Route for refresh token and generateRefreshJWT refs #128

delphi-hub · Mar 14, 2019 · 5c05008 · 5c05008
1 parent 837dba5
commit 5c05008
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 4 deletions.
diff --git a/app/authorization/AuthProvider.scala b/app/authorization/AuthProvider.scala
@@ -59,4 +59,15 @@ import play.api.Configuration
       Jwt.isValid(token, jwtSecretKey, Seq(JwtAlgorithm.HS256)) // Decode the token using the secret key
     }
 
+    //This method is exactly the same as the generateJWT(). It is just missing the userType. I believe the
+    //above method can also serve the same purpose. I havent tested these methods with /users/refreshToken thats why I cant say for sure.
+    def generateRefreshJWT(validFor: Long= 1)(implicit configuration: Configuration): String = {
+      val jwtSecretKey = configuration.get[String]("play.http.secret.JWTkey")
+      val refreshClaim = JwtClaim()
+        .issuedNow
+        .expiresIn((validFor * 300))
+        .startsNow
+        . +("user_id", configuration.get[String]("play.http.instance"))
+      Jwt.encode(refreshClaim, jwtSecretKey, JwtAlgorithm.HS256)
+    }
   }
diff --git a/app/controllers/ApiRouter.scala b/app/controllers/ApiRouter.scala
@@ -46,5 +46,6 @@ class ApiRouter @Inject()(irController: InstanceRegistryController, sysControlle
     case POST(p"/reconnectInstance" ? q"from=$from"& q"to=$to") => irController.reconnect(from.toInt, to.toInt)
     case POST(p"/authenticate") => irController.authentication()
     case POST(p"/labelInstance" ? q"instanceID=$instanceID"& q"label=$label") => irController.labelInstance(instanceID, label)
+    case POST(p"/refreshToken") => irController.refreshToken()
   }
 }
diff --git a/app/controllers/InstanceRegistryController.scala b/app/controllers/InstanceRegistryController.scala
@@ -94,6 +94,7 @@ class InstanceRegistryController @Inject()(implicit system: ActorSystem, mat: Ma
     */
 
   def getNetwork(): Action[AnyContent] = authAction.async {
+    println(AuthProvider.generateRefreshJWT())
     ws.url(instanceRegistryUri + "/instances/network").withHttpHeaders(("Authorization", s"Bearer ${AuthProvider.generateJwt()}"))
       .get().map { response =>
       // TODO: possible handling of parsing the data can be done here
@@ -256,14 +257,19 @@ class InstanceRegistryController @Inject()(implicit system: ActorSystem, mat: Ma
   {
     request =>
       ws.url(instanceRegistryUri + "/users" + "/refreshToken")
-        .withHttpHeaders(("Authorization", s"Bearer ${AuthProvider.generateJwt()}"))
+        .withHttpHeaders(("Authorization", s"Bearer ${AuthProvider.generateRefreshJWT()}"))
         .post("")
         .map { response =>
           response.status match {
-            case 200 =>
-              Ok(response.body)
-            case  400 =>
+            // scalastyle:off magic.number
+            case 202 =>
+              Ok((response.json \ "token" \ "refreshToken").as[String])
+              //Ok(Json.obj("token" -> "", "refreshToken" -> ""))
+            case  401 =>
               Unauthorized
+            // scalastyle:on magic.number
+            case x: Any =>
+              new Status(x)
           }
         }(myExecutionContext)
   }