MCPcopy
hub / github.com/devtron-labs/devtron / HandleRefresh

Method HandleRefresh

pkg/auth/user/UserAuthService.go:174–258  ·  view source on GitHub ↗
(w http.ResponseWriter, r *http.Request)

Source from the content-addressed store, hash-verified

172}
173
174func (impl UserAuthServiceImpl) HandleRefresh(w http.ResponseWriter, r *http.Request) {
175 session, _ := cStore.Get(r, "JWT_TOKEN")
176 // Check if user is authenticated
177 if auth, ok := session.Values["authenticated"].(bool); !ok || !auth {
178 http.Redirect(w, r, dexOauthConfig.AuthCodeURL(oauthStateString), http.StatusFound)
179 } else {
180 jwtToken := session.Values["jwtToken"].(string)
181 claims := &Claims
182
183 // Parse the JWT string and store the result in `claims`.
184 // Note that we are passing the key in this method as well. This method will return an error
185 // if the token is invalid (if it has expired according to the expiry time we set on sign in),
186 // or if the signature does not match
187 tkn, err := jwt.ParseWithClaims(jwtToken, claims, func(token *jwt.Token) (interface{}, error) {
188 return jwtKey, nil
189 })
190 if !tkn.Valid {
191 session.Options = &sessions.Options{
192 MaxAge: -1,
193 }
194 writeResponse(http.StatusUnauthorized, "TOKEN EXPIRED", w, errors.New("token expired"))
195 return
196 }
197 if err != nil {
198 if err == jwt.ErrSignatureInvalid {
199 writeResponse(http.StatusUnauthorized, "SignatureInvalid", w, errors.New("SignatureInvalid"))
200 return
201 }
202 writeResponse(http.StatusBadRequest, "StatusBadRequest", w, errors.New("StatusBadRequest"))
203 return
204 }
205 claims.Email = util2.ConvertEmailToLowerCase(claims.Email)
206 bearerToken := claims.Token
207 user, err := authorize(context.Background(), bearerToken)
208 if err != nil {
209 fmt.Print("Exception :", err)
210 }
211 fmt.Print(user)
212
213 // We ensure that a new token is not issued until enough time has elapsed
214 // In this case, a new token will only be issued if the old token is within
215 // 30 seconds of expiry. Otherwise, return a bad request status
216 /*if time.Unix(claims.ExpiresAt, 0).Sub(time.Now()) > 30*time.Second {
217 w.WriteHeader(http.StatusBadRequest)
218 return
219 }*/
220
221 dbUser, err := impl.userRepository.FetchUserDetailByEmail(Claims.Email)
222 if err != nil {
223 impl.logger.Errorw("Exception while fetching user from db", "err", err)
224 }
225 if dbUser.Id > 0 {
226 // Do nothing, User already exist in our db. (unique check by email id)
227 } else {
228 // TODO - need to handle case
229 }
230
231 // Now, create a new token for the current use, with a renewed expiration time

Callers

nothing calls this directly

Calls 5

writeResponseFunction · 0.85
authorizeFunction · 0.85
GetMethod · 0.65
SaveMethod · 0.65

Tested by

no test coverage detected