/*
|
neon-auth - Authentication Extensions to Neon
|
Copyright (C) 2024 Ulrich Hilger
|
|
This program is free software: you can redistribute it and/or modify
|
it under the terms of the GNU Affero General Public License as
|
published by the Free Software Foundation, either version 3 of the
|
License, or (at your option) any later version.
|
|
This program is distributed in the hope that it will be useful,
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
GNU Affero General Public License for more details.
|
|
You should have received a copy of the GNU Affero General Public License
|
along with this program. If not, see <https://www.gnu.org/licenses/>.
|
*/
|
package de.uhilger.neon.auth;
|
|
import com.sun.net.httpserver.HttpContext;
|
import com.sun.net.httpserver.HttpExchange;
|
import de.uhilger.neon.HttpHelper;
|
import java.io.IOException;
|
|
/**
|
* Objekte der Klasse BearerRefrehService erlauben die Erneuerung
|
* eines Token mit Hilfe eines BearerAuthenticators, der im
|
* HttpContext des HttpExchange erwartet wird
|
*
|
* @author Ulrich Hilger
|
*/
|
public class BearerRefreshService extends BearerService {
|
|
public void refresh(HttpExchange exchange) throws IOException {
|
HttpHelper h = new HttpHelper();
|
String body = h.bodyLesen(exchange);
|
String[] parts = body.split("&");
|
for(String part : parts) {
|
String[] keyVals = part.split("=");
|
if(keyVals[0].equalsIgnoreCase("refresh_token")) {
|
HttpContext context = exchange.getHttpContext();
|
Object o = context.getAuthenticator();
|
if (o instanceof BearerAuthenticator) {
|
BearerAuthenticator auth = (BearerAuthenticator) o;
|
String userId = auth.validateRefreshToken(keyVals[1]);
|
if (userId != null) {
|
LoginResponse r = new LoginResponse();
|
long expireSeconds = Long.parseLong((String) context
|
.getAttributes().getOrDefault("expireSeconds", "7200"));
|
String token = auth.createToken(userId, expireSeconds);
|
r.setToken(token);
|
r.setRefreshToken(auth.createToken(userId,
|
Long.parseLong((String) context.getAttributes()
|
.getOrDefault("refreshExpireSeconds", "86400"))));
|
r.setExpiresIn(expireSeconds);
|
handleLoginResponse(exchange, r);
|
} else {
|
handleLoginResponse(exchange, null);
|
}
|
}
|
}
|
}
|
}
|
|
/*
|
private LoginResponse refresh(HttpExchange exchange, String refreshToken) {
|
HttpContext context = exchange.getHttpContext();
|
Map attr = context.getAttributes();
|
Object o = context.getAuthenticator();
|
if (o instanceof BearerAuthenticator) {
|
BearerAuthenticator auth = (BearerAuthenticator) o;
|
String userId = auth.validateRefreshToken(refreshToken);
|
if (userId != null) {
|
LoginResponse r = new LoginResponse();
|
long expireSeconds = Long.parseLong((String) attr.getOrDefault("expireSeconds", "7200"));
|
String token = auth.createToken(userId, expireSeconds);
|
r.setToken(token);
|
r.setRefreshToken(auth.createToken(userId,
|
Long.parseLong((String) attr.getOrDefault("refreshExpireSeconds", "86400"))));
|
r.setExpiresIn(expireSeconds);
|
return r;
|
} else {
|
return null;
|
}
|
} else {
|
return null;
|
}
|
}
|
*/
|
}
|
