-
This commit is contained in:
@ -63,7 +63,7 @@ func main() {
|
|||||||
// Initialize services
|
// Initialize services
|
||||||
appService := services.NewApplicationService(appRepo, logger)
|
appService := services.NewApplicationService(appRepo, logger)
|
||||||
tokenService := services.NewTokenService(tokenRepo, appRepo, permRepo, grantRepo, cfg.GetString("INTERNAL_HMAC_KEY"), cfg, logger)
|
tokenService := services.NewTokenService(tokenRepo, appRepo, permRepo, grantRepo, cfg.GetString("INTERNAL_HMAC_KEY"), cfg, logger)
|
||||||
authService := services.NewAuthenticationService(cfg, logger)
|
authService := services.NewAuthenticationService(cfg, logger, permRepo)
|
||||||
|
|
||||||
// Initialize handlers
|
// Initialize handlers
|
||||||
healthHandler := handlers.NewHealthHandler(db, logger)
|
healthHandler := handlers.NewHealthHandler(db, logger)
|
||||||
|
|||||||
@ -9,7 +9,6 @@ import (
|
|||||||
"net"
|
"net"
|
||||||
"net/http"
|
"net/http"
|
||||||
"io"
|
"io"
|
||||||
"strconv"
|
|
||||||
"strings"
|
"strings"
|
||||||
"sync"
|
"sync"
|
||||||
"time"
|
"time"
|
||||||
|
|||||||
@ -49,7 +49,7 @@ func (s *applicationService) Create(ctx context.Context, req *domain.CreateAppli
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Additional business logic validation
|
// Additional business logic validation
|
||||||
if req.TokenRenewalDuration > req.MaxTokenDuration {
|
if req.TokenRenewalDuration.Duration > req.MaxTokenDuration.Duration {
|
||||||
return nil, fmt.Errorf("token renewal duration cannot be greater than max token duration")
|
return nil, fmt.Errorf("token renewal duration cannot be greater than max token duration")
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -129,7 +129,7 @@ func (s *applicationService) Update(ctx context.Context, appID string, updates *
|
|||||||
|
|
||||||
// Additional business logic validation
|
// Additional business logic validation
|
||||||
if updates.TokenRenewalDuration != nil && updates.MaxTokenDuration != nil {
|
if updates.TokenRenewalDuration != nil && updates.MaxTokenDuration != nil {
|
||||||
if *updates.TokenRenewalDuration > *updates.MaxTokenDuration {
|
if updates.TokenRenewalDuration.Duration > updates.MaxTokenDuration.Duration {
|
||||||
return nil, fmt.Errorf("token renewal duration cannot be greater than max token duration")
|
return nil, fmt.Errorf("token renewal duration cannot be greater than max token duration")
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -582,7 +582,7 @@ func (s *tokenService) RenewUserToken(ctx context.Context, req *domain.RenewRequ
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Validate current token
|
// Validate current token
|
||||||
currentToken, err := s.tokenProvider.ValidateUserToken(ctx, req.Token, app.HMACKey)
|
currentToken, err := s.jwtManager.ValidateToken(req.Token)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
s.logger.Warn("Invalid token for renewal", zap.Error(err), zap.String("app_id", req.AppID), zap.String("user_id", req.UserID))
|
s.logger.Warn("Invalid token for renewal", zap.Error(err), zap.String("app_id", req.AppID), zap.String("user_id", req.UserID))
|
||||||
return &domain.RenewResponse{
|
return &domain.RenewResponse{
|
||||||
@ -601,10 +601,11 @@ func (s *tokenService) RenewUserToken(ctx context.Context, req *domain.RenewRequ
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Check if token is still within its maximum validity period
|
// Check if token is still within its maximum validity period
|
||||||
if time.Now().After(currentToken.MaxValidAt) {
|
maxValidTime := time.Unix(currentToken.MaxValidAt, 0)
|
||||||
|
if time.Now().After(maxValidTime) {
|
||||||
s.logger.Warn("Token is past maximum validity period",
|
s.logger.Warn("Token is past maximum validity period",
|
||||||
zap.String("user_id", req.UserID),
|
zap.String("user_id", req.UserID),
|
||||||
zap.Time("max_valid_at", currentToken.MaxValidAt))
|
zap.Time("max_valid_at", maxValidTime))
|
||||||
return &domain.RenewResponse{
|
return &domain.RenewResponse{
|
||||||
Error: "token_expired",
|
Error: "token_expired",
|
||||||
}, nil
|
}, nil
|
||||||
@ -616,8 +617,8 @@ func (s *tokenService) RenewUserToken(ctx context.Context, req *domain.RenewRequ
|
|||||||
UserID: req.UserID,
|
UserID: req.UserID,
|
||||||
Permissions: currentToken.Permissions,
|
Permissions: currentToken.Permissions,
|
||||||
IssuedAt: time.Now(),
|
IssuedAt: time.Now(),
|
||||||
ExpiresAt: time.Now().Add(time.Duration(app.TokenRenewalDuration)),
|
ExpiresAt: time.Now().Add(app.TokenRenewalDuration.Duration),
|
||||||
MaxValidAt: currentToken.MaxValidAt, // Keep original max validity
|
MaxValidAt: maxValidTime, // Keep original max validity
|
||||||
TokenType: domain.TokenTypeUser,
|
TokenType: domain.TokenTypeUser,
|
||||||
Claims: currentToken.Claims,
|
Claims: currentToken.Claims,
|
||||||
}
|
}
|
||||||
@ -628,7 +629,7 @@ func (s *tokenService) RenewUserToken(ctx context.Context, req *domain.RenewRequ
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Generate the actual JWT token
|
// Generate the actual JWT token
|
||||||
tokenString, err := s.tokenProvider.GenerateUserToken(ctx, newToken, app.HMACKey)
|
tokenString, err := s.jwtManager.GenerateToken(newToken)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
s.logger.Error("Failed to generate renewed token", zap.Error(err), zap.String("user_id", req.UserID))
|
s.logger.Error("Failed to generate renewed token", zap.Error(err), zap.String("user_id", req.UserID))
|
||||||
return &domain.RenewResponse{
|
return &domain.RenewResponse{
|
||||||
|
|||||||
Reference in New Issue
Block a user