diff --git a/java/services/auth/src/main/java/com/uva/authentication/api/UserAPI.java b/java/services/auth/src/main/java/com/uva/authentication/api/UserAPI.java
index 6239c85caa1aeca7f4fa838df9a940e11d0907a0..6e6edce0ba5517325df77ca6c58b257f24fcb766 100644
--- a/java/services/auth/src/main/java/com/uva/authentication/api/UserAPI.java
+++ b/java/services/auth/src/main/java/com/uva/authentication/api/UserAPI.java
@@ -11,7 +11,7 @@ import org.springframework.stereotype.Component;
import org.springframework.web.client.HttpClientErrorException;
import org.springframework.web.client.RestTemplate;
-import com.uva.authentication.models.RegisterRequest;
+import com.uva.authentication.models.auth.RegisterRequest;
import com.uva.authentication.models.remote.User;
@Component
@@ -20,7 +20,7 @@ public class UserAPI {
@Autowired
private RestTemplate restTemplate;
- @Value("${external.services.users.url}")
+ @Value("${services.external.users.url}")
private String USER_API_URL;
/**
diff --git a/java/services/auth/src/main/java/com/uva/authentication/controllers/AuthController.java b/java/services/auth/src/main/java/com/uva/authentication/controllers/AuthController.java
index 7dfa56acc48bad46f862f259c15f90b8e172ad01..0dd5aee61baade3d3da3d14c647f6f8b65108e4d 100644
--- a/java/services/auth/src/main/java/com/uva/authentication/controllers/AuthController.java
+++ b/java/services/auth/src/main/java/com/uva/authentication/controllers/AuthController.java
@@ -8,7 +8,8 @@ import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.client.HttpClientErrorException;
-import com.uva.authentication.models.*;
+import com.uva.authentication.models.auth.LoginRequest;
+import com.uva.authentication.models.auth.RegisterRequest;
import com.uva.authentication.services.AuthService;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
@@ -47,7 +48,7 @@ public class AuthController {
@PostMapping("/password")
public ResponseEntity<?> changePassword(@RequestBody Map<String, String> json,
- @RequestHeader(value = "Authorization", required = false) String authorization) {
+ @RequestHeader(value = "Authorization", required = true) String authorization) {
if (authorization == null || !authorization.startsWith("Bearer "))
return new ResponseEntity<>(HttpStatus.FORBIDDEN);
@@ -61,7 +62,7 @@ public class AuthController {
@PostMapping("/delete/{id}")
public Object postMethodName(@PathVariable int id, @RequestBody Map<String, String> json,
- @RequestHeader(value = "Authorization", required = false) String authorization) {
+ @RequestHeader(value = "Authorization", required = true) String authorization) {
if (authorization == null || !authorization.startsWith("Bearer "))
return new ResponseEntity<>(HttpStatus.FORBIDDEN);
diff --git a/java/services/auth/src/main/java/com/uva/authentication/controllers/TokenController.java b/java/services/auth/src/main/java/com/uva/authentication/controllers/TokenController.java
index 3e33376dd18629f48bd6863bd8beb06465455901..9f53758bd479d16346bab7845003d97500d5f1ea 100644
--- a/java/services/auth/src/main/java/com/uva/authentication/controllers/TokenController.java
+++ b/java/services/auth/src/main/java/com/uva/authentication/controllers/TokenController.java
@@ -9,11 +9,11 @@ import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import com.fasterxml.jackson.databind.JsonNode;
-import com.uva.authentication.models.JwtAuth;
+import com.uva.authentication.models.jwt.JwtAuth;
import com.uva.authentication.services.TokenService;
@RestController
-@RequestMapping("/token")
+@RequestMapping("token")
public class TokenController {
@Autowired
diff --git a/java/services/auth/src/main/java/com/uva/authentication/models/TokenRequest.java b/java/services/auth/src/main/java/com/uva/authentication/models/TokenRequest.java
deleted file mode 100644
index e63522e1a8660e71573fdb018aaae5f5596517ce..0000000000000000000000000000000000000000
--- a/java/services/auth/src/main/java/com/uva/authentication/models/TokenRequest.java
+++ /dev/null
@@ -1,16 +0,0 @@
-package com.uva.authentication.models;
-
-import lombok.AllArgsConstructor;
-import lombok.Data;
-import lombok.Getter;
-import lombok.NoArgsConstructor;
-import lombok.Setter;
-
-@Getter
-@Setter
-@Data
-@NoArgsConstructor
-@AllArgsConstructor
-public class TokenRequest {
- private String token;
-}
diff --git a/java/services/auth/src/main/java/com/uva/authentication/models/LoginRequest.java b/java/services/auth/src/main/java/com/uva/authentication/models/auth/LoginRequest.java
similarity index 87%
rename from java/services/auth/src/main/java/com/uva/authentication/models/LoginRequest.java
rename to java/services/auth/src/main/java/com/uva/authentication/models/auth/LoginRequest.java
index 0c786ec6366ae5f39d46dd5ae0d546793265e33c..d40def52cc5de07b7954d64a5a80a04a372fcd23 100644
--- a/java/services/auth/src/main/java/com/uva/authentication/models/LoginRequest.java
+++ b/java/services/auth/src/main/java/com/uva/authentication/models/auth/LoginRequest.java
@@ -1,4 +1,4 @@
-package com.uva.authentication.models;
+package com.uva.authentication.models.auth;
import lombok.AllArgsConstructor;
import lombok.Data;
diff --git a/java/services/auth/src/main/java/com/uva/authentication/models/RegisterRequest.java b/java/services/auth/src/main/java/com/uva/authentication/models/auth/RegisterRequest.java
similarity index 89%
rename from java/services/auth/src/main/java/com/uva/authentication/models/RegisterRequest.java
rename to java/services/auth/src/main/java/com/uva/authentication/models/auth/RegisterRequest.java
index 4ef2db20a9b6b3e4fa34d713c6b4b4b529b4fa33..3f992846c754e83a74d74a048719113965d090dd 100644
--- a/java/services/auth/src/main/java/com/uva/authentication/models/RegisterRequest.java
+++ b/java/services/auth/src/main/java/com/uva/authentication/models/auth/RegisterRequest.java
@@ -1,4 +1,4 @@
-package com.uva.authentication.models;
+package com.uva.authentication.models.auth;
import com.uva.authentication.models.remote.UserRol;
diff --git a/java/services/auth/src/main/java/com/uva/authentication/models/JwtAuth.java b/java/services/auth/src/main/java/com/uva/authentication/models/jwt/JwtAuth.java
similarity index 84%
rename from java/services/auth/src/main/java/com/uva/authentication/models/JwtAuth.java
rename to java/services/auth/src/main/java/com/uva/authentication/models/jwt/JwtAuth.java
index 1736439a1b93980155336707350f695a9f56c0ed..6470edf8ea5ed9987ea0f139ad8d0c240dce125f 100644
--- a/java/services/auth/src/main/java/com/uva/authentication/models/JwtAuth.java
+++ b/java/services/auth/src/main/java/com/uva/authentication/models/jwt/JwtAuth.java
@@ -1,4 +1,4 @@
-package com.uva.authentication.models;
+package com.uva.authentication.models.jwt;
import lombok.AllArgsConstructor;
import lombok.Data;
diff --git a/java/services/auth/src/main/java/com/uva/authentication/models/TokenData.java b/java/services/auth/src/main/java/com/uva/authentication/models/jwt/JwtData.java
similarity index 50%
rename from java/services/auth/src/main/java/com/uva/authentication/models/TokenData.java
rename to java/services/auth/src/main/java/com/uva/authentication/models/jwt/JwtData.java
index d503f9193f58a44dee2a0b184ee654af4893999f..044482aa1eef6b1ac8d900730480396d8e8e63ad 100644
--- a/java/services/auth/src/main/java/com/uva/authentication/models/TokenData.java
+++ b/java/services/auth/src/main/java/com/uva/authentication/models/jwt/JwtData.java
@@ -1,55 +1,72 @@
-package com.uva.authentication.models;
+package com.uva.authentication.models.jwt;
import java.lang.reflect.Field;
+import java.util.Date;
import com.auth0.jwt.interfaces.Claim;
import com.auth0.jwt.interfaces.DecodedJWT;
+import com.uva.authentication.models.remote.UserRol;
import lombok.Data;
import lombok.Getter;
import lombok.Setter;
+import lombok.ToString;
@Getter
@Setter
@Data
-public class TokenData {
+@ToString
+public class JwtData {
private Integer id;
private String name;
private String email;
- private String rol;
+ private UserRol rol;
private String service;
private String subject;
private String audience;
private Long ttl;
- public TokenData(DecodedJWT decoded, long ttl) {
+ private Date issuedAt;
+ private Date expiresAt;
+
+ public JwtData(DecodedJWT decoded, long ttl) {
subject = decoded.getSubject();
- audience = decoded.getAudience().get(0);
+ if (decoded.getAudience() != null && !decoded.getAudience().isEmpty())
+ audience = decoded.getAudience().get(0);
this.ttl = ttl;
+ issuedAt = decoded.getIssuedAt();
+ expiresAt = decoded.getExpiresAt();
for (Field field : this.getClass().getDeclaredFields()) {
field.setAccessible(true);
// Verificamos si el campo está en el mapa y asignamos el valor
Claim claim = decoded.getClaim(field.getName());
- if (!claim.isMissing()) {
+ System.out.println(field.getName() + " => " + claim.isMissing() + " " + claim.isNull() + " " + claim.asString()
+ + " " + decoded.getClaim("rol").asString());
+ if (!claim.isNull()) {
+ String value = claim.asString();
try {
// Dependiendo del tipo de campo, asignamos el valor
if (field.getType() == Integer.class) {
- field.set(this, Integer.parseInt(claim.asString()));
+ field.set(this, claim.asInt());
} else if (field.getType() == String.class) {
field.set(this, claim.asString());
+ } else if (field.getType() == UserRol.class) {
+ if (value != null)
+ field.set(this, UserRol.valueOf(value));
}
} catch (IllegalAccessException e) {
e.printStackTrace();
}
}
}
+ System.out.println("\n\n\n<-- " + this + " -->");
}
public boolean isAdmin() {
- return rol != null && rol == "ADMIN";
+ return rol != null && rol == UserRol.ADMIN;
}
}
\ No newline at end of file
diff --git a/java/services/auth/src/main/java/com/uva/authentication/models/remote/User.java b/java/services/auth/src/main/java/com/uva/authentication/models/remote/User.java
index 10049fc82e340fab5885cbd523f0962fc03292f5..91c82e14c7122cd4b7931033118edfa80d8ea8af 100644
--- a/java/services/auth/src/main/java/com/uva/authentication/models/remote/User.java
+++ b/java/services/auth/src/main/java/com/uva/authentication/models/remote/User.java
@@ -1,6 +1,6 @@
package com.uva.authentication.models.remote;
-import com.uva.authentication.models.RegisterRequest;
+import com.uva.authentication.models.auth.RegisterRequest;
import lombok.Data;
import lombok.EqualsAndHashCode;
diff --git a/java/services/auth/src/main/java/com/uva/authentication/services/AuthService.java b/java/services/auth/src/main/java/com/uva/authentication/services/AuthService.java
index 03f2b6c132f4bf9531f891d34471d6484197a9dd..d9c00044d4ce773b57a53848e0b925d71484377c 100644
--- a/java/services/auth/src/main/java/com/uva/authentication/services/AuthService.java
+++ b/java/services/auth/src/main/java/com/uva/authentication/services/AuthService.java
@@ -6,13 +6,12 @@ import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Service;
import org.springframework.web.client.HttpClientErrorException;
-import org.springframework.web.servlet.function.EntityResponse;
import com.uva.authentication.api.UserAPI;
-import com.uva.authentication.models.JwtAuth;
-import com.uva.authentication.models.LoginRequest;
-import com.uva.authentication.models.RegisterRequest;
-import com.uva.authentication.models.TokenData;
+import com.uva.authentication.models.auth.LoginRequest;
+import com.uva.authentication.models.auth.RegisterRequest;
+import com.uva.authentication.models.jwt.JwtAuth;
+import com.uva.authentication.models.jwt.JwtData;
import com.uva.authentication.models.remote.User;
import com.uva.authentication.utils.JwtUtil;
import com.uva.authentication.utils.SecurityUtils;
@@ -78,7 +77,7 @@ public class AuthService {
}
public ResponseEntity<?> changePassword(String token, String actualPass, String newPass) {
- TokenData decoded = jwtUtil.decodeToken(token);
+ JwtData decoded = jwtUtil.decodeToken(token);
if (decoded == null)
return new ResponseEntity<>(HttpStatus.FORBIDDEN);
@@ -102,7 +101,7 @@ public class AuthService {
}
public ResponseEntity<?> deleteUser(String token, int id, String password) {
- TokenData decoded = jwtUtil.decodeToken(token);
+ JwtData decoded = jwtUtil.decodeToken(token);
if (decoded == null)
return new ResponseEntity<>(HttpStatus.FORBIDDEN);
diff --git a/java/services/auth/src/main/java/com/uva/authentication/services/TokenService.java b/java/services/auth/src/main/java/com/uva/authentication/services/TokenService.java
index a2a00805f914c4aa95e29e244ece3826db25796c..f49fcd0a35580ceeec1f100ced21c7240e4fbd01 100644
--- a/java/services/auth/src/main/java/com/uva/authentication/services/TokenService.java
+++ b/java/services/auth/src/main/java/com/uva/authentication/services/TokenService.java
@@ -5,8 +5,8 @@ import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Service;
-import com.uva.authentication.models.JwtAuth;
-import com.uva.authentication.models.TokenData;
+import com.uva.authentication.models.jwt.JwtAuth;
+import com.uva.authentication.models.jwt.JwtData;
import com.uva.authentication.utils.JwtUtil;
@Service
@@ -27,7 +27,7 @@ public class TokenService {
}
public ResponseEntity<?> getTokenInf(String token) {
- TokenData decoded = jwtUtil.decodeToken(token);
+ JwtData decoded = jwtUtil.decodeToken(token);
if (decoded == null)
return new ResponseEntity<>("Token has expire or is malformed", HttpStatus.FORBIDDEN);
return ResponseEntity.ok(decoded);
diff --git a/java/services/auth/src/main/java/com/uva/authentication/utils/JwtUtil.java b/java/services/auth/src/main/java/com/uva/authentication/utils/JwtUtil.java
index d633043cce2da7d19a75b7bf32db38bd52905e5f..d84db0a991c8f12863dcfc7fae793f989e86160b 100644
--- a/java/services/auth/src/main/java/com/uva/authentication/utils/JwtUtil.java
+++ b/java/services/auth/src/main/java/com/uva/authentication/utils/JwtUtil.java
@@ -8,7 +8,7 @@ import org.springframework.web.client.HttpClientErrorException;
import com.auth0.jwt.JWT;
import com.auth0.jwt.algorithms.Algorithm;
-import com.uva.authentication.models.TokenData;
+import com.uva.authentication.models.jwt.JwtData;
import com.uva.authentication.models.remote.User;
import com.auth0.jwt.interfaces.DecodedJWT;
@@ -32,14 +32,15 @@ public class JwtUtil {
private String token;
- private static final String SERVICE = "AUTH_SERVICES";
+ @Value("${spring.application.name}")
+ private String service;
public String getOwnInternalToken() {
// Si no hay token, no es valido o quedan 10 seg para caducar se genera otro
if (token == null || validate(token) == null ||
decodeToken(token).getTtl() <= 10) {
- token = generateInternalToken(SERVICE);
+ token = generateInternalToken(service);
}
return token;
@@ -70,6 +71,8 @@ public class JwtUtil {
public String generateToken(User user) {
Algorithm algorithm = Algorithm.HMAC256(secretKey);
+ System.out.println("\n\n<-- " + user + " " + user.getId() + " -->");
+
return JWT
.create()
@@ -77,7 +80,7 @@ public class JwtUtil {
.withIssuedAt(new Date())
.withExpiresAt(new Date(System.currentTimeMillis() + extJwtExpiration * 1000))
- .withSubject(SERVICE)
+ .withSubject(service)
.withAudience("EXTERNAL")
// DATA
@@ -97,11 +100,11 @@ public class JwtUtil {
}
}
- public TokenData decodeToken(String token) {
+ public JwtData decodeToken(String token) {
DecodedJWT decoded = validate(token);
if (decoded == null)
return null;
- return new TokenData(decoded, calculateTTL(decoded));
+ return new JwtData(decoded, calculateTTL(decoded));
}
private long calculateTTL(DecodedJWT decodedJWT) {
diff --git a/java/services/auth/src/main/resources/application.properties b/java/services/auth/src/main/resources/application.properties
index ad4a9a515522af4efcda2a87f59dc1902879136f..d701662a0eac3c5728d3b0a84d8296af696f8b60 100644
--- a/java/services/auth/src/main/resources/application.properties
+++ b/java/services/auth/src/main/resources/application.properties
@@ -2,9 +2,10 @@ spring.application.name=authService
server.port=8101
security.jwt.secret-key=MiClaveDeSeguridadMuyLargaParaQueNoFalleSpringBoot
-# 1h in millisecond
+# 1h in seconds
security.jwt.external.expiration=3600
-security.jwt.internal.expiration=20
+# 10min in seconds
+security.jwt.internal.expiration=600
security.jwt.kid=cYz3kNRLAirxVhHXQ5rh5xKrOwHwZVui
-external.services.users.url=http://localhost:8201/users
\ No newline at end of file
+services.external.users.url=http://localhost:8201/users
\ No newline at end of file