Skip to content

Commit

Permalink
Issue grails#437 - Expanded API for store token
Browse files Browse the repository at this point in the history
  • Loading branch information
jdaugherty committed Jan 14, 2024
1 parent 8850cd5 commit d67cb07
Show file tree
Hide file tree
Showing 4 changed files with 17 additions and 10 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -98,7 +98,7 @@ class RestOauthService {
log.debug "Generated REST authentication token: ${accessToken}"

log.debug "Storing token on the token storage"
tokenStorageService.storeToken(accessToken.accessToken, userDetails)
tokenStorageService.storeToken(accessToken)

authenticationEventPublisher.publishTokenCreation(accessToken)

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -108,7 +108,7 @@ class RestAuthenticationFilter extends GenericFilterBean {
AccessToken accessToken = tokenGenerator.generateAccessToken(authenticationResult.principal as UserDetails)
log.debug "Generated token: ${accessToken}"

tokenStorageService.storeToken(accessToken.accessToken, authenticationResult.principal as UserDetails)
tokenStorageService.storeToken(accessToken)
authenticationEventPublisher.publishTokenCreation(accessToken)
authenticationSuccessHandler.onAuthenticationSuccess(httpServletRequest, httpServletResponse, accessToken)
SecurityContextHolder.context.setAuthentication(accessToken)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -71,11 +71,11 @@ class RestLogoutFilter extends GenericFilterBean {
log.debug "Trying to remove the token"
tokenStorageService.removeToken accessToken.accessToken
} catch (TokenNotFoundException ignored) {
servletResponse.setStatus HttpServletResponse.SC_NOT_FOUND, "Token not found"
servletResponse.sendError HttpServletResponse.SC_NOT_FOUND, "Token not found"
}
} else {
log.debug "Token is missing. Sending a ${HttpServletResponse.SC_BAD_REQUEST} Bad Request response"
servletResponse.setStatus HttpServletResponse.SC_BAD_REQUEST, "Token header is missing"
servletResponse.sendError HttpServletResponse.SC_BAD_REQUEST, "Token header is missing"
}

} else {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -16,32 +16,39 @@
*/
package grails.plugin.springsecurity.rest.token.storage

import grails.plugin.springsecurity.rest.token.AccessToken
import org.springframework.security.core.userdetails.UserDetails
import org.springframework.security.core.Authentication

/**
* Implementations of this interface are responsible to load user information from a token storage system, and to store
* Implementations of this trait are responsible to load user information from a token storage system, and to store
* token information into it.
*/
interface TokenStorageService {

trait TokenStorageService {
/**
* Returns a principal object given the passed token value
* @throws TokenNotFoundException if no token is found in the storage
*/
UserDetails loadUserByToken(String tokenValue) throws TokenNotFoundException
abstract UserDetails loadUserByToken(String tokenValue) throws TokenNotFoundException

/**
* Stores a token. It receives the principal to store any additional information together with the token,
* like the username associated.
*
* @see Authentication#getPrincipal()
*/
void storeToken(String tokenValue, UserDetails principal)
void storeToken(String tokenValue, UserDetails principal) {}

/**
* Stores the access token. Allows for handling of refresh token and other JWT claims as needed.
*/
void storeToken(AccessToken accessToken) {
storeToken(accessToken.accessToken, accessToken.principal)
}

/**
* Removes a token from the storage.
* @throws TokenNotFoundException if the given token is not found in the storage
*/
void removeToken(String tokenValue) throws TokenNotFoundException
abstract void removeToken(String tokenValue) throws TokenNotFoundException
}

0 comments on commit d67cb07

Please sign in to comment.