feat: Implement JWT refresh token for authorization (fossasia#2230)

aggarwalpulkit596 · aggarwalpulkit596 · commit 52a6cf254f1a · 2019-09-19T00:01:24.000+05:30
diff --git a/app/src/fdroid/java/org/fossasia/openevent/general/auth/TokenAuthenticator.kt b/app/src/fdroid/java/org/fossasia/openevent/general/auth/TokenAuthenticator.kt
@@ -0,0 +1,44 @@
+package org.fossasia.openevent.general.auth
+
+import okhttp3.Authenticator
+import okhttp3.Request
+import okhttp3.Response
+import okhttp3.Route
+import org.koin.core.KoinComponent
+import org.koin.core.inject
+
+class TokenAuthenticator : Authenticator, KoinComponent {
+
+    val tokenService: RefreshTokenService by inject()
+    val authHolder: AuthHolder by inject()
+
+    /**
+     * Authenticator for when the authToken need to be refresh and updated
+     * everytime we get a 401 error code
+     */
+
+    override fun authenticate(route: Route?, response: Response): Request? {
+
+        val loginResponse = tokenService.refreshToken()
+
+        return if (loginResponse.isSuccessful) {
+            /**
+             * Replace the existing tokens with the new tokens
+             **/
+            loginResponse.body()?.let {
+                authHolder.accessToken = it.accessToken
+                authHolder.refreshToken = it.refreshToken
+
+                val newToken = "JWT ${it.accessToken}"
+
+                response.request.newBuilder()
+                    .addHeader("Authorization", newToken)
+                    .build()
+            }
+        } else {
+            authHolder.accessToken = null
+            authHolder.refreshToken = null
+            response.request
+        }
+    }
+}
diff --git a/app/src/main/java/org/fossasia/openevent/general/auth/AuthApi.kt b/app/src/main/java/org/fossasia/openevent/general/auth/AuthApi.kt
@@ -7,18 +7,22 @@ import org.fossasia.openevent.general.auth.change.ChangeRequestTokenResponse
 import org.fossasia.openevent.general.auth.forgot.Email
 import org.fossasia.openevent.general.auth.forgot.RequestToken
 import org.fossasia.openevent.general.auth.forgot.RequestTokenResponse
+import retrofit2.Response
 import retrofit2.http.Body
+import retrofit2.http.DELETE
 import retrofit2.http.GET
 import retrofit2.http.PATCH
 import retrofit2.http.POST
 import retrofit2.http.Path
-import retrofit2.http.DELETE
 
 interface AuthApi {
 
-    @POST("../auth/session")
+    @POST("auth/login")
     fun login(@Body login: Login): Single<LoginResponse>
 
+    @POST("/auth/token/refresh")
+    fun refreshToken(): Response<LoginResponse>
+
     @GET("users/{id}")
     fun getProfile(@Path("id") id: Long): Single<User>
 
diff --git a/app/src/main/java/org/fossasia/openevent/general/auth/AuthHolder.kt b/app/src/main/java/org/fossasia/openevent/general/auth/AuthHolder.kt
@@ -3,37 +3,58 @@ package org.fossasia.openevent.general.auth
 import org.fossasia.openevent.general.data.Preference
 import org.fossasia.openevent.general.utils.JWTUtils
 
-private const val TOKEN_KEY = "TOKEN"
+private const val ACCESS_TOKEN = "accessToken"
+private const val REFRESH_TOKEN = "refreshToken"
 
 class AuthHolder(private val preference: Preference) {
 
-    var token: String? = null
+    var accessToken: String? = null
         get() {
-            return preference.getString(TOKEN_KEY)
+            return preference.getString(ACCESS_TOKEN)
         }
         set(value) {
-            if (value != null && JWTUtils.isExpired(value))
-                throw IllegalStateException("Cannot set expired token")
+            check(!(value != null && JWTUtils.isExpired(value))) { "Cannot set expired token" }
             field = value
-            preference.putString(TOKEN_KEY, value)
+            preference.putString(ACCESS_TOKEN, value)
         }
+    var refreshToken: String? = null
+        get() {
+            return preference.getString(REFRESH_TOKEN)
+        }
+        set(value) {
+            check(!(value != null && JWTUtils.isExpired(value))) { "Cannot set expired token" }
+            field = value
+            preference.putString(REFRESH_TOKEN, value)
+        }
+
+    fun getAccessAuthorization(): String? {
+        if (!isLoggedIn())
+            return null
+        return "JWT $accessToken"
+    }
+
+    fun getRefreshAuthorization(): String? {
+        if (!isLoggedIn())
+            return null
+        return "JWT $refreshToken"
+    }
 
     fun getAuthorization(): String? {
         if (!isLoggedIn())
             return null
-        return "JWT $token"
+        return "JWT $accessToken"
     }
 
     fun isLoggedIn(): Boolean {
-        if (token == null || JWTUtils.isExpired(token)) {
-            token = null
+        if (accessToken == null || JWTUtils.isExpired(accessToken)) {
+            accessToken = null
             return false
         }
 
         return true
     }
 
     fun getId(): Long {
-        return if (!isLoggedIn()) -1 else JWTUtils.getIdentity(token)
+        return if (!isLoggedIn()) -1 else JWTUtils.getIdentity(accessToken)
     }
 }
diff --git a/app/src/main/java/org/fossasia/openevent/general/auth/AuthService.kt b/app/src/main/java/org/fossasia/openevent/general/auth/AuthService.kt
@@ -24,12 +24,12 @@ class AuthService(
     private val eventApi: EventApi
 ) {
     fun login(username: String, password: String): Single<LoginResponse> {
-        if (username.isEmpty() || password.isEmpty())
-            throw IllegalArgumentException("Username or password cannot be empty")
+        require(!(username.isEmpty() || password.isEmpty())) { "Username or password cannot be empty" }
 
         return authApi.login(Login(username, password))
                 .map {
-                    authHolder.token = it.accessToken
+                    authHolder.accessToken = it.accessToken
+                    authHolder.refreshToken = it.refreshToken
                     it
                 }
     }
@@ -66,7 +66,8 @@ class AuthService(
 
     fun logout(): Completable {
         return Completable.fromAction {
-            authHolder.token = null
+            authHolder.accessToken = null
+            authHolder.refreshToken = null
             userDao.deleteUser(authHolder.getId())
             orderDao.deleteAllOrders()
             attendeeDao.deleteAllAttendees()
diff --git a/app/src/main/java/org/fossasia/openevent/general/auth/Login.kt b/app/src/main/java/org/fossasia/openevent/general/auth/Login.kt
@@ -1,3 +1,12 @@
 package org.fossasia.openevent.general.auth
 
-data class Login(val email: String, val password: String)
+import com.fasterxml.jackson.databind.PropertyNamingStrategy
+import com.fasterxml.jackson.databind.annotation.JsonNaming
+
+@JsonNaming(PropertyNamingStrategy.KebabCaseStrategy::class)
+data class Login(
+    val email: String,
+    val password: String,
+    val rememberMe: Boolean = true,
+    val includeInResponse: Boolean = true
+)
diff --git a/app/src/main/java/org/fossasia/openevent/general/auth/LoginResponse.kt b/app/src/main/java/org/fossasia/openevent/general/auth/LoginResponse.kt
@@ -4,4 +4,7 @@ import com.fasterxml.jackson.databind.PropertyNamingStrategy
 import com.fasterxml.jackson.databind.annotation.JsonNaming
 
 @JsonNaming(PropertyNamingStrategy.SnakeCaseStrategy::class)
-data class LoginResponse(val accessToken: String)
+data class LoginResponse(
+    val accessToken: String,
+    val refreshToken: String
+)
diff --git a/app/src/main/java/org/fossasia/openevent/general/auth/RefreshTokenService.kt b/app/src/main/java/org/fossasia/openevent/general/auth/RefreshTokenService.kt
@@ -0,0 +1,20 @@
+package org.fossasia.openevent.general.auth
+
+import org.fossasia.openevent.general.BuildConfig
+import retrofit2.Response
+import retrofit2.Retrofit
+import retrofit2.converter.gson.GsonConverterFactory
+
+class RefreshTokenService {
+
+    private val retrofit = Retrofit.Builder()
+        .addConverterFactory(GsonConverterFactory.create())
+        .baseUrl(BuildConfig.DEFAULT_BASE_URL)
+        .build()
+
+    private val authApi: AuthApi = retrofit.create(AuthApi::class.java)
+
+    fun refreshToken(): Response<LoginResponse> {
+        return authApi.refreshToken()
+    }
+}
diff --git a/app/src/main/java/org/fossasia/openevent/general/di/Modules.kt b/app/src/main/java/org/fossasia/openevent/general/di/Modules.kt
@@ -30,6 +30,7 @@ import org.fossasia.openevent.general.auth.SignUp
 import org.fossasia.openevent.general.auth.SignUpViewModel
 import org.fossasia.openevent.general.auth.User
 import org.fossasia.openevent.general.auth.AuthViewModel
+import org.fossasia.openevent.general.auth.RefreshTokenService
 import org.fossasia.openevent.general.data.Network
 import org.fossasia.openevent.general.data.Preference
 import org.fossasia.openevent.general.event.Event
@@ -71,6 +72,7 @@ import org.fossasia.openevent.general.search.location.LocationService
 import org.fossasia.openevent.general.search.type.SearchTypeViewModel
 import org.fossasia.openevent.general.search.location.LocationServiceImpl
 import org.fossasia.openevent.general.auth.SmartAuthViewModel
+import org.fossasia.openevent.general.auth.TokenAuthenticator
 import org.fossasia.openevent.general.connectivity.MutableConnectionLiveData
 import org.fossasia.openevent.general.discount.DiscountApi
 import org.fossasia.openevent.general.discount.DiscountCode
@@ -231,6 +233,7 @@ val apiModule = module {
     factory { FeedbackService(get(), get()) }
     factory { SettingsService(get(), get()) }
     factory { TaxService(get(), get()) }
+    factory { RefreshTokenService() }
 }
 
 val viewModelModule = module {
@@ -296,6 +299,7 @@ val networkModule = module {
             .readTimeout(readTimeout.toLong(), TimeUnit.SECONDS)
             .addInterceptor(HostSelectionInterceptor(get()))
             .addInterceptor(RequestAuthenticator(get()))
+            .authenticator(TokenAuthenticator())
             .addNetworkInterceptor(StethoInterceptor())
 
         if (BuildConfig.DEBUG) {
