QRunIO/qqq
2
0
Fork 0
mirror of https://github.com/Kingsrook/qqq.git synced 2025-07-19 05:30:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

QQQ-27: couple minor changes and updates from code review feedback

Browse Source
This commit is contained in:
Tim Chamberlain
2022-07-19 18:17:00 -05:00
parent afbba77afe
commit 7a9a83a348
5 changed files with 31 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pom.xml
View File

@ -56,7 +56,7 @@
<dependency>
<groupId>com.auth0</groupId>
<artifactId>mvc-auth-commons</artifactId>
<version>[1.0, 2.0)</version>
<version>1.9.2</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>

3
src/main/java/com/kingsrook/qqq/backend/core/actions/ActionHelper.java
View File

@ -22,6 +22,7 @@
package com.kingsrook.qqq.backend.core.actions;
import com.kingsrook.qqq.backend.core.exceptions.QAuthenticationException;
import com.kingsrook.qqq.backend.core.exceptions.QException;
import com.kingsrook.qqq.backend.core.model.actions.AbstractActionInput;
import com.kingsrook.qqq.backend.core.modules.authentication.QAuthenticationModuleDispatcher;
@ -43,7 +44,7 @@ public class ActionHelper
QAuthenticationModuleInterface authenticationModule = qAuthenticationModuleDispatcher.getQModule(request.getAuthenticationMetaData());
if(!authenticationModule.isSessionValid(request.getSession()))
{
throw new QException("Invalid session in request");
throw new QAuthenticationException("Invalid session in request");
}
}

2
src/main/java/com/kingsrook/qqq/backend/core/exceptions/QAuthenticationException.java
View File

@ -23,7 +23,7 @@ package com.kingsrook.qqq.backend.core.exceptions;
/*******************************************************************************
* Exception thrown while doing module-dispatch
* Exception thrown doing authentication
*
*******************************************************************************/
public class QAuthenticationException extends QException

20
src/main/java/com/kingsrook/qqq/backend/core/modules/authentication/Auth0AuthenticationModule.java
View File

@ -27,6 +27,7 @@ import java.time.Duration;
import java.time.Instant;
import java.util.Base64;
import java.util.Map;
import java.util.Optional;
import com.auth0.jwk.Jwk;
import com.auth0.jwk.JwkException;
import com.auth0.jwk.JwkProvider;
@ -60,7 +61,7 @@ public class Auth0AuthenticationModule implements QAuthenticationModuleInterface
private static final int ID_TOKEN_VALIDATION_INTERVAL_SECONDS = 300;
public static final String AUTH0_ID_TOKEN_KEY = "qqq.idToken";
public static final String AUTH0_ID_TOKEN_KEY = "sessionId";
public static final String TOKEN_NOT_PROVIDED_ERROR = "Id Token was not provided";
public static final String COULD_NOT_DECODE_ERROR = "Unable to decode id token";
@ -82,9 +83,6 @@ public class Auth0AuthenticationModule implements QAuthenticationModuleInterface
String idToken = context.get(AUTH0_ID_TOKEN_KEY);
if(idToken == null)
{
////////////////////////////////
// could not decode the token //
////////////////////////////////
logger.warn(TOKEN_NOT_PROVIDED_ERROR);
throw (new QAuthenticationException(TOKEN_NOT_PROVIDED_ERROR));
}
@ -166,9 +164,10 @@ public class Auth0AuthenticationModule implements QAuthenticationModuleInterface
StateProviderInterface spi = getStateProvider();
Auth0StateKey key = new Auth0StateKey(session.getIdReference());
if(spi.get(Instant.class, key).isPresent())
Optional<Instant> lastTimeCheckedOptional = spi.get(Instant.class, key);
if(lastTimeCheckedOptional.isPresent())
{
Instant lastTimeChecked = spi.get(Instant.class, key).get();
Instant lastTimeChecked = lastTimeCheckedOptional.get();
///////////////////////////////////////////////////////////////////////////////////////////////////
// returns negative int if less than compared duration, 0 if equal, positive int if greater than //
@ -250,8 +249,15 @@ public class Auth0AuthenticationModule implements QAuthenticationModuleInterface
JSONObject payload = new JSONObject(payloadString);
QUser qUser = new QUser();
qUser.setIdReference(payload.getString("email"));
qUser.setFullName(payload.getString("name"));
if(payload.has("email"))
{
qUser.setIdReference(payload.getString("email"));
}
else
{
qUser.setIdReference(payload.getString("nickname"));
}
QSession qSession = new QSession();
qSession.setIdReference(idToken);

37
src/test/java/com/kingsrook/qqq/backend/core/modules/authentication/Auth0AuthenticationModuleTest.java
View File

@ -37,7 +37,8 @@ import static com.kingsrook.qqq.backend.core.modules.authentication.Auth0Authent
import static com.kingsrook.qqq.backend.core.modules.authentication.Auth0AuthenticationModule.EXPIRED_TOKEN_ERROR;
import static com.kingsrook.qqq.backend.core.modules.authentication.Auth0AuthenticationModule.INVALID_TOKEN_ERROR;
import static com.kingsrook.qqq.backend.core.modules.authentication.Auth0AuthenticationModule.TOKEN_NOT_PROVIDED_ERROR;
import static org.junit.jupiter.api.Assertions.assertTrue;
import static org.assertj.core.api.Assertions.assertThat;
import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.fail;
@ -73,8 +74,8 @@ public class Auth0AuthenticationModuleTest
Auth0AuthenticationModule auth0AuthenticationModule = new Auth0AuthenticationModule();
auth0AuthenticationModule.setNow(now);
QSession session = auth0AuthenticationModule.createSession(getQInstance(), context);
assertTrue(session.getUser().getIdReference().equals("tim.chamberlain@kingsrook.com"));
assertTrue(session.getUser().getFullName().equals("Tim Chamberlain"));
assertEquals("tim.chamberlain@kingsrook.com", session.getUser().getIdReference(), "Id should be Tim's email.");
assertEquals("Tim Chamberlain", session.getUser().getFullName(), "Full name should be Tim's full name (well without the middle name).");
}
@ -93,14 +94,12 @@ public class Auth0AuthenticationModuleTest
{
Auth0AuthenticationModule auth0AuthenticationModule = new Auth0AuthenticationModule();
auth0AuthenticationModule.createSession(getQInstance(), context);
fail("Should never get here");
}
catch(QAuthenticationException qae)
{
assertTrue(qae.getMessage().contains(INVALID_TOKEN_ERROR));
return;
assertThat(qae.getMessage()).contains(INVALID_TOKEN_ERROR);
}
fail("Should never get here");
}
@ -119,14 +118,12 @@ public class Auth0AuthenticationModuleTest
{
Auth0AuthenticationModule auth0AuthenticationModule = new Auth0AuthenticationModule();
auth0AuthenticationModule.createSession(getQInstance(), context);
fail("Should never get here");
}
catch(QAuthenticationException qae)
{
assertTrue(qae.getMessage().contains(COULD_NOT_DECODE_ERROR));
return;
assertThat(qae.getMessage()).contains(COULD_NOT_DECODE_ERROR);
}
fail("Should never get here");
}
@ -145,14 +142,12 @@ public class Auth0AuthenticationModuleTest
{
Auth0AuthenticationModule auth0AuthenticationModule = new Auth0AuthenticationModule();
auth0AuthenticationModule.createSession(getQInstance(), context);
fail("Should never get here");
}
catch(QAuthenticationException qae)
{
assertTrue(qae.getMessage().contains(EXPIRED_TOKEN_ERROR));
return;
assertThat(qae.getMessage()).contains(EXPIRED_TOKEN_ERROR);
}
fail("Should never get here");
}
@ -168,14 +163,12 @@ public class Auth0AuthenticationModuleTest
{
Auth0AuthenticationModule auth0AuthenticationModule = new Auth0AuthenticationModule();
auth0AuthenticationModule.createSession(getQInstance(), new HashMap<>());
fail("Should never get here");
}
catch(QAuthenticationException qae)
{
assertTrue(qae.getMessage().contains(TOKEN_NOT_PROVIDED_ERROR));
return;
assertThat(qae.getMessage()).contains(TOKEN_NOT_PROVIDED_ERROR);
}
fail("Should never get here");
}
@ -194,14 +187,12 @@ public class Auth0AuthenticationModuleTest
{
Auth0AuthenticationModule auth0AuthenticationModule = new Auth0AuthenticationModule();
auth0AuthenticationModule.createSession(getQInstance(), context);
fail("Should never get here");
}
catch(QAuthenticationException qae)
{
assertTrue(qae.getMessage().contains(TOKEN_NOT_PROVIDED_ERROR));
return;
assertThat(qae.getMessage()).contains(TOKEN_NOT_PROVIDED_ERROR);
}
fail("Should never get here");
}