SUPPORT-8682: Fix

2024-11-20 10:18:49 +03:00 · 2024-11-20 10:18:49 +03:00 · 94ec86c41c
commit 94ec86c41c
parent 0e7e198472
1 changed files with 20 additions and 38 deletions
--- a/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java
+++ b/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java
@ -59,6 +59,7 @@ import ru.micord.ervu.security.webbpm.jwt.model.Token;
@Service
 public class EsiaAuthService {
  private static final Logger LOGGER = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());
+  private static final Long EXPIRES_IN = 3600L;
  @Autowired
  private ObjectMapper objectMapper;
  @Autowired
@ -226,19 +227,7 @@ public class EsiaAuthService {
      Long expiresIn = tokenResponse.getExpires_in();
      TokensStore.addAccessToken(prnOid, accessToken, expiresIn);
      TokensStore.addRefreshToken(prnOid, refreshToken, expiresIn);
-      Token token = jwtTokenService.createAccessToken(esiaAccessToken.getSbj_id(), expiresIn, ervuId, hasRole);
-      int expiry = tokenResponse.getExpires_in().intValue();
-      Cookie accessCookie = securityHelper.createAccessCookie(token.getValue(), expiry);
-      response.addCookie(accessCookie);
-      UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken =
-          new UsernamePasswordAuthenticationToken(token.getUserAccountId(), null);
-      SecurityContext context = SecurityContextHolder.createEmptyContext();
-      JwtAuthentication authentication = new JwtAuthentication(usernamePasswordAuthenticationToken,
-          esiaAccessToken.getSbj_id(), token.getValue());
-      context.setAuthentication(authentication);
-      SecurityContextHolder.setContext(context);
-      Cookie authMarkerCookie = securityHelper.createAuthMarkerCookie("true", expiry);
-      response.addCookie(authMarkerCookie);
+      createTokenAndAddCookie(response, esiaAccessToken.getSbj_id(), ervuId, hasRole, expiresIn);
      if (!hasRole) {
        LOGGER.error("The user with id = " + prnOid + " does not have the required role");
        return new ResponseEntity<>(
@ -249,18 +238,7 @@ public class EsiaAuthService {
      return ResponseEntity.ok("Authentication successful");
    }
    catch (Exception e) {
-      Token token = jwtTokenService.createAccessToken(null, 3600L, null, false);
-      Cookie accessCookie = securityHelper.createAccessCookie(token.getValue(), 3600);
-      response.addCookie(accessCookie);
-      UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken =
-          new UsernamePasswordAuthenticationToken(token.getUserAccountId(), null);
-      SecurityContext context = SecurityContextHolder.createEmptyContext();
-      JwtAuthentication authentication = new JwtAuthentication(usernamePasswordAuthenticationToken,
-          null, token.getValue());
-      context.setAuthentication(authentication);
-      SecurityContextHolder.setContext(context);
-      Cookie authMarkerCookie = securityHelper.createAuthMarkerCookie("true", 3600);
-      response.addCookie(authMarkerCookie);
+      createTokenAndAddCookie(response, null, null, false, EXPIRES_IN);
      String messageId = getMessageId(e);
      String messageWithId = String.format("[%s] %s", messageId, e.getMessage());
      LOGGER.error(messageWithId, e);
@ -329,19 +307,7 @@ public class EsiaAuthService {
      TokensStore.addAccessToken(prnOid, accessToken, expiresIn);
      TokensStore.addRefreshToken(prnOid, newRefreshToken, expiresIn);
      String ervuId = getErvuId(accessToken, prnOid);
-      Token token = jwtTokenService.createAccessToken(esiaAccessToken.getSbj_id(), expiresIn, ervuId, true);
-      int expiry = tokenResponse.getExpires_in().intValue();
-      Cookie accessCookie = securityHelper.createAccessCookie(token.getValue(), expiry);
-      response.addCookie(accessCookie);
-      UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken =
-          new UsernamePasswordAuthenticationToken(token.getUserAccountId(), null);
-      SecurityContext context = SecurityContextHolder.createEmptyContext();
-      JwtAuthentication authentication = new JwtAuthentication(usernamePasswordAuthenticationToken,
-          esiaAccessToken.getSbj_id(), token.getValue());
-      context.setAuthentication(authentication);
-      SecurityContextHolder.setContext(context);
-      Cookie authMarkerCookie = securityHelper.createAuthMarkerCookie("true", expiry);
-      response.addCookie(authMarkerCookie);
+      createTokenAndAddCookie(response, esiaAccessToken.getSbj_id(), ervuId, true, expiresIn);
    }
    catch (Exception e) {
      throw new RuntimeException(e);
@ -492,4 +458,20 @@ public class EsiaAuthService {
    }
    return null;
  }
+
+  private void createTokenAndAddCookie(HttpServletResponse response, String userId, String ervuId,
+      Boolean hasRole, Long expiresIn) {
+    Token token = jwtTokenService.createAccessToken(userId, expiresIn, ervuId, hasRole);
+    Cookie accessCookie = securityHelper.createAccessCookie(token.getValue(), expiresIn.intValue());
+    response.addCookie(accessCookie);
+    UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken =
+        new UsernamePasswordAuthenticationToken(token.getUserAccountId(), null);
+    SecurityContext context = SecurityContextHolder.createEmptyContext();
+    JwtAuthentication authentication = new JwtAuthentication(usernamePasswordAuthenticationToken,
+        userId, token.getValue());
+    context.setAuthentication(authentication);
+    SecurityContextHolder.setContext(context);
+    Cookie authMarkerCookie = securityHelper.createAuthMarkerCookie("true", expiresIn.intValue());
+    response.addCookie(authMarkerCookie);
+  }
 }