Examples with AuthToken com.vmware.flowgate.common.model.AuthToken used on opensource projects

Example 1 with AuthToken

use of com.vmware.flowgate.common.model.AuthToken in project flowgate by vmware.

the class AuthControllerTest method createToken.

AuthToken createToken() {
    AuthToken token = new AuthToken();
    token.setAccess_token("R$TYUIMJ");
    return token;
}

Example 2 with AuthToken

use of com.vmware.flowgate.common.model.AuthToken in project flowgate by vmware.

the class AuthController method refreshToken.

@RequestMapping(value = "/token/refresh", method = RequestMethod.GET)
public AuthToken refreshToken(HttpServletRequest request, HttpServletResponse response) {
    String authToken = accessTokenService.getToken(request);
    if (authToken == null || "".equals(authToken)) {
        return null;
    }
    DecodedJWT jwt = jwtTokenUtil.getDecodedJwt(authToken);
    String currentuser = accessTokenService.getCurrentUser(request).getUsername();
    if (!jwt.getSubject().equals(currentuser)) {
        throw new WormholeRequestException(HttpStatus.FORBIDDEN, "Forbidden", null);
    }
    AuthToken access_token = accessTokenService.refreshToken(authToken);
    if (access_token != null) {
        response.addHeader(InitializeConfigureData.Authentication_Header, access_token.getAccess_token());
        Cookie cookie = new Cookie(JwtTokenUtil.Token_Name, access_token.getAccess_token());
        cookie.setHttpOnly(true);
        cookie.setPath("/");
        cookie.setDomain(request.getServerName());
        response.addCookie(cookie);
    }
    return access_token;
}

Example 3 with AuthToken

use of com.vmware.flowgate.common.model.AuthToken in project flowgate by vmware.

the class AuthController method getToken.

@RequestMapping(value = "/token", method = RequestMethod.POST, consumes = MediaType.APPLICATION_JSON_VALUE)
public AuthToken getToken(@RequestBody(required = false) WormholeUser user, @RequestHeader(name = "serviceKey", required = false) String serviceKey, HttpServletRequest request, HttpServletResponse response) {
    AuthToken access_token = null;
    if (user == null && serviceKey == null) {
        throw new WormholeRequestException(HttpStatus.UNAUTHORIZED, "Invalid username or password", null);
    }
    if (user != null) {
        access_token = accessTokenService.createToken(user);
    } else {
        if (InitializeConfigureData.checkServiceKey(serviceKey) || accessTokenService.validateServiceKey(serviceKey)) {
            List<String> roleNames = new ArrayList<String>();
            roleNames.add(FlowgateConstant.Role_admin);
            AuthorityUtil util = new AuthorityUtil();
            WormholeUserDetails userDetails = new WormholeUserDetails(FlowgateConstant.systemUser, FlowgateConstant.systemUser, FlowgateConstant.systemUser, util.createGrantedAuthorities(roleNames));
            access_token = jwtTokenUtil.generate(userDetails);
        } else {
            throw new WormholeRequestException(HttpStatus.UNAUTHORIZED, "Invalid username or password", null);
        }
    }
    Cookie cookie = new Cookie(JwtTokenUtil.Token_Name, access_token.getAccess_token());
    cookie.setHttpOnly(true);
    cookie.setPath("/");
    cookie.setDomain(request.getServerName());
    cookie.setMaxAge(expiration);
    response.addCookie(cookie);
    return access_token;
}

Example 4 with AuthToken

use of com.vmware.flowgate.common.model.AuthToken in project flowgate by vmware.

the class AccessTokenService method createToken.

public AuthToken createToken(WormholeUser user) {
    // Perform the security
    AuthToken access_token = null;
    try {
        String username = user.getUserName();
        final Authentication authentication = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(username, user.getPassword()));
        SecurityContextHolder.getContext().setAuthentication(authentication);
        // Reload password post-security so we can generate token
        WormholeUserDetails userDetails = userDetailsService.loadUserByUsername(user.getUserName());
        access_token = jwtTokenUtil.generate(userDetails);
    } catch (BadCredentialsException e) {
        throw new WormholeRequestException(HttpStatus.UNAUTHORIZED, "Invalid username or password", e.getCause());
    }
    return access_token;
}

Example 5 with AuthToken

use of com.vmware.flowgate.common.model.AuthToken in project flowgate by vmware.

the class JwtTokenUtil method generate.

/**
 * generate token with roles
 * @param user
 * @return
 */
public AuthToken generate(WormholeUserDetails user) {
    String secret = FlowgateKeystore.getEncryptKey();
    Algorithm algorithm = null;
    try {
        algorithm = Algorithm.HMAC256(secret);
    } catch (IllegalArgumentException | UnsupportedEncodingException e) {
        logger.error("Error when generating token", e.getMessage());
        return null;
    }
    ObjectMapper mapper = new ObjectMapper();
    AuthToken access_token = new AuthToken();
    Date issure_date = new Date();
    Date expires_date = new Date(System.currentTimeMillis() + expiration * 1000);
    long timeMillis = expires_date.getTime();
    String token = JWT.create().withIssuer(issuer).withIssuedAt(issure_date).withExpiresAt(expires_date).withSubject(user.getUsername()).withClaim("userId", user.getUserId()).sign(algorithm);
    access_token.setAccess_token(token);
    access_token.setExpires_in(timeMillis);
    try {
        mapper.enable(DeserializationFeature.ACCEPT_EMPTY_ARRAY_AS_NULL_OBJECT);
        redisTemplate.opsForValue().set(Prefix_token + token, mapper.writeValueAsString(user), expiration, TimeUnit.SECONDS);
    } catch (JsonProcessingException e) {
        logger.error(e.getMessage());
        return null;
    }
    logger.debug(user.getUsername() + "'s token has been generated.");
    return access_token;
}