Merge pull request #25 from JavaCoDED78/#24

JavaCoDED78 · web-flow · commit a8ac00b6b4b4 · 2024-06-18T14:07:40.000+03:00
diff --git a/README.md b/README.md
@@ -13,6 +13,7 @@ This repository is an open-source Java library for fast and convenient using of
 * [How to use](#how-to-use)
     * [Instantiate a service](#instantiate-a-service)
     * [Persist tokens](#persist-tokens)
+    * [Invalidate token](#invalidate-jwt-token)
     * [Create token](#create-jwt-token)
     * [If token is expired](#check-if-jwt-token-is-expired)
     * [If token has claim](#check-if-jwt-token-has-claim)
@@ -31,7 +32,7 @@ With Maven add dependency to your `pom.xml`.
 <dependency>
     <groupId>io.github.javacoded78</groupId>
     <artifactId>jwt-humble</artifactId>
-    <version>0.1.0</version>
+    <version>0.2.0</version>
 </dependency>
 ```
 
@@ -55,7 +56,7 @@ After, you can call available methods and use library.
 
 ### Persist tokens
 
-Library supports `PersistentTokenServiceImpl` implementation with saving tokens to `TokenStorage`.
+Library supports `PersistentTokenService` implementation with saving tokens to `TokenStorage`.
 
 With such approach you can store tokens in Redis or in-memory Map and create new one if no specified tokens exist,
 otherwise, stored JWT token would be returned.
@@ -76,18 +77,17 @@ public class Main {
 
 With Redis you need to pass `RedisTokenStorageImpl` object to constructor.
 
-To create `RedisTokenStorageImpl` you need to pass JedisPool
+To create `RedisTokenStorageImpl` you need to pass `JedisPool` / host and port / host, port, username and password.
 
 ```java
 public class Main {
-    public static void main(String[] args) {
-        String secret = "aGZiYmtiYWllYmNpZWFpZWJsZWNldWNlY2xhZWNhaWJlbGNhZWN3Q0VCV0VXSUM=";
-        JedisPoolConfig config = new JedisPoolConfig();
-        config.setJmxEnabled(false);
-        JedisPool jedisPool = new JedisPool(config, "localhost", 6379);
-        TokenStorage tokenStorage = new RedisTokenStorageImpl(jedisPool);
-        TokenService tokenService = new PersistentTokenServiceImpl(secret, tokenStorage);
-    }
+  public static void main(String[] args) {
+    String secret = "aGZiYmtiYWllYmNpZWFpZWJsZWNldWNlY2xhZWNhaWJlbGNhZWN3Q0VCV0VXSUM=";
+    String host = "localhost";
+    int port = 6379;
+    TokenStorage tokenStorage = new RedisTokenStorageImpl(host, port);
+    PersistentTokenService tokenService = new PersistentTokenServiceImpl(secret, tokenStorage);
+  }
 }
 ```
 
@@ -96,6 +96,39 @@ Just pass it as argument in `RedisTokenStorageImpl` constructor.
 
 By default, library uses key `"tokens:" + subject + ":" + type`.
 
+### Invalidate JWT token
+
+With `PersistentTokenService` you can invalidate token by token itself or by subject and token type.
+If first option is chosen, all keys with such token values will be deleted.
+
+If token will be deleted from storage you receive `true`.
+
+```java
+public class Main {
+    public static void main(String[] args) {
+      String token = "eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJhbmRyb3Nvcjk5QGdtYWlsLmNvbSIsImlkIjozLCJyb2xlcyI6WyJST0xFX1VTRVIiXSwiZXhwIjoxNzE3MTQ1MDIxfQ.w8ZFLFsKf7Qs9_dNb0WzdoyAIpWtfeEyqLfNI_G16_6NHbGwCRbeVVm_a_DzckytsyGYHTWRlZdi_gWK-HjrXg";
+        boolean deleted = persistentTokenService.invalidate(token);
+        System.out.println(deleted);
+    }
+}
+```
+
+```java
+public class Main {
+    public static void main(String[] args) {
+        boolean deleted = persistentTokenService.invalidate(
+                TokenParameters.builder(
+                                "user@example.com",
+                                "access",
+                                Duration.of(1, ChronoUnit.HOURS)
+                        )
+                        .build()
+        );
+        System.out.println(deleted);
+    }
+}
+```
+
 ### Create JWT token
 
 To create token call method `create(TokenParameters params)` on `TokenService` object.
@@ -104,7 +137,7 @@ To create token call method `create(TokenParameters params)` on `TokenService` o
 public class Main {
     public static void main(String[] args) {
         String token = tokenService.create(
-                TokenParameters.builder("user@test.com", Duration.of(1, ChronoUnit.HOURS))
+                TokenParameters.builder("user@test.com", "access", Duration.of(1, ChronoUnit.HOURS))
                         .build()
         );
         System.out.println(token);
@@ -135,6 +168,18 @@ class Main {
     }
 }
 ```
+You can also check expiration with any other date.
+
+```java
+class Main {
+    public static void main(String[] args) {
+        String token = "eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJhbmRyb3Nvcjk5QGdtYWlsLmNvbSIsImlkIjozLCJyb2xlcyI6WyJST0xFX1VTRVIiXSwiZXhwIjoxNzE3MTQ1MDIxfQ.w8ZFLFsKf7Qs9_dNb0WzdoyAIpWtfeEyqLfNI_G16_6NHbGwCRbeVVm_a_DzckytsyGYHTWRlZdi_gWK-HjrXg";
+        Date date = new Date(1705911211182);
+        boolean expired = tokenService.isExpired(token, date);
+        System.out.println(expired);
+    }
+}
+```
 
 ### Check if JWT token has claim
 
diff --git a/src/main/java/io/github/javacoded78/jwthumble/storage/TokenStorageImpl.java b/src/main/java/io/github/javacoded78/jwthumble/storage/TokenStorageImpl.java
@@ -1,26 +1,48 @@
 package io.github.javacoded78.jwthumble.storage;
 
 import io.github.javacoded78.jwthumble.config.TokenParameters;
+import lombok.Getter;
 
-import java.util.HashMap;
+import java.util.Date;
 import java.util.Map;
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.concurrent.Executors;
+import java.util.concurrent.ScheduledExecutorService;
+import java.util.concurrent.TimeUnit;
 import java.util.concurrent.atomic.AtomicBoolean;
 
 /**
- * Basic implementation of TokenStorage. Not thread-safe.
+ * Basic implementation of TokenStorage.
  */
 public class TokenStorageImpl implements TokenStorage {
 
     /**
      * Inner map of key-value pairs.
      */
-    private final Map<String, String> tokens;
+    private final ConcurrentHashMap<String, TokenEntry> tokens;
+
+    /**
+     * Scheduled executor for cleanup tokens.
+     */
+    private final ScheduledExecutorService scheduler;
 
     /**
      * Creates an object.
      */
     public TokenStorageImpl() {
-        this.tokens = new HashMap<>();
+        this.tokens = new ConcurrentHashMap<>();
+        this.scheduler = Executors.newSingleThreadScheduledExecutor();
+        scheduler.scheduleAtFixedRate(
+                () -> {
+                    Date date = new Date();
+                    tokens.entrySet().removeIf(
+                            entry -> entry.getValue().isAfter(date)
+                    );
+                },
+                0,
+                1,
+                TimeUnit.SECONDS
+        );
     }
 
     private String subjectTokenKey(final String subject,
@@ -35,7 +57,8 @@ public void save(final String token,
                 params.getSubject(),
                 params.getType()
         );
-        tokens.put(tokenKey, token);
+        TokenEntry entry = new TokenEntry(token, params.getExpiredAt());
+        tokens.put(tokenKey, entry);
     }
 
     @Override
@@ -45,7 +68,11 @@ public boolean exists(final String token,
                 params.getSubject(),
                 params.getType()
         );
-        return token.equals(tokens.get(tokenKey));
+        TokenEntry entry = tokens.get(tokenKey);
+        if (entry == null) {
+            return false;
+        }
+        return token.equals(entry.token);
     }
 
     @Override
@@ -54,14 +81,18 @@ public String get(final TokenParameters params) {
                 params.getSubject(),
                 params.getType()
         );
-        return tokens.get(tokenKey);
+        TokenEntry entry = tokens.get(tokenKey);
+        if (entry == null) {
+            return null;
+        }
+        return entry.token;
     }
 
     @Override
     public boolean remove(final String token) {
         AtomicBoolean deleted = new AtomicBoolean(false);
-        for (Map.Entry<String, String> entry : tokens.entrySet()) {
-            if (entry.getValue().equals(token)) {
+        for (Map.Entry<String, TokenEntry> entry : tokens.entrySet()) {
+            if (entry.getValue().token.equals(token)) {
                 tokens.remove(entry.getKey());
                 deleted.set(true);
                 return true;
@@ -79,4 +110,29 @@ public boolean remove(final TokenParameters params) {
         return tokens.remove(tokenKey) != null;
     }
 
+    @Getter
+    private static class TokenEntry {
+
+        /**
+         * Token.
+         */
+        private final String token;
+
+        /**
+         * Expiration date.
+         */
+        private final Date expiredAt;
+
+        TokenEntry(final String token,
+                   final Date expiredAt) {
+            this.token = token;
+            this.expiredAt = expiredAt;
+        }
+
+        public boolean isAfter(final Date date) {
+            return expiredAt.after(date);
+        }
+
+    }
+
 }
