feat: usernameからuidに変更

2023-05-08 11:11:52 +09:00 · 2023-05-08 11:11:52 +09:00 · e1f10ab064
parent 05ceab0379
commit e1f10ab064
2 changed files with 13 additions and 10 deletions
--- a/src/main/kotlin/dev/usbharu/hideout/plugins/Security.kt
+++ b/src/main/kotlin/dev/usbharu/hideout/plugins/Security.kt
@ -35,11 +35,14 @@ fun Application.configureSecurity(
                acceptLeeway(3)
            }
            validate { jwtCredential ->
-                if (jwtCredential.payload.getClaim("username")?.asString().isNullOrBlank().not()) {
-                    JWTPrincipal(jwtCredential.payload)
-                } else {
-                    null
+                val uid = jwtCredential.payload.getClaim("uid")
+                if (uid.isMissing) {
+                    return@validate null
                }
+                if (uid.asLong() ==  null) {
+                    return@validate null
+                }
+                return@validate JWTPrincipal(jwtCredential.payload)
            }
        }
    }
@ -74,7 +77,7 @@ fun Application.configureSecurity(
        authenticate(TOKEN_AUTH) {
            get("/auth-check") {
                val principal = call.principal<JWTPrincipal>()
-                val username = principal!!.payload.getClaim("username")
+                val username = principal!!.payload.getClaim("uid")
                call.respondText("Hello $username")
            }
        }
--- a/src/test/kotlin/dev/usbharu/hideout/plugins/SecurityKtTest.kt
+++ b/src/test/kotlin/dev/usbharu/hideout/plugins/SecurityKtTest.kt
@ -217,7 +217,7 @@ class SecurityKtTest {
            .withAudience("${Config.configData.url}/users/test")
            .withIssuer(Config.configData.url)
            .withKeyId(kid.toString())
-            .withClaim("username", "test")
+            .withClaim("uid", 123456L)
            .withExpiresAt(now.plus(30, ChronoUnit.MINUTES))
            .sign(Algorithm.RSA256(rsaPublicKey, keyPair.private as RSAPrivateKey))
        val metaService = mock<IMetaService> {
@ -255,7 +255,7 @@ class SecurityKtTest {
            header("Authorization", "Bearer $token")
        }.apply {
            assertEquals(HttpStatusCode.OK, call.response.status)
-            assertEquals("Hello \"test\"", call.response.bodyAsText())
+            assertEquals("Hello 123456", call.response.bodyAsText())
        }
    }

@ -277,7 +277,7 @@ class SecurityKtTest {
            .withAudience("${Config.configData.url}/users/test")
            .withIssuer(Config.configData.url)
            .withKeyId(kid.toString())
-            .withClaim("username", "test")
+            .withClaim("uid", 123345L)
            .withExpiresAt(now.minus(30, ChronoUnit.MINUTES))
            .sign(Algorithm.RSA256(rsaPublicKey, keyPair.private as RSAPrivateKey))
        val metaService = mock<IMetaService> {
@ -335,7 +335,7 @@ class SecurityKtTest {
            .withAudience("${Config.configData.url}/users/test")
            .withIssuer("https://example.com")
            .withKeyId(kid.toString())
-            .withClaim("username", "test")
+            .withClaim("uid", 12345L)
            .withExpiresAt(now.plus(30, ChronoUnit.MINUTES))
            .sign(Algorithm.RSA256(rsaPublicKey, keyPair.private as RSAPrivateKey))
        val metaService = mock<IMetaService> {
@ -393,7 +393,7 @@ class SecurityKtTest {
            .withAudience("${Config.configData.url}/users/test")
            .withIssuer(Config.configData.url)
            .withKeyId(kid.toString())
-            .withClaim("username", "")
+            .withClaim("uid", null as Long?)
            .withExpiresAt(now.plus(30, ChronoUnit.MINUTES))
            .sign(Algorithm.RSA256(rsaPublicKey, keyPair.private as RSAPrivateKey))
        val metaService = mock<IMetaService> {