Examples with JwtToken org.thingsboard.server.common.data.security.model.JwtToken used on opensource projects

Example 6 with JwtToken

use of org.thingsboard.server.common.data.security.model.JwtToken in project thingsboard by thingsboard.

the class TokenOutdatingService method isOutdated.

public boolean isOutdated(JwtToken token, UserId userId) {
    Claims claims = tokenFactory.parseTokenClaims(token).getBody();
    long issueTime = claims.getIssuedAt().getTime();
    return Optional.ofNullable(tokenOutdatageTimeCache.get(toKey(userId), Long.class)).map(outdatageTime -> {
        if (System.currentTimeMillis() - outdatageTime <= SECONDS.toMillis(jwtSettings.getRefreshTokenExpTime())) {
            return MILLISECONDS.toSeconds(issueTime) < MILLISECONDS.toSeconds(outdatageTime);
        } else {
            /*
                         * Means that since the outdating has passed more than
                         * the lifetime of refresh token (the longest lived)
                         * and there is no need to store outdatage time anymore
                         * as all the tokens issued before the outdatage time
                         * are now expired by themselves
                         * */
            tokenOutdatageTimeCache.evict(toKey(userId));
            return false;
        }
    }).orElse(false);
}

Example 7 with JwtToken

use of org.thingsboard.server.common.data.security.model.JwtToken in project thingsboard by thingsboard.

the class UserController method getUserToken.

@ApiOperation(value = "Get User Token (getUserToken)", notes = "Returns the token of the User based on the provided User Id. " + "If the user who performs the request has the authority of 'SYS_ADMIN', it is possible to get the token of any tenant administrator. " + "If the user who performs the request has the authority of 'TENANT_ADMIN', it is possible to get the token of any customer user that belongs to the same tenant. ")
@PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
@RequestMapping(value = "/user/{userId}/token", method = RequestMethod.GET)
@ResponseBody
public JwtTokenPair getUserToken(@ApiParam(value = USER_ID_PARAM_DESCRIPTION) @PathVariable(USER_ID) String strUserId) throws ThingsboardException {
    checkParameter(USER_ID, strUserId);
    try {
        if (!userTokenAccessEnabled) {
            throw new ThingsboardException(YOU_DON_T_HAVE_PERMISSION_TO_PERFORM_THIS_OPERATION, ThingsboardErrorCode.PERMISSION_DENIED);
        }
        UserId userId = new UserId(toUUID(strUserId));
        SecurityUser authUser = getCurrentUser();
        User user = checkUserId(userId, Operation.READ);
        UserPrincipal principal = new UserPrincipal(UserPrincipal.Type.USER_NAME, user.getEmail());
        UserCredentials credentials = userService.findUserCredentialsByUserId(authUser.getTenantId(), userId);
        SecurityUser securityUser = new SecurityUser(user, credentials.isEnabled(), principal);
        JwtToken accessToken = tokenFactory.createAccessJwtToken(securityUser);
        JwtToken refreshToken = refreshTokenRepository.requestRefreshToken(securityUser);
        return new JwtTokenPair(accessToken.getToken(), refreshToken.getToken());
    } catch (Exception e) {
        throw handleException(e);
    }
}

Example 8 with JwtToken

use of org.thingsboard.server.common.data.security.model.JwtToken in project thingsboard by thingsboard.

the class TokenOutdatingTest method testOutdateOldUserTokens.

@Test
public void testOutdateOldUserTokens() throws Exception {
    JwtToken jwtToken = createAccessJwtToken(userId);
    // need to wait before outdating so that outdatage time is strictly after token issue time
    SECONDS.sleep(1);
    tokenOutdatingService.outdateOldUserTokens(userId);
    assertTrue(tokenOutdatingService.isOutdated(jwtToken, userId));
    SECONDS.sleep(1);
    JwtToken newJwtToken = tokenFactory.createAccessJwtToken(createMockSecurityUser(userId));
    assertFalse(tokenOutdatingService.isOutdated(newJwtToken, userId));
}