This is an automated email from the ASF dual-hosted git repository.
gongchao pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/hertzbeat.git
The following commit(s) were added to refs/heads/master by this push:
new ca2760564 [improve] use post request refresh token (#2720)
ca2760564 is described below
commit ca27605640b31238631e137285f89d555a2e49a7
Author: tomsun28 <[email protected]>
AuthorDate: Mon Sep 16 16:24:07 2024 +0800
[improve] use post request refresh token (#2720)
Signed-off-by: tomsun28 <[email protected]>
Co-authored-by: shown <[email protected]>
---
.../manager/controller/AccountController.java | 13 +++----
.../hertzbeat/manager/pojo/dto/TokenDto.java | 41 ++++++++++++++++++++++
.../manager/controller/AccountControllerTest.java | 6 ++--
web-app/src/app/service/auth.service.ts | 7 ++--
4 files changed, 54 insertions(+), 13 deletions(-)
diff --git
a/manager/src/main/java/org/apache/hertzbeat/manager/controller/AccountController.java
b/manager/src/main/java/org/apache/hertzbeat/manager/controller/AccountController.java
index 2a2494cef..1f8639476 100644
---
a/manager/src/main/java/org/apache/hertzbeat/manager/controller/AccountController.java
+++
b/manager/src/main/java/org/apache/hertzbeat/manager/controller/AccountController.java
@@ -21,10 +21,8 @@ import static
org.apache.hertzbeat.common.constants.CommonConstants.LOGIN_FAILED
import static org.springframework.http.MediaType.APPLICATION_JSON_VALUE;
import io.jsonwebtoken.ExpiredJwtException;
import io.swagger.v3.oas.annotations.Operation;
-import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.tags.Tag;
import jakarta.validation.Valid;
-import jakarta.validation.constraints.NotNull;
import java.util.Map;
import javax.naming.AuthenticationException;
import lombok.extern.slf4j.Slf4j;
@@ -32,11 +30,10 @@ import org.apache.hertzbeat.common.entity.dto.Message;
import org.apache.hertzbeat.common.util.ResponseUtil;
import org.apache.hertzbeat.manager.pojo.dto.LoginDto;
import org.apache.hertzbeat.manager.pojo.dto.RefreshTokenResponse;
+import org.apache.hertzbeat.manager.pojo.dto.TokenDto;
import org.apache.hertzbeat.manager.service.AccountService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
@@ -60,13 +57,11 @@ public class AccountController {
return ResponseUtil.handle(() ->
accountService.authGetToken(loginDto));
}
- @GetMapping("/refresh/{refreshToken}")
+ @PostMapping("/refresh")
@Operation(summary = "Use refresh TOKEN to re-acquire TOKEN", description
= "Use refresh TOKEN to re-acquire TOKEN")
- public ResponseEntity<Message<RefreshTokenResponse>> refreshToken(
- @Parameter(description = "Refresh TOKEN", example = "xxx")
- @PathVariable("refreshToken") @NotNull final String refreshToken) {
+ public ResponseEntity<Message<RefreshTokenResponse>> refreshToken(@Valid
@RequestBody TokenDto tokenDto) {
try {
- return
ResponseEntity.ok(Message.success(accountService.refreshToken(refreshToken)));
+ return
ResponseEntity.ok(Message.success(accountService.refreshToken(tokenDto.getToken())));
} catch (AuthenticationException e) {
return ResponseEntity.ok(Message.fail(LOGIN_FAILED_CODE,
e.getMessage()));
} catch (ExpiredJwtException expiredJwtException) {
diff --git
a/manager/src/main/java/org/apache/hertzbeat/manager/pojo/dto/TokenDto.java
b/manager/src/main/java/org/apache/hertzbeat/manager/pojo/dto/TokenDto.java
new file mode 100644
index 000000000..5a8fc65ad
--- /dev/null
+++ b/manager/src/main/java/org/apache/hertzbeat/manager/pojo/dto/TokenDto.java
@@ -0,0 +1,41 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.hertzbeat.manager.pojo.dto;
+
+import io.swagger.v3.oas.annotations.media.Schema;
+import jakarta.validation.constraints.NotBlank;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+/**
+ * Refresh token dto
+ */
+@Data
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
+@Schema(description = "Request refresh token transfer body")
+public class TokenDto {
+
+ @Schema(description = "token")
+ @NotBlank(message = "token can not null")
+ private String token;
+
+}
diff --git
a/manager/src/test/java/org/apache/hertzbeat/manager/controller/AccountControllerTest.java
b/manager/src/test/java/org/apache/hertzbeat/manager/controller/AccountControllerTest.java
index 6a3befb0b..488acf45f 100644
---
a/manager/src/test/java/org/apache/hertzbeat/manager/controller/AccountControllerTest.java
+++
b/manager/src/test/java/org/apache/hertzbeat/manager/controller/AccountControllerTest.java
@@ -26,6 +26,7 @@ import javax.naming.AuthenticationException;
import org.apache.hertzbeat.common.constants.CommonConstants;
import org.apache.hertzbeat.common.util.JsonUtil;
import org.apache.hertzbeat.manager.pojo.dto.LoginDto;
+import org.apache.hertzbeat.manager.pojo.dto.TokenDto;
import org.apache.hertzbeat.manager.service.AccountService;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
@@ -93,8 +94,9 @@ class AccountControllerTest {
void refreshToken() throws Exception {
String refreshToken = "123456";
Mockito.when(accountService.refreshToken(refreshToken)).thenThrow(new
AuthenticationException());
-
this.mockMvc.perform(MockMvcRequestBuilders.get("/api/account/auth/refresh/{refreshToken}",
- refreshToken))
+
this.mockMvc.perform(MockMvcRequestBuilders.post("/api/account/auth/refresh")
+ .contentType(MediaType.APPLICATION_JSON)
+ .content(JsonUtil.toJson(new TokenDto(refreshToken))))
.andExpect(jsonPath("$.code").value((int)
CommonConstants.LOGIN_FAILED_CODE))
.andReturn();
}
diff --git a/web-app/src/app/service/auth.service.ts
b/web-app/src/app/service/auth.service.ts
index 12f15e5ef..606dff815 100644
--- a/web-app/src/app/service/auth.service.ts
+++ b/web-app/src/app/service/auth.service.ts
@@ -17,7 +17,7 @@
* under the License.
*/
-import { HttpClient, HttpParams } from '@angular/common/http';
+import { HttpClient } from '@angular/common/http';
import { Injectable } from '@angular/core';
import { Observable } from 'rxjs';
@@ -32,6 +32,9 @@ export class AuthService {
constructor(private http: HttpClient) {}
public refreshToken(refreshToken: string): Observable<Message<any>> {
- return
this.http.get<Message<any>>(`${account_auth_refresh_uri}/${refreshToken}`);
+ let body = {
+ token: refreshToken
+ };
+ return this.http.post<Message<any>>(`${account_auth_refresh_uri}`, body);
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
