From eacddaeecd3650af8aa3693fce5d5426ec3b6fda Mon Sep 17 00:00:00 2001 From: Sattvik Chakravarthy Date: Fri, 11 Oct 2024 13:01:24 +0530 Subject: [PATCH] fix: refresh token mapping persistence --- src/main/java/io/supertokens/oauth/OAuth.java | 19 +++++++++---------- .../webserver/api/oauth/OAuthTokenAPI.java | 4 ++-- 2 files changed, 11 insertions(+), 12 deletions(-) diff --git a/src/main/java/io/supertokens/oauth/OAuth.java b/src/main/java/io/supertokens/oauth/OAuth.java index 8c22b9b73..32c70887a 100644 --- a/src/main/java/io/supertokens/oauth/OAuth.java +++ b/src/main/java/io/supertokens/oauth/OAuth.java @@ -369,13 +369,13 @@ public static void addOrUpdateClient(Main main, AppIdentifier appIdentifier, Sto oauthStorage.addOrUpdateOauthClient(appIdentifier, clientId, clientSecret, isClientCredentialsOnly, enableRefreshTokenRotation); } - public static String encryptClientSecret(Main main, String clientSecret) throws InvalidConfigException, InvalidKeyException, NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException { + private static String encryptClientSecret(Main main, String clientSecret) throws InvalidConfigException, InvalidKeyException, NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException { String key = Config.getConfig(main).getOAuthClientSecretEncryptionKey(); clientSecret = Utils.encrypt(clientSecret, key); return clientSecret; } - public static String decryptClientSecret(Main main, String clientSecret) throws InvalidConfigException, InvalidKeyException, NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException { + private static String decryptClientSecret(Main main, String clientSecret) throws InvalidConfigException, InvalidKeyException, NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException { String key = Config.getConfig(main).getOAuthClientSecretEncryptionKey(); clientSecret = Utils.decrypt(clientSecret, key); return clientSecret; @@ -406,7 +406,7 @@ private static Map convertCamelToSnakeCase(Map q return result; } - public static JsonObject convertCamelToSnakeCase(JsonObject queryParams) { + private static JsonObject convertCamelToSnakeCase(JsonObject queryParams) { JsonObject result = new JsonObject(); for (Map.Entry entry : queryParams.entrySet()) { result.add(Utils.camelCaseToSnakeCase(entry.getKey()), entry.getValue()); @@ -438,7 +438,6 @@ private static JsonElement convertSnakeCaseToCamelCaseRecursively(JsonElement js return result; } return jsonResponse; - } public static void verifyAndUpdateIntrospectRefreshTokenPayload(Main main, AppIdentifier appIdentifier, @@ -657,14 +656,14 @@ public static String getOAuthProviderRefreshToken(Main main, AppIdentifier appId } public static void createOrUpdateRefreshTokenMapping(Main main, AppIdentifier appIdentifier, Storage storage, - String inputRefreshToken, String newRefreshToken) { - // TODO Auto-generated method stub - throw new UnsupportedOperationException("Unimplemented method 'createOrUpdateRefreshTokenMapping'"); + String inputRefreshToken, String newRefreshToken, long exp) throws StorageQueryException { + OAuthStorage oauthStorage = StorageUtils.getOAuthStorage(storage); + oauthStorage.createOrUpdateRefreshTokenMapping(appIdentifier, inputRefreshToken, newRefreshToken, exp); } public static void deleteRefreshTokenMappingIfExists(Main main, AppIdentifier appIdentifier, Storage storage, - String inputRefreshToken) { - // TODO Auto-generated method stub - throw new UnsupportedOperationException("Unimplemented method 'deleteRefreshTokenMappingIfExists'"); + String inputRefreshToken) throws StorageQueryException { + OAuthStorage oauthStorage = StorageUtils.getOAuthStorage(storage); + oauthStorage.deleteRefreshTokenMapping(appIdentifier, inputRefreshToken); } } diff --git a/src/main/java/io/supertokens/webserver/api/oauth/OAuthTokenAPI.java b/src/main/java/io/supertokens/webserver/api/oauth/OAuthTokenAPI.java index 4d4b5f5ae..40a18324d 100644 --- a/src/main/java/io/supertokens/webserver/api/oauth/OAuthTokenAPI.java +++ b/src/main/java/io/supertokens/webserver/api/oauth/OAuthTokenAPI.java @@ -174,12 +174,12 @@ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws I if (inputRefreshToken == null) { // Issuing a new refresh token if (!oauthClient.enableRefreshTokenRotation) { - OAuth.createOrUpdateRefreshTokenMapping(main, appIdentifier, storage, newRefreshToken, newRefreshToken); + OAuth.createOrUpdateRefreshTokenMapping(main, appIdentifier, storage, newRefreshToken, newRefreshToken, 0); // TODO: add exp } // else we don't need a mapping } else { // Refreshing a token if (!oauthClient.enableRefreshTokenRotation) { - OAuth.createOrUpdateRefreshTokenMapping(main, appIdentifier, storage, inputRefreshToken, newRefreshToken); + OAuth.createOrUpdateRefreshTokenMapping(main, appIdentifier, storage, inputRefreshToken, newRefreshToken, 0); // TODO: add exp response.jsonResponse.getAsJsonObject().remove("refresh_token"); } else { OAuth.deleteRefreshTokenMappingIfExists(main, appIdentifier, storage, inputRefreshToken);