONDS.between(UtilityLocalDate.getNowTime(), stbAuthToken.getExpiryDate()));
     }
 
+
     public void logout(String profileDb, LogoutRequestDTO logoutRequestDTO) {
 
         TokenExpireEvent tokenExpireEvent = new TokenExpireEvent(profileDb, logoutRequestDTO.getToken());

ems-core/src/main/java/it/integry/security/service/RefreshTokenService.java

@@ -99,7 +99,8 @@ public class RefreshTokenService {
                 user.getPassword(),
                 user.getKeyGroup(),
                 profileDb,
-                stbAuthToken.getDeviceId());
+                stbAuthToken.getDeviceId(),
+                false);
 
         applicationEventPublisher.publishEvent(new TokenCreateEvent(profileDb, newRefreshToken));
 
@@ -116,8 +117,10 @@ public class RefreshTokenService {
         }
     }
 
-    public StbAuthToken createRefreshTokenIfNotExists(String username, String password, Integer keyGroup, String profileDb, Long deviceId) throws Exception {
-        LocalDateTime expiryDate = LocalDateTime.now().plusDays(settingsModel.getRefreshTokenExpireDays());
+    public StbAuthToken createRefreshTokenIfNotExists(String username, String password, Integer keyGroup, String profileDb, Long deviceId, boolean disableExpiration) throws Exception {
+        LocalDateTime expiryDate = disableExpiration ?
+                LocalDateTime.of(2099, 12, 31, 23, 59) :
+                LocalDateTime.now().plusDays(settingsModel.getRefreshTokenExpireDays());
 
         if (deviceId == null)
             throw new Exception("Impossibile creare un refresh token");