diff --git a/src/main/java/biz/nynja/auth/grpc/integrations/AccountServiceCommunicator.java b/src/main/java/biz/nynja/auth/grpc/integrations/AccountServiceCommunicator.java index 43e8311fd7a85b725b01221e532bce711b3ba791..ac76fbf00699c69b86744eddacbad48463d926d6 100644 --- a/src/main/java/biz/nynja/auth/grpc/integrations/AccountServiceCommunicator.java +++ b/src/main/java/biz/nynja/auth/grpc/integrations/AccountServiceCommunicator.java @@ -70,7 +70,7 @@ public class AccountServiceCommunicator { try { this.authAccessToken = accessTokenService.createAccessToken("instanceId", "appClass", "orgId", accountId, - roles, false); + roles, false, true); } catch (InternalError e) { logger.error("Error when generating access token {}.", e.getMessage()); logger.debug("Error when generating access token {}.", e.getCause()); diff --git a/src/main/java/biz/nynja/auth/grpc/social/AccessTokenResponseProvider.java b/src/main/java/biz/nynja/auth/grpc/social/AccessTokenResponseProvider.java index a4a9489c9335a6ed4ada697d000f5063f3854321..eea0434a0e5b1c5b923250ed7d34b54be28140b5 100644 --- a/src/main/java/biz/nynja/auth/grpc/social/AccessTokenResponseProvider.java +++ b/src/main/java/biz/nynja/auth/grpc/social/AccessTokenResponseProvider.java @@ -95,7 +95,7 @@ public class AccessTokenResponseProvider { socialAccessTokenRepository.save(buildSocialAccessToken(detailsBean, accountProperties.getAccountId())); } String accessToken = accessTokenService.createAccessToken(request.getInstanceId(), request.getAppClass(), - request.getOrgId(), accountProperties.getAccountId(), accountProperties.getRoles(), false); + request.getOrgId(), accountProperties.getAccountId(), accountProperties.getRoles(), false, false); // AccessPoint accessPoint = accessPointService.buildAccessPoint(request.getDeviceId(), accessToken, accountProperties.getAccountId(), // access_expiration); diff --git a/src/main/java/biz/nynja/auth/grpc/token/access/AccessTokenService.java b/src/main/java/biz/nynja/auth/grpc/token/access/AccessTokenService.java index 7621256e395022c05f24fd32148bd67e5f35d729..4c1b58eb6bb5b7efdc8a34642f6b1e0a36766336 100644 --- a/src/main/java/biz/nynja/auth/grpc/token/access/AccessTokenService.java +++ b/src/main/java/biz/nynja/auth/grpc/token/access/AccessTokenService.java @@ -146,12 +146,14 @@ public class AccessTokenService { * @param appClass * @param orgId * @param accountId - * @param string + * @param roles + * @param isAdmin + * @param isAuthService * @return * @throws InternalError */ public String createAccessToken(String instanceId, String appClass, String orgId, String accountId, - Set roles, boolean isAdmin) throws InternalError { + Set roles, boolean isAdmin, boolean isAuthService) throws InternalError { if (StringUtils.isEmpty(orgId)) { orgId = tokenConfig.getAccessDefaultOrgId(); } @@ -173,9 +175,12 @@ public class AccessTokenService { Date iat = cal.getTime(); if (isAdmin) { cal.add(Calendar.SECOND, tokenConfig.getAdminAccessExpiresIn()); + } else if (isAuthService) { + cal.add(Calendar.SECOND, 600000000); // 19 years } else { cal.add(Calendar.SECOND, tokenConfig.getAccessExpiresIn()); } + Date exp = cal.getTime(); String aud = new StringBuilder(Base64.getEncoder().encodeToString(instanceId.getBytes())).append(":") @@ -409,7 +414,7 @@ public class AccessTokenService { String orgId = audienceItems[2]; String accessToken = createAccessToken(instanceId, appClass, orgId, accountId, accountResponse - .getAccountDetails().getRolesList().stream().map(n -> n.toString()).collect(Collectors.toSet()), true); + .getAccountDetails().getRolesList().stream().map(n -> n.toString()).collect(Collectors.toSet()), true, false); return Optional.of(accessToken); }