remove old jwt

build.xml

@@ -573,7 +573,7 @@
             </fileset>
         </copy>
 
-        <copy file="${commons-codec-1.9.jar}" todir="${jboss.home}/server/${server.name}/lib" overwrite="true"/>
+        <copy file="${commons-codec-1.9.jar}" tofile="${jboss.home}/server/${server.name}/lib/commons-codec.jar" overwrite="true"/>
         <copy todir="${jboss.home}/server/${server.name}/lib" flatten="true"  overwrite="true">
             <fileset dir="${ext_libdir}">
                 <include name="aws-java-sdk/aws-java-sdk-1.0.004.jar" />

conf/web/WEB-INF/applicationContext.xml

@@ -212,6 +212,7 @@
         <property name="loginPageName" value="anonymous"/>
         <property name="userSessionIdentityKey" value="user"/>
         <property name="redirectBackUrlIdentityKey" value="redirectBackUrl"/>
+        <property name="authorizationURL" value="@authorizationUrl@"/>
     </bean>
 
     <!-- LoggingInterceptor -->
@@ -340,7 +341,6 @@
         <property name="contestFeeService" ref="contestFeeService"/>
         <property name="contestFeePercentageService" ref="contestFeePercentageService"/>
         <property name="userGroupsApiEndpoint" value="@userGroupsApiEndpoint@"/>
-        <property name="jwtTokenUpdater" ref="jwtTokenUpdater" />
     </bean>
 
     <bean id="projectAction" class="com.topcoder.direct.services.view.action.contest.launch.ProjectAction"
@@ -1504,13 +1504,11 @@
           class="com.topcoder.direct.services.view.action.my.MyCreatedChallengesAction" scope="prototype">
         <property name="serviceURL" value="@directChallengeServicesApiUrl@"/>
         <property name="userService" ref="userService"/>
-        <property name="jwtTokenUpdater" ref="jwtTokenUpdater"/>
     </bean>
 
     <bean id="myChallengesAction"
           class="com.topcoder.direct.services.view.action.my.MyChallengesAction" scope="prototype">
         <property name="serviceURL" value="@directChallengeServicesApiUrl@"/>
-        <property name="jwtTokenUpdater" ref="jwtTokenUpdater"/>
     </bean>
 
     <bean id="xmlPhaseTemplatePersistence"
@@ -1555,10 +1553,5 @@
     <bean id="getGroupMemberAction" class="com.topcoder.direct.services.view.action.contest.launch.GetGroupMemberAction"
           scope="prototype" parent="baseDirectStrutsAction">
         <property name="groupApiEndpoint" value="@groupMemberApiUrl@"/>
-        <property name="jwtTokenUpdater" ref="jwtTokenUpdater"/>
-    </bean>
-    <bean id="jwtTokenUpdater" class="com.topcoder.direct.services.view.util.JwtTokenUpdater" scope="prototype">
-        <property name="ssoLoginUrl" value="@ssoLoginUrl@"/>
-        <property name="authorizationURL" value="@authorizationUrl@"/>
     </bean>
 </beans>

conf/web/WEB-INF/struts.xml

@@ -1548,15 +1548,13 @@
     <package name="my" namespace="/my" extends="base">
         <action name="createdChallenges" class="myCreatedChallengesAction">
             <result name="success">/WEB-INF/my/myCreatedChallenges.jsp</result>
-            <result name="forward" type="redirect">${ssoLoginUrl}</result>
         </action>
         <action name="getCreatedChallenges" method="getMyCreatedChallenges" class="myCreatedChallengesAction">
             <result name="success" type="json"/>
             <result name="error" type="json"/>
         </action>
         <action name="challenges" class="myChallengesAction">
             <result name="success">/WEB-INF/my/myChallenges.jsp</result>
-            <result name="forward" type="redirect">${ssoLoginUrl}</result>
         </action>
         <action name="getMyChallenges" method="getMyChallenges" class="myChallengesAction">
             <result name="success" type="json"/>

src/java/main/com/topcoder/direct/services/configs/ServerConfiguration.java

@@ -55,7 +55,5 @@ public class ServerConfiguration extends ApplicationServer {
      *
      * @since 1.1
      */
-    public static String JWT_COOOKIE_KEY = bundle.getProperty("JWT_COOKIE_KEY", "tcjwt");
-
-    public static String JWT_V3_COOKIE_KEY = bundle.getProperty("JWT_V3_COOKIE_KEY", "v3jwt");
+    public static String JWT_COOKIE_KEY = bundle.getProperty("JWT_COOKIE_KEY", "tcjwt");
 }

src/java/main/com/topcoder/direct/services/view/action/ServiceBackendDataTablesAction.java

@@ -3,11 +3,11 @@
  */
 package com.topcoder.direct.services.view.action;
 
+import com.topcoder.direct.services.configs.ServerConfiguration;
 import com.topcoder.direct.services.view.dto.contest.ContestStatus;
 import com.topcoder.direct.services.view.dto.project.ProjectBriefDTO;
 import com.topcoder.direct.services.view.util.DataProvider;
 import com.topcoder.direct.services.view.util.DirectUtils;
-import com.topcoder.direct.services.view.util.JwtTokenUpdater;
 import com.topcoder.security.TCSubject;
 import org.apache.http.HttpEntity;
 import org.apache.http.HttpHeaders;
@@ -17,6 +17,7 @@
 import org.apache.http.client.utils.URIBuilder;
 import org.apache.http.impl.client.DefaultHttpClient;
 import org.apache.log4j.Logger;
+import org.apache.struts2.ServletActionContext;
 import org.codehaus.jackson.JsonNode;
 import org.codehaus.jackson.map.DeserializationConfig;
 import org.codehaus.jackson.map.ObjectMapper;
@@ -215,11 +216,6 @@ public abstract class ServiceBackendDataTablesAction extends AbstractAction {
      */
     protected static final ObjectMapper objectMapper;
 
-    /**
-     * JwtTokenUpdater
-     */
-    private JwtTokenUpdater jwtTokenUpdater;
-
     /**
      * <p>A static <code>Map</code> mapping the existing contest statuses to their textual presentations.</p>
      *
@@ -323,7 +319,8 @@ protected JsonNode getJsonResultFromAPI(URI apiEndPoint) throws Exception {
             // specify the get request
             HttpGet getRequest = new HttpGet(apiEndPoint);
 
-            String token = jwtTokenUpdater.getV3Token();
+            String token = DirectUtils.getCookieFromRequest(ServletActionContext.getRequest(),
+                    ServerConfiguration.JWT_COOKIE_KEY).getValue();
 
             getRequest.setHeader(HttpHeaders.AUTHORIZATION,
                     "Bearer " + token);
@@ -702,12 +699,4 @@ public String getEndDateTo() {
     public void setEndDateTo(String endDateTo) {
         this.endDateTo = endDateTo;
     }
-
-    public JwtTokenUpdater getJwtTokenUpdater() {
-        return jwtTokenUpdater;
-    }
-
-    public void setJwtTokenUpdater(JwtTokenUpdater jwtTokenUpdater) {
-        this.jwtTokenUpdater = jwtTokenUpdater;
-    }
 }

src/java/main/com/topcoder/direct/services/view/action/contest/launch/CommonAction.java

@@ -20,7 +20,6 @@
 import com.topcoder.direct.services.view.util.AuthorizationProvider;
 import com.topcoder.direct.services.view.util.DataProvider;
 import com.topcoder.direct.services.view.util.DirectUtils;
-import com.topcoder.direct.services.view.util.JwtTokenUpdater;
 import com.topcoder.direct.services.view.util.challenge.CostCalculationService;
 import com.topcoder.management.project.ProjectGroup;
 import com.topcoder.security.TCSubject;
@@ -129,7 +128,6 @@ public class CommonAction extends BaseContestFeeAction {
      */
     private String userGroupsApiEndpoint;
 
-    private JwtTokenUpdater jwtTokenUpdater;
 
     /**
      * <p>
@@ -561,7 +559,7 @@ public void setCategoryId(long categoryId) {
     public String getGroups()  {
         try {
             TCSubject tcSubject = DirectUtils.getTCSubjectFromSession();
-            Set<ProjectGroup> projectGroups = DirectUtils.getGroups(tcSubject, jwtTokenUpdater, userGroupsApiEndpoint);
+            Set<ProjectGroup> projectGroups = DirectUtils.getGroups(tcSubject, userGroupsApiEndpoint);
             setResult(projectGroups);
         } catch (Throwable e) {
             if (getModel() != null) {
@@ -578,12 +576,4 @@ public String getUserGroupsApiEndpoint() {
     public void setUserGroupsApiEndpoint(String userGroupsApiEndpoint) {
         this.userGroupsApiEndpoint = userGroupsApiEndpoint;
     }
-
-    public JwtTokenUpdater getJwtTokenUpdater() {
-        return jwtTokenUpdater;
-    }
-
-    public void setJwtTokenUpdater(JwtTokenUpdater jwtTokenUpdater) {
-        this.jwtTokenUpdater = jwtTokenUpdater;
-    }
 }

src/java/main/com/topcoder/direct/services/view/action/contest/launch/GetGroupMemberAction.java

@@ -6,9 +6,7 @@
 import com.topcoder.direct.services.configs.ServerConfiguration;
 import com.topcoder.direct.services.view.dto.contest.GroupMember;
 import com.topcoder.direct.services.view.dto.my.RestResult;
-import com.topcoder.direct.services.view.exception.JwtAuthenticationException;
 import com.topcoder.direct.services.view.util.DirectUtils;
-import com.topcoder.direct.services.view.util.JwtTokenUpdater;
 import com.topcoder.direct.services.view.util.SortedCacheAddress;
 import com.topcoder.web.common.cache.CacheClient;
 import com.topcoder.web.common.cache.CacheClientFactory;
@@ -27,9 +25,13 @@
 import org.codehaus.jackson.map.DeserializationConfig;
 import org.codehaus.jackson.map.ObjectMapper;
 
-import javax.servlet.http.Cookie;
 import java.net.URI;
-import java.util.*;
+import java.util.HashSet;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.ListIterator;
+import java.util.Map;
+import java.util.Set;
 
 /**
  * This action handle group member search for given list of groups and substringof user's handle
@@ -62,11 +64,6 @@ class GetGroupMemberAction extends ContestAction {
      */
     private String handle;
 
-    /**
-     * JwtTokenUpdater
-     */
-    private JwtTokenUpdater jwtTokenUpdater;
-
     /**
      * Json object mapper
      */
@@ -188,13 +185,8 @@ private RestResult<GroupMember> getGroupMemberByGid(Long gid) throws Exception {
         try{
             URI groupApiEndpointUri = new URI(String.format(groupApiEndpoint, gid));
             HttpGet request = new HttpGet(groupApiEndpointUri);
-            String jwtToken;
-            try{
-                jwtToken = jwtTokenUpdater.getV3Token();
-            } catch (Exception e) {
-                logger.error("Can't get jwt token");
-                throw e;
-            }
+            String jwtToken = DirectUtils.getCookieFromRequest(ServletActionContext.getRequest(),
+                    ServerConfiguration.JWT_COOKIE_KEY).getValue();
 
             request.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + jwtToken);
             request.addHeader(HttpHeaders.ACCEPT, "application/json");
@@ -239,12 +231,4 @@ public String getHandle() {
     public void setHandle(String handle) {
         this.handle = handle;
     }
-
-    public JwtTokenUpdater getJwtTokenUpdater() {
-        return jwtTokenUpdater;
-    }
-
-    public void setJwtTokenUpdater(JwtTokenUpdater jwtTokenUpdater) {
-        this.jwtTokenUpdater = jwtTokenUpdater;
-    }
 }

src/java/main/com/topcoder/direct/services/view/action/my/MyChallengesAction.java

@@ -3,19 +3,20 @@
  */
 package com.topcoder.direct.services.view.action.my;
 
-import com.topcoder.direct.services.configs.ServerConfiguration;
 import com.topcoder.direct.services.view.action.ServiceBackendDataTablesAction;
 import com.topcoder.direct.services.view.dto.my.Challenge;
 import com.topcoder.direct.services.view.dto.my.RestResult;
-import com.topcoder.direct.services.view.util.DirectUtils;
 import org.codehaus.jackson.JsonNode;
 
-import org.apache.struts2.ServletActionContext;
-
 import java.text.DateFormat;
 import java.text.NumberFormat;
 import java.text.SimpleDateFormat;
-import java.util.*;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
+import java.util.TimeZone;
 
 /**
  * <p>
@@ -49,10 +50,6 @@ public class MyChallengesAction extends ServiceBackendDataTablesAction {
      */
     @Override
     public String execute() throws Exception {
-        if (DirectUtils.getCookieFromRequest(ServletActionContext.getRequest(),
-                ServerConfiguration.JWT_COOOKIE_KEY) == null)
-            return "forward";
-
         // populate filter data
         this.setupFilterPanel();
 

src/java/main/com/topcoder/direct/services/view/action/my/MyCreatedChallengesAction.java

@@ -2,14 +2,11 @@
  * Copyright (C) 2014 TopCoder Inc., All Rights Reserved.
  */
 package com.topcoder.direct.services.view.action.my;
-
-import com.topcoder.direct.services.configs.ServerConfiguration;
 import com.topcoder.direct.services.view.action.ServiceBackendDataTablesAction;
 import com.topcoder.direct.services.view.dto.my.Challenge;
 import com.topcoder.direct.services.view.dto.my.RestResult;
 import com.topcoder.direct.services.view.util.DirectUtils;
 import com.topcoder.service.user.UserService;
-import org.apache.struts2.ServletActionContext;
 import org.codehaus.jackson.JsonNode;
 
 import java.text.DateFormat;
@@ -60,10 +57,6 @@ public class MyCreatedChallengesAction extends ServiceBackendDataTablesAction {
      */
     @Override
     public String execute() throws Exception {
-        if (DirectUtils.getCookieFromRequest(ServletActionContext.getRequest(),
-                ServerConfiguration.JWT_COOOKIE_KEY) == null)
-            return "forward";
-
         // populate filter data
         this.setupFilterPanel();
 

src/java/main/com/topcoder/direct/services/view/interceptors/AuthenticationInterceptor.java

@@ -5,7 +5,6 @@
 package com.topcoder.direct.services.view.interceptors;
 
 
-import java.util.Arrays;
 import java.util.Set;
 
 import javax.servlet.http.Cookie;
@@ -24,10 +23,8 @@
 import com.topcoder.direct.services.view.util.SessionData;
 import com.topcoder.direct.services.view.util.DirectUtils;
 import com.topcoder.direct.services.view.util.DirectProperties;
-import com.topcoder.security.RolePrincipal;
 import com.topcoder.security.TCPrincipal;
 import com.topcoder.security.TCSubject;
-import com.topcoder.shared.security.SimpleResource;
 import com.topcoder.shared.security.User;
 import com.topcoder.shared.util.DBMS;
 import com.topcoder.shared.util.logging.Logger;
@@ -224,6 +221,11 @@ public class AuthenticationInterceptor extends AbstractInterceptor {
      */
     private String redirectBackUrlIdentityKey;
 
+    /**
+     * Endpoint from token updater
+     */
+    private String authorizationURL;
+
     /**
      * Default constructor, constructs an instance of this class.
      */
@@ -284,7 +286,7 @@ public String intercept(ActionInvocation invocation) throws Exception {
         User user = auth.getActiveUser();
 
         Cookie jwtCookie = DirectUtils.getCookieFromRequest(ServletActionContext.getRequest(),
-                ServerConfiguration.JWT_COOOKIE_KEY);
+                ServerConfiguration.JWT_COOKIE_KEY);
 
         if (jwtCookie == null) {
             return loginPageName;
@@ -293,12 +295,17 @@ public String intercept(ActionInvocation invocation) throws Exception {
         JWTToken jwtToken = null;
         try {
             jwtToken = new JWTToken(jwtCookie.getValue(),DirectProperties.CLIENT_SECRET_AUTH0,
-                    DirectProperties.JWT_VALID_ISSUERS, new JWTToken.Base64SecretEncoder());
+                    DirectProperties.JWT_VALID_ISSUERS, authorizationURL, new JWTToken.Base64SecretEncoder());
+            jwtToken.verify();
         } catch (TokenExpiredException e) {
-            //refresh token here
-            //redirect to loginpage for now
-            logger.error("Token is expired. Should do refresh token here");
-            return loginPageName;
+            logger.error("Token is expired. Try to refresh");
+            try {
+                jwtToken = jwtToken.refresh();
+            } catch (Exception ex) {
+                logger.error("Failed to refresh token: " + ex.getMessage());
+                logger.info("Redirect to login page");
+                return loginPageName;
+            }
         } catch (Exception e) {
             return loginPageName;
         }
@@ -437,4 +444,12 @@ public void setRedirectBackUrlIdentityKey(String redirectBackUrlIdentityKey) {
         Helper.checkNotNullOrEmpty(redirectBackUrlIdentityKey, "redirectBackUrlIdentityKey");
         this.redirectBackUrlIdentityKey = redirectBackUrlIdentityKey;
     }
+
+    public String getAuthorizationURL() {
+        return authorizationURL;
+    }
+
+    public void setAuthorizationURL(String authorizationURL) {
+        this.authorizationURL = authorizationURL;
+    }
 }