v4.0.0

With this version of pricing4java, the management of the pricing evaluation context token has changed. Now, it is isolated from the auth configuration, and is passed through the Pricing-Token header.

Author: Alex-GF

pom.xml

@@ -7,7 +7,7 @@
 
 	<groupId>io.github.isa-group</groupId>
 	<artifactId>Pricing4Java</artifactId>
-	<version>3.2.0</version>
+	<version>4.0.0</version>
 
 	<name>${project.groupId}:${project.artifactId}</name>
 	<description>A pricing driven feature toggling library for java</description>

src/main/java/io/github/isagroup/PricingContext.java

@@ -78,14 +78,6 @@ public Boolean userAffectedByPricing(){
      */
     public abstract String getUserPlan();
 
-    /**
-     * This method should return the object used inside the application to determine
-     * the authority of the user inside the JWT.
-     * 
-     * @return Current user's authorities object
-     */
-    public abstract Object getUserAuthorities();
-
     /**
      * This method returns the plan context of the current user, represented by a
      * {@link Map}. It's used to evaluate the pricing plan.

src/main/java/io/github/isagroup/PricingEvaluatorUtil.java

@@ -50,8 +50,6 @@ public PricingEvaluatorUtil(PricingContext pricingContext) {
     public String generateUserToken() {
 
         Map<String, Object> claims = new HashMap<>();
-        
-        claims.put("authorities", pricingContext.getUserAuthorities());
 
         String subject = "Default";
 
@@ -176,7 +174,6 @@ private String buildJwtToken(Map<String, Map<String, Object>> features, String s
 
         Map<String, Object> claims = new HashMap<>();
 
-        claims.put("authorities", pricingContext.getUserAuthorities());
         claims.put("features", features);
         claims.put("userContext", pricingContext.getUserContext());
         claims.put("planContext", pricingContext.getPlanContext());

src/main/java/io/github/isagroup/filters/RenewTokenFilter.java

@@ -16,6 +16,8 @@
 import io.github.isagroup.PricingEvaluatorUtil;
 import io.github.isagroup.services.jwt.PricingJwtUtils;
 
+import java.util.Map;
+
 public class RenewTokenFilter extends OncePerRequestFilter {
 
 	@Autowired
@@ -34,29 +36,38 @@ public class RenewTokenFilter extends OncePerRequestFilter {
 	protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
 			throws ServletException, IOException {
 
-		try {
-			String jwt = parseJwt(request);
-
-			if (jwt != null && jwtUtils.validateJwtToken(jwt) && pricingContext.userAffectedByPricing()) {
-				
-				String newToken = pricingEvaluatorUtil.generateUserToken();
+		String pricingJwt = parsePricingJwt(request);
+		String authJwt = parseAuthJwt(request);
 
-				String newTokenFeatures = jwtUtils.getFeaturesFromJwtToken(newToken).toString();
-				String jwtFeatures = jwtUtils.getFeaturesFromJwtToken(jwt).toString();
+		if (authJwt != null && jwtUtils.validateJwtToken(authJwt) && pricingContext.userAffectedByPricing()) {
+			
+			String newToken = pricingEvaluatorUtil.generateUserToken();
 
-				if (!newTokenFeatures.equals(jwtFeatures)) {
-					response.addHeader("New-Token", newToken);
-				}
+			String newTokenFeatures = jwtUtils.getFeaturesFromJwtToken(newToken).toString();
+			String jwtFeatures = "";
+			
+			if (pricingJwt != null && !pricingJwt.equals("null")) jwtFeatures = jwtUtils.getFeaturesFromJwtToken(pricingJwt).toString();
+			
+			if (!newTokenFeatures.equals(jwtFeatures)) {
+				response.addHeader("Pricing-Token", newToken);
 			}
-		} catch (Exception e) {
-			logger.error("Cannot set user authentication: {}", e);
-			logger.info("Anonymous user logged");
+			
 		}
 
 		filterChain.doFilter(request, response);
 	}
 
-	private String parseJwt(HttpServletRequest request) {
+	private String parsePricingJwt(HttpServletRequest request) {
+		String headerPricing = request.getHeader("Pricing-Token");
+
+		if (StringUtils.hasText(headerPricing)) {
+			return headerPricing;
+		}
+
+		return null;
+	}
+
+	private String parseAuthJwt(HttpServletRequest request) {
 		String headerAuth = request.getHeader("Authorization");
 
 		if (StringUtils.hasText(headerAuth) && headerAuth.startsWith("Bearer ")) {

src/main/java/io/github/isagroup/services/jwt/PricingJwtUtils.java

@@ -52,7 +52,6 @@ public String getSubjectFromJwtToken(String token) {
 	 */
 	public String generateTokenFromUsername(String username) {
 		Map<String, Object> claims = new HashMap<>();
-		claims.put("authorities", pricingContext.getUserAuthorities());
 		return Jwts.builder().setClaims(claims).setSubject(username).setIssuedAt(new Date())
 				.setExpiration(new Date((new Date()).getTime() + pricingContext.getJwtExpiration()))
 				.signWith(SignatureAlgorithm.HS512, pricingContext.getJwtSecret()).compact();

src/test/java/io/github/isagroup/PricingContextTestImpl.java

@@ -61,12 +61,6 @@ public void setUserPlan(String userPlan) {
         this.userPlan = userPlan;
     }
 
-    @Override
-    public Object getUserAuthorities() {
-
-        return this.userAuthorities;
-    }
-
     public void setUserAuthorities(Map<String, Object> userAuthorities) {
         this.userAuthorities = userAuthorities;
     }

src/test/java/io/github/isagroup/PricingPlanAwareTests.java

@@ -98,16 +98,6 @@ public String getUserPlan() {
                 return "BASIC";
             }
 
-            @Override
-            public Object getUserAuthorities() {
-                Map<String, String> userAuthorities = new HashMap<>();
-                userAuthorities.put("role", "admin");
-                userAuthorities.put("username", "admin1");
-                userAuthorities.put("password", "4dm1n");
-
-                return userAuthorities;
-            }
-
         }
 
     }