From e966bb343b8c3e06d3d55c055abc71cf0e8d7e20 Mon Sep 17 00:00:00 2001
From: Mohit Yadav <105265192+mohityadav766@users.noreply.github.com>
Date: Fri, 18 Nov 2022 17:59:32 +0530
Subject: [PATCH] Refresh token Changes (#8878)

---
 .../openmetadata/service/resources/teams/UserResource.java  | 4 +---
 .../java/org/openmetadata/service/security/JwtFilter.java   | 3 ++-
 .../service/security/auth/AuthenticatorHandler.java         | 2 +-
 .../service/security/auth/BasicAuthenticator.java           | 6 ++++--
 4 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/openmetadata-service/src/main/java/org/openmetadata/service/resources/teams/UserResource.java b/openmetadata-service/src/main/java/org/openmetadata/service/resources/teams/UserResource.java
index ad0fcb38f94..140d45c9238 100644
--- a/openmetadata-service/src/main/java/org/openmetadata/service/resources/teams/UserResource.java
+++ b/openmetadata-service/src/main/java/org/openmetadata/service/resources/teams/UserResource.java
@@ -993,9 +993,7 @@ public class UserResource extends EntityResource<User, UserRepository> {
   public Response refreshToken(
       @Context UriInfo uriInfo, @Context SecurityContext securityContext, @Valid TokenRefreshRequest refreshRequest)
       throws IOException {
-    return Response.status(Response.Status.OK)
-        .entity(authHandler.getNewAccessToken(securityContext.getUserPrincipal().getName(), refreshRequest))
-        .build();
+    return Response.status(Response.Status.OK).entity(authHandler.getNewAccessToken(refreshRequest)).build();
   }
 
   private User getUser(SecurityContext securityContext, CreateUser create) {
diff --git a/openmetadata-service/src/main/java/org/openmetadata/service/security/JwtFilter.java b/openmetadata-service/src/main/java/org/openmetadata/service/security/JwtFilter.java
index 1f0a4814319..a31ecb8ac6e 100644
--- a/openmetadata-service/src/main/java/org/openmetadata/service/security/JwtFilter.java
+++ b/openmetadata-service/src/main/java/org/openmetadata/service/security/JwtFilter.java
@@ -69,7 +69,8 @@ public class JwtFilter implements ContainerRequestFilter {
           "v1/users/generatePasswordResetLink",
           "v1/users/password/reset",
           "v1/users/checkEmailInUse",
-          "v1/users/login");
+          "v1/users/login",
+          "v1/users/refresh");
 
   @SuppressWarnings("unused")
   private JwtFilter() {}
diff --git a/openmetadata-service/src/main/java/org/openmetadata/service/security/auth/AuthenticatorHandler.java b/openmetadata-service/src/main/java/org/openmetadata/service/security/auth/AuthenticatorHandler.java
index 83a137d59ee..1b71a7f1d9a 100644
--- a/openmetadata-service/src/main/java/org/openmetadata/service/security/auth/AuthenticatorHandler.java
+++ b/openmetadata-service/src/main/java/org/openmetadata/service/security/auth/AuthenticatorHandler.java
@@ -70,7 +70,7 @@ public interface AuthenticatorHandler {
     throw new CustomExceptionMessage(Response.Status.NOT_IMPLEMENTED, NOT_IMPLEMENTED_METHOD);
   }
 
-  default JwtResponse getNewAccessToken(String userName, TokenRefreshRequest request) throws IOException {
+  default JwtResponse getNewAccessToken(TokenRefreshRequest request) throws IOException {
     throw new CustomExceptionMessage(Response.Status.NOT_IMPLEMENTED, NOT_IMPLEMENTED_METHOD);
   }
 
diff --git a/openmetadata-service/src/main/java/org/openmetadata/service/security/auth/BasicAuthenticator.java b/openmetadata-service/src/main/java/org/openmetadata/service/security/auth/BasicAuthenticator.java
index 0ab651b6565..7f692530e70 100644
--- a/openmetadata-service/src/main/java/org/openmetadata/service/security/auth/BasicAuthenticator.java
+++ b/openmetadata-service/src/main/java/org/openmetadata/service/security/auth/BasicAuthenticator.java
@@ -32,6 +32,7 @@ import javax.ws.rs.BadRequestException;
 import javax.ws.rs.core.UriInfo;
 import lombok.extern.slf4j.Slf4j;
 import org.jdbi.v3.core.Jdbi;
+import org.openmetadata.schema.TokenInterface;
 import org.openmetadata.schema.api.configuration.LoginConfiguration;
 import org.openmetadata.schema.api.security.AuthorizerConfiguration;
 import org.openmetadata.schema.api.teams.CreateUser;
@@ -320,8 +321,9 @@ public class BasicAuthenticator implements AuthenticatorHandler {
   }
 
   @Override
-  public JwtResponse getNewAccessToken(String userName, TokenRefreshRequest request) throws IOException {
-    User storedUser = userRepository.getByName(null, userName, userRepository.getFieldsWithUserAuth("*"));
+  public JwtResponse getNewAccessToken(TokenRefreshRequest request) throws IOException {
+    TokenInterface tokenInterface = tokenRepository.findByToken(request.getRefreshToken());
+    User storedUser = userRepository.get(null, tokenInterface.getUserId(), userRepository.getFieldsWithUserAuth("*"));
     if (storedUser.getIsBot() != null && storedUser.getIsBot()) {
       throw new IllegalArgumentException("User are only allowed to login");
     }