Created
March 19, 2020 20:23
-
-
Save thinkmicroservices/7560770475b18e83ae06996829d4b9d2 to your computer and use it in GitHub Desktop.
AuthenticationService: refreshToken().java
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * | |
| * @param refreshToken | |
| * @return | |
| * @throws RefreshTokenException | |
| */ | |
| public AuthenticationToken refreshToken(String refreshToken) throws | |
| RefreshTokenException { | |
| log.debug("refresh token:" + refreshToken); | |
| // check with the service discovery service client that the required | |
| // services are active before allowing a user to authenticate | |
| if (activeServicesRequiredForAuthentication.size() > 0) { | |
| log.info("requiredServices:{}", this.activeServicesRequiredForAuthentication.toString()); | |
| List<String> activeServices = discoveryClient.getServices().stream().map(String::toUpperCase).collect(Collectors.toList());; | |
| log.info("Discovery services:{}", activeServices); | |
| if (!activeServices.containsAll(this.activeServicesRequiredForAuthentication)) { | |
| log.info("all required services are not available,"); | |
| List<String> required = new ArrayList<>(this.activeServicesRequiredForAuthentication); | |
| required.removeAll(activeServices); | |
| log.info("missing services:{}", required); | |
| throw new RefreshTokenException("error.authentication.required.services.unavailable", required.toString()); | |
| } | |
| } | |
| // get the user | |
| User user = this.loadUserByRefreshToken(refreshToken); | |
| // if user is disabled dont return a token | |
| if (!user.isActiveStatus()) { | |
| return new AuthenticationToken(""); | |
| } | |
| // everything is cool - generate the new token | |
| Set<Role> roles = user.getRoles(); | |
| ArrayList<GrantedAuthority> authorities = this.getGrantedAuthorities(roles); | |
| java.sql.Timestamp lastLogonTimestamp = new java.sql.Timestamp((new java.util.Date().getTime())); | |
| String newRefreshToken = UUID.randomUUID().toString(); | |
| LocalDateTime refreshTokenExpirationTimestamp = LocalDateTime.now(); | |
| refreshTokenExpirationTimestamp = refreshTokenExpirationTimestamp.plusMinutes(this.refreshTokenExpirationIntervalMinutes); | |
| LocalDateTime tokenExpiresAtTimestamp = LocalDateTime.now(); | |
| tokenExpiresAtTimestamp = tokenExpiresAtTimestamp.plusMinutes(this.tokenExpirationIntervalMinutes); | |
| user.setRefreshTokenExpirationAt(Timestamp.valueOf(refreshTokenExpirationTimestamp)); | |
| user.setRefreshToken(newRefreshToken); | |
| user.setLastLogon(lastLogonTimestamp); | |
| user.setTokenIssuedAt(lastLogonTimestamp); | |
| user.setTokenExpirationAt(Timestamp.valueOf(tokenExpiresAtTimestamp)); | |
| this.userRepository.save(user); | |
| final String tokenString = jwtProvider.generateToken(user, | |
| authorities, | |
| lastLogonTimestamp.getTime(), // issued at | |
| Timestamp.valueOf(tokenExpiresAtTimestamp).getTime(), | |
| newRefreshToken, | |
| Timestamp.valueOf(refreshTokenExpirationTimestamp).getTime()); | |
| // TODO generate refresh token event | |
| /*this.accountEventSource.accountEvents() | |
| .send(MessageBuilder.withPayload(new CredentialsAuthenticationRequestedEvent(user.getAccountId(), username, true)) | |
| .setHeader("type", "CREDENTIALS_AUTHENTICATION_REQUEST_EVENT").build()); | |
| */ | |
| return new AuthenticationToken(tokenString); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment