Skip to content

T
trismegisto-services
Commit 4c3d7a2a by Mauro Paolo Josue Zuñiga Mallqui
Options

[FIXED] VALIDACION DE 1LIFE TOKEN Y VALIDACION AL DESTOKENIZAR

parent 59167afd
Showing with 33 additions and 21 deletions
src/main/java/web/multitask/trismegistoservices/api/JWTokenApi.java
...@@ -8,10 +8,12 @@ import web.multitask.trismegistoservices.model.User; ...@@ -8,10 +8,12 @@ import web.multitask.trismegistoservices.model.User;
import web.multitask.trismegistoservices.repository.UserRepository; import web.multitask.trismegistoservices.repository.UserRepository;
import web.multitask.trismegistoservices.singleton.TokenSingleton; import web.multitask.trismegistoservices.singleton.TokenSingleton;
import web.multitask.trismegistoservices.utils.JWTokenUtil; import web.multitask.trismegistoservices.utils.JWTokenUtil;
import java.math.BigInteger; import java.math.BigInteger;
import java.text.SimpleDateFormat; import java.text.SimpleDateFormat;
import java.util.Date; import java.util.Date;
import java.util.Objects; import java.util.Objects;
import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestBody;
...@@ -25,7 +27,7 @@ class JWTokenApi { ...@@ -25,7 +27,7 @@ class JWTokenApi {
private final JWTokenUtil jwtTokenUtil; private final JWTokenUtil jwtTokenUtil;
private final TokenSingleton tokenSingleton; private final TokenSingleton tokenSingleton;
public JWTokenApi (JWTokenUtil jwtTokenUtil, TokenSingleton tokenSingleton){ public JWTokenApi(JWTokenUtil jwtTokenUtil, TokenSingleton tokenSingleton) {
this.jwtTokenUtil = jwtTokenUtil; this.jwtTokenUtil = jwtTokenUtil;
this.tokenSingleton = tokenSingleton; this.tokenSingleton = tokenSingleton;
} }
...@@ -33,10 +35,10 @@ class JWTokenApi { ...@@ -33,10 +35,10 @@ class JWTokenApi {
@PostMapping("/database") @PostMapping("/database")
public ResponseEntity<?> setDatabase(@RequestBody String token) { public ResponseEntity<?> setDatabase(@RequestBody String token) {
JSONObject json = new JSONObject(token); JSONObject json = new JSONObject(token);
if(json.has("db") && json.has("user") && json.has("password") && json.has("url")) { if (json.has("db") && json.has("user") && json.has("password") && json.has("url")) {
String dataToken = jwtTokenUtil.generateDataSource(json); String dataToken = jwtTokenUtil.generateDataSource(json);
return ResponseEntity.ok(new JSONObject().put("token", dataToken).put("message", "Generated").put("status", true).toMap()); return ResponseEntity.ok(new JSONObject().put("token", dataToken).put("message", "Generated").put("status", true).toMap());
}else{ } else {
return ResponseEntity.status(400).body(new JSONObject().put("token", "").put("message", "Invalid Data").put("status", false).toMap()); return ResponseEntity.status(400).body(new JSONObject().put("token", "").put("message", "Invalid Data").put("status", false).toMap());
} }
} }
...@@ -53,11 +55,11 @@ class JWTokenApi { ...@@ -53,11 +55,11 @@ class JWTokenApi {
return ResponseEntity.status(401).body(response.toMap()); return ResponseEntity.status(401).body(response.toMap());
} else { } else {
boolean onelife = json.optBoolean("onelife", false); boolean onelife = json.optBoolean("onelife", false);
String generatedToken = jwtTokenUtil.generateToken((User) userDetails, json.optBigInteger("ms", onelife ? BigInteger.valueOf(0) : BigInteger.valueOf(3600000)),onelife); String generatedToken = jwtTokenUtil.generateToken((User) userDetails, json.optBigInteger("ms", onelife ? BigInteger.valueOf(0) : BigInteger.valueOf(3600000)), onelife);
if(onelife){ if (onelife) {
tokenSingleton.addToken(generatedToken); tokenSingleton.addToken(generatedToken);
} }
return ResponseEntity.ok(new JSONObject().put("token",generatedToken).put("message", "Generated").put("status", true).toMap()); return ResponseEntity.ok(new JSONObject().put("token", generatedToken).put("message", "Generated").put("status", true).toMap());
} }
} catch (Exception e) { } catch (Exception e) {
response = new JSONObject().put("token", "").put("message", "Invalid Credentials").put("status", false); response = new JSONObject().put("token", "").put("message", "Invalid Credentials").put("status", false);
...@@ -78,7 +80,7 @@ class JWTokenApi { ...@@ -78,7 +80,7 @@ class JWTokenApi {
boolean oneLifeToken = tokenSingleton.isTokenAvailable(json.getString("token")); boolean oneLifeToken = tokenSingleton.isTokenAvailable(json.getString("token"));
if(oneLifeToken){ if (oneLifeToken) {
response.put("message", "1-life Token is still up").put("status", true); response.put("message", "1-life Token is still up").put("status", true);
return ResponseEntity.ok(response.toMap()); return ResponseEntity.ok(response.toMap());
} }
...@@ -107,11 +109,11 @@ class JWTokenApi { ...@@ -107,11 +109,11 @@ class JWTokenApi {
return ResponseEntity.status(401).body(new JSONObject().put("token", "").put("message", "Invalid Credentials").put("status", false).toMap()); return ResponseEntity.status(401).body(new JSONObject().put("token", "").put("message", "Invalid Credentials").put("status", false).toMap());
} else if (userDetails.getAuthorities().stream().anyMatch(a -> a.getAuthority().equals("SERVICE"))) { } else if (userDetails.getAuthorities().stream().anyMatch(a -> a.getAuthority().equals("SERVICE"))) {
boolean onelife = json.optBoolean("onelife", false); boolean onelife = json.optBoolean("onelife", false);
String generatedToken = jwtTokenUtil.generateToken((User) userDetails, json.optBigInteger("ms", onelife ? BigInteger.valueOf(0) : BigInteger.valueOf(3600000)),false); String generatedToken = jwtTokenUtil.generateToken((User) userDetails, json.optBigInteger("ms", onelife ? BigInteger.valueOf(0) : BigInteger.valueOf(3600000)), false);
if(onelife){ if (onelife) {
tokenSingleton.addToken(generatedToken); tokenSingleton.addToken(generatedToken);
} }
return ResponseEntity.ok(new JSONObject().put("token",generatedToken).put("message", "Generated").put("status", true).toMap()); return ResponseEntity.ok(new JSONObject().put("token", generatedToken).put("message", "Generated").put("status", true).toMap());
} else { } else {
return ResponseEntity.status(401).body(new JSONObject().put("token", "").put("message", "Invalid Credentials").put("status", false).toMap()); return ResponseEntity.status(401).body(new JSONObject().put("token", "").put("message", "Invalid Credentials").put("status", false).toMap());
} }
...@@ -124,11 +126,7 @@ class JWTokenApi { ...@@ -124,11 +126,7 @@ class JWTokenApi {
Long remaining = jwtTokenUtil.getExperyTime(json.getString("token")); Long remaining = jwtTokenUtil.getExperyTime(json.getString("token"));
Date expirationDate = new Date(System.currentTimeMillis() + remaining); Date expirationDate = new Date(System.currentTimeMillis() + remaining);
SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss"); SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
return ResponseEntity.ok(new JSONObject() return ResponseEntity.ok(new JSONObject().put("remaining", remaining).put("message", "OK").put("expiration", dateFormat.format(expirationDate)).put("status", true).toMap());
.put("remaining", remaining)
.put("message", "OK")
.put("expiration", dateFormat.format(expirationDate))
.put("status", true).toMap());
} catch (Exception e) { } catch (Exception e) {
return ResponseEntity.status(401).body(new JSONObject().put("remaining", 0).put("message", "Invalid Token").put("status", false).toMap()); return ResponseEntity.status(401).body(new JSONObject().put("remaining", 0).put("message", "Invalid Token").put("status", false).toMap());
} }
...@@ -140,8 +138,14 @@ class JWTokenApi { ...@@ -140,8 +138,14 @@ class JWTokenApi {
try { try {
boolean onelife = json.optBoolean("onelife", false); boolean onelife = json.optBoolean("onelife", false);
BigInteger ms = json.optBigInteger("ms", BigInteger.valueOf(3600000)); BigInteger ms = json.optBigInteger("ms", BigInteger.valueOf(3600000));
if (json.optBoolean("onelife", false)) {
json.remove("onelife");
}
if (json.has("ms")) {
json.remove("ms");
}
String tokenized = jwtTokenUtil.tokenizeData(data, ms, onelife); String tokenized = jwtTokenUtil.tokenizeData(data, ms, onelife);
if(onelife){ if (onelife) {
tokenSingleton.addToken(tokenized); tokenSingleton.addToken(tokenized);
} }
return ResponseEntity.ok(new JSONObject().put("token", tokenized).put("message", "OK").put("status", true).toMap()); return ResponseEntity.ok(new JSONObject().put("token", tokenized).put("message", "OK").put("status", true).toMap());
...@@ -154,8 +158,16 @@ class JWTokenApi { ...@@ -154,8 +158,16 @@ class JWTokenApi {
public ResponseEntity<?> detokenize(@RequestBody String token) { public ResponseEntity<?> detokenize(@RequestBody String token) {
JSONObject json = new JSONObject(token); JSONObject json = new JSONObject(token);
try { try {
String detokenized = jwtTokenUtil.detokenizeData(json.getString("token")); if (!tokenSingleton.isTokenAvailable(json.getString("token"))) {
return ResponseEntity.ok(new JSONObject().put("data", detokenized).put("message", "OK").put("status", true).toMap()); return ResponseEntity.status(400).body(new JSONObject().put("data", "").put("message", "1-life token has been already consumed").put("status", false).toMap());
} else {
if (jwtTokenUtil.isTokenExpired(json.getString("token"))) {
return ResponseEntity.status(400).body(new JSONObject().put("data", "").put("message", "Token has expired").put("status", false).toMap());
} else {
String detokenized = jwtTokenUtil.detokenizeData(json.getString("token"));
return ResponseEntity.ok(new JSONObject().put("data", detokenized).put("message", "OK").put("status", true).toMap());
}
}
} catch (Exception e) { } catch (Exception e) {
return ResponseEntity.status(400).body(new JSONObject().put("data", "").put("message", e.getMessage()).put("status", false).toMap()); return ResponseEntity.status(400).body(new JSONObject().put("data", "").put("message", e.getMessage()).put("status", false).toMap());
} }
...@@ -165,9 +177,9 @@ class JWTokenApi { ...@@ -165,9 +177,9 @@ class JWTokenApi {
public ResponseEntity<?> consumeToken(@RequestBody String token) { public ResponseEntity<?> consumeToken(@RequestBody String token) {
JSONObject json = new JSONObject(token); JSONObject json = new JSONObject(token);
try { try {
if(tokenSingleton.consumeToken(json.getString("token"))){ if (tokenSingleton.consumeToken(json.getString("token"))) {
return ResponseEntity.ok(new JSONObject().put("message", "OK").put("status", true).toMap()); return ResponseEntity.ok(new JSONObject().put("message", "OK").put("status", true).toMap());
}else{ } else {
return ResponseEntity.status(400).body(new JSONObject().put("message", "Invalid Token").put("status", false).toMap()); return ResponseEntity.status(400).body(new JSONObject().put("message", "Invalid Token").put("status", false).toMap());
} }
} catch (Exception e) { } catch (Exception e) {
......
src/main/java/web/multitask/trismegistoservices/singleton/TokenSingleton.java
...@@ -36,7 +36,7 @@ public class TokenSingleton { ...@@ -36,7 +36,7 @@ public class TokenSingleton {
} }
public boolean isTokenAvailable(String token) { public boolean isTokenAvailable(String token) {
boolean isAvailable = false; boolean isAvailable = true;
for (int i = 0; i < tokens.length(); i++) { for (int i = 0; i < tokens.length(); i++) {
if (tokens.getJSONObject(i).getString("token").equals(token)) { if (tokens.getJSONObject(i).getString("token").equals(token)) {
isAvailable = tokens.getJSONObject(i).getBoolean("available"); isAvailable = tokens.getJSONObject(i).getBoolean("available");
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment