yujunjun/OpenMetadata
1
0
Fork 0
mirror of https://github.com/open-metadata/OpenMetadata.git synced 2025-11-03 03:59:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

Refresh token Changes (#8878)

Browse Source
This commit is contained in:
Mohit Yadav 2022-11-18 17:59:32 +05:30 committed by GitHub
parent 1de27af02f
commit e966bb343b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 8 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
openmetadata-service/src/main/java/org/openmetadata/service/resources/teams/UserResource.java
View File

@ -993,9 +993,7 @@ public class UserResource extends EntityResource<User, UserRepository> {
public Response refreshToken(
@Context UriInfo uriInfo, @Context SecurityContext securityContext, @Valid TokenRefreshRequest refreshRequest)
throws IOException {
return Response.status(Response.Status.OK)
.entity(authHandler.getNewAccessToken(securityContext.getUserPrincipal().getName(), refreshRequest))
.build();
return Response.status(Response.Status.OK).entity(authHandler.getNewAccessToken(refreshRequest)).build();
}
private User getUser(SecurityContext securityContext, CreateUser create) {

3
openmetadata-service/src/main/java/org/openmetadata/service/security/JwtFilter.java
View File

@ -69,7 +69,8 @@ public class JwtFilter implements ContainerRequestFilter {
"v1/users/generatePasswordResetLink",
"v1/users/password/reset",
"v1/users/checkEmailInUse",
"v1/users/login");
"v1/users/login",
"v1/users/refresh");
@SuppressWarnings("unused")
private JwtFilter() {}

2
openmetadata-service/src/main/java/org/openmetadata/service/security/auth/AuthenticatorHandler.java
View File

@ -70,7 +70,7 @@ public interface AuthenticatorHandler {
throw new CustomExceptionMessage(Response.Status.NOT_IMPLEMENTED, NOT_IMPLEMENTED_METHOD);
}
default JwtResponse getNewAccessToken(String userName, TokenRefreshRequest request) throws IOException {
default JwtResponse getNewAccessToken(TokenRefreshRequest request) throws IOException {
throw new CustomExceptionMessage(Response.Status.NOT_IMPLEMENTED, NOT_IMPLEMENTED_METHOD);
}

6
openmetadata-service/src/main/java/org/openmetadata/service/security/auth/BasicAuthenticator.java
View File

@ -32,6 +32,7 @@ import javax.ws.rs.BadRequestException;
import javax.ws.rs.core.UriInfo;
import lombok.extern.slf4j.Slf4j;
import org.jdbi.v3.core.Jdbi;
import org.openmetadata.schema.TokenInterface;
import org.openmetadata.schema.api.configuration.LoginConfiguration;
import org.openmetadata.schema.api.security.AuthorizerConfiguration;
import org.openmetadata.schema.api.teams.CreateUser;
@ -320,8 +321,9 @@ public class BasicAuthenticator implements AuthenticatorHandler {
}
@Override
public JwtResponse getNewAccessToken(String userName, TokenRefreshRequest request) throws IOException {
User storedUser = userRepository.getByName(null, userName, userRepository.getFieldsWithUserAuth("*"));
public JwtResponse getNewAccessToken(TokenRefreshRequest request) throws IOException {
TokenInterface tokenInterface = tokenRepository.findByToken(request.getRefreshToken());
User storedUser = userRepository.get(null, tokenInterface.getUserId(), userRepository.getFieldsWithUserAuth("*"));
if (storedUser.getIsBot() != null && storedUser.getIsBot()) {
throw new IllegalArgumentException("User are only allowed to login");
}