diff --git a/core/jwt_claims.go b/core/jwt_claims.go index b3c5089..006c1eb 100644 --- a/core/jwt_claims.go +++ b/core/jwt_claims.go @@ -86,7 +86,7 @@ func ClaimExpired(claims jwt.RegisteredClaims) error { if claims.ExpiresAt == nil { return errors.New("claim exp is nil") } - if claims.ExpiresAt.Time.Before(time.Now()) { + if claims.ExpiresAt.Time.After(time.Now()) { return nil } return errors.New("claim expired") diff --git a/core/nkode_handler.go b/core/nkode_handler.go index a720d7e..51846ac 100644 --- a/core/nkode_handler.go +++ b/core/nkode_handler.go @@ -21,7 +21,7 @@ const ( Login = "/login" RenewAttributes = "/renew-attributes" RandomSvgInterface = "/random-svg-interface" - RefreshToken = "refresh-token" + RefreshToken = "/refresh-token" ) func (h *NKodeHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { @@ -367,7 +367,45 @@ func (h *NKodeHandler) RandomSvgInterfaceHandler(w http.ResponseWriter, r *http. } func (h *NKodeHandler) RefreshTokenHandler(w http.ResponseWriter, r *http.Request) { + if r.Method != http.MethodPost { + methodNotAllowed(w) + } + var refreshTokenPost RefreshTokenPost + err := decodeJson(w, r, &refreshTokenPost) + if err != nil { + internalServerErrorHandler(w) + log.Println(err) + return + } + customerId, err := uuid.Parse(refreshTokenPost.CustomerId) + if err != nil { + internalServerErrorHandler(w) + log.Println(err) + return + } + accessToken, err := h.Api.RefreshToken(Username(refreshTokenPost.Username), CustomerId(customerId), refreshTokenPost.RefreshToken) + + if err != nil { + internalServerErrorHandler(w) + log.Println(err) + return + } + respBytes, err := json.Marshal(RefreshTokenResp{AccessToken: accessToken}) + + if err != nil { + internalServerErrorHandler(w) + log.Println(err) + return + } + _, err = w.Write(respBytes) + + if err != nil { + internalServerErrorHandler(w) + log.Println(err) + return + } + w.WriteHeader(http.StatusOK) } func decodeJson(w http.ResponseWriter, r *http.Request, post any) error { diff --git a/core/type.go b/core/type.go index 5721afc..bf27d6d 100644 --- a/core/type.go +++ b/core/type.go @@ -12,6 +12,10 @@ type RandomSvgInterfaceResp struct { Svgs []string `json:"svgs"` } +type RefreshTokenResp struct { + AccessToken string `json:"access_token"` +} + type NewCustomerPost struct { NKodePolicy NKodePolicy `json:"nkode_policy"` } @@ -50,6 +54,12 @@ type RenewAttributesPost struct { CustomerId string `json:"customer_id"` } +type RefreshTokenPost struct { + Username string `json:"username"` + CustomerId string `json:"customer_id"` + RefreshToken string `json:"refresh_token"` +} + type CreateNewCustomerResp struct { CustomerId string `json:"customer_id"` } diff --git a/main.go b/main.go index be28228..a2cedf3 100644 --- a/main.go +++ b/main.go @@ -23,6 +23,7 @@ func main() { mux.Handle(core.Login, &handler) mux.Handle(core.RenewAttributes, &handler) mux.Handle(core.RandomSvgInterface, &handler) + mux.Handle(core.RefreshToken, &handler) fmt.Println("Running on localhost:8080...") log.Fatal(http.ListenAndServe("localhost:8080", corsMiddleware(mux))) } diff --git a/main_test.go b/main_test.go index 6201cf6..72f2c91 100644 --- a/main_test.go +++ b/main_test.go @@ -93,6 +93,18 @@ func TestApi(t *testing.T) { var randomSvgInterfaceResp core.RandomSvgInterfaceResp testApiGet(t, base+core.RandomSvgInterface, &randomSvgInterfaceResp) assert.Equal(t, core.KeypadMax.TotalAttrs(), len(randomSvgInterfaceResp.Svgs)) + + refreshBody := core.RefreshTokenPost{ + Username: string(username), + CustomerId: customerResp.CustomerId, + RefreshToken: jwtTokens.RefreshToken, + } + + var refreshTokenResp core.RefreshTokenResp + testApiPost(t, base+core.RefreshToken, refreshBody, &refreshTokenResp) + accessClaims, err = core.ParseAccessToken(refreshTokenResp.AccessToken) + assert.NoError(t, err) + assert.Equal(t, accessClaims.Subject, string(username)) } func Unmarshal(t *testing.T, resp *http.Response, data any) {