Examples with AuthToken org.summerb.users.api.dto.AuthToken used on opensource projects

Example 1 with AuthToken

use of org.summerb.users.api.dto.AuthToken in project summerb by skarpushin.

the class AuthTokenDaoInMemoryImpl method updateToken.

@Override
public synchronized void updateToken(String authTokenUuid, long now, String newTokenValue) {
    AuthToken token = tokens.get(authTokenUuid);
    if (token == null || token.getLastVerifiedAt() >= now) {
        return;
    }
    token.setLastVerifiedAt(now);
    token.setTokenValue(newTokenValue);
}

Example 2 with AuthToken

use of org.summerb.users.api.dto.AuthToken in project summerb by skarpushin.

the class AuthTokenServiceImpl method createAuthToken.

@Override
@Transactional(rollbackFor = Throwable.class)
public AuthToken createAuthToken(String userEmail, String clientIp, String tokenUuid, String tokenValueUuid) throws UserNotFoundException, FieldValidationException {
    Preconditions.checkArgument(userEmail != null);
    Preconditions.checkArgument(clientIp != null);
    Preconditions.checkArgument(StringUtils.hasText(tokenUuid));
    Preconditions.checkArgument(StringUtils.hasText(tokenValueUuid));
    try {
        User user = userService.getUserByEmail(userEmail);
        AuthToken authToken = buildNewAuthToken(user, clientIp, tokenUuid, tokenValueUuid);
        authTokenDao.createAuthToken(authToken);
        return authToken;
    } catch (Throwable t) {
        Throwables.throwIfInstanceOf(t, UserNotFoundException.class);
        Throwables.throwIfInstanceOf(t, FieldValidationException.class);
        String msg = String.format("Failed to create auth otken for user '%s'", userEmail);
        throw new UserServiceUnexpectedException(msg, t);
    }
}

Example 3 with AuthToken

use of org.summerb.users.api.dto.AuthToken in project summerb by skarpushin.

the class AuthTokenServiceImpl method isAuthTokenValid.

@Override
@Transactional(rollbackFor = Throwable.class)
public AuthToken isAuthTokenValid(String userUuid, String authTokenUuid, String tokenValue) throws UserNotFoundException {
    Preconditions.checkArgument(userUuid != null);
    Preconditions.checkArgument(authTokenUuid != null);
    Preconditions.checkArgument(StringUtils.hasText(tokenValue), "TokenValue is mandatory");
    try {
        // First - check token itself
        AuthToken authToken = getAuthTokenByUuid(authTokenUuid);
        if (authToken.getExpiresAt() < getNow()) {
            authTokenDao.deleteAuthToken(authTokenUuid);
            return null;
        }
        if (!tokenValue.equals(authToken.getTokenValue())) {
            return null;
        }
        // Check reference to user
        User user = userService.getUserByUuid(userUuid);
        if (!authToken.getUserUuid().equals(user.getUuid())) {
            return null;
        }
        // Now we need to update time when token was checked
        authToken.setTokenValue(UUID.randomUUID().toString());
        authToken.setLastVerifiedAt(getNow());
        authTokenDao.updateToken(authTokenUuid, authToken.getLastVerifiedAt(), authToken.getTokenValue());
        return authToken;
    } catch (AuthTokenNotFoundException nfe) {
        return null;
    } catch (Throwable t) {
        Throwables.throwIfInstanceOf(t, UserNotFoundException.class);
        String msg = String.format("Failed to check auth token '%s' validity for user '%s'", authTokenUuid, userUuid);
        throw new UserServiceUnexpectedException(msg, t);
    }
}

Example 4 with AuthToken

use of org.summerb.users.api.dto.AuthToken in project summerb by skarpushin.

the class AuthTokenDaoImplTest method testIsAuthTokenValid_expectWillNotUpdateLastVerifiedForOldValue.

@Test
public void testIsAuthTokenValid_expectWillNotUpdateLastVerifiedForOldValue() throws Exception {
    User user = userService.createUser(UserFactory.createNewUserTemplate());
    passwordService.setUserPassword(user.getUuid(), "aaa");
    AuthToken authToken = authTokenService.authenticate(user.getEmail(), "aaa", "LOCAL");
    assertNotNull(authToken);
    authTokenDao.updateToken(authToken.getUuid(), 5, null);
    authToken = authTokenService.getAuthTokenByUuid(authToken.getUuid());
    assertTrue(authToken.getLastVerifiedAt() > 5);
}

Example 5 with AuthToken

use of org.summerb.users.api.dto.AuthToken in project summerb by skarpushin.

the class AuthTokenServiceDbImplTest method testIsAuthTokenValid_whitebox_expectFalseForUnmatchedAuthTOken.

@Test
public void testIsAuthTokenValid_whitebox_expectFalseForUnmatchedAuthTOken() throws Exception {
    AuthTokenServiceImpl fixture = AuthTokenServiceDbImplFactory.createAuthTokenServiceDbImpl();
    AuthToken result = fixture.isAuthTokenValid(UserFactory.EXISTENT_USER, AuthTokenFactory.AUTH_TOKEN_EXPIRED, "...");
    assertNull(result);
}