diff --git a/api/src/main/java/com/epam/pipeline/controller/user/SessionController.java b/api/src/main/java/com/epam/pipeline/controller/user/SessionController.java new file mode 100644 index 0000000000..6191b3ae5e --- /dev/null +++ b/api/src/main/java/com/epam/pipeline/controller/user/SessionController.java @@ -0,0 +1,50 @@ +/* + * Copyright 2023 EPAM Systems, Inc. (https://www.epam.com/) + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.epam.pipeline.controller.user; + +import com.epam.pipeline.controller.AbstractRestController; +import com.epam.pipeline.controller.Result; +import com.epam.pipeline.security.jwt.JwtAuthenticationToken; +import io.swagger.annotations.Api; +import lombok.RequiredArgsConstructor; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.context.SecurityContext; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.RequestParam; +import org.springframework.web.bind.annotation.RestController; + +import javax.servlet.http.HttpSession; + +@RestController +@RequiredArgsConstructor +@Api(value = "Session API") +public class SessionController extends AbstractRestController { + + + @GetMapping(value = "/session") + public Result startSession(final HttpSession session, + final @RequestParam(required = false, defaultValue = "1800") Integer duration) { + final SecurityContext context = SecurityContextHolder.getContext(); + final Authentication credentials = context.getAuthentication(); + if (credentials instanceof JwtAuthenticationToken) { + ((JwtAuthenticationToken)credentials).prolong(duration); + } + session.setAttribute("SPRING_SECURITY_CONTEXT", context); + return Result.success(session.getId()); + } +} diff --git a/api/src/main/java/com/epam/pipeline/security/jwt/JwtAuthenticationToken.java b/api/src/main/java/com/epam/pipeline/security/jwt/JwtAuthenticationToken.java index 02589e45f8..d73310e5eb 100644 --- a/api/src/main/java/com/epam/pipeline/security/jwt/JwtAuthenticationToken.java +++ b/api/src/main/java/com/epam/pipeline/security/jwt/JwtAuthenticationToken.java @@ -79,4 +79,8 @@ public void eraseCredentials() { super.eraseCredentials(); this.jwtRawToken = null; } + + public void prolong(final int seconds) { + this.tokenExpiration = DateTime.now().plusSeconds(seconds).toDate(); + } }