From 0ad2d61c7889031f78ede0c75b1aa2b806eaa527 Mon Sep 17 00:00:00 2001
From: Rohit <rohitparih@gmail.com>
Date: Sat, 1 Jun 2024 13:45:13 +0530
Subject: [PATCH] enhancement/cookie-based-security-enhanced

---
 pom.xml                                       |  2 +-
 .../JwtTokenValidationFilter.java             | 59 +++++++------------
 .../properties/SecurityConfigProperties.java  |  1 +
 3 files changed, 22 insertions(+), 40 deletions(-)

diff --git a/pom.xml b/pom.xml
index cbd1697..d7efbc4 100644
--- a/pom.xml
+++ b/pom.xml
@@ -10,7 +10,7 @@
     </parent>
     <groupId>com.bloggios.authentication-config</groupId>
     <artifactId>authentication-configuration-jar</artifactId>
-    <version>1.7</version>
+    <version>1.8</version>
     <name>authentication-configuration-jar</name>
     <description>authentication-configuration-jar</description>
     <properties>
diff --git a/src/main/java/com/bloggios/authenticationconfig/authentication/JwtTokenValidationFilter.java b/src/main/java/com/bloggios/authenticationconfig/authentication/JwtTokenValidationFilter.java
index 3bf3e07..c2f441b 100644
--- a/src/main/java/com/bloggios/authenticationconfig/authentication/JwtTokenValidationFilter.java
+++ b/src/main/java/com/bloggios/authenticationconfig/authentication/JwtTokenValidationFilter.java
@@ -143,20 +143,27 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
             } else if (isCookiePath) {
                 logger.info("Initiated Cookie Authentication of Incoming Request");
                 Optional<Cookie> cookieOptional = getCookie(request, securityConfigProperties.getCookie().getCookieName());
-                if (cookieOptional.isEmpty()) {
-                    response.setStatus(HttpStatus.UNAUTHORIZED.value());
-                    response.setContentType("application/json");
-                    OutputStream output = response.getOutputStream();
-                    ObjectMapper mapper = new ObjectMapper();
-                    JwtErrorResponse jwtErrorResponse = JwtErrorResponse
-                            .builder()
-                            .message("Authentication cookie is not present the request")
-                            .build();
-                    mapper.writeValue(output, jwtErrorResponse);
-                    output.flush();
-                    return;
+                String cookieToken =  "";
+                if (cookieOptional.isPresent()) {
+                    cookieToken = cookieOptional.get().getValue();
+                } else {
+                    Optional<Cookie> refreshCookieOptional = getCookie(request, securityConfigProperties.getCookie().getRefreshCookieName());
+                    if (refreshCookieOptional.isEmpty()) {
+                        response.setStatus(HttpStatus.UNAUTHORIZED.value());
+                        response.setContentType("application/json");
+                        OutputStream output = response.getOutputStream();
+                        ObjectMapper mapper = new ObjectMapper();
+                        JwtErrorResponse jwtErrorResponse = JwtErrorResponse
+                                .builder()
+                                .message("Authentication Cookie is not present in header")
+                                .build();
+                        mapper.writeValue(output, jwtErrorResponse);
+                        output.flush();
+                        return;
+                    } else {
+                        cookieToken = refreshCookieOptional.get().getValue();
+                    }
                 }
-                String cookieToken = cookieOptional.get().getValue();
                 try {
                     jwtDecoder.decode(cookieToken);
                 } catch (JwtValidationException exception) {
@@ -193,32 +200,6 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
                     output.flush();
                     return;
                 }
-                if (Objects.isNull(jwtDecoderUtil.extractTokenType(cookieToken))) {
-                    response.setStatus(HttpStatus.UNAUTHORIZED.value());
-                    response.setContentType("application/json");
-                    OutputStream output = response.getOutputStream();
-                    ObjectMapper mapper = new ObjectMapper();
-                    JwtErrorResponse jwtErrorResponse = JwtErrorResponse
-                            .builder()
-                            .message("Unable to extract token type from Cookie Token")
-                            .build();
-                    mapper.writeValue(output, jwtErrorResponse);
-                    output.flush();
-                    return;
-                }
-                if (!jwtDecoderUtil.extractTokenType(cookieToken).equals("cookie-token")) {
-                    response.setStatus(HttpStatus.UNAUTHORIZED.value());
-                    response.setContentType("application/json");
-                    OutputStream output = response.getOutputStream();
-                    ObjectMapper mapper = new ObjectMapper();
-                    JwtErrorResponse jwtErrorResponse = JwtErrorResponse
-                            .builder()
-                            .message("Token type must be cookie for validation")
-                            .build();
-                    mapper.writeValue(output, jwtErrorResponse);
-                    output.flush();
-                    return;
-                }
                 addAuthentication(request, cookieToken);
             }
             filterChain.doFilter(request, response);
diff --git a/src/main/java/com/bloggios/authenticationconfig/properties/SecurityConfigProperties.java b/src/main/java/com/bloggios/authenticationconfig/properties/SecurityConfigProperties.java
index 906cff6..2f10ba1 100644
--- a/src/main/java/com/bloggios/authenticationconfig/properties/SecurityConfigProperties.java
+++ b/src/main/java/com/bloggios/authenticationconfig/properties/SecurityConfigProperties.java
@@ -66,6 +66,7 @@ public static class KeyProvider {
     @Getter
     @Setter
     public static class Cookie {
+        private String refreshCookieName;
         private String cookieName;
         private List<String> paths = new ArrayList<>();
     }