Skip to content

T
trismegisto-services
Commit 4c3d7a2a by Mauro Paolo Josue Zuñiga Mallqui
Options

[FIXED] VALIDACION DE 1LIFE TOKEN Y VALIDACION AL DESTOKENIZAR

parent 59167afd
Showing with 33 additions and 21 deletions
src/main/java/web/multitask/trismegistoservices/api/JWTokenApi.java
......@@ -8,10 +8,12 @@ import web.multitask.trismegistoservices.model.User;
import web.multitask.trismegistoservices.repository.UserRepository;
import web.multitask.trismegistoservices.singleton.TokenSingleton;
import web.multitask.trismegistoservices.utils.JWTokenUtil;
import java.math.BigInteger;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.Objects;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
......@@ -25,7 +27,7 @@ class JWTokenApi {
private final JWTokenUtil jwtTokenUtil;
private final TokenSingleton tokenSingleton;
public JWTokenApi (JWTokenUtil jwtTokenUtil, TokenSingleton tokenSingleton){
public JWTokenApi(JWTokenUtil jwtTokenUtil, TokenSingleton tokenSingleton) {
this.jwtTokenUtil = jwtTokenUtil;
this.tokenSingleton = tokenSingleton;
}
......@@ -33,10 +35,10 @@ class JWTokenApi {
@PostMapping("/database")
public ResponseEntity<?> setDatabase(@RequestBody String token) {
JSONObject json = new JSONObject(token);
if(json.has("db") && json.has("user") && json.has("password") && json.has("url")) {
if (json.has("db") && json.has("user") && json.has("password") && json.has("url")) {
String dataToken = jwtTokenUtil.generateDataSource(json);
return ResponseEntity.ok(new JSONObject().put("token", dataToken).put("message", "Generated").put("status", true).toMap());
}else{
} else {
return ResponseEntity.status(400).body(new JSONObject().put("token", "").put("message", "Invalid Data").put("status", false).toMap());
}
}
......@@ -53,11 +55,11 @@ class JWTokenApi {
return ResponseEntity.status(401).body(response.toMap());
} else {
boolean onelife = json.optBoolean("onelife", false);
String generatedToken = jwtTokenUtil.generateToken((User) userDetails, json.optBigInteger("ms", onelife ? BigInteger.valueOf(0) : BigInteger.valueOf(3600000)),onelife);
if(onelife){
String generatedToken = jwtTokenUtil.generateToken((User) userDetails, json.optBigInteger("ms", onelife ? BigInteger.valueOf(0) : BigInteger.valueOf(3600000)), onelife);
if (onelife) {
tokenSingleton.addToken(generatedToken);
}
return ResponseEntity.ok(new JSONObject().put("token",generatedToken).put("message", "Generated").put("status", true).toMap());
return ResponseEntity.ok(new JSONObject().put("token", generatedToken).put("message", "Generated").put("status", true).toMap());
}
} catch (Exception e) {
response = new JSONObject().put("token", "").put("message", "Invalid Credentials").put("status", false);
......@@ -78,7 +80,7 @@ class JWTokenApi {
boolean oneLifeToken = tokenSingleton.isTokenAvailable(json.getString("token"));
if(oneLifeToken){
if (oneLifeToken) {
response.put("message", "1-life Token is still up").put("status", true);
return ResponseEntity.ok(response.toMap());
}
......@@ -107,11 +109,11 @@ class JWTokenApi {
return ResponseEntity.status(401).body(new JSONObject().put("token", "").put("message", "Invalid Credentials").put("status", false).toMap());
} else if (userDetails.getAuthorities().stream().anyMatch(a -> a.getAuthority().equals("SERVICE"))) {
boolean onelife = json.optBoolean("onelife", false);
String generatedToken = jwtTokenUtil.generateToken((User) userDetails, json.optBigInteger("ms", onelife ? BigInteger.valueOf(0) : BigInteger.valueOf(3600000)),false);
if(onelife){
String generatedToken = jwtTokenUtil.generateToken((User) userDetails, json.optBigInteger("ms", onelife ? BigInteger.valueOf(0) : BigInteger.valueOf(3600000)), false);
if (onelife) {
tokenSingleton.addToken(generatedToken);
}
return ResponseEntity.ok(new JSONObject().put("token",generatedToken).put("message", "Generated").put("status", true).toMap());
return ResponseEntity.ok(new JSONObject().put("token", generatedToken).put("message", "Generated").put("status", true).toMap());
} else {
return ResponseEntity.status(401).body(new JSONObject().put("token", "").put("message", "Invalid Credentials").put("status", false).toMap());
}
......@@ -124,11 +126,7 @@ class JWTokenApi {
Long remaining = jwtTokenUtil.getExperyTime(json.getString("token"));
Date expirationDate = new Date(System.currentTimeMillis() + remaining);
SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
return ResponseEntity.ok(new JSONObject()
.put("remaining", remaining)
.put("message", "OK")
.put("expiration", dateFormat.format(expirationDate))
.put("status", true).toMap());
return ResponseEntity.ok(new JSONObject().put("remaining", remaining).put("message", "OK").put("expiration", dateFormat.format(expirationDate)).put("status", true).toMap());
} catch (Exception e) {
return ResponseEntity.status(401).body(new JSONObject().put("remaining", 0).put("message", "Invalid Token").put("status", false).toMap());
}
......@@ -140,8 +138,14 @@ class JWTokenApi {
try {
boolean onelife = json.optBoolean("onelife", false);
BigInteger ms = json.optBigInteger("ms", BigInteger.valueOf(3600000));
if (json.optBoolean("onelife", false)) {
json.remove("onelife");
}
if (json.has("ms")) {
json.remove("ms");
}
String tokenized = jwtTokenUtil.tokenizeData(data, ms, onelife);
if(onelife){
if (onelife) {
tokenSingleton.addToken(tokenized);
}
return ResponseEntity.ok(new JSONObject().put("token", tokenized).put("message", "OK").put("status", true).toMap());
......@@ -154,8 +158,16 @@ class JWTokenApi {
public ResponseEntity<?> detokenize(@RequestBody String token) {
JSONObject json = new JSONObject(token);
try {
String detokenized = jwtTokenUtil.detokenizeData(json.getString("token"));
return ResponseEntity.ok(new JSONObject().put("data", detokenized).put("message", "OK").put("status", true).toMap());
if (!tokenSingleton.isTokenAvailable(json.getString("token"))) {
return ResponseEntity.status(400).body(new JSONObject().put("data", "").put("message", "1-life token has been already consumed").put("status", false).toMap());
} else {
if (jwtTokenUtil.isTokenExpired(json.getString("token"))) {
return ResponseEntity.status(400).body(new JSONObject().put("data", "").put("message", "Token has expired").put("status", false).toMap());
} else {
String detokenized = jwtTokenUtil.detokenizeData(json.getString("token"));
return ResponseEntity.ok(new JSONObject().put("data", detokenized).put("message", "OK").put("status", true).toMap());
}
}
} catch (Exception e) {
return ResponseEntity.status(400).body(new JSONObject().put("data", "").put("message", e.getMessage()).put("status", false).toMap());
}
......@@ -165,9 +177,9 @@ class JWTokenApi {
public ResponseEntity<?> consumeToken(@RequestBody String token) {
JSONObject json = new JSONObject(token);
try {
if(tokenSingleton.consumeToken(json.getString("token"))){
if (tokenSingleton.consumeToken(json.getString("token"))) {
return ResponseEntity.ok(new JSONObject().put("message", "OK").put("status", true).toMap());
}else{
} else {
return ResponseEntity.status(400).body(new JSONObject().put("message", "Invalid Token").put("status", false).toMap());
}
} catch (Exception e) {
......
src/main/java/web/multitask/trismegistoservices/singleton/TokenSingleton.java
......@@ -36,7 +36,7 @@ public class TokenSingleton {
}
public boolean isTokenAvailable(String token) {
boolean isAvailable = false;
boolean isAvailable = true;
for (int i = 0; i < tokens.length(); i++) {
if (tokens.getJSONObject(i).getString("token").equals(token)) {
isAvailable = tokens.getJSONObject(i).getBoolean("available");
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment