-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
eade748
commit 10459f0
Showing
15 changed files
with
353 additions
and
33 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
name: Check Update | ||
concurrency: check | ||
|
||
on: | ||
workflow_dispatch: | ||
schedule: | ||
# Automatically run on every Sunday | ||
- cron: '0 0 * * 0' | ||
|
||
jobs: | ||
build: | ||
runs-on: ubuntu-latest | ||
|
||
steps: | ||
- uses: actions/checkout@v3 | ||
with: | ||
token: ${{ secrets.WORKFLOW_SECRET }} | ||
|
||
- name: Check for Update | ||
uses: saadmk11/[email protected] | ||
with: | ||
token: ${{ secrets.WORKFLOW_SECRET }} | ||
release_types: 'major' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -34,8 +34,25 @@ jobs: | |
java-version: "11" | ||
architecture: x64 | ||
|
||
- name: Test - Start Compose | ||
run: docker-compose up -d | ||
working-directory: tests | ||
|
||
- name: Test | ||
run: ./gradlew test | ||
|
||
- name: Test - Dump docker logs on failure | ||
if: failure() | ||
uses: jwalton/[email protected] | ||
with: | ||
images: 'squidex,squidex/resizer' | ||
tail: '100' | ||
|
||
- name: Test - Cleanup | ||
if: always() | ||
run: docker-compose down | ||
working-directory: tests | ||
|
||
publish: | ||
needs: [ compile, test ] | ||
if: github.event_name == 'push' && contains(github.ref, 'refs/tags/') | ||
|
@@ -52,10 +69,26 @@ jobs: | |
java-version: "11" | ||
architecture: x64 | ||
|
||
- name: Test - Start Compose | ||
run: docker-compose up -d | ||
working-directory: tests | ||
|
||
- name: Publish to maven | ||
run: | | ||
./gradlew publish | ||
./gradlew publish | ||
env: | ||
MAVEN_USERNAME: ${{ secrets.MAVEN_USERNAME }} | ||
MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} | ||
MAVEN_PUBLISH_REGISTRY_URL: "https://s01.oss.sonatype.org/content/repositories/releases/" | ||
MAVEN_PUBLISH_REGISTRY_URL: "https://s01.oss.sonatype.org/content/repositories/releases/" | ||
|
||
- name: Test - Dump docker logs on failure | ||
if: failure() | ||
uses: jwalton/[email protected] | ||
with: | ||
images: 'squidex,squidex/resizer' | ||
tail: '100' | ||
|
||
- name: Test - Cleanup | ||
if: always() | ||
run: docker-compose down | ||
working-directory: tests |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
package com.squidex.api; | ||
|
||
import com.fasterxml.jackson.annotation.JsonCreator; | ||
import com.fasterxml.jackson.annotation.JsonIgnore; | ||
import com.fasterxml.jackson.annotation.JsonProperty; | ||
|
||
import java.time.Instant; | ||
|
||
public final class AccessToken { | ||
private final String accessToken; | ||
private final int expiresIn; | ||
private final Instant expiresAt; | ||
|
||
@JsonCreator() | ||
public AccessToken( | ||
@JsonProperty("access_token")String accessToken, | ||
@JsonProperty("expires_in")int expiresIn) { | ||
this.accessToken = accessToken; | ||
this.expiresIn = expiresIn; | ||
this.expiresAt = Instant.now().plusSeconds(expiresIn); | ||
} | ||
|
||
|
||
public String getAccessToken() { | ||
return accessToken; | ||
} | ||
|
||
|
||
public int getExpiresIn() { | ||
return expiresIn; | ||
} | ||
|
||
@JsonIgnore() | ||
public Instant getExpiresAt() { | ||
return expiresAt; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,84 @@ | ||
package com.squidex.api; | ||
|
||
import com.squidex.api.core.Environment; | ||
import com.squidex.api.core.ObjectMappers; | ||
import okhttp3.*; | ||
import org.jetbrains.annotations.NotNull; | ||
|
||
import java.io.IOException; | ||
import java.time.Instant; | ||
import java.util.Objects; | ||
|
||
public final class AuthInterceptor implements Interceptor { | ||
private final Environment environment; | ||
private final String clientId; | ||
private final String clientSecret; | ||
private final TokenStore tokenStore; | ||
private final OkHttpClient httpClient; | ||
|
||
public AuthInterceptor(OkHttpClient httpClient, Environment environment, String clientId, String clientSecret, TokenStore tokenStore) { | ||
this.httpClient = httpClient; | ||
this.environment = environment; | ||
this.clientId = clientId; | ||
this.clientSecret = clientSecret; | ||
this.tokenStore = tokenStore; | ||
} | ||
|
||
@NotNull | ||
@Override | ||
public Response intercept(@NotNull Chain chain) throws IOException { | ||
Request originalRequest = chain.request(); | ||
|
||
AccessToken token = this.tokenStore.get(); | ||
if (token != null && token.getExpiresAt().isBefore(Instant.now())) { | ||
// The token has been expired, therefore also remove it from the store for other calls. | ||
token = null; | ||
this.tokenStore.clear(); | ||
} | ||
|
||
if (token == null) { | ||
token = acquireToken(); | ||
this.tokenStore.set(token); | ||
} | ||
|
||
Request requestWithHeader = originalRequest.newBuilder() | ||
.header("Authorization", String.format("Bearer %s", token.getAccessToken())) | ||
.build(); | ||
|
||
Response response = chain.proceed(requestWithHeader); | ||
if (response.code() == 401) { | ||
this.tokenStore.clear(); | ||
|
||
return intercept(chain); | ||
} | ||
|
||
return response; | ||
} | ||
|
||
private AccessToken acquireToken() throws IOException { | ||
RequestBody formBody = new FormBody.Builder() | ||
.add("grant_type", "client_credentials") | ||
.add("client_id", this.clientId) | ||
.add("client_secret", this.clientSecret) | ||
.add("scope", "squidex-api") | ||
.build(); | ||
|
||
HttpUrl tokenUrl = Objects.requireNonNull(HttpUrl.parse(this.environment.getUrl())) | ||
.newBuilder() | ||
.addPathSegments("identity-server/connect/token") | ||
.build(); | ||
|
||
Request tokenRequest = new Request.Builder() | ||
.url(tokenUrl.url()) | ||
.post(formBody) | ||
.build(); | ||
|
||
AccessToken token; | ||
try (Response response = this.httpClient.newCall(tokenRequest).execute()) { | ||
assert response.body() != null; | ||
token = ObjectMappers.JSON_MAPPER.readValue(response.body().string(), AccessToken.class); | ||
} | ||
|
||
return token; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
package com.squidex.api; | ||
|
||
public class InMemoryTokenStore implements TokenStore { | ||
private AccessToken currentToken; | ||
|
||
@Override | ||
public AccessToken get() { | ||
return this.currentToken; | ||
} | ||
|
||
@Override | ||
public void set(AccessToken token) { | ||
this.currentToken = token; | ||
} | ||
|
||
@Override | ||
public void clear() { | ||
this.currentToken = null; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
package com.squidex.api; | ||
|
||
public interface TokenStore { | ||
AccessToken get(); | ||
|
||
void set(AccessToken token); | ||
|
||
void clear(); | ||
} | ||
|
Oops, something went wrong.