fix: refresh token mapping persistence

supertokens · Oct 11, 2024 · eacddae · eacddae
1 parent e1025ec
commit eacddae
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 12 deletions.
diff --git a/src/main/java/io/supertokens/oauth/OAuth.java b/src/main/java/io/supertokens/oauth/OAuth.java
@@ -369,13 +369,13 @@ public static void addOrUpdateClient(Main main, AppIdentifier appIdentifier, Sto
         oauthStorage.addOrUpdateOauthClient(appIdentifier, clientId, clientSecret, isClientCredentialsOnly, enableRefreshTokenRotation);
     }
 
-    public static String encryptClientSecret(Main main, String clientSecret) throws InvalidConfigException, InvalidKeyException, NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
+    private static String encryptClientSecret(Main main, String clientSecret) throws InvalidConfigException, InvalidKeyException, NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
         String key = Config.getConfig(main).getOAuthClientSecretEncryptionKey();
         clientSecret = Utils.encrypt(clientSecret, key);
         return clientSecret;
     }
 
-    public static String decryptClientSecret(Main main, String clientSecret) throws InvalidConfigException, InvalidKeyException, NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
+    private static String decryptClientSecret(Main main, String clientSecret) throws InvalidConfigException, InvalidKeyException, NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
         String key = Config.getConfig(main).getOAuthClientSecretEncryptionKey();
         clientSecret = Utils.decrypt(clientSecret, key);
         return clientSecret;
@@ -406,7 +406,7 @@ private static Map<String, String> convertCamelToSnakeCase(Map<String, String> q
         return result;
     }
 
-    public static JsonObject convertCamelToSnakeCase(JsonObject queryParams) {
+    private static JsonObject convertCamelToSnakeCase(JsonObject queryParams) {
         JsonObject result = new JsonObject();
         for (Map.Entry<String, JsonElement> entry : queryParams.entrySet()) {
             result.add(Utils.camelCaseToSnakeCase(entry.getKey()), entry.getValue());
@@ -438,7 +438,6 @@ private static JsonElement convertSnakeCaseToCamelCaseRecursively(JsonElement js
             return result;
         }
         return jsonResponse;
-
     }
 
     public static void verifyAndUpdateIntrospectRefreshTokenPayload(Main main, AppIdentifier appIdentifier,
@@ -657,14 +656,14 @@ public static String getOAuthProviderRefreshToken(Main main, AppIdentifier appId
     }
 
     public static void createOrUpdateRefreshTokenMapping(Main main, AppIdentifier appIdentifier, Storage storage,
-            String inputRefreshToken, String newRefreshToken) {
-        // TODO Auto-generated method stub
-        throw new UnsupportedOperationException("Unimplemented method 'createOrUpdateRefreshTokenMapping'");
+            String inputRefreshToken, String newRefreshToken, long exp) throws StorageQueryException {
+        OAuthStorage oauthStorage = StorageUtils.getOAuthStorage(storage);
+        oauthStorage.createOrUpdateRefreshTokenMapping(appIdentifier, inputRefreshToken, newRefreshToken, exp);
     }
 
     public static void deleteRefreshTokenMappingIfExists(Main main, AppIdentifier appIdentifier, Storage storage,
-            String inputRefreshToken) {
-        // TODO Auto-generated method stub
-        throw new UnsupportedOperationException("Unimplemented method 'deleteRefreshTokenMappingIfExists'");
+            String inputRefreshToken) throws StorageQueryException {
+        OAuthStorage oauthStorage = StorageUtils.getOAuthStorage(storage);
+        oauthStorage.deleteRefreshTokenMapping(appIdentifier, inputRefreshToken);
     }
 }
diff --git a/src/main/java/io/supertokens/webserver/api/oauth/OAuthTokenAPI.java b/src/main/java/io/supertokens/webserver/api/oauth/OAuthTokenAPI.java
@@ -174,12 +174,12 @@ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws I
                         if (inputRefreshToken == null) {
                             // Issuing a new refresh token
                             if (!oauthClient.enableRefreshTokenRotation) {
-                                OAuth.createOrUpdateRefreshTokenMapping(main, appIdentifier, storage, newRefreshToken, newRefreshToken);
+                                OAuth.createOrUpdateRefreshTokenMapping(main, appIdentifier, storage, newRefreshToken, newRefreshToken, 0); // TODO: add exp
                             } // else we don't need a mapping
                         } else {
                             // Refreshing a token
                             if (!oauthClient.enableRefreshTokenRotation) {
-                                OAuth.createOrUpdateRefreshTokenMapping(main, appIdentifier, storage, inputRefreshToken, newRefreshToken);
+                                OAuth.createOrUpdateRefreshTokenMapping(main, appIdentifier, storage, inputRefreshToken, newRefreshToken, 0); // TODO: add exp
                                 response.jsonResponse.getAsJsonObject().remove("refresh_token");
                             } else {
                                 OAuth.deleteRefreshTokenMappingIfExists(main, appIdentifier, storage, inputRefreshToken);