diff --git a/src/main/java/com/iemr/common/constant/Constants.java b/src/main/java/com/iemr/common/constant/Constants.java index c6f98e02..ebe7d772 100644 --- a/src/main/java/com/iemr/common/constant/Constants.java +++ b/src/main/java/com/iemr/common/constant/Constants.java @@ -11,5 +11,6 @@ public class Constants { public static final String HOLD = "Hold"; public static final String NOT_READY = "Not Ready"; public static final String AUX = "Aux"; + public static final String JWT_TOKEN = "Jwttoken"; } diff --git a/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java b/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java index 072bf88d..9eee79fd 100644 --- a/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java +++ b/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java @@ -34,6 +34,7 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; import org.springframework.data.redis.core.RedisTemplate; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; @@ -44,6 +45,7 @@ import com.google.gson.JsonObject; import com.google.gson.JsonParser; import com.iemr.common.config.encryption.SecurePassword; +import com.iemr.common.constant.Constants; import com.iemr.common.data.users.LoginSecurityQuestions; import com.iemr.common.data.users.M_Role; import com.iemr.common.data.users.ServiceRoleScreenMapping; @@ -56,6 +58,7 @@ import com.iemr.common.service.users.IEMRAdminUserService; import com.iemr.common.utils.CookieUtil; import com.iemr.common.utils.JwtUtil; +import com.iemr.common.utils.TokenBlacklist; import com.iemr.common.utils.encryption.AESUtil; import com.iemr.common.utils.exception.IEMRException; import com.iemr.common.utils.mapper.InputMapper; @@ -83,6 +86,8 @@ public class IEMRAdminController { private CookieUtil cookieUtil; @Autowired private RedisTemplate redisTemplate; + @Value("${jwt.blacklist.expiration}") + private static long BLACK_LIST_EXPIRATION_TIME; private AESUtil aesUtil; @@ -933,9 +938,14 @@ public String forceLogout(@RequestBody ForceLogoutRequestModel request, HttpServ try { // Perform the force logout logic iemrAdminUserServiceImpl.forceLogout(request); - + String token = null; + token = getJwtTokenFromCookies(httpRequest); + if(null == token) { + token = httpRequest.getHeader(Constants.JWT_TOKEN); + } + TokenBlacklist.blacklistToken(token,BLACK_LIST_EXPIRATION_TIME); // Extract and invalidate JWT token cookie dynamically from the request - invalidateJwtCookie(httpRequest, response); + // invalidateJwtCookie(httpRequest, response); // Set the response message outputResponse.setResponse("Success"); @@ -944,7 +954,17 @@ public String forceLogout(@RequestBody ForceLogoutRequestModel request, HttpServ } return outputResponse.toString(); } - + private String getJwtTokenFromCookies(HttpServletRequest request) { + Cookie[] cookies = request.getCookies(); + if (cookies != null) { + for (Cookie cookie : cookies) { + if (cookie.getName().equalsIgnoreCase("Jwttoken")) { + return cookie.getValue(); + } + } + } + return null; + } private void invalidateJwtCookie(HttpServletRequest request, HttpServletResponse response) { // Get the cookies from the incoming request Cookie[] cookies = request.getCookies(); diff --git a/src/main/java/com/iemr/common/utils/JwtUtil.java b/src/main/java/com/iemr/common/utils/JwtUtil.java index 56e49549..940b6959 100644 --- a/src/main/java/com/iemr/common/utils/JwtUtil.java +++ b/src/main/java/com/iemr/common/utils/JwtUtil.java @@ -57,12 +57,11 @@ private String buildToken(String username, String userId, String tokenType, long } public Claims validateToken(String token) { + if (TokenBlacklist.isTokenBlacklisted(token)) { + return null; + } try { - return Jwts.parser() - .verifyWith(getSigningKey()) - .build() - .parseSignedClaims(token) - .getPayload(); + return Jwts.parser().verifyWith(getSigningKey()).build().parseSignedClaims(token).getPayload(); } catch (ExpiredJwtException ex) { // Handle expired token specifically if needed diff --git a/src/main/java/com/iemr/common/utils/TokenBlacklist.java b/src/main/java/com/iemr/common/utils/TokenBlacklist.java new file mode 100644 index 00000000..c60f177a --- /dev/null +++ b/src/main/java/com/iemr/common/utils/TokenBlacklist.java @@ -0,0 +1,42 @@ +package com.iemr.common.utils; + +import java.util.HashMap; +import java.util.HashSet; +import java.util.Map; +import java.util.Set; +import java.util.concurrent.ConcurrentHashMap; + +import org.springframework.beans.factory.annotation.Value; + +public class TokenBlacklist { + + + // Store blacklisted tokens (in-memory) + private static final Map blacklistedTokens = new ConcurrentHashMap<>(); + + + // Add a token to the blacklist + public static void blacklistToken(String token ,Long blackListExpirationTime) { + if(token == null || token.trim().isEmpty()) { + return; + } + blacklistedTokens.put(token, System.currentTimeMillis()+ blackListExpirationTime); + } + + // Check if a token is blacklisted + + public static boolean isTokenBlacklisted(String token) { + if(token == null || token.trim().isEmpty()) { + return false; + } + Long expiry = blacklistedTokens.get(token); + if (expiry == null) return false; + // If token is expired, remove it from blacklist and treat as not blacklisted + if (System.currentTimeMillis() > expiry) { + blacklistedTokens.remove(token); + return false; + } + return true; + } + +}