diff --git a/openmetadata-service/src/main/java/org/openmetadata/service/resources/teams/UserResource.java b/openmetadata-service/src/main/java/org/openmetadata/service/resources/teams/UserResource.java index ad0fcb38f94..140d45c9238 100644 --- a/openmetadata-service/src/main/java/org/openmetadata/service/resources/teams/UserResource.java +++ b/openmetadata-service/src/main/java/org/openmetadata/service/resources/teams/UserResource.java @@ -993,9 +993,7 @@ public class UserResource extends EntityResource { public Response refreshToken( @Context UriInfo uriInfo, @Context SecurityContext securityContext, @Valid TokenRefreshRequest refreshRequest) throws IOException { - return Response.status(Response.Status.OK) - .entity(authHandler.getNewAccessToken(securityContext.getUserPrincipal().getName(), refreshRequest)) - .build(); + return Response.status(Response.Status.OK).entity(authHandler.getNewAccessToken(refreshRequest)).build(); } private User getUser(SecurityContext securityContext, CreateUser create) { diff --git a/openmetadata-service/src/main/java/org/openmetadata/service/security/JwtFilter.java b/openmetadata-service/src/main/java/org/openmetadata/service/security/JwtFilter.java index 1f0a4814319..a31ecb8ac6e 100644 --- a/openmetadata-service/src/main/java/org/openmetadata/service/security/JwtFilter.java +++ b/openmetadata-service/src/main/java/org/openmetadata/service/security/JwtFilter.java @@ -69,7 +69,8 @@ public class JwtFilter implements ContainerRequestFilter { "v1/users/generatePasswordResetLink", "v1/users/password/reset", "v1/users/checkEmailInUse", - "v1/users/login"); + "v1/users/login", + "v1/users/refresh"); @SuppressWarnings("unused") private JwtFilter() {} diff --git a/openmetadata-service/src/main/java/org/openmetadata/service/security/auth/AuthenticatorHandler.java b/openmetadata-service/src/main/java/org/openmetadata/service/security/auth/AuthenticatorHandler.java index 83a137d59ee..1b71a7f1d9a 100644 --- a/openmetadata-service/src/main/java/org/openmetadata/service/security/auth/AuthenticatorHandler.java +++ b/openmetadata-service/src/main/java/org/openmetadata/service/security/auth/AuthenticatorHandler.java @@ -70,7 +70,7 @@ public interface AuthenticatorHandler { throw new CustomExceptionMessage(Response.Status.NOT_IMPLEMENTED, NOT_IMPLEMENTED_METHOD); } - default JwtResponse getNewAccessToken(String userName, TokenRefreshRequest request) throws IOException { + default JwtResponse getNewAccessToken(TokenRefreshRequest request) throws IOException { throw new CustomExceptionMessage(Response.Status.NOT_IMPLEMENTED, NOT_IMPLEMENTED_METHOD); } diff --git a/openmetadata-service/src/main/java/org/openmetadata/service/security/auth/BasicAuthenticator.java b/openmetadata-service/src/main/java/org/openmetadata/service/security/auth/BasicAuthenticator.java index 0ab651b6565..7f692530e70 100644 --- a/openmetadata-service/src/main/java/org/openmetadata/service/security/auth/BasicAuthenticator.java +++ b/openmetadata-service/src/main/java/org/openmetadata/service/security/auth/BasicAuthenticator.java @@ -32,6 +32,7 @@ import javax.ws.rs.BadRequestException; import javax.ws.rs.core.UriInfo; import lombok.extern.slf4j.Slf4j; import org.jdbi.v3.core.Jdbi; +import org.openmetadata.schema.TokenInterface; import org.openmetadata.schema.api.configuration.LoginConfiguration; import org.openmetadata.schema.api.security.AuthorizerConfiguration; import org.openmetadata.schema.api.teams.CreateUser; @@ -320,8 +321,9 @@ public class BasicAuthenticator implements AuthenticatorHandler { } @Override - public JwtResponse getNewAccessToken(String userName, TokenRefreshRequest request) throws IOException { - User storedUser = userRepository.getByName(null, userName, userRepository.getFieldsWithUserAuth("*")); + public JwtResponse getNewAccessToken(TokenRefreshRequest request) throws IOException { + TokenInterface tokenInterface = tokenRepository.findByToken(request.getRefreshToken()); + User storedUser = userRepository.get(null, tokenInterface.getUserId(), userRepository.getFieldsWithUserAuth("*")); if (storedUser.getIsBot() != null && storedUser.getIsBot()) { throw new IllegalArgumentException("User are only allowed to login"); }