1
|
package eu.dnetlib.openaire.usermanagement.utils;
|
2
|
|
3
|
import com.google.gson.JsonParser;
|
4
|
import eu.dnetlib.openaire.usermanagement.api.Test3Service;
|
5
|
import org.apache.commons.io.IOUtils;
|
6
|
import org.apache.http.HttpResponse;
|
7
|
import org.apache.http.NameValuePair;
|
8
|
import org.apache.http.client.entity.UrlEncodedFormEntity;
|
9
|
import org.apache.http.client.methods.HttpPost;
|
10
|
import org.apache.http.impl.client.CloseableHttpClient;
|
11
|
import org.apache.http.impl.client.HttpClients;
|
12
|
import org.apache.http.message.BasicNameValuePair;
|
13
|
import org.apache.log4j.Logger;
|
14
|
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
|
15
|
import org.springframework.beans.factory.annotation.Value;
|
16
|
|
17
|
import javax.ws.rs.core.MediaType;
|
18
|
import javax.ws.rs.core.Response;
|
19
|
import java.io.IOException;
|
20
|
import java.io.UnsupportedEncodingException;
|
21
|
import java.nio.charset.StandardCharsets;
|
22
|
import java.util.ArrayList;
|
23
|
import java.util.Base64;
|
24
|
import java.util.Date;
|
25
|
import java.util.List;
|
26
|
import java.util.regex.Matcher;
|
27
|
import java.util.regex.Pattern;
|
28
|
|
29
|
public class AuthenticationUtils {
|
30
|
|
31
|
@Value("${oidc.issuer}")
|
32
|
private String issuer;
|
33
|
|
34
|
@Value("${oidc.secret}")
|
35
|
private String secret;
|
36
|
|
37
|
@Value("${oidc.id}")
|
38
|
private String id;
|
39
|
|
40
|
private Logger logger = Logger.getLogger(AuthenticationUtils.class);
|
41
|
|
42
|
public static boolean isAuthenticated(OIDCAuthenticationToken authenticationToken) {
|
43
|
if (authenticationToken != null) {
|
44
|
return true;
|
45
|
}
|
46
|
return false;
|
47
|
}
|
48
|
|
49
|
public static boolean hasJWTExpired(String accessToken){
|
50
|
String regex = "^([A-Za-z0-9-_=]+)\\.([A-Za-z0-9-_=]+)\\.?([A-Za-z0-9-_.+=]*)$";
|
51
|
Matcher matcher = Pattern.compile(regex).matcher(accessToken);
|
52
|
|
53
|
long exp = new JsonParser().parse(new String(Base64.getDecoder().decode(matcher.group(2)))).getAsJsonObject().get("exp").getAsLong();
|
54
|
return (exp - (new Date().getTime()/1000)<=0);
|
55
|
}
|
56
|
|
57
|
/*
|
58
|
public void refreshAccessToken(String refreshToken) {
|
59
|
//TODO fix this
|
60
|
if (refreshToken == null || refreshToken.isEmpty()) {
|
61
|
return;
|
62
|
}
|
63
|
|
64
|
CloseableHttpClient httpclient = HttpClients.createDefault();
|
65
|
HttpPost httppost = new HttpPost(issuer+"/token");
|
66
|
|
67
|
// Request parameters and other properties.
|
68
|
List<NameValuePair> params = new ArrayList<NameValuePair>();
|
69
|
params.add(new BasicNameValuePair("client_id", id));
|
70
|
params.add(new BasicNameValuePair("client_secret", secret));
|
71
|
params.add(new BasicNameValuePair("grant_type", "refresh_token"));
|
72
|
params.add(new BasicNameValuePair("refresh_token", refreshToken));
|
73
|
params.add(new BasicNameValuePair("scope", "openid"));
|
74
|
|
75
|
HttpResponse response = null;
|
76
|
|
77
|
try {
|
78
|
httppost.setEntity(new UrlEncodedFormEntity(params, "UTF-8"));
|
79
|
//Execute and get the response.
|
80
|
response = httpclient.execute(httppost);
|
81
|
org.apache.http.HttpEntity entity = response.getEntity();
|
82
|
|
83
|
//TODO fix this
|
84
|
if (response.getStatusLine().getStatusCode() == 401) {
|
85
|
return;
|
86
|
}
|
87
|
|
88
|
String serverMessage = IOUtils.toString(entity.getContent(), StandardCharsets.UTF_8.name());
|
89
|
|
90
|
} catch (UnsupportedEncodingException uee) {
|
91
|
logger.error(uee);
|
92
|
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(String.format(, 500, "Fail to get access token.", uee.getMessage()))
|
93
|
.type(MediaType.APPLICATION_JSON).build();
|
94
|
|
95
|
} catch (IOException ioe) {
|
96
|
logger.error(ioe);
|
97
|
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(String.format(, 500, "Fail to get access token.", ioe.getMessage()))
|
98
|
.type(MediaType.APPLICATION_JSON).build();
|
99
|
|
100
|
}
|
101
|
}*/
|
102
|
}
|