QRunIO/qqq
2
0
Fork 0
mirror of https://github.com/Kingsrook/qqq.git synced 2025-07-18 13:10:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

CTLE-421: updated to check expiration and to get auth0 access token the correct way

Browse Source
This commit is contained in:
Tim Chamberlain
2023-05-03 09:29:20 -05:00
parent 5ed02be23f
commit c799645658
1 changed files with 14 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
qqq-backend-core/src/main/java/com/kingsrook/qqq/backend/core/modules/authentication/implementations/Auth0AuthenticationModule.java
View File

@ -812,9 +812,11 @@ public class Auth0AuthenticationModule implements QAuthenticationModuleInterface
{ {
DecodedJWT jwt = JWT.decode(accessToken); DecodedJWT jwt = JWT.decode(accessToken);
String payload = jwt.getPayload(); String payload = jwt.getPayload();
System.out.println("IOK"); if(jwt.getExpiresAtAsInstant().isAfter(Instant.now()))
{
needNewToken = false; needNewToken = false;
} }
}
if(needNewToken) if(needNewToken)
{ {
@ -833,7 +835,16 @@ public class Auth0AuthenticationModule implements QAuthenticationModuleInterface
QRecord clientAuth0Application = new GetAction().execute(getInput).getRecord(); QRecord clientAuth0Application = new GetAction().execute(getInput).getRecord();
String clientId = clientAuth0Application.getValueString(metaData.getAuth0ClientIdField()); String clientId = clientAuth0Application.getValueString(metaData.getAuth0ClientIdField());
String clientSecret = clientAuth0Application.getValueString(metaData.getAuth0ClientSecretField()); String clientSecret = clientAuth0Application.getValueString(metaData.getAuth0ClientSecretField());
accessToken = createAccessToken(metaData, clientId, clientSecret);
/////////////////////////////////////////////////////////////////////////////////////////////////
// request access token from auth0 if exception is not thrown, that means 200OK, we want to //
// store the actual access token in the database, and return a unique value //
// back to the user which will be what they use on subsequent requests (because token too big) //
/////////////////////////////////////////////////////////////////////////////////////////////////
JSONObject accessTokenData = requestAccessTokenFromAuth0(metaData, clientId, clientSecret);
Integer expiresInSeconds = accessTokenData.getInt("expires_in");
accessToken = accessTokenData.getString("access_token");
////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////
// update the api key record and store new access token // // update the api key record and store new access token //