Add refresh token generation
This commit is contained in:
Dmitrii Cravcenco
@@ -0,0 +1,19 @@
|
||||
package com.faf223.expensetrackerfaf.config;
|
||||
|
||||
import com.faf223.expensetrackerfaf.controller.auth.ErrorResponse;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.web.bind.annotation.ControllerAdvice;
|
||||
import org.springframework.web.bind.annotation.ExceptionHandler;
|
||||
import org.springframework.web.bind.annotation.ResponseBody;
|
||||
import org.springframework.web.bind.annotation.ResponseStatus;
|
||||
|
||||
@ControllerAdvice
|
||||
public class ExceptionHandlers {
|
||||
|
||||
@ExceptionHandler(TokenExpiredException.class)
|
||||
@ResponseStatus(HttpStatus.UNAUTHORIZED)
|
||||
@ResponseBody
|
||||
public ErrorResponse handleTokenExpiredException(TokenExpiredException ex) {
|
||||
return new ErrorResponse("Unauthorized", ex.getMessage());
|
||||
}
|
||||
}
|
||||
@@ -1,5 +1,6 @@
|
||||
package com.faf223.expensetrackerfaf.config;
|
||||
|
||||
import io.jsonwebtoken.ExpiredJwtException;
|
||||
import jakarta.servlet.FilterChain;
|
||||
import jakarta.servlet.ServletException;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
@@ -15,7 +16,6 @@ import org.springframework.stereotype.Component;
|
||||
import org.springframework.web.filter.OncePerRequestFilter;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
@Component
|
||||
@RequiredArgsConstructor
|
||||
public class JwtAuthenticationFilter extends OncePerRequestFilter {
|
||||
@@ -35,23 +35,28 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
|
||||
}
|
||||
final String authHeader = request.getHeader("Authorization");
|
||||
final String jwt;
|
||||
final String userEmail;
|
||||
String userEmail;
|
||||
if (authHeader == null || !authHeader.startsWith("Bearer ")) {
|
||||
filterChain.doFilter(request, response);
|
||||
return;
|
||||
}
|
||||
|
||||
jwt = authHeader.substring(7);
|
||||
userEmail = jwtService.extractUsername(jwt);
|
||||
if (userEmail != null && SecurityContextHolder.getContext().getAuthentication() == null) {
|
||||
UserDetails userDetails = this.userDetailsService.loadUserByUsername(userEmail);
|
||||
if (jwtService.isTokenValid(jwt, userDetails)) {
|
||||
UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken(
|
||||
userDetails, null, userDetails.getAuthorities());
|
||||
authToken.setDetails(new WebAuthenticationDetailsSource()
|
||||
.buildDetails(request));
|
||||
SecurityContextHolder.getContext().setAuthentication(authToken);
|
||||
|
||||
try {
|
||||
userEmail = jwtService.extractUsername(jwt);
|
||||
if (userEmail != null && SecurityContextHolder.getContext().getAuthentication() == null) {
|
||||
UserDetails userDetails = this.userDetailsService.loadUserByUsername(userEmail);
|
||||
if (jwtService.isTokenValid(jwt, userDetails)) {
|
||||
UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken(
|
||||
userDetails, null, userDetails.getAuthorities());
|
||||
authToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
|
||||
SecurityContextHolder.getContext().setAuthentication(authToken);
|
||||
}
|
||||
}
|
||||
} catch (ExpiredJwtException e) {
|
||||
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
|
||||
}
|
||||
filterChain.doFilter(request, response);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -38,6 +38,10 @@ public class JwtService {
|
||||
return generateToken(new HashMap<>(), userDetails);
|
||||
}
|
||||
|
||||
public String generateRefreshToken(UserDetails userDetails) {
|
||||
return generateRefreshToken(new HashMap<>(), userDetails);
|
||||
}
|
||||
|
||||
public String generateToken(
|
||||
Map<String, Object> extraClaims,
|
||||
UserDetails userDetails
|
||||
@@ -45,6 +49,13 @@ public class JwtService {
|
||||
return buildToken(extraClaims, userDetails, jwtExpiration);
|
||||
}
|
||||
|
||||
public String generateRefreshToken(
|
||||
Map<String, Object> extraClaims,
|
||||
UserDetails userDetails
|
||||
) {
|
||||
return buildToken(extraClaims, userDetails, refreshExpiration);
|
||||
}
|
||||
|
||||
private String buildToken(Map<String, Object> extraClaims, UserDetails userDetails, long expiration) {
|
||||
return Jwts
|
||||
.builder()
|
||||
|
||||
@@ -19,6 +19,7 @@ public class SecurityConfiguration {
|
||||
|
||||
private final JwtAuthenticationFilter jwtAuthFilter;
|
||||
private final AuthenticationProvider authenticationProvider;
|
||||
// private final Http401UnauthorizedEntryPoint entryPoint;
|
||||
|
||||
@Bean
|
||||
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
||||
@@ -29,6 +30,7 @@ public class SecurityConfiguration {
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
|
||||
// .exceptionHandling((e) -> e.authenticationEntryPoint(entryPoint))
|
||||
.authenticationProvider(authenticationProvider)
|
||||
.addFilterBefore(jwtAuthFilter, UsernamePasswordAuthenticationFilter.class); // will be executed before UsernamePasswordAuthenticationFilter
|
||||
|
||||
|
||||
@@ -0,0 +1,7 @@
|
||||
package com.faf223.expensetrackerfaf.config;
|
||||
|
||||
public class TokenExpiredException extends RuntimeException {
|
||||
public TokenExpiredException(String message) {
|
||||
super(message);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user