From 8088085524f34974a1b3a922faf2bc8c3af8ceb2 Mon Sep 17 00:00:00 2001 From: Ken Ahrens Date: Thu, 21 Dec 2023 08:29:43 -0500 Subject: [PATCH] [SPD-6697] update user auth (#12) --- java/Makefile | 2 +- .../speedscale/{server => lib}/SpaceX.java | 2 +- .../speedscale/{server => lib}/Treasury.java | 2 +- .../main/java/speedscale/lib/UserAuth.java | 9 +++++++++ .../java/speedscale/server/Controller.java | 20 ++++++++++++------- .../java/speedscale/server/TokenManager.java | 4 +++- .../src/main/resources/application.properties | 2 -- 7 files changed, 28 insertions(+), 13 deletions(-) rename java/server/src/main/java/speedscale/{server => lib}/SpaceX.java (98%) rename java/server/src/main/java/speedscale/{server => lib}/Treasury.java (97%) create mode 100644 java/server/src/main/java/speedscale/lib/UserAuth.java diff --git a/java/Makefile b/java/Makefile index 9187791..2fc4d3b 100644 --- a/java/Makefile +++ b/java/Makefile @@ -1,4 +1,4 @@ -VERSION?=1.0.4 +VERSION?=1.0.5 REGISTRY?=gcr.io/speedscale-demos/java-server:${VERSION} NAMESPACE?=default diff --git a/java/server/src/main/java/speedscale/server/SpaceX.java b/java/server/src/main/java/speedscale/lib/SpaceX.java similarity index 98% rename from java/server/src/main/java/speedscale/server/SpaceX.java rename to java/server/src/main/java/speedscale/lib/SpaceX.java index 4448908..22dad89 100644 --- a/java/server/src/main/java/speedscale/server/SpaceX.java +++ b/java/server/src/main/java/speedscale/lib/SpaceX.java @@ -1,4 +1,4 @@ -package speedscale.server; +package speedscale.lib; import java.net.URI; import java.net.http.HttpClient; diff --git a/java/server/src/main/java/speedscale/server/Treasury.java b/java/server/src/main/java/speedscale/lib/Treasury.java similarity index 97% rename from java/server/src/main/java/speedscale/server/Treasury.java rename to java/server/src/main/java/speedscale/lib/Treasury.java index c7e36c4..4b8e075 100644 --- a/java/server/src/main/java/speedscale/server/Treasury.java +++ b/java/server/src/main/java/speedscale/lib/Treasury.java @@ -1,4 +1,4 @@ -package speedscale.server; +package speedscale.lib; import java.net.URI; import java.net.http.HttpClient; diff --git a/java/server/src/main/java/speedscale/lib/UserAuth.java b/java/server/src/main/java/speedscale/lib/UserAuth.java new file mode 100644 index 0000000..0e5423b --- /dev/null +++ b/java/server/src/main/java/speedscale/lib/UserAuth.java @@ -0,0 +1,9 @@ +package speedscale.lib; + +import speedscale.model.Login; + +public class UserAuth { + public static boolean validate(Login login) { + return true; + } +} diff --git a/java/server/src/main/java/speedscale/server/Controller.java b/java/server/src/main/java/speedscale/server/Controller.java index c735ac6..af8885e 100644 --- a/java/server/src/main/java/speedscale/server/Controller.java +++ b/java/server/src/main/java/speedscale/server/Controller.java @@ -16,17 +16,13 @@ import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.RestController; +import speedscale.lib.*; import speedscale.model.Login; import speedscale.model.TreasuryResponse; @RestController public class Controller { - @Value("${my.username}") - private String username; - @Value("${my.password}") - private String password; - @Autowired TokenManager jwt; @@ -42,24 +38,34 @@ public Map health() { @PostMapping("/login") public Map login(@RequestBody Login login) { Map m = new HashMap(); - if (!username.equals(login.getUsername()) || !password.equals(login.getPassword())) { + + // Check the user auth + boolean valid = UserAuth.validate(login); + if (!valid) { m.put("err", "invalid auth"); return m; } m.put("access_token", jwt.generateHmacToken(login.getUsername())); + m.put("token_type", "Bearer"); + m.put("expires_id", TokenManager.EXPIRATION_OFFSET + ""); return m; } @PostMapping("/rsaToken") public Map rsaToken(@RequestBody Login login) { Map m = new HashMap(); - if (!username.equals(login.getUsername()) || !password.equals(login.getPassword())) { + + // Check the user auth + boolean valid = UserAuth.validate(login); + if (!valid) { m.put("err", "invalid auth"); return m; } m.put("access_token", jwt.generateRsaToken(login.getUsername())); + m.put("token_type", "Bearer"); + m.put("expires_id", TokenManager.EXPIRATION_OFFSET + ""); return m; } diff --git a/java/server/src/main/java/speedscale/server/TokenManager.java b/java/server/src/main/java/speedscale/server/TokenManager.java index c5d4395..563c8a2 100644 --- a/java/server/src/main/java/speedscale/server/TokenManager.java +++ b/java/server/src/main/java/speedscale/server/TokenManager.java @@ -48,6 +48,8 @@ public class TokenManager { private MySigningKeyResolver resolver = new MySigningKeyResolver(); + public static int EXPIRATION_OFFSET = 60 * 60 * 24 * 1000; + public String generateHmacToken(String username) { Key hmacShaKey = Keys.hmacShaKeyFor(hmacSecret.getBytes()); return makeBuilder(username) @@ -100,7 +102,7 @@ private JwtBuilder makeBuilder(String username) { .setSubject(username) .setAudience("spacex-fans") .setIssuedAt(new Date(ts)) - .setExpiration(new Date(ts + 60 * 60 * 24 * 1000)) + .setExpiration(new Date(ts + EXPIRATION_OFFSET)) .setNotBefore(new Date(ts - 60 * 60 * 1000)); } diff --git a/java/server/src/main/resources/application.properties b/java/server/src/main/resources/application.properties index 65780c4..24d23ef 100644 --- a/java/server/src/main/resources/application.properties +++ b/java/server/src/main/resources/application.properties @@ -1,5 +1,3 @@ -my.username = admin -my.password = pass my.hmacSecret = this-is-a-very-good-secret-jwt-key my.rsaPrivateKeyFile = tls.key my.rsaPublicKeyFile = tls.crt