diff --git a/src/main/kotlin/de/fraunhofer/iem/dataprovider/configuration/security/JwtService.kt b/src/main/kotlin/de/fraunhofer/iem/dataprovider/configuration/security/JwtService.kt
index 1fb194ee4dcf8c25bcd6b135ab4878a9205b5585..daef22055a575b126eb212e1aa2a58dd8b50d922 100644
--- a/src/main/kotlin/de/fraunhofer/iem/dataprovider/configuration/security/JwtService.kt
+++ b/src/main/kotlin/de/fraunhofer/iem/dataprovider/configuration/security/JwtService.kt
@@ -5,6 +5,7 @@ import com.auth0.jwt.JWTVerifier
import com.auth0.jwt.algorithms.Algorithm
import com.auth0.jwt.exceptions.JWTCreationException
import com.auth0.jwt.exceptions.JWTVerificationException
+import de.fraunhofer.iem.dataprovider.logger.getLogger
import org.springframework.stereotype.Service
data class JwtContentDto(val gitlabId: Long) {
@@ -16,8 +17,14 @@ data class JwtContentDto(val gitlabId: Long) {
@Service
class JwtService(private val securityProperties: SecurityProperties) {
- val algorithm: Algorithm = Algorithm.HMAC512(securityProperties.hmacKey)
- val issuer: String = "IEM-dataprovider"
+ private val algorithm: Algorithm = Algorithm.HMAC512(securityProperties.hmacKey)
+ private val issuer: String = "IEM-dataprovider"
+ private val verifier: JWTVerifier = JWT.require(algorithm) // specify an specific claim validations
+ .withIssuer(issuer) // reusable verifier instance
+ .build()
+
+ private val logger = getLogger(javaClass)
+
fun createJWT(content: JwtContentDto): String? {
return try {
@@ -27,7 +34,7 @@ class JwtService(private val securityProperties: SecurityProperties) {
.sign(algorithm)
} catch (exception: JWTCreationException) {
// Invalid Signing configuration / Couldn't convert Claims.
- println("JWT creation for id $content failed")
+ logger.error("JWT creation for id $content failed with $exception")
null
}
}
@@ -35,16 +42,13 @@ class JwtService(private val securityProperties: SecurityProperties) {
fun getContentIfValid(encodedJwt: String): JwtContentDto? {
return try {
- val verifier: JWTVerifier = JWT.require(algorithm) // specify an specific claim validations
- .withIssuer(issuer) // reusable verifier instance
- .build()
-
val decodedJWT = verifier.verify(encodedJwt)
JwtContentDto(
gitlabId = decodedJWT.getClaim(JwtContentDto.GITLAB_ID_CLAIM_NAME).asLong()
)
} catch (exception: JWTVerificationException) {
// Invalid signature/claims
+ logger.error("JWT verification failed with exception $exception")
null
}
}
diff --git a/src/main/kotlin/de/fraunhofer/iem/dataprovider/repository/controller/RepositoryController.kt b/src/main/kotlin/de/fraunhofer/iem/dataprovider/repository/controller/RepositoryController.kt
index 2e28ae3c82d16a48503499e6e67d1b8eb482c492..e955926f32c86d70b19c23016cac21f8ca3622df 100644
--- a/src/main/kotlin/de/fraunhofer/iem/dataprovider/repository/controller/RepositoryController.kt
+++ b/src/main/kotlin/de/fraunhofer/iem/dataprovider/repository/controller/RepositoryController.kt
@@ -135,10 +135,10 @@ class RepositoryController(
@GetMapping(ApiPaths.REPOSITORY_TOOL_RUN)
suspend fun getToolRunForRepository(
- @CookieValue("gitlabIdToken") gitlabCookie: String,
+ @CookieValue(name = "gitlabIdToken", required = false) gitlabCookie: String,
@PathVariable id: Long
): ToolRunResponseDto {
- println("Cookie value $gitlabCookie")
+ logger.info("Cookie value $gitlabCookie")
val isProjectMember = jwtService.getContentIfValid(gitlabCookie)?.let {
gitlabApi.userIsProjectMember(projectId = id, gitlabUserId = it.gitlabId)
@@ -164,7 +164,7 @@ class RepositoryController(
}
@PostMapping(ApiPaths.REPOSITORY_VALIDATE_USER)
- suspend fun validateUserLogin(
+ suspend fun getGitlabCookie(
@PathVariable id: Long,
@RequestBody validateDto: ValidateUserDto
): ResponseEntity<OkResponseDto> {
@@ -183,6 +183,4 @@ class RepositoryController(
.header(HttpHeaders.SET_COOKIE, gitlabCookie.toString())
.body(OkResponseDto())
}
-
-
}