Skip to content

Commit

Permalink
Refactor the boolean method with getRemainingDaysSignatureExpiration
Browse files Browse the repository at this point in the history
  • Loading branch information
@SteDev2
SteDev2 committed Aug 25, 2023
1 parent 8423edc commit 9cf1a9e
Show file tree
Hide file tree
Showing 7 changed files with 30 additions and 19 deletions.
2 changes: 1 addition & 1 deletion iam-common/src/main/java/it/infn/mw/iam/service/aup/AUPSignatureCheckService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,5 +20,5 @@
@FunctionalInterface
public interface AUPSignatureCheckService {

boolean needsAupSignature(IamAccount account);
int getRemainingDaysSignatureExpiration(IamAccount account);
}
37 changes: 24 additions & 13 deletions iam-common/src/main/java/it/infn/mw/iam/service/aup/DefaultAupSignatureCheckService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@
import it.infn.mw.iam.core.time.TimeProvider;
import it.infn.mw.iam.persistence.model.IamAccount;
import it.infn.mw.iam.persistence.model.IamAup;
import it.infn.mw.iam.persistence.model.IamAupSignature;
import it.infn.mw.iam.persistence.repository.IamAupRepository;
import it.infn.mw.iam.persistence.repository.IamAupSignatureRepository;

Expand All @@ -50,52 +51,62 @@ public DefaultAupSignatureCheckService(IamAupRepository aupRepo,
}

@Override
public boolean needsAupSignature(IamAccount account) {
public int getRemainingDaysSignatureExpiration(IamAccount account) {
Optional<IamAup> aup = aupRepo.findDefaultAup();

Date now = new Date(timeProvider.currentTimeMillis());

if (!aup.isPresent()) {
LOG.debug("AUP signature not needed for account '{}': AUP is not defined",
account.getUsername());
return false;
return Integer.MAX_VALUE;
}

if (isNull(account.getAupSignature())) {
LOG.debug("AUP signature needed for account '{}': no signature record found for user",
account.getUsername());
return true;
return -Integer.MAX_VALUE;
}

Date signatureTime = account.getAupSignature().getSignatureTime();
Date aupLastModifiedTime = aup.get().getLastUpdateTime();
Long signatureValidityInDays = aup.get().getSignatureValidityInDays();

if (signatureTime.compareTo(aupLastModifiedTime) > 0) {
int daysLeftBeforeSignAup = calculateDaysLeft(aup.get(), account);

if (daysLeftBeforeSignAup > 0) {

if (signatureValidityInDays > 0) {

Date signatureValidTime =
new Date(signatureTime.getTime() + TimeUnit.DAYS.toMillis(signatureValidityInDays));

// The signature was on the last version of the AUP
Date now = new Date(timeProvider.currentTimeMillis());
boolean signatureNeeded = now.compareTo(signatureValidTime) > 0;
String signatureNeededString = (signatureNeeded ? "needed" : "not needed");
LOG.debug(
"AUP signature {} for account '{}': Now '{}' AUP signature time '{}', AUP signature end of validity '{}'",
signatureNeededString, account.getUsername(), now, signatureTime, signatureValidTime);
return signatureNeeded;
}

return false;
}

// The signature is needed anyway since it was done before the last changes to the AUP
LOG.debug(
return daysLeftBeforeSignAup;
} else {
LOG.debug(
"AUP signature needed for account '{}': AUP signature time '{}', AUP last modified time '{}'",
account.getUsername(), signatureTime, aupLastModifiedTime);

return true;
return daysLeftBeforeSignAup;
}
}

private int calculateDaysLeft(IamAup aup, IamAccount account) {
Long signatureValidityInDays = aup.getSignatureValidityInDays();
Optional<IamAupSignature> signature = signatureRepo.findByAupAndAccount(aup, account);

Date expirationDateSignature = new Date(signature.get().getSignatureTime().getTime() + TimeUnit.DAYS.toMillis(signatureValidityInDays));
Date now = new Date(timeProvider.currentTimeMillis());
Long delta = expirationDateSignature.getTime() - now.getTime();
int resultDaysLeft = Long.valueOf(TimeUnit.DAYS.convert(delta, TimeUnit.MILLISECONDS)).intValue();

return resultDaysLeft;
}
}
2 changes: 1 addition & 1 deletion iam-login-service/src/main/java/it/infn/mw/iam/authn/EnforceAupSignatureSuccessHandler.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -100,7 +100,7 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo
Optional<IamAccount> authenticatedAccount = lookupAuthenticatedUser(auth);

if (!authenticatedAccount.isPresent()
|| !service.needsAupSignature(authenticatedAccount.get())) {
|| !(service.getRemainingDaysSignatureExpiration(authenticatedAccount.get()) <= 0)) {
delegate.onAuthenticationSuccess(request, response, auth);

} else {
Expand Down
2 changes: 1 addition & 1 deletion ...ogin-service/src/main/java/it/infn/mw/iam/core/oauth/granters/IamRefreshTokenGranter.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@ protected OAuth2AccessToken getAccessToken(ClientDetails client, TokenRequest to
throw new DisabledException(format("User %s is not active.", user.get().getUsername()));
}

if (user.isPresent() && signatureCheckService.needsAupSignature(user.get())) {
if (user.isPresent() && (signatureCheckService.getRemainingDaysSignatureExpiration(user.get()) <= 0)) {
throw new InvalidGrantException(
format("User %s needs to sign AUP for this organization in order to proceed.",
user.get().getUsername()));
Expand Down
2 changes: 1 addition & 1 deletion ...rc/main/java/it/infn/mw/iam/core/oauth/granters/IamResourceOwnerPasswordTokenGranter.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ protected OAuth2Authentication getOAuth2Authentication(ClientDetails client,
OAuth2Authentication auth = super.getOAuth2Authentication(client, tokenRequest);
Optional<IamAccount> user = accountUtils.getAuthenticatedUserAccount(auth);

if (user.isPresent() && signatureCheckService.needsAupSignature(user.get())) {
if (user.isPresent() && (signatureCheckService.getRemainingDaysSignatureExpiration(user.get()) <= 0)) {
throw new InvalidGrantException(
format("User %s needs to sign AUP for this organization in order to proceed.",
user.get().getUsername()));
Expand Down
2 changes: 1 addition & 1 deletion ...n-service/src/main/java/it/infn/mw/iam/core/oauth/granters/TokenExchangeTokenGranter.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -159,7 +159,7 @@ protected OAuth2Authentication getOAuth2Authentication(final ClientDetails actor
Optional<IamAccount> account = accountUtils
.getAuthenticatedUserAccount(subjectToken.getAuthenticationHolder().getUserAuth());

if (account.isPresent() && signatureCheckService.needsAupSignature(account.get())) {
if (account.isPresent() && (signatureCheckService.getRemainingDaysSignatureExpiration(account.get()) <= 0)) {
throw new InvalidGrantException(
format("User %s needs to sign AUP for this organization " + "in order to proceed.",
account.get().getUsername()));
Expand Down
2 changes: 1 addition & 1 deletion iam-voms-aa/src/main/java/it/infn/mw/voms/api/VOMSController.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -114,7 +114,7 @@ public String generateAC(@RequestHeader(name = "User-Agent", required = false) S
}
} else {
IamAccount user = context.getIamAccount();
if (signatureCheckService.needsAupSignature(user)) {
if (signatureCheckService.getRemainingDays(user) <= 0) {
VOMSErrorMessage em = VOMSErrorMessage.faildToSignAup(user.getUsername());
return responseBuilder.createErrorResponse(em);
}
Expand Down

0 comments on commit 9cf1a9e

Please sign in to comment.