Updated RefreshToken

andresWeitzel · Aug 2, 2022 · a543673 · a543673
1 parent 96cd964
commit a543673
Show file tree

Hide file tree

Showing 4 changed files with 68 additions and 11 deletions.
diff --git a/pom.xml b/pom.xml
@@ -39,8 +39,8 @@
 			<groupId>javax.xml.bind</groupId>
 			<artifactId>jaxb-api</artifactId>
 		</dependency>
-		
-	
+
+
 
 		<!-- CONVERTIR OBJETOS JAVA EN OBJETOS JSON -->
 		<!-- https://mvnrepository.com/artifact/com.fasterxml.jackson.core/jackson-databind -->
@@ -54,15 +54,24 @@
 			<groupId>javax.annotation</groupId>
 			<artifactId>javax.annotation-api</artifactId>
 		</dependency>
-		
+
 		<!-- API PARA LAS VALIDACIONES -->
 		<!-- https://mvnrepository.com/artifact/org.springframework.boot/spring-boot-starter-validation -->
-<dependency>
-    <groupId>org.springframework.boot</groupId>
-    <artifactId>spring-boot-starter-validation</artifactId>
-    <version>2.7.0</version>
-</dependency>
-
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-validation</artifactId>
+			<version>2.7.0</version>
+		</dependency>
+
+		<!-- REFRESH TOKEN -->
+		<!-- https://mvnrepository.com/artifact/com.nimbusds/nimbus-jose-jwt -->
+		<dependency>
+			<groupId>com.nimbusds</groupId>
+			<artifactId>nimbus-jose-jwt</artifactId>
+			<version>9.22</version>
+		</dependency>
+
+
 
 		<dependency>
 			<groupId>org.springframework.boot</groupId>

diff --git a/src/main/java/com/api/produc/sup/security/controllers/AuthController.java b/src/main/java/com/api/produc/sup/security/controllers/AuthController.java
@@ -1,5 +1,6 @@
 package com.api.produc.sup.security.controllers;
 
+import java.text.ParseException;
 import java.util.HashSet;
 import java.util.Set;
 
@@ -118,5 +119,21 @@ public ResponseEntity<?> login(@Valid @RequestBody LoginUsuarioDTO loginUsuario,
 
 		return new ResponseEntity<JwtDTO>(jwtDto, HttpStatus.OK);
 	}
+
+
+
+
+	@PostMapping("/refresh-token")
+	public ResponseEntity<?> refreshToken(@RequestBody JwtDTO jwtDto) throws ParseException{
+
+		String token = jwtProvider.refreshToken(jwtDto);
+
+		JwtDTO jwtRefresh = new JwtDTO(token);
+
+		return new ResponseEntity<JwtDTO> (jwtRefresh, HttpStatus.OK);
+
+
+	}
+
 
 }
diff --git a/src/main/java/com/api/produc/sup/security/jwt/JwtProvider.java b/src/main/java/com/api/produc/sup/security/jwt/JwtProvider.java
@@ -1,5 +1,6 @@
 package com.api.produc.sup.security.jwt;
 
+import java.text.ParseException;
 import java.util.Date;
 import java.util.List;
 import java.util.stream.Collectors;
@@ -11,7 +12,11 @@
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.stereotype.Component;
 
+import com.api.produc.sup.security.dto.JwtDTO;
 import com.api.produc.sup.security.entities.UsuarioDetails;
+import com.nimbusds.jwt.JWT;
+import com.nimbusds.jwt.JWTClaimsSet;
+import com.nimbusds.jwt.JWTParser;
 
 import io.jsonwebtoken.ExpiredJwtException;
 import io.jsonwebtoken.Jwts;
@@ -40,7 +45,8 @@ public String generateToken(Authentication authentication){
         		.setSubject(usuarioPrincipal.getUsername())
         	    .claim("roles", roles)
                 .setIssuedAt(new Date())
-                .setExpiration(new Date(new Date().getTime() + expiration * 1000))
+                //.setExpiration(new Date(new Date().getTime() + expiration * 1000))
+                .setExpiration(new Date(new Date().getTime() + expiration))
                 .signWith(SignatureAlgorithm.HS512, secret.getBytes())
                 .compact();
     }
@@ -66,4 +72,29 @@ public boolean validateToken(String token){
         }
         return false;
     }
+
+
+    public String refreshToken(JwtDTO jwtDto) throws ParseException {
+
+    	JWT jwt = JWTParser.parse(jwtDto.getToken());
+
+    	JWTClaimsSet claims = jwt.getJWTClaimsSet();
+
+    	String username = claims.getSubject();
+
+    	//roles pasado desde el .claim de Jwts.builder
+    	List<String> roles = (List<String>)claims.getClaim("roles");
+
+    	//actualizamos un nuevo token
+    	 return Jwts.builder()
+         		.setSubject(username)
+         	    .claim("roles", roles)
+                 .setIssuedAt(new Date())
+                 //.setExpiration(new Date(new Date().getTime() + expiration * 1000))
+                 .setExpiration(new Date(new Date().getTime() + expiration))
+                 .signWith(SignatureAlgorithm.HS512, secret.getBytes())
+                 .compact();
+    }
+
+
 }
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
@@ -34,4 +34,4 @@ logging.level.=errors
 
 # --- SPRING SECURITY
 jwt.secret = secret
-jwt.expiration = 36000
+jwt.expiration = 20000