micord/ervu-lkrp-fl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix

Browse source
This commit is contained in:
Eduard Tihomirov 2024-11-19 15:31:19 +03:00
parent 1aae56a424
commit 5e050590fa
2 changed files with 18 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

28
backend/src/main/java/ru/micord/ervu/security/esia/token/TokensStore.java
View file

@ -7,54 +7,54 @@ import java.util.concurrent.ConcurrentHashMap;
* @author Eduard Tihomirov * @author Eduard Tihomirov
*/ */
public class TokensStore { public class TokensStore {
private static final Map<String, ExpiringToken> accessTokensMap = new ConcurrentHashMap<>(); private static final Map<String, ExpiringToken> ACCESS_TOKENS_MAP = new ConcurrentHashMap<>();
private static final Map<String, ExpiringToken> refreshTokensMap = new ConcurrentHashMap<>(); private static final Map<String, ExpiringToken> REFRESH_TOKENS_MAP = new ConcurrentHashMap<>();
public static void addAccessToken(String prnOid, String token, long expiresIn) { public static void addAccessToken(String prnOid, String token, long expiresIn) {
if (token != null) { if (token != null) {
long expiryTime = System.currentTimeMillis() + 1000L * expiresIn; long expiryTime = System.currentTimeMillis() + 1000L * expiresIn;
accessTokensMap.put(prnOid, new ExpiringToken(token, expiryTime)); ACCESS_TOKENS_MAP.put(prnOid, new ExpiringToken(token, expiryTime));
} }
} }
public static String getAccessToken(String prnOid) { public static String getAccessToken(String prnOid) {
return accessTokensMap.get(prnOid).getAccessToken(); return ACCESS_TOKENS_MAP.get(prnOid).getAccessToken();
} }
public static void removeExpiredAccessToken() { public static void removeExpiredAccessToken() {
for (String key : accessTokensMap.keySet()) { for (String key : ACCESS_TOKENS_MAP.keySet()) {
ExpiringToken token = accessTokensMap.get(key); ExpiringToken token = ACCESS_TOKENS_MAP.get(key);
if (token != null && token.isExpired()) { if (token != null && token.isExpired()) {
accessTokensMap.remove(key); ACCESS_TOKENS_MAP.remove(key);
} }
} }
} }
public static void removeExpiredRefreshToken() { public static void removeExpiredRefreshToken() {
for (String key : refreshTokensMap.keySet()) { for (String key : REFRESH_TOKENS_MAP.keySet()) {
ExpiringToken token = refreshTokensMap.get(key); ExpiringToken token = REFRESH_TOKENS_MAP.get(key);
if (token != null && token.isExpired()) { if (token != null && token.isExpired()) {
refreshTokensMap.remove(key); REFRESH_TOKENS_MAP.remove(key);
} }
} }
} }
public static void removeAccessToken(String prnOid) { public static void removeAccessToken(String prnOid) {
accessTokensMap.remove(prnOid); ACCESS_TOKENS_MAP.remove(prnOid);
} }
public static void addRefreshToken(String prnOid, String token, long expiresIn) { public static void addRefreshToken(String prnOid, String token, long expiresIn) {
if (token != null) { if (token != null) {
long expiryTime = System.currentTimeMillis() + 1000L * expiresIn; long expiryTime = System.currentTimeMillis() + 1000L * expiresIn;
refreshTokensMap.put(prnOid, new ExpiringToken(token, expiryTime)); REFRESH_TOKENS_MAP.put(prnOid, new ExpiringToken(token, expiryTime));
} }
} }
public static String getRefreshToken(String prnOid) { public static String getRefreshToken(String prnOid) {
return refreshTokensMap.get(prnOid).getAccessToken(); return REFRESH_TOKENS_MAP.get(prnOid).getAccessToken();
} }
public static void removeRefreshToken(String prnOid) { public static void removeRefreshToken(String prnOid) {
refreshTokensMap.remove(prnOid); REFRESH_TOKENS_MAP.remove(prnOid);
} }
} }

8
backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/service/JwtTokenService.java
View file

@ -32,7 +32,7 @@ public class JwtTokenService {
@Value("${webbpm.security.token.issuer:#{null}}") @Value("${webbpm.security.token.issuer:#{null}}")
private final String tokenIssuerName = private final String tokenIssuerName =
ResourceMetadataUtils.PROJECT_GROUP_ID + "." + ResourceMetadataUtils.PROJECT_ARTIFACT_ID; ResourceMetadataUtils.PROJECT_GROUP_ID + "." + ResourceMetadataUtils.PROJECT_ARTIFACT_ID;
private final SecretKey SIGNING_KEY; private final SecretKey signingKey;
@Autowired @Autowired
private HttpServletRequest request; private HttpServletRequest request;
@ -41,7 +41,7 @@ public class JwtTokenService {
public JwtTokenService(@Value("${webbpm.security.token.secret.key:ZjE5ZjMxNmYtODViZC00ZTQ5LWIxZmYtOGEzYzE3Yjc1MDVk}") public JwtTokenService(@Value("${webbpm.security.token.secret.key:ZjE5ZjMxNmYtODViZC00ZTQ5LWIxZmYtOGEzYzE3Yjc1MDVk}")
String secretKey) { String secretKey) {
byte[] encodedKey = Base64.getDecoder().decode(secretKey); byte[] encodedKey = Base64.getDecoder().decode(secretKey);
this.SIGNING_KEY = Keys.hmacShaKeyFor(encodedKey); this.signingKey = Keys.hmacShaKeyFor(encodedKey);
} }
public Token createAccessToken(String userAccountId, Long expiresIn, String ervuId) { public Token createAccessToken(String userAccountId, Long expiresIn, String ervuId) {
@ -52,7 +52,7 @@ public class JwtTokenService {
.setIssuer(tokenIssuerName) .setIssuer(tokenIssuerName)
.setIssuedAt(new Date(System.currentTimeMillis())) .setIssuedAt(new Date(System.currentTimeMillis()))
.setExpiration(expirationDate) .setExpiration(expirationDate)
.signWith(SIGNING_KEY) .signWith(signingKey)
.compact(); .compact();
return new Token(userAccountId + ":" + ervuId, tokenIssuerName, expirationDate, value); return new Token(userAccountId + ":" + ervuId, tokenIssuerName, expirationDate, value);
} }
@ -72,7 +72,7 @@ public class JwtTokenService {
public Token getToken(String token) { public Token getToken(String token) {
Claims claims = Jwts.parser() Claims claims = Jwts.parser()
.setSigningKey(SIGNING_KEY) .setSigningKey(signingKey)
.parseClaimsJws(token) .parseClaimsJws(token)
.getBody(); .getBody();