diff --git a/src/main/java/pl/adaptiveapps/serviceexternalserver/auth/ExtToken.java b/src/main/java/pl/adaptiveapps/serviceexternalserver/auth/ExtToken.java index f844f6b..6fa36e4 100644 --- a/src/main/java/pl/adaptiveapps/serviceexternalserver/auth/ExtToken.java +++ b/src/main/java/pl/adaptiveapps/serviceexternalserver/auth/ExtToken.java @@ -26,14 +26,15 @@ public class ExtToken extends UsernamePasswordAuthenticationToken { public boolean validate(String clientToken) { String sha3 = DigestUtils.sha3_512Hex(clientToken + timestamp); +// logger.info("Token to compare: " + sha3); TimeZone tz = TimeZone.getTimeZone("UTC"); DateFormat df = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm'Z'"); df.setTimeZone(tz); try { Date parsedTimestamp = df.parse(timestamp); Long timeDiff = parsedTimestamp.getTime() - Timestamp.from(Instant.now()).getTime(); - System.out.println("Time diff: " + timeDiff); - if (Math.abs(timeDiff) > 15000) { +// logger.info("Time diff: " + timeDiff); + if (Math.abs(timeDiff) > 150000) { return false; } } catch (ParseException e) { diff --git a/src/main/java/pl/adaptiveapps/serviceexternalserver/auth/ExtTokenAuthenticationProvider.java b/src/main/java/pl/adaptiveapps/serviceexternalserver/auth/ExtTokenAuthenticationProvider.java index 8402648..431c5a5 100644 --- a/src/main/java/pl/adaptiveapps/serviceexternalserver/auth/ExtTokenAuthenticationProvider.java +++ b/src/main/java/pl/adaptiveapps/serviceexternalserver/auth/ExtTokenAuthenticationProvider.java @@ -26,7 +26,7 @@ public class ExtTokenAuthenticationProvider extends AbstractUserDetailsAuthentic protected UserDetails retrieveUser(String s, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) throws AuthenticationException { ExtToken token = (ExtToken) usernamePasswordAuthenticationToken; if (token.validate(extToken)) { - logger.info("Token validated"); +// logger.info("Token validated"); return new ExtUser(); } else { logger.info("Token not valid"); diff --git a/src/main/java/pl/adaptiveapps/serviceexternalserver/auth/ExtTokenAuthenticationTokenFilter.java b/src/main/java/pl/adaptiveapps/serviceexternalserver/auth/ExtTokenAuthenticationTokenFilter.java index f5e9d4e..5842f21 100644 --- a/src/main/java/pl/adaptiveapps/serviceexternalserver/auth/ExtTokenAuthenticationTokenFilter.java +++ b/src/main/java/pl/adaptiveapps/serviceexternalserver/auth/ExtTokenAuthenticationTokenFilter.java @@ -14,17 +14,19 @@ import java.io.IOException; public class ExtTokenAuthenticationTokenFilter extends AbstractAuthenticationProcessingFilter { private final static String TOKEN_HEADER = "Authorization"; - private final static String TIMESTAMP_HEADER = "X-Timestamp"; + private final static String TIMESTAMP_HEADER = "Timestamp"; private static final Logger logger = LoggerFactory.getLogger(ExtTokenAuthenticationTokenFilter.class); public ExtTokenAuthenticationTokenFilter() { - super("/api/**"); + super("/**"); } @Override public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthenticationException, IOException, ServletException { String authToken = httpServletRequest.getHeader(TOKEN_HEADER); String timestamp = httpServletRequest.getHeader(TIMESTAMP_HEADER); +// logger.info("Token:" + authToken); +// logger.info("Timestamp:" + timestamp); return getAuthenticationManager().authenticate(new ExtToken(authToken, timestamp)); } diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 51dc2f3..2382ca4 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -4,4 +4,6 @@ server.port=9095 spring.kafka.producer.bootstrap-servers=localhost:9092 spring.kafka.producer.key-serializer=org.apache.kafka.common.serialization.StringSerializer spring.kafka.producer.value-serializer=org.apache.kafka.common.serialization.StringSerializer -spring.kafka.producer.properties.max.request.size=20242880 \ No newline at end of file +spring.kafka.producer.properties.max.request.size=20242880 + +logging.level.org.springframework.web=INFO \ No newline at end of file