Merge pull request #26 from folio-org/add_timestamp

Add timestamp
folio-org · Jul 10, 2018 · dab8d00 · dab8d00
2 parents 41fe446 + 0df2060
commit dab8d00
Show file tree

Hide file tree

Showing 8 changed files with 47 additions and 21 deletions.
diff --git a/NEWS.md b/NEWS.md
@@ -1,3 +1,6 @@
+## 1.5.0 2018-07-10
+ * Add 'iat' claim to all generated tokens
+
 ## 1.4.1 2018-02-27
  * Correct package name in pom
 

diff --git a/pom.xml b/pom.xml
@@ -4,7 +4,7 @@
   <groupId>com.indexdata</groupId>
   <artifactId>mod-authtoken</artifactId>
   <name>mod-authtoken</name>
-  <version>1.4.1-SNAPSHOT</version>
+  <version>1.5.0-SNAPSHOT</version>
   <licenses>
     <license>
       <name>Apache License 2.0</name>

diff --git a/src/main/java/org/folio/auth/authtokenmodule/Cache.java b/src/main/java/org/folio/auth/authtokenmodule/Cache.java
@@ -6,6 +6,6 @@
  */
 public interface Cache {
 
-  public void clearCache(String userId);
+  public void clearCache(String key);
 
 }
diff --git a/src/main/java/org/folio/auth/authtokenmodule/MainVerticle.java b/src/main/java/org/folio/auth/authtokenmodule/MainVerticle.java
@@ -27,6 +27,7 @@
 import io.jsonwebtoken.SignatureException;
 import io.jsonwebtoken.MalformedJwtException;
 import io.jsonwebtoken.UnsupportedJwtException;
+import java.time.Instant;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.UUID;
@@ -173,6 +174,10 @@ private void handleSignToken(RoutingContext ctx) {
         }
 
         payload.put("tenant", tenant);
+
+        //Set "time issued" claim on token
+        Instant instant = Instant.now();
+        payload.put("iat", instant.getEpochSecond());
         String token = tokenCreator.createToken(payload.encode());
 
         ctx.response().setStatusCode(200)
@@ -449,7 +454,8 @@ we generate a custom token (since we have that power) that
     }
 
     PermissionsSource usePermissionsSource;
-    if(tokenClaims.getBoolean("dummy") != null || username.startsWith(UNDEFINED_USER_NAME)) {
+    if((tokenClaims.getBoolean("dummy") != null && tokenClaims.getBoolean("dummy"))
+            || username.startsWith(UNDEFINED_USER_NAME)) {
       logger.debug("Using dummy permissions source");
       usePermissionsSource = new DummyPermissionsSource();
     } else {
@@ -465,23 +471,24 @@ we generate a custom token (since we have that power) that
     logger.debug("Getting user permissions for " + username + " (userId " +
             userId + ")");
     long startTime = System.currentTimeMillis();
-    Future<PermissionData> retrievedPermissionsFuture;
-
-    retrievedPermissionsFuture = usePermissionsSource.getUserAndExpandedPermissions(
-            userId, extraPermissions);
-    logger.info("Retrieving permissions for userid " + userId + ", and expanded permissions for " +
+    Future<PermissionData> retrievedPermissionsFuture = usePermissionsSource
+            .getUserAndExpandedPermissions(userId, extraPermissions, authToken);
+    logger.info("Retrieving permissions for userid " + userId +
+            ", and expanded permissions for " +
             extraPermissions.encode());
     retrievedPermissionsFuture.setHandler(res -> {
       if(res.failed()) {
         long stopTime = System.currentTimeMillis();
-        logger.error("Unable to retrieve permissions for " + username + ": " + res.cause().getMessage() +
-                " request took " + (stopTime - startTime) + " ms");
+        logger.error("Unable to retrieve permissions for " + username + ": "
+                + res.cause().getMessage() + " request took " +
+                (stopTime - startTime) + " ms");
         ctx.response()
                 .setStatusCode(500);
         if(suppressErrorResponse) {
           ctx.response().end();
         } else {
-          ctx.response().end("Unable to retrieve permissions for user with id'" + finalUserId + "': " +  res.cause().getLocalizedMessage());
+          ctx.response().end("Unable to retrieve permissions for user with id'" 
+                  + finalUserId + "': " +  res.cause().getLocalizedMessage());
         }
         return;
       }

diff --git a/src/main/java/org/folio/auth/authtokenmodule/PermissionsSource.java b/src/main/java/org/folio/auth/authtokenmodule/PermissionsSource.java
@@ -19,7 +19,7 @@ public interface PermissionsSource {
 
   Future<JsonArray> expandPermissions(JsonArray permissions);
 
-  Future<PermissionData> getUserAndExpandedPermissions(String userid, JsonArray permissions);
+  Future<PermissionData> getUserAndExpandedPermissions(String userid, JsonArray permissions, String key);
 
 }
 

diff --git a/src/main/java/org/folio/auth/authtokenmodule/impl/DummyPermissionsSource.java b/src/main/java/org/folio/auth/authtokenmodule/impl/DummyPermissionsSource.java
@@ -49,7 +49,7 @@ public Future<JsonArray> expandPermissions(JsonArray permissions) {
 
   @Override
   public Future<PermissionData> getUserAndExpandedPermissions(String userid,
-          JsonArray permissions) {
+          JsonArray permissions, String key) {
     PermissionData permissionData = new PermissionData();
     permissionData.setExpandedPermissions(permissions);
     return Future.succeededFuture(permissionData);

diff --git a/src/main/java/org/folio/auth/authtokenmodule/impl/ModulePermissionsSource.java b/src/main/java/org/folio/auth/authtokenmodule/impl/ModulePermissionsSource.java
@@ -15,6 +15,7 @@
 import java.net.URLEncoder;
 import java.util.HashMap;
 import java.util.Map;
+import java.util.UUID;
 import org.folio.auth.authtokenmodule.Cache;
 import org.folio.auth.authtokenmodule.PermissionData;
 
@@ -33,6 +34,7 @@ public class ModulePermissionsSource implements PermissionsSource, Cache {
   private final HttpClient client;
   private Map<String, CacheEntry> cacheMap;
   private boolean cacheEntries;
+  private final String keyPrefix;
 
   public ModulePermissionsSource(Vertx vertx, int timeout, boolean cache) {
     //permissionsModuleUrl = url;
@@ -41,6 +43,7 @@ public ModulePermissionsSource(Vertx vertx, int timeout, boolean cache) {
     HttpClientOptions options = new HttpClientOptions();
     options.setConnectTimeout(timeout * 1000);
     client = vertx.createHttpClient(options);
+    keyPrefix = UUID.randomUUID().toString();
     if(cache) {
       cacheMap = new HashMap<>();
     } else {
@@ -250,34 +253,45 @@ public Future<JsonArray> expandPermissions(JsonArray permissions) {
   }
 
   @Override
-  public Future<PermissionData> getUserAndExpandedPermissions(String userid, JsonArray permissions) {
+  public Future<PermissionData> getUserAndExpandedPermissions(String userid,
+          JsonArray permissions, String key) {
     System.out.println("getUserAndExpandedPermissions, userid=" + userid + "permissions=" +
             permissions.encode());
     logger.info("Retrieving permissions for userid "  + userid + " and expanding permissions for " +
       permissions.encode());
     CacheEntry[] currentCache = new CacheEntry[1];
     if(cacheEntries) {
-      currentCache[0] = cacheMap.getOrDefault(userid, null);
+      if(key == null && userid == null && permissions != null) {
+        key = keyPrefix + permissions.encode();
+      }
+      logger.info(String.format("Attempting to find cache with key of '%s'", key));
+      currentCache[0] = cacheMap.getOrDefault(key, null);
       if(currentCache[0] == null ||
               (System.currentTimeMillis() - currentCache[0].getTimestamp()) / 1000 > 10 ) {
-        logger.debug("Cache expired or not found");
+        logger.info("Cache expired or not found");
         currentCache[0] = new CacheEntry();
-        if(userid != null) {
-          cacheMap.put(userid, currentCache[0]);
+        if(key != null) {
+          cacheMap.put(key, currentCache[0]);
         }
+      } else {
+        logger.info("Cache found");
       }
     }
     Future<PermissionData> future = Future.future();
     Future<JsonArray> userPermsFuture;
     if(cacheEntries && currentCache[0].getPermissions() != null) {
+      logger.info("Using entry from cache for user permissions");
       userPermsFuture = Future.succeededFuture(currentCache[0].getPermissions());
     } else {
+      logger.info("Retrieving permissions for user");
       userPermsFuture = getPermissionsForUser(userid);
     }
     Future<JsonArray> expandedPermsFuture;
     if(cacheEntries && currentCache[0].getExpandedPermissions() != null) {
+      logger.info("Using entry from cache for expanded permissions");
       expandedPermsFuture = Future.succeededFuture(currentCache[0].getExpandedPermissions());
     } else {
+      logger.info("Expanding permissions");
       expandedPermsFuture = expandPermissions(permissions);
     }
     CompositeFuture compositeFuture = CompositeFuture.all(userPermsFuture, expandedPermsFuture);
@@ -309,9 +323,9 @@ public Future<PermissionData> getUserAndExpandedPermissions(String userid, JsonA
   }
 
   @Override
-  public void clearCache(String userId) {
-    if(cacheMap != null && cacheMap.containsKey(userId)) {
-        cacheMap.remove(userId);
+  public void clearCache(String key) {
+    if(cacheMap != null && cacheMap.containsKey(key)) {
+        cacheMap.remove(key);
     }
   }
 

diff --git a/src/test/java/org/folio/auth/authtoken_module/AuthTokenTest.java b/src/test/java/org/folio/auth/authtoken_module/AuthTokenTest.java
@@ -16,6 +16,7 @@
 import static com.jayway.restassured.RestAssured.*;
 import static org.hamcrest.Matchers.*;
 import com.jayway.restassured.response.Response;
+import com.jayway.restassured.response.ValidatableResponse;
 import guru.nidi.ramltester.restassured.RestAssuredClient;
 import io.vertx.core.json.JsonArray;
 import java.io.IOException;
@@ -352,6 +353,7 @@ public void test1(TestContext context) {
       .post("/token")
       .then()
       .statusCode(200);
+
 
 
     async.complete();