Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2025-11-10 23:45:44 +01:00
Code Issues Packages Projects Releases Activity

Keep refresh expiration

Browse Source
This commit is contained in:
René Pfeuffer
2018-11-30 10:15:12 +01:00
parent 46f9473083
commit e8672bbeff
4 changed files with 24 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
scm-webapp/src/main/java/sonia/scm/security/JwtAccessToken.java
View File

@@ -47,7 +47,7 @@ import static java.util.Optional.ofNullable;
*/
public final class JwtAccessToken implements AccessToken {
public static final String REFRESHABLE_UNTIL_CLAIM_KEY = "scm-manager.refreshableUntil";
public static final String REFRESHABLE_UNTIL_CLAIM_KEY = "scm-manager.refreshExpiration";
public static final String PARENT_TOKEN_ID_CLAIM_KEY = "scm-manager.parentTokenId";
private final Claims claims;
private final String compact;

9
scm-webapp/src/main/java/sonia/scm/security/JwtAccessTokenBuilder.java
View File

@@ -71,6 +71,7 @@ public final class JwtAccessTokenBuilder implements AccessTokenBuilder {
private TimeUnit expiresInUnit = TimeUnit.HOURS;
private long refreshableFor = 12;
private TimeUnit refreshableForUnit = TimeUnit.HOURS;
private Instant refreshExpiration;
private String parentKeyId;
private Scope scope = Scope.empty();
@@ -133,6 +134,12 @@ public final class JwtAccessTokenBuilder implements AccessTokenBuilder {
return this;
}
JwtAccessTokenBuilder refreshExpiration(Instant refreshExpiration) {
this.refreshExpiration = refreshExpiration;
this.refreshableFor = 0;
return this;
}
public JwtAccessTokenBuilder parentKey(String parentKeyId) {
this.parentKeyId = parentKeyId;
return this;
@@ -175,6 +182,8 @@ public final class JwtAccessTokenBuilder implements AccessTokenBuilder {
if (refreshableFor > 0) {
long refreshExpiration = refreshableForUnit.toMillis(refreshableFor);
claims.put(JwtAccessToken.REFRESHABLE_UNTIL_CLAIM_KEY, new Date(now.toEpochMilli() + refreshExpiration).getTime());
} else if (refreshExpiration != null) {
claims.put(JwtAccessToken.REFRESHABLE_UNTIL_CLAIM_KEY, Date.from(refreshExpiration));
}
if (parentKeyId == null) {
claims.put(JwtAccessToken.PARENT_TOKEN_ID_CLAIM_KEY, id);

3
scm-webapp/src/main/java/sonia/scm/security/JwtAccessTokenRefresher.java
View File

@@ -29,7 +29,7 @@ public class JwtAccessTokenRefresher {
this.clock = clock;
}
public Optional<JwtAccessToken> refresh(JwtAccessToken oldToken) {
Optional<JwtAccessToken> refresh(JwtAccessToken oldToken) {
JwtAccessTokenBuilder builder = builderFactory.create();
Map<String, Object> claims = oldToken.getClaims();
claims.forEach(builder::custom);
@@ -42,6 +42,7 @@ public class JwtAccessTokenRefresher {
}
builder.expiresIn(computeOldExpirationInMillis(oldToken), TimeUnit.MILLISECONDS);
builder.parentKey(parentTokenId.get().toString());
builder.refreshExpiration(oldToken.getRefreshExpiration().get().toInstant());
return Optional.of(builder.build());
} else {
return Optional.empty();