gowthaman/readymixerp_modules_api
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix authtoken expiry check

Browse Source
This commit is contained in:
gowthaman.b
2023-11-13 08:15:19 +05:30
parent e38da54f11
commit 5c13e0efdd
4 changed files with 38 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
src/main/kotlin/com/restapi/Main.kt
View File

@@ -50,6 +50,7 @@ fun main(args: Array<String>) {
val createRole = Role.Standard(Action.CREATE)
val updateRole = Role.Standard(Action.UPDATE)
val approveOrRejectRole = Role.Standard(Action.APPROVE)
val AUTH_TOKEN = "AUTH_TOKEN_V2"
//todo, create roles in keycloak based on entity and actions
@@ -111,12 +112,20 @@ fun main(args: Array<String>) {
)
.header("Content-Type", "application/x-www-form-urlencoded")
.build()
val message = httpClient.send(req, BodyHandlers.ofString()).body()
val atResponse = objectMapper.readValue<AuthTokenResponse>(message)
val parsed = validateAuthToken(atResponse.accessToken)
//keep track of this
redis.rpush("AUTH_TOKEN_${parsed.userName}", message)
//keep track of this for renewal when asked by client
redis.lpush(
"$AUTH_TOKEN${parsed.userName}",
objectMapper.writeValueAsString(
atResponse.copy(
createdAt = LocalDateTime.now()
)
)
)
it.result(atResponse.accessToken).contentType(ContentType.TEXT_PLAIN)
}
@@ -138,17 +147,20 @@ fun main(args: Array<String>) {
val client = ctx.queryParam("client") ?: throw BadRequestResponse("client not sent")
val redirectUri = ctx.queryParam("redirectUri") ?: throw BadRequestResponse("redirectUri not sent")
val key = "AUTH_TOKEN_${authUser.userName}"
val key = "$AUTH_TOKEN${authUser.userName}"
val found = redis.llen(key)
val foundOldAt = (0..found)
.mapNotNull { redis.lindex(key, it) }
.map { objectMapper.readValue<AuthTokenResponse>(it) }
.firstOrNull { it.accessToken == authToken } ?: throw BadRequestResponse("authToken not found in cache")
.firstOrNull { it.accessToken == authToken }
?: throw BadRequestResponse("authToken not found in cache")
val expiresAt = foundOldAt.createdAt.plusSeconds(foundOldAt.expiresIn + 0L)
val rtExpiresAt = foundOldAt.createdAt.plusSeconds(foundOldAt.refreshExpiresIn + 0L)
val createdAt = foundOldAt.createdAt ?: throw BadRequestResponse("created at is missing")
val expiresAt = createdAt.plusSeconds(foundOldAt.expiresIn + 0L)
val rtExpiresAt = createdAt.plusSeconds(foundOldAt.refreshExpiresIn + 0L)
val now = LocalDateTime.now()
logger.warn("can we refresh the token for ${authUser.userName}, created = $createdAt expires = $expiresAt, refresh Till = $rtExpiresAt")
//we can refresh if at is expired, but we still have time for refresh
if (expiresAt.isBefore(now) && now.isBefore(rtExpiresAt)) {
@@ -175,18 +187,22 @@ fun main(args: Array<String>) {
val atResponse = objectMapper.readValue<AuthTokenResponse>(message)
val parsed = validateAuthToken(atResponse.accessToken)
//keep track of this
redis.rpush("AUTH_TOKEN_${parsed.userName}", message)
redis.lpush(
"AUTH_TOKEN_${parsed.userName}",
objectMapper.writeValueAsString(
atResponse.copy(createdAt = LocalDateTime.now())
)
)
ctx.json(atResponse)
ctx.result(atResponse.accessToken).contentType(ContentType.TEXT_PLAIN)
} else {
//at is still valid
if (expiresAt.isAfter(now)) {
logger.warn("Still valid, the token for ${authUser.userName}")
ctx.json(foundOldAt)
logger.warn("Still valid, the token for ${authUser.userName}, will expire at $expiresAt")
ctx.result(foundOldAt.accessToken).contentType(ContentType.TEXT_PLAIN)
} else {
//we have exceeded the refresh time, so we shall ask the user to login again
logger.warn("We can't refresh the token for ${authUser.userName}, as refresh-time is expired")
logger.warn("We can't refresh the token for ${authUser.userName}, as refresh-time [$rtExpiresAt] is expired")
throw UnauthorizedResponse()
}
}