Merge pull request #177 from AuthGuard/feature/token-ttl

Token TTL
AuthGuard · Oct 5, 2021 · 87611fb · 87611fb
2 parents 8efd294 + 5f1b704
commit 87611fb
Show file tree

Hide file tree

Showing 10 changed files with 14 additions and 4 deletions.
diff --git a/api/src/main/java/com/nexblocks/authguard/api/dto/entities/AuthResponse.java b/api/src/main/java/com/nexblocks/authguard/api/dto/entities/AuthResponse.java
@@ -13,4 +13,5 @@ public interface AuthResponse {
     String getType();
     Object getToken();
     Object getRefreshToken();
+    Long getValidFor();
 }
diff --git a/api/src/main/java/com/nexblocks/authguard/api/routes/AuthApi.java b/api/src/main/java/com/nexblocks/authguard/api/routes/AuthApi.java
@@ -17,8 +17,8 @@ public String getPath() {
     public void addEndpoints() {
         post("/authenticate", this::authenticate, ActorRoles.adminOrAuthClient());
         post("/logout", this::logout, ActorRoles.adminOrAuthClient());
-        post("/exchange", this::exchange, ActorRoles.adminOrAuthClient());
-        post("/exchange/clear", this::clearToken, ActorRoles.adminOrAuthClient());
+        post("/exchange", this::exchange, ActorRoles.adminClient());
+        post("/exchange/clear", this::clearToken, ActorRoles.adminClient());
         get("/exchange/attempts", this::getExchangeAttempts, ActorRoles.adminClient());
     }
 

diff --git a/api/src/main/java/com/nexblocks/authguard/api/routes/OtpApi.java b/api/src/main/java/com/nexblocks/authguard/api/routes/OtpApi.java
@@ -14,7 +14,7 @@ public String getPath() {
 
     @Override
     public void addEndpoints() {
-        post("/verify", this::verify, ActorRoles.adminClient());
+        post("/verify", this::verify, ActorRoles.adminOrAuthClient());
     }
 
     public abstract void verify(final Context context);

diff --git a/api/src/main/java/com/nexblocks/authguard/api/routes/PasswordlessApi.java b/api/src/main/java/com/nexblocks/authguard/api/routes/PasswordlessApi.java
@@ -14,7 +14,7 @@ public String getPath() {
 
     @Override
     public void addEndpoints() {
-        post("/verify", this::verify, ActorRoles.adminClient());
+        post("/verify", this::verify, ActorRoles.adminOrAuthClient());
     }
 
     public abstract void verify(final Context context);

diff --git a/api/src/main/resources/openapi.yml b/api/src/main/resources/openapi.yml
@@ -1354,6 +1354,9 @@ components:
           type: string
         refreshToken:
           type: string
+        validFor:
+          type: string
+          description: The duration for which the token will be valid (in seconds)
 
     CreateAccountRequest:
       type: object

diff --git a/jwt/src/main/java/com/nexblocks/authguard/jwt/AccessTokenProvider.java b/jwt/src/main/java/com/nexblocks/authguard/jwt/AccessTokenProvider.java
@@ -106,6 +106,7 @@ public AuthResponseBO generateToken(final AccountBO account, final TokenRestrict
                 .refreshToken(refreshToken)
                 .entityType(EntityType.ACCOUNT)
                 .entityId(account.getId())
+                .validFor(tokenTtl.getSeconds())
                 .build();
     }
 

diff --git a/jwt/src/main/java/com/nexblocks/authguard/jwt/IdTokenProvider.java b/jwt/src/main/java/com/nexblocks/authguard/jwt/IdTokenProvider.java
@@ -65,6 +65,7 @@ public AuthResponseBO generateToken(final AccountBO account) {
                 .refreshToken(refreshToken)
                 .entityType(EntityType.ACCOUNT)
                 .entityId(account.getId())
+                .validFor(tokenTtl.getSeconds())
                 .build();
     }
 

diff --git a/service-api/src/main/java/com/nexblocks/authguard/service/model/AuthResponse.java b/service-api/src/main/java/com/nexblocks/authguard/service/model/AuthResponse.java
@@ -11,4 +11,5 @@ public interface AuthResponse {
     String getId();
     Object getToken();
     Object getRefreshToken();
+    Long getValidFor();
 }
diff --git a/sessions/src/main/java/com/nexblocks/authguard/sessions/SessionProvider.java b/sessions/src/main/java/com/nexblocks/authguard/sessions/SessionProvider.java
@@ -74,6 +74,7 @@ public AuthResponseBO generateToken(final AccountBO account, final TokenOptionsB
                 .token(created.getSessionToken())
                 .entityType(EntityType.ACCOUNT)
                 .entityId(account.getId())
+                .validFor(sessionTtl.getSeconds())
                 .build();
     }
 

diff --git a/sessions/src/test/java/com/nexblocks/authguard/sessions/SessionProviderTest.java b/sessions/src/test/java/com/nexblocks/authguard/sessions/SessionProviderTest.java
@@ -10,6 +10,7 @@
 import org.junit.jupiter.api.Test;
 import org.mockito.Mockito;
 
+import java.time.Duration;
 import java.util.Optional;
 
 import static org.assertj.core.api.Assertions.assertThat;
@@ -43,6 +44,7 @@ void generateForAccount() {
                 .type("session_token")
                 .entityType(EntityType.ACCOUNT)
                 .entityId(account.getId())
+                .validFor(Duration.ofMinutes(20).getSeconds())
                 .build();
 
         final AuthResponseBO actual = sessionProvider.generateToken(account);