From 69c0a8692f2b389348cdff53af142a3fac9e7f31 Mon Sep 17 00:00:00 2001 From: usbharu <64310155+usbharu@users.noreply.github.com> Date: Mon, 8 May 2023 11:11:52 +0900 Subject: [PATCH] =?UTF-8?q?feat:=20username=E3=81=8B=E3=82=89uid=E3=81=AB?= =?UTF-8?q?=E5=A4=89=E6=9B=B4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../kotlin/dev/usbharu/hideout/plugins/Security.kt | 13 ++++++++----- .../dev/usbharu/hideout/plugins/SecurityKtTest.kt | 10 +++++----- 2 files changed, 13 insertions(+), 10 deletions(-) diff --git a/src/main/kotlin/dev/usbharu/hideout/plugins/Security.kt b/src/main/kotlin/dev/usbharu/hideout/plugins/Security.kt index 939fe5ba..afb89c1e 100644 --- a/src/main/kotlin/dev/usbharu/hideout/plugins/Security.kt +++ b/src/main/kotlin/dev/usbharu/hideout/plugins/Security.kt @@ -35,11 +35,14 @@ fun Application.configureSecurity( acceptLeeway(3) } validate { jwtCredential -> - if (jwtCredential.payload.getClaim("username")?.asString().isNullOrBlank().not()) { - JWTPrincipal(jwtCredential.payload) - } else { - null + val uid = jwtCredential.payload.getClaim("uid") + if (uid.isMissing) { + return@validate null } + if (uid.asLong() == null) { + return@validate null + } + return@validate JWTPrincipal(jwtCredential.payload) } } } @@ -74,7 +77,7 @@ fun Application.configureSecurity( authenticate(TOKEN_AUTH) { get("/auth-check") { val principal = call.principal() - val username = principal!!.payload.getClaim("username") + val username = principal!!.payload.getClaim("uid") call.respondText("Hello $username") } } diff --git a/src/test/kotlin/dev/usbharu/hideout/plugins/SecurityKtTest.kt b/src/test/kotlin/dev/usbharu/hideout/plugins/SecurityKtTest.kt index 9c558f36..9346fa27 100644 --- a/src/test/kotlin/dev/usbharu/hideout/plugins/SecurityKtTest.kt +++ b/src/test/kotlin/dev/usbharu/hideout/plugins/SecurityKtTest.kt @@ -217,7 +217,7 @@ class SecurityKtTest { .withAudience("${Config.configData.url}/users/test") .withIssuer(Config.configData.url) .withKeyId(kid.toString()) - .withClaim("username", "test") + .withClaim("uid", 123456L) .withExpiresAt(now.plus(30, ChronoUnit.MINUTES)) .sign(Algorithm.RSA256(rsaPublicKey, keyPair.private as RSAPrivateKey)) val metaService = mock { @@ -255,7 +255,7 @@ class SecurityKtTest { header("Authorization", "Bearer $token") }.apply { assertEquals(HttpStatusCode.OK, call.response.status) - assertEquals("Hello \"test\"", call.response.bodyAsText()) + assertEquals("Hello 123456", call.response.bodyAsText()) } } @@ -277,7 +277,7 @@ class SecurityKtTest { .withAudience("${Config.configData.url}/users/test") .withIssuer(Config.configData.url) .withKeyId(kid.toString()) - .withClaim("username", "test") + .withClaim("uid", 123345L) .withExpiresAt(now.minus(30, ChronoUnit.MINUTES)) .sign(Algorithm.RSA256(rsaPublicKey, keyPair.private as RSAPrivateKey)) val metaService = mock { @@ -335,7 +335,7 @@ class SecurityKtTest { .withAudience("${Config.configData.url}/users/test") .withIssuer("https://example.com") .withKeyId(kid.toString()) - .withClaim("username", "test") + .withClaim("uid", 12345L) .withExpiresAt(now.plus(30, ChronoUnit.MINUTES)) .sign(Algorithm.RSA256(rsaPublicKey, keyPair.private as RSAPrivateKey)) val metaService = mock { @@ -393,7 +393,7 @@ class SecurityKtTest { .withAudience("${Config.configData.url}/users/test") .withIssuer(Config.configData.url) .withKeyId(kid.toString()) - .withClaim("username", "") + .withClaim("uid", null as Long?) .withExpiresAt(now.plus(30, ChronoUnit.MINUTES)) .sign(Algorithm.RSA256(rsaPublicKey, keyPair.private as RSAPrivateKey)) val metaService = mock {