diff --git a/backend/src/main/java/ch/xxx/moviemanager/adapter/config/JwtTokenFilter.java b/backend/src/main/java/ch/xxx/moviemanager/adapter/config/JwtTokenFilter.java index 1a18399..8309f30 100644 --- a/backend/src/main/java/ch/xxx/moviemanager/adapter/config/JwtTokenFilter.java +++ b/backend/src/main/java/ch/xxx/moviemanager/adapter/config/JwtTokenFilter.java @@ -16,22 +16,20 @@ package ch.xxx.moviemanager.adapter.config; import java.io.IOException; +import java.util.Optional; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.web.filter.GenericFilterBean; + +import ch.xxx.moviemanager.usecase.service.JwtTokenService; import jakarta.servlet.FilterChain; import jakarta.servlet.ServletException; import jakarta.servlet.ServletRequest; import jakarta.servlet.ServletResponse; import jakarta.servlet.http.HttpServletRequest; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.web.filter.GenericFilterBean; - -import ch.xxx.moviemanager.usecase.service.JwtTokenService; - +public class JwtTokenFilter extends GenericFilterBean { -public class JwtTokenFilter extends GenericFilterBean { - private JwtTokenService jwtTokenProvider; public JwtTokenFilter(JwtTokenService jwtTokenProvider) { @@ -42,11 +40,11 @@ public JwtTokenFilter(JwtTokenService jwtTokenProvider) { public void doFilter(ServletRequest req, ServletResponse res, FilterChain filterChain) throws IOException, ServletException { - String token = jwtTokenProvider.resolveToken((HttpServletRequest) req); - if (token != null && jwtTokenProvider.validateToken(token)) { - Authentication auth = token != null ? jwtTokenProvider.getAuthentication(token) : null; - SecurityContextHolder.getContext().setAuthentication(auth); - } + Optional tokenOpt = jwtTokenProvider.resolveToken((HttpServletRequest) req); + tokenOpt.stream().filter(myToken -> jwtTokenProvider.validateToken(myToken)).findFirst().ifPresentOrElse( + token -> SecurityContextHolder.getContext() + .setAuthentication(jwtTokenProvider.getAuthentication(token)), + () -> SecurityContextHolder.getContext().setAuthentication(null)); filterChain.doFilter(req, res); } diff --git a/backend/src/main/java/ch/xxx/moviemanager/adapter/config/PGSQLMapDialect.java b/backend/src/main/java/ch/xxx/moviemanager/adapter/config/PGSQLMapDialect.java index fe693e1..8c000a4 100644 --- a/backend/src/main/java/ch/xxx/moviemanager/adapter/config/PGSQLMapDialect.java +++ b/backend/src/main/java/ch/xxx/moviemanager/adapter/config/PGSQLMapDialect.java @@ -12,12 +12,7 @@ */ package ch.xxx.moviemanager.adapter.config; -import org.hibernate.boot.model.TypeContributions; import org.hibernate.dialect.PostgreSQLDialect; -import org.hibernate.service.ServiceRegistry; -import org.hibernate.type.SqlTypes; -import org.hibernate.type.descriptor.sql.internal.DdlTypeImpl; -import org.hibernate.type.descriptor.sql.spi.DdlTypeRegistry; public class PGSQLMapDialect extends PostgreSQLDialect { diff --git a/backend/src/main/java/ch/xxx/moviemanager/adapter/controller/ActorController.java b/backend/src/main/java/ch/xxx/moviemanager/adapter/controller/ActorController.java index 57e1721..c1c9942 100644 --- a/backend/src/main/java/ch/xxx/moviemanager/adapter/controller/ActorController.java +++ b/backend/src/main/java/ch/xxx/moviemanager/adapter/controller/ActorController.java @@ -53,7 +53,7 @@ public ActorController(ActorService service, DefaultMapper mapper, UserDetailSer public List getActorSearch(@RequestHeader(value = HttpHeaders.AUTHORIZATION) String bearerStr, @PathVariable("name") String name) throws InterruptedException { List actors = this.service.findActor(name, bearerStr).stream() - .map(a -> this.mapper.convertOnlyActor(a)).toList(); + .map(this.mapper::convertOnlyActor).toList(); return actors; } @@ -65,7 +65,7 @@ public ResponseEntity getActorSearchById( Optional actorOpt = this.service.findActorById(id, bearerStr).stream() .filter(myActor -> myActor.getCasts().stream() .filter(c -> c.getMovie().getUsers().contains(currentUser)).findFirst().isPresent()) - .map(a -> this.mapper.convert(a)).findFirst(); + .map(this.mapper::convert).findFirst(); return actorOpt.stream().map(myActor -> new ResponseEntity(myActor, HttpStatus.OK)).findFirst() .orElse(new ResponseEntity(new ActorDto(), HttpStatus.NOT_FOUND)); } @@ -74,7 +74,7 @@ public ResponseEntity getActorSearchById( "page" }, method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) public List getPagesByNumber(@RequestHeader(value = HttpHeaders.AUTHORIZATION) String bearerStr, @RequestParam("page") Integer page) throws InterruptedException { - List actors = this.service.findActorsByPage(page, bearerStr).stream().map(a -> this.mapper.convert(a)) + List actors = this.service.findActorsByPage(page, bearerStr).stream().map(this.mapper::convert) .collect(Collectors.toList()); return actors; } @@ -83,14 +83,14 @@ public List getPagesByNumber(@RequestHeader(value = HttpHeaders.AUTHOR public List getActorsByCriteria(@RequestHeader(value = HttpHeaders.AUTHORIZATION) String bearerStr, @RequestBody ActorFilterCriteriaDto filterCriteria) { return this.service.findActorsByFilterCriteria(bearerStr, filterCriteria).stream() - .map(m -> this.mapper.convert(m)).toList(); + .map(this.mapper::convert).toList(); } @RequestMapping(value = "/searchterm", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE, consumes = MediaType.APPLICATION_JSON_VALUE) public List postSearchTerm(@RequestHeader(value = HttpHeaders.AUTHORIZATION) String bearerStr, SearchTermDto searchTermDto) { List results = this.service.findActorsBySearchTerm(bearerStr, searchTermDto).stream() - .map(myActor -> this.mapper.convert(myActor)).toList(); + .map(this.mapper::convert).toList(); return results; } } diff --git a/backend/src/main/java/ch/xxx/moviemanager/adapter/controller/AuthenticationController.java b/backend/src/main/java/ch/xxx/moviemanager/adapter/controller/AuthenticationController.java index aede04a..eb0a17b 100644 --- a/backend/src/main/java/ch/xxx/moviemanager/adapter/controller/AuthenticationController.java +++ b/backend/src/main/java/ch/xxx/moviemanager/adapter/controller/AuthenticationController.java @@ -52,11 +52,8 @@ public AuthenticationController(UserDetailService userDetailService) { @PostMapping("/authorize") public AuthCheckDto postAuthorize(@RequestBody AuthCheckDto authcheck, @RequestHeader Map header) { String tokenRoles = this.userDetailService.getTokenRoles(header).role(); - if (tokenRoles != null && tokenRoles.contains(Role.USERS.name()) && !tokenRoles.contains(Role.GUEST.name())) { - return new AuthCheckDto(authcheck.getPath(), true); - } else { - return new AuthCheckDto(authcheck.getPath(), false); - } + return (tokenRoles != null && tokenRoles.contains(Role.USERS.name()) && !tokenRoles.contains(Role.GUEST.name())) ? + new AuthCheckDto(authcheck.getPath(), true) : new AuthCheckDto(authcheck.getPath(), false); } @PostMapping("/signin") diff --git a/backend/src/main/java/ch/xxx/moviemanager/adapter/controller/MovieController.java b/backend/src/main/java/ch/xxx/moviemanager/adapter/controller/MovieController.java index 28ae347..ef1b71f 100644 --- a/backend/src/main/java/ch/xxx/moviemanager/adapter/controller/MovieController.java +++ b/backend/src/main/java/ch/xxx/moviemanager/adapter/controller/MovieController.java @@ -72,13 +72,13 @@ public ResponseEntity deleteMovieById(@RequestHeader(value = HttpHeader public List getGeneresById(@RequestHeader(value = HttpHeaders.AUTHORIZATION) String bearerStr, @PathVariable("id") Long id) throws InterruptedException { List movies = this.service.findMoviesByGenereId(id, bearerStr).stream() - .map(m -> this.mapper.convertMovieWithGenere(m)).toList(); + .map(this.mapper::convertMovieWithGenere).toList(); return movies; } @RequestMapping(value = "/generes", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) public List getGeneres() throws InterruptedException { - List generes = this.service.findAllGeneres().stream().map(gen -> this.mapper.convert(gen)).toList(); + List generes = this.service.findAllGeneres().stream().map(this.mapper::convert).toList(); return generes; } @@ -86,7 +86,7 @@ public List getGeneres() throws InterruptedException { "page" }, method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) public List getPagesByNumber(@RequestHeader(value = HttpHeaders.AUTHORIZATION) String bearerStr, @RequestParam("page") Integer page) throws InterruptedException { - List movies = this.service.findMoviesByPage(page, bearerStr).stream().map(m -> this.mapper.convert(m)) + List movies = this.service.findMoviesByPage(page, bearerStr).stream().map(this.mapper::convert) .toList(); return movies; } @@ -95,14 +95,14 @@ public List getPagesByNumber(@RequestHeader(value = HttpHeaders.AUTHOR public List getMoviesByCriteria(@RequestHeader(value = HttpHeaders.AUTHORIZATION) String bearerStr, @RequestBody MovieFilterCriteriaDto filterCriteria) { return this.service.findMoviesByFilterCriteria(bearerStr, filterCriteria).stream() - .map(m -> this.mapper.convert(m)).toList(); + .map(this.mapper::convert).toList(); } @RequestMapping(value = "/searchterm", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE, consumes = MediaType.APPLICATION_JSON_VALUE) public List postSearchTerm(@RequestHeader(value = HttpHeaders.AUTHORIZATION) String bearerStr, SearchTermDto searchTermDto) { List results = this.service.findMoviesBySearchTerm(bearerStr, searchTermDto).stream() - .map(myMovie -> this.mapper.convert(myMovie)).toList(); + .map(this.mapper::convert).toList(); return results; } } diff --git a/backend/src/main/java/ch/xxx/moviemanager/adapter/repository/ActorRepositoryBean.java b/backend/src/main/java/ch/xxx/moviemanager/adapter/repository/ActorRepositoryBean.java index d00bfee..20f2170 100644 --- a/backend/src/main/java/ch/xxx/moviemanager/adapter/repository/ActorRepositoryBean.java +++ b/backend/src/main/java/ch/xxx/moviemanager/adapter/repository/ActorRepositoryBean.java @@ -83,39 +83,35 @@ public List findByFilterCriteria(ActorFilterCriteriaDto filterCriteriaDto CriteriaQuery cq = this.entityManager.getCriteriaBuilder().createQuery(Actor.class); Root cActor = cq.from(Actor.class); List predicates = new ArrayList<>(); - if (filterCriteriaDto.getBirthdayFrom() != null) { - predicates.add(this.entityManager.getCriteriaBuilder().greaterThanOrEqualTo(cActor.get("birthday"), - CommonUtils.convert(filterCriteriaDto.getBirthdayFrom()))); - } - if (filterCriteriaDto.getBirthdayTo() != null) { - predicates.add(this.entityManager.getCriteriaBuilder().lessThanOrEqualTo(cActor.get("birthday"), - CommonUtils.convert(filterCriteriaDto.getBirthdayTo()))); - } - if (filterCriteriaDto.getDead()) { - predicates.add(this.entityManager.getCriteriaBuilder().isNotNull(cActor.get("deathday"))); - } - if (filterCriteriaDto.getGender() != null && !filterCriteriaDto.getGender().equals(Gender.Unknown)) { - predicates.add(this.entityManager.getCriteriaBuilder().equal(cActor.get("gender"), - filterCriteriaDto.getGender().getCode())); - } - if (filterCriteriaDto.getName() != null && filterCriteriaDto.getName().trim().length() > 2) { - predicates.add(this.entityManager.getCriteriaBuilder().like( - this.entityManager.getCriteriaBuilder().lower(cActor.get("name")), - String.format("%%%s%%", filterCriteriaDto.getName().toLowerCase()))); - } + Optional.ofNullable(filterCriteriaDto.getBirthdayFrom()) + .ifPresent(x -> predicates.add(this.entityManager.getCriteriaBuilder().greaterThanOrEqualTo( + cActor.get("birthday"), CommonUtils.convert(filterCriteriaDto.getBirthdayFrom())))); + Optional.ofNullable(filterCriteriaDto.getBirthdayTo()) + .ifPresent(x -> predicates.add(this.entityManager.getCriteriaBuilder().lessThanOrEqualTo( + cActor.get("birthday"), CommonUtils.convert(filterCriteriaDto.getBirthdayTo())))); + Optional.ofNullable(filterCriteriaDto.getDead()).ifPresent( + x -> predicates.add(this.entityManager.getCriteriaBuilder().isNotNull(cActor.get("deathday")))); + Optional.ofNullable(filterCriteriaDto.getGender()).stream().filter(myGender -> !Gender.Unknown.equals(myGender)) + .findFirst().ifPresent(x -> predicates.add(this.entityManager.getCriteriaBuilder() + .equal(cActor.get("gender"), filterCriteriaDto.getGender().getCode()))); + Optional.ofNullable(filterCriteriaDto.getName()).stream().filter(myName -> myName.trim().length() > 2) + .findFirst() + .ifPresent(x -> predicates.add(this.entityManager.getCriteriaBuilder().like( + this.entityManager.getCriteriaBuilder().lower(cActor.get("name")), + String.format("%%%s%%", filterCriteriaDto.getName().toLowerCase())))); if (filterCriteriaDto.getPopularity() > 0) { predicates.add(this.entityManager.getCriteriaBuilder().greaterThanOrEqualTo(cActor.get("popularity"), Double.valueOf(Integer.valueOf(filterCriteriaDto.getPopularity()).toString()))); } - if (filterCriteriaDto.getMovieCharacter() != null - && filterCriteriaDto.getMovieCharacter().trim().length() > 2) { - Metamodel m = this.entityManager.getMetamodel(); - EntityType actor_ = m.entity(Actor.class); - predicates.add(this.entityManager.getCriteriaBuilder() - .like(this.entityManager.getCriteriaBuilder() - .lower(cActor.join(actor_.getDeclaredList("casts", Cast.class)).get("movieChar")), - String.format("%%%s%%", filterCriteriaDto.getMovieCharacter().toLowerCase()))); - } + Optional.ofNullable(filterCriteriaDto.getMovieCharacter()).stream() + .filter(myCharacter -> myCharacter.trim().length() > 2).findFirst().ifPresent(x -> { + Metamodel m = this.entityManager.getMetamodel(); + EntityType actor_ = m.entity(Actor.class); + predicates.add(this.entityManager.getCriteriaBuilder() + .like(this.entityManager.getCriteriaBuilder() + .lower(cActor.join(actor_.getDeclaredList("casts", Cast.class)).get("movieChar")), + String.format("%%%s%%", filterCriteriaDto.getMovieCharacter().toLowerCase()))); + }); // user check Metamodel m = this.entityManager.getMetamodel(); EntityType actor_ = m.entity(Actor.class); @@ -126,19 +122,20 @@ public List findByFilterCriteria(ActorFilterCriteriaDto filterCriteriaDto } public List findActorsByPhrase(SearchPhraseDto searchPhraseDto) { - List resultList = List.of(); - if (searchPhraseDto.getPhrase() != null && searchPhraseDto.getPhrase().trim().length() > 2) { + final List resultList = new ArrayList<>(); + Optional.ofNullable(searchPhraseDto.getPhrase()).stream().filter(myPhrase -> myPhrase.trim().length() > 2).findFirst().ifPresent(x -> { SearchSession searchSession = Search.session(this.entityManager); - resultList = searchSession.search(Actor.class).where(f -> f.phrase().field("biography") - .matching(searchPhraseDto.getPhrase()).slop(searchPhraseDto.getOtherWordsInPhrase())).fetchHits(1000); - } + resultList.addAll(searchSession.search(Actor.class).where(f -> f.phrase().field("biography") + .matching(searchPhraseDto.getPhrase()).slop(searchPhraseDto.getOtherWordsInPhrase())) + .fetchHits(1000)); + }); return resultList; } public List findActorsBySearchStrings(List searchStrings) { StringBuilder stringBuilder = new StringBuilder(); searchStrings.forEach(myDto -> stringBuilder.append(" ").append(myDto.getOperator().value).append(" ") - .append(myDto.getSearchString())); + .append(myDto.getSearchString())); List resultList = Search.session(this.entityManager).search(Actor.class) .where(f -> f.simpleQueryString().field("biography").matching(stringBuilder.substring(2))) .fetchHits(1000); diff --git a/backend/src/main/java/ch/xxx/moviemanager/adapter/repository/MovieRepositoryBean.java b/backend/src/main/java/ch/xxx/moviemanager/adapter/repository/MovieRepositoryBean.java index f275baa..a40bb43 100644 --- a/backend/src/main/java/ch/xxx/moviemanager/adapter/repository/MovieRepositoryBean.java +++ b/backend/src/main/java/ch/xxx/moviemanager/adapter/repository/MovieRepositoryBean.java @@ -105,30 +105,28 @@ public List findByFilterCriteria(MovieFilterCriteriaDto filterCriteriaDto CriteriaQuery cq = this.entityManager.getCriteriaBuilder().createQuery(Movie.class); Root cMovie = cq.from(Movie.class); List predicates = new ArrayList<>(); - if (filterCriteriaDto.getReleaseFrom() != null) { - predicates.add(this.entityManager.getCriteriaBuilder().greaterThanOrEqualTo(cMovie.get("releaseDate"), - CommonUtils.convert(filterCriteriaDto.getReleaseFrom()))); - } - if (filterCriteriaDto.getReleaseTo() != null) { - predicates.add(this.entityManager.getCriteriaBuilder().lessThanOrEqualTo(cMovie.get("releaseDate"), - CommonUtils.convert(filterCriteriaDto.getReleaseTo()))); - } - if (filterCriteriaDto.getMovieTitle() != null && filterCriteriaDto.getMovieTitle().trim().length() > 2) { - predicates.add(this.entityManager.getCriteriaBuilder().like( - this.entityManager.getCriteriaBuilder().lower(cMovie.get("title")), - String.format("%%%s%%", filterCriteriaDto.getMovieTitle().toLowerCase()))); - } - if (filterCriteriaDto.getMovieActor() != null && filterCriteriaDto.getMovieActor().trim().length() > 2) { - Metamodel m = this.entityManager.getMetamodel(); - EntityType movie_ = m.entity(Movie.class); - predicates - .add(this.entityManager - .getCriteriaBuilder().like( + Optional.ofNullable(filterCriteriaDto.getReleaseFrom()) + .ifPresent(x -> predicates.add(this.entityManager.getCriteriaBuilder().greaterThanOrEqualTo( + cMovie.get("releaseDate"), CommonUtils.convert(filterCriteriaDto.getReleaseFrom())))); + Optional.ofNullable(filterCriteriaDto.getReleaseTo()) + .ifPresent(x -> predicates.add(this.entityManager.getCriteriaBuilder().lessThanOrEqualTo( + cMovie.get("releaseDate"), CommonUtils.convert(filterCriteriaDto.getReleaseTo())))); + Optional.ofNullable(filterCriteriaDto.getMovieTitle()).stream().filter(myTitle -> myTitle.trim().length() > 2) + .findFirst() + .ifPresent(x -> predicates.add(this.entityManager.getCriteriaBuilder().like( + this.entityManager.getCriteriaBuilder().lower(cMovie.get("title")), + String.format("%%%s%%", filterCriteriaDto.getMovieTitle().toLowerCase())))); + Optional.ofNullable(filterCriteriaDto.getMovieActor()).stream().filter(myActor -> myActor.trim().length() > 2) + .findFirst().ifPresent(x -> { + Metamodel m = this.entityManager.getMetamodel(); + EntityType movie_ = m.entity(Movie.class); + predicates + .add(this.entityManager.getCriteriaBuilder().like( this.entityManager.getCriteriaBuilder() .lower(cMovie.join(movie_.getDeclaredList("cast", Cast.class)) .get("characterName")), String.format("%%%s%%", filterCriteriaDto.getMovieActor().toLowerCase()))); - } + }); if (!filterCriteriaDto.getSelectedGeneres().isEmpty()) { Metamodel m = this.entityManager.getMetamodel(); EntityType movie_ = m.entity(Movie.class); @@ -159,8 +157,9 @@ public List findByFilterCriteria(MovieFilterCriteriaDto filterCriteriaDto public List findMoviesByPhrase(SearchPhraseDto searchPhraseDto) { List resultList = List.of(); if (searchPhraseDto.getPhrase() != null && searchPhraseDto.getPhrase().trim().length() > 2) { - resultList = Search.session(this.entityManager).search(Movie.class).where(f -> f.phrase().field("overview") - .matching(searchPhraseDto.getPhrase()).slop(searchPhraseDto.getOtherWordsInPhrase())) + resultList = Search + .session(this.entityManager).search(Movie.class).where(f -> f.phrase().field("overview") + .matching(searchPhraseDto.getPhrase()).slop(searchPhraseDto.getOtherWordsInPhrase())) .fetchHits(1000); } return resultList; diff --git a/backend/src/main/java/ch/xxx/moviemanager/usecase/service/JwtTokenService.java b/backend/src/main/java/ch/xxx/moviemanager/usecase/service/JwtTokenService.java index a6e81db..735302d 100644 --- a/backend/src/main/java/ch/xxx/moviemanager/usecase/service/JwtTokenService.java +++ b/backend/src/main/java/ch/xxx/moviemanager/usecase/service/JwtTokenService.java @@ -53,7 +53,10 @@ @Service public class JwtTokenService { private static final Logger LOG = LoggerFactory.getLogger(JwtTokenService.class); - public record UserNameUuid(String userName, String uuid) {} + + public record UserNameUuid(String userName, String uuid) { + } + private final List loggedOutUsers = new CopyOnWriteArrayList<>(); @Value("${security.jwt.token.secret-key}") @@ -61,57 +64,54 @@ public record UserNameUuid(String userName, String uuid) {} @Value("${security.jwt.token.expire-length}") private long validityInMilliseconds; // 1 min - + private SecretKey jwtTokenKey; @PostConstruct public void init() { - this.jwtTokenKey = Keys.hmacShaKeyFor(Base64.getUrlDecoder().decode(secretKey.getBytes(StandardCharsets.ISO_8859_1))); + this.jwtTokenKey = Keys + .hmacShaKeyFor(Base64.getUrlDecoder().decode(secretKey.getBytes(StandardCharsets.ISO_8859_1))); } public void updateLoggedOutUsers(List revokedTokens) { this.loggedOutUsers.clear(); this.loggedOutUsers.addAll(revokedTokens.stream() - .map(myRevokedToken -> new UserNameUuid(myRevokedToken.getName(), - myRevokedToken.getUuid())).toList()); + .map(myRevokedToken -> new UserNameUuid(myRevokedToken.getName(), myRevokedToken.getUuid())).toList()); } - - public TokenSubjectRole getTokenUserRoles(Map headers) { + + public TokenSubjectRole getTokenUserRoles(Map headers) { return JwtUtils.getTokenUserRoles(headers, this.jwtTokenKey); } - + public String createToken(String username, List roles, Optional issuedAtOpt) { Claims claims = Jwts.claims(); claims.setSubject(username); claims.put(JwtUtils.TOKENAUTHKEY, roles.stream().map(s -> new SimpleGrantedAuthority(s.getAuthority())) .filter(Objects::nonNull).collect(Collectors.toList())); - claims.put(JwtUtils.TOKENLASTMSGKEY, new Date().getTime()); + claims.put(JwtUtils.TOKENLASTMSGKEY, new Date().getTime()); claims.put(JwtUtils.UUID, UUID.randomUUID().toString()); Date issuedAt = issuedAtOpt.orElse(new Date()); claims.setIssuedAt(issuedAt); Date validity = new Date(issuedAt.getTime() + validityInMilliseconds); claims.setExpiration(validity); - return Jwts.builder().setClaims(claims) - .signWith(this.jwtTokenKey, SignatureAlgorithm.HS256).compact(); + return Jwts.builder().setClaims(claims).signWith(this.jwtTokenKey, SignatureAlgorithm.HS256).compact(); } public String refreshToken(String token) { this.validateToken(token); - Optional> claimsOpt = JwtUtils.getClaims(Optional.of(token), this.jwtTokenKey); - if(claimsOpt.isEmpty()) { - throw new AuthorizationServiceException("Invalid token claims"); - } - Claims claims = claimsOpt.get().getBody(); + Claims claims = JwtUtils.getClaims(Optional.of(token), this.jwtTokenKey) + .orElseThrow(() -> new AuthorizationServiceException("Invalid token claims")).getBody(); claims.setIssuedAt(new Date()); claims.setExpiration(new Date(Instant.now().toEpochMilli() + validityInMilliseconds)); - String newToken = Jwts.builder().setClaims(claims).signWith(this.jwtTokenKey, SignatureAlgorithm.HS256).compact(); + String newToken = Jwts.builder().setClaims(claims).signWith(this.jwtTokenKey, SignatureAlgorithm.HS256) + .compact(); return newToken; } - - public Authentication getAuthentication(String token) { + + public Authentication getAuthentication(String token) { this.validateToken(token); - if(this.getAuthorities(token).stream().filter(role -> role.equals(Role.GUEST)).count() > 0) { + if (this.getAuthorities(token).stream().filter(role -> role.equals(Role.GUEST)).count() > 0) { return new UsernamePasswordAuthenticationToken(this.getUsername(token), null); } return new UsernamePasswordAuthenticationToken(this.getUsername(token), "", this.getAuthorities(token)); @@ -119,33 +119,34 @@ public Authentication getAuthentication(String token) { public String getUsername(String token) { this.validateToken(token); - return Jwts.parserBuilder().setSigningKey(this.jwtTokenKey).build().parseClaimsJws(token).getBody().getSubject(); + return Jwts.parserBuilder().setSigningKey(this.jwtTokenKey).build().parseClaimsJws(token).getBody() + .getSubject(); } - + public String getUuid(String token) { this.validateToken(token); - return Jwts.parserBuilder().setSigningKey(this.jwtTokenKey).build().parseClaimsJws(token).getBody().get(JwtUtils.UUID, String.class); + return Jwts.parserBuilder().setSigningKey(this.jwtTokenKey).build().parseClaimsJws(token).getBody() + .get(JwtUtils.UUID, String.class); } - + @SuppressWarnings("unchecked") public Collection getAuthorities(String token) { this.validateToken(token); Collection roles = new LinkedList<>(); - for(Role role :Role.values()) { + for (Role role : Role.values()) { roles.add(role); } - Collection> rolestrs = (Collection>) Jwts.parserBuilder() + Collection> rolestrs = (Collection>) Jwts.parserBuilder() .setSigningKey(this.jwtTokenKey).build().parseClaimsJws(token).getBody().get("auth"); - return rolestrs.stream() - .map(str -> roles.stream().filter(r -> r.name().equals(str.getOrDefault(JwtUtils.AUTHORITY, ""))) - .findFirst().orElse(Role.GUEST)) + return rolestrs.stream().map(str -> roles.stream() + .filter(r -> r.name().equals(str.getOrDefault(JwtUtils.AUTHORITY, ""))).findFirst().orElse(Role.GUEST)) .collect(Collectors.toList()); } - public String resolveToken(HttpServletRequest req) { + public Optional resolveToken(HttpServletRequest req) { String bearerToken = req.getHeader(JwtUtils.AUTHORIZATION); Optional tokenOpt = resolveToken(bearerToken); - return tokenOpt.isEmpty() ? null : tokenOpt.get(); + return tokenOpt; } public Optional resolveToken(String bearerToken) { @@ -154,20 +155,25 @@ public Optional resolveToken(String bearerToken) { } return Optional.empty(); } - + public int userNameLogouts(String userName) { - return this.loggedOutUsers.stream().filter(myUserName -> myUserName.userName.equalsIgnoreCase(userName)).toList().size(); + return this.loggedOutUsers.stream().filter(myUserName -> myUserName.userName.equalsIgnoreCase(userName)) + .toList().size(); } - + public boolean validateToken(String token) { try { Jws claimsJws = Jwts.parserBuilder().setSigningKey(this.jwtTokenKey).build().parseClaimsJws(token); - String subject = Optional.ofNullable(claimsJws.getBody().getSubject()).orElseThrow(() -> new AuthenticationException("Invalid JWT token")); - String uuid = Optional.ofNullable(claimsJws.getBody().get(JwtUtils.UUID, String.class)).orElseThrow(() -> new AuthenticationException("Invalid JWT token")); - // LOG.info("Subject: {}, Uuid: {}, LoggedOutUsers: {}", subject, uuid, JwtTokenService.loggedOutUsers.size()); - return this.loggedOutUsers.stream().noneMatch(myUserName -> subject.equalsIgnoreCase(myUserName.userName) && uuid.equals(myUserName.uuid)); + String subject = Optional.ofNullable(claimsJws.getBody().getSubject()) + .orElseThrow(() -> new AuthenticationException("Invalid JWT token")); + String uuid = Optional.ofNullable(claimsJws.getBody().get(JwtUtils.UUID, String.class)) + .orElseThrow(() -> new AuthenticationException("Invalid JWT token")); + // LOG.info("Subject: {}, Uuid: {}, LoggedOutUsers: {}", subject, uuid, + // JwtTokenService.loggedOutUsers.size()); + return this.loggedOutUsers.stream().noneMatch( + myUserName -> subject.equalsIgnoreCase(myUserName.userName) && uuid.equals(myUserName.uuid)); } catch (JwtException | IllegalArgumentException e) { - throw new AuthenticationException("Expired or invalid JWT token",e); + throw new AuthenticationException("Expired or invalid JWT token", e); } } diff --git a/backend/src/main/java/ch/xxx/moviemanager/usecase/service/UserDetailServiceBase.java b/backend/src/main/java/ch/xxx/moviemanager/usecase/service/UserDetailServiceBase.java index 8792038..9565216 100644 --- a/backend/src/main/java/ch/xxx/moviemanager/usecase/service/UserDetailServiceBase.java +++ b/backend/src/main/java/ch/xxx/moviemanager/usecase/service/UserDetailServiceBase.java @@ -95,7 +95,7 @@ public void init() throws GeneralSecurityException { KeysetHandle handle = TinkJsonProtoKeysetFormat.parseKeyset(this.tinkJsonKey, InsecureSecretKeyAccess.get()); this.daead = handle.getPrimitive(DeterministicAead.class); } - + public void updateLoggedOutUsers() { this.updateLoggedOutUsers(LOGOUT_TIMEOUT); } @@ -121,11 +121,9 @@ public User getCurrentUser(String bearerStr) { } public RefreshTokenDto refreshToken(String bearerToken) { - Optional tokenOpt = this.jwtTokenService.resolveToken(bearerToken); - if (tokenOpt.isEmpty()) { - throw new AuthorizationServiceException("Invalid token"); - } - String newToken = this.jwtTokenService.refreshToken(tokenOpt.get()); + String token = this.jwtTokenService.resolveToken(bearerToken) + .orElseThrow(() -> new AuthorizationServiceException("Invalid token")); + String newToken = this.jwtTokenService.refreshToken(token); LOG.info("Jwt Token refreshed."); return new RefreshTokenDto(newToken); } @@ -192,7 +190,7 @@ public String encrypt(String movieDbKey, String uuid) { String cipherText = new String(Base64.getEncoder().encode(cipherBytes), Charset.defaultCharset()); return cipherText; } - + public Boolean confirmUuid(String uuid) { return this.confirmUuid(this.userRepository.findByUuid(uuid), uuid); } @@ -293,7 +291,7 @@ public UserDto load(Long id) { public void sendKafkaEvent(KafkaEventDto kafkaEventDto) { LOG.info("KafkaEvent not send."); } - + /* * public List loadAll() { return * this.userRepository.findAll().stream() .flatMap(entity ->