-
This commit is contained in:
@ -9,7 +9,6 @@ import (
|
||||
"net"
|
||||
"net/http"
|
||||
"io"
|
||||
"strconv"
|
||||
"strings"
|
||||
"sync"
|
||||
"time"
|
||||
|
||||
@ -49,7 +49,7 @@ func (s *applicationService) Create(ctx context.Context, req *domain.CreateAppli
|
||||
}
|
||||
|
||||
// Additional business logic validation
|
||||
if req.TokenRenewalDuration > req.MaxTokenDuration {
|
||||
if req.TokenRenewalDuration.Duration > req.MaxTokenDuration.Duration {
|
||||
return nil, fmt.Errorf("token renewal duration cannot be greater than max token duration")
|
||||
}
|
||||
|
||||
@ -129,7 +129,7 @@ func (s *applicationService) Update(ctx context.Context, appID string, updates *
|
||||
|
||||
// Additional business logic validation
|
||||
if updates.TokenRenewalDuration != nil && updates.MaxTokenDuration != nil {
|
||||
if *updates.TokenRenewalDuration > *updates.MaxTokenDuration {
|
||||
if updates.TokenRenewalDuration.Duration > updates.MaxTokenDuration.Duration {
|
||||
return nil, fmt.Errorf("token renewal duration cannot be greater than max token duration")
|
||||
}
|
||||
}
|
||||
|
||||
@ -582,7 +582,7 @@ func (s *tokenService) RenewUserToken(ctx context.Context, req *domain.RenewRequ
|
||||
}
|
||||
|
||||
// Validate current token
|
||||
currentToken, err := s.tokenProvider.ValidateUserToken(ctx, req.Token, app.HMACKey)
|
||||
currentToken, err := s.jwtManager.ValidateToken(req.Token)
|
||||
if err != nil {
|
||||
s.logger.Warn("Invalid token for renewal", zap.Error(err), zap.String("app_id", req.AppID), zap.String("user_id", req.UserID))
|
||||
return &domain.RenewResponse{
|
||||
@ -601,10 +601,11 @@ func (s *tokenService) RenewUserToken(ctx context.Context, req *domain.RenewRequ
|
||||
}
|
||||
|
||||
// Check if token is still within its maximum validity period
|
||||
if time.Now().After(currentToken.MaxValidAt) {
|
||||
maxValidTime := time.Unix(currentToken.MaxValidAt, 0)
|
||||
if time.Now().After(maxValidTime) {
|
||||
s.logger.Warn("Token is past maximum validity period",
|
||||
zap.String("user_id", req.UserID),
|
||||
zap.Time("max_valid_at", currentToken.MaxValidAt))
|
||||
zap.Time("max_valid_at", maxValidTime))
|
||||
return &domain.RenewResponse{
|
||||
Error: "token_expired",
|
||||
}, nil
|
||||
@ -616,8 +617,8 @@ func (s *tokenService) RenewUserToken(ctx context.Context, req *domain.RenewRequ
|
||||
UserID: req.UserID,
|
||||
Permissions: currentToken.Permissions,
|
||||
IssuedAt: time.Now(),
|
||||
ExpiresAt: time.Now().Add(time.Duration(app.TokenRenewalDuration)),
|
||||
MaxValidAt: currentToken.MaxValidAt, // Keep original max validity
|
||||
ExpiresAt: time.Now().Add(app.TokenRenewalDuration.Duration),
|
||||
MaxValidAt: maxValidTime, // Keep original max validity
|
||||
TokenType: domain.TokenTypeUser,
|
||||
Claims: currentToken.Claims,
|
||||
}
|
||||
@ -628,7 +629,7 @@ func (s *tokenService) RenewUserToken(ctx context.Context, req *domain.RenewRequ
|
||||
}
|
||||
|
||||
// Generate the actual JWT token
|
||||
tokenString, err := s.tokenProvider.GenerateUserToken(ctx, newToken, app.HMACKey)
|
||||
tokenString, err := s.jwtManager.GenerateToken(newToken)
|
||||
if err != nil {
|
||||
s.logger.Error("Failed to generate renewed token", zap.Error(err), zap.String("user_id", req.UserID))
|
||||
return &domain.RenewResponse{
|
||||
|
||||
Reference in New Issue
Block a user