All Downloads are FREE. Search and download functionalities are using the official Maven repository.

leap.oauth2.server.endpoint.SessionRefreshEndpoint Maven / Gradle / Ivy

There is a newer version: 0.7.13b
Show newest version
/*
 *
 *  * Copyright 2013 the original author or authors.
 *  *
 *  * Licensed under the Apache License, Version 2.0 (the "License");
 *  * you may not use this file except in compliance with the License.
 *  * You may obtain a copy of the License at
 *  *
 *  *      http://www.apache.org/licenses/LICENSE-2.0
 *  *
 *  * Unless required by applicable law or agreed to in writing, software
 *  * distributed under the License is distributed on an "AS IS" BASIS,
 *  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *  * See the License for the specific language governing permissions and
 *  * limitations under the License.
 *  
 */

package leap.oauth2.server.endpoint;

import leap.core.BeanFactory;
import leap.core.annotation.Inject;
import leap.core.ioc.PostCreateBean;
import leap.core.security.token.jwt.JWT;
import leap.core.security.token.jwt.JwtSigner;
import leap.core.security.token.jwt.JwtVerifier;
import leap.core.security.token.jwt.MacSigner;
import leap.web.App;
import leap.web.Handler;
import leap.web.Request;
import leap.web.Response;
import leap.web.config.WebConfig;
import leap.web.cookie.AbstractCookieBean;
import leap.web.route.Routes;

import javax.servlet.http.Cookie;
import java.util.Map;

/**
 * @author kael.
 */
public class SessionRefreshEndpoint extends AbstractAuthzEndpoint implements Handler,PostCreateBean {

    protected @Inject WebConfig webConfig;
    protected JwtSigner signer;
    protected JwtVerifier verifier;
    protected AbstractCookieBean cookieBean;
    
    
    @Override
    public void startEndpoint(App app, Routes routes) throws Throwable {
        if(config.isSessionRefreshEnabled()) {
            sc.ignore(config.getSessionRefreshEndpointPath());

            routes.create()
                    .handle(config.getSessionRefreshEndpointPath(), this)
                    .disableCsrf().enableCors()
                    .apply();
        }
    }

    @Override
    public void handle(Request request, Response response) throws Throwable {
        String token = null;
        Cookie cookie = cookieBean.getCookie(request);
        if(null != cookie) {
            token = cookie.getValue();
        }
        if(null == token){
            return;
        }

        Map claims = verifier.verify(token);
        claims.remove(JWT.CLAIM_EXPIRATION_TIME);
        token = signer.sign(claims);

        cookieBean.setCookie(request,response,token);
    }

    @Override
    public void postCreate(BeanFactory factory) throws Throwable {
        if(null == signer) {
            signer   = new MacSigner(sc.config().getSecret(), sc.config().getDefaultAuthenticationExpires());
            verifier = (JwtVerifier)signer;
        }
        if(null == cookieBean){
            cookieBean = new AbstractCookieBean() {
                @Override
                public String getCookieName() {
                    return sc.config().getAuthenticationTokenCookieName();
                }

                @Override
                public String getCookieDomain() {
                    return SessionRefreshEndpoint.this.webConfig.getCookieDomain();
                }
            };
            
        }
    }
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy