1
|
package cz.zcu.kiv.backendapi.user;
|
2
|
|
3
|
import com.auth0.jwt.JWT;
|
4
|
import com.auth0.jwt.JWTVerifier;
|
5
|
import com.auth0.jwt.algorithms.Algorithm;
|
6
|
import com.auth0.jwt.interfaces.DecodedJWT;
|
7
|
import com.google.common.base.Strings;
|
8
|
import cz.zcu.kiv.backendapi.security.jwt.JwtUtils;
|
9
|
import cz.zcu.kiv.backendapi.exception.ApiRequestException;
|
10
|
import lombok.RequiredArgsConstructor;
|
11
|
import lombok.extern.slf4j.Slf4j;
|
12
|
import org.springframework.http.HttpHeaders;
|
13
|
import org.springframework.http.HttpStatus;
|
14
|
import org.springframework.http.ResponseEntity;
|
15
|
import org.springframework.security.core.GrantedAuthority;
|
16
|
import org.springframework.web.bind.annotation.*;
|
17
|
|
18
|
import javax.servlet.http.HttpServletRequest;
|
19
|
import javax.servlet.http.HttpServletResponse;
|
20
|
import javax.validation.Valid;
|
21
|
import java.io.IOException;
|
22
|
import java.time.LocalDateTime;
|
23
|
import java.time.ZoneId;
|
24
|
import java.util.Date;
|
25
|
import java.util.List;
|
26
|
import java.util.stream.Collectors;
|
27
|
|
28
|
/**
|
29
|
* Controller for users
|
30
|
*/
|
31
|
@RestController()
|
32
|
@RequiredArgsConstructor
|
33
|
@Slf4j
|
34
|
public class UserController {
|
35
|
|
36
|
/**
|
37
|
* User service
|
38
|
*/
|
39
|
private final IUserService userService;
|
40
|
|
41
|
/**
|
42
|
* JWT utils
|
43
|
*/
|
44
|
private final JwtUtils jwtUtils;
|
45
|
|
46
|
|
47
|
/**
|
48
|
* Registers new user
|
49
|
*
|
50
|
* @param userDto user DTO
|
51
|
*/
|
52
|
@PostMapping("/register")
|
53
|
public void registerNewUser(@RequestBody @Valid UserDto userDto) {
|
54
|
userService.registerNewUser(userDto);
|
55
|
}
|
56
|
|
57
|
/**
|
58
|
* Returns list of all users
|
59
|
*
|
60
|
* @return list of all users
|
61
|
*/
|
62
|
@GetMapping("/users")
|
63
|
public ResponseEntity<List<UserDto>> getAllUsers() {
|
64
|
return new ResponseEntity<>(userService.getAllUsers(), HttpStatus.OK);
|
65
|
}
|
66
|
|
67
|
//TODO check if need, if needed probably change new dto without email, comment otherwise
|
68
|
@PutMapping("/user/{username}")
|
69
|
public void updateUser(@PathVariable String username, @RequestBody @Valid UserDto userDto) {
|
70
|
userService.updateUser(username, userDto);
|
71
|
}
|
72
|
|
73
|
//TODO check if needed, comment otherwise
|
74
|
@DeleteMapping("/user/{username}")
|
75
|
public void deleteUser(@PathVariable String username) {
|
76
|
userService.deleteUser(username);
|
77
|
}
|
78
|
|
79
|
|
80
|
/**
|
81
|
* Refreshes access token if refresh token is valid
|
82
|
*
|
83
|
* @param request request
|
84
|
* @param response response
|
85
|
* @throws IOException I/O Exception
|
86
|
*/
|
87
|
@GetMapping("token/refresh")
|
88
|
public void refreshToken(HttpServletRequest request, HttpServletResponse response) throws IOException {
|
89
|
String authorizationHeader = request.getHeader(HttpHeaders.AUTHORIZATION);
|
90
|
if (Strings.isNullOrEmpty(authorizationHeader) || !authorizationHeader.startsWith(jwtUtils.getTokenPrefix())) {
|
91
|
throw new ApiRequestException("Refresh token is missing", HttpStatus.FORBIDDEN);
|
92
|
}
|
93
|
try {
|
94
|
String refresh_token = authorizationHeader.substring(jwtUtils.getTokenPrefix().length());
|
95
|
Algorithm algorithm = jwtUtils.getAlgorithm(); //TODO secure
|
96
|
JWTVerifier verifier = JWT.require(algorithm).build();
|
97
|
DecodedJWT decodedJWT = verifier.verify(refresh_token);
|
98
|
String username = decodedJWT.getSubject();
|
99
|
UserEntity user = userService.getUserByName(username);
|
100
|
String access_token = JWT.create()
|
101
|
.withSubject(user.getUsername())
|
102
|
.withExpiresAt(Date.from((LocalDateTime.now().plusMinutes(jwtUtils.getTokenExpirationAfterMinutes())).atZone(ZoneId.systemDefault()).toInstant()))
|
103
|
.withIssuer(request.getRequestURL().toString())
|
104
|
.withClaim(jwtUtils.getClaimAuthoritiesName(), user.getAuthorities().stream().map(GrantedAuthority::getAuthority).collect(Collectors.toList()))
|
105
|
.sign(algorithm);
|
106
|
jwtUtils.writeTokensToResponse(response, access_token, refresh_token);
|
107
|
} catch (Exception e) {
|
108
|
log.error("Error refreshing token in: " + e.getMessage());
|
109
|
jwtUtils.writeErrorToResponse(response, e);
|
110
|
}
|
111
|
}
|
112
|
}
|