switch token to base62 format

Author: bprize15

.jhipster/Token.json

@@ -13,7 +13,7 @@
   "fields": [
     {
       "fieldName": "token",
-      "fieldType": "UUID"
+      "fieldType": "String"
     },
     {
       "fieldName": "creation",

src/main/java/org/mskcc/cbio/oncokb/domain/Token.java

@@ -1,14 +1,12 @@
 package org.mskcc.cbio.oncokb.domain;
 
 import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
-import org.hibernate.annotations.Type;
 
 import javax.persistence.*;
 import javax.validation.constraints.*;
 
 import java.io.Serializable;
 import java.time.Instant;
-import java.util.UUID;
 
 /**
  * A Token.
@@ -23,9 +21,8 @@ public class Token implements Serializable {
     @GeneratedValue(strategy = GenerationType.IDENTITY)
     private Long id;
 
-    @Type(type = "uuid-char")
-    @Column(name = "token", length = 36)
-    private UUID token;
+    @Column(name = "token", length = 40)
+    private String token;
 
     @Column(name = "creation")
     private Instant creation;
@@ -60,16 +57,16 @@ public void setId(Long id) {
         this.id = id;
     }
 
-    public UUID getToken() {
+    public String getToken() {
         return token;
     }
 
-    public Token token(UUID token) {
+    public Token token(String token) {
         this.token = token;
         return this;
     }
 
-    public void setToken(UUID token) {
+    public void setToken(String token) {
         this.token = token;
     }
 

src/main/java/org/mskcc/cbio/oncokb/domain/TokenKey.java

@@ -0,0 +1,94 @@
+package org.mskcc.cbio.oncokb.domain;
+
+import java.io.Serializable;
+import java.security.SecureRandom;
+import java.util.zip.CRC32;
+
+import org.apache.commons.lang3.StringUtils;
+import org.mskcc.cbio.oncokb.domain.enumeration.TokenType;
+
+public class TokenKey implements Serializable {
+    public static int TOKEN_CHAR_LENGTH = 30;
+
+    public static int CHECKSUM_CHAR_LENGTH = 6;
+
+    private static String BASE62_CHARS = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
+
+    private TokenType tokenType;
+
+    private String token;
+
+    private String checksum;
+
+    public static TokenKey generate(TokenType type) {
+        TokenKey tokenKey = new TokenKey();
+        tokenKey.setTokenType(type);
+
+        String token = generateToken();
+        tokenKey.setToken(token);
+        tokenKey.setChecksum(generateChecksum(token));
+
+        return tokenKey;
+    }
+
+    public boolean validate() {
+        return generateChecksum(token).equals(this.checksum);
+    }
+
+    private static String generateToken() {
+        SecureRandom secureRandom = new SecureRandom();
+        StringBuilder token = new StringBuilder();
+        for (int i = 0; i < TOKEN_CHAR_LENGTH; i++) {
+            token.append(BASE62_CHARS.charAt(secureRandom.nextInt(BASE62_CHARS.length())));
+        }
+        return token.toString();
+    }
+
+    public static String generateChecksum(String token) {
+        CRC32 crc32 = new CRC32();
+        crc32.update(token.getBytes());
+        String base62Checksum = toBase62(crc32.getValue());
+        if (base62Checksum.length() < CHECKSUM_CHAR_LENGTH) {
+            base62Checksum = StringUtils.repeat('0', CHECKSUM_CHAR_LENGTH - base62Checksum.length()) + base62Checksum;
+        }
+        return base62Checksum;
+    }
+
+    private static String toBase62(long val) {
+        StringBuffer sb = new StringBuffer();
+        while(val > 0) {
+            int remainder = (int) (val % 62);
+            val = val / 62;
+            sb.insert(0, BASE62_CHARS.charAt((int) remainder));
+        }
+        return sb.toString();
+    }
+
+    public TokenType getTokenType() {
+        return tokenType;
+    }
+
+    public void setTokenType(TokenType tokenType) {
+        this.tokenType = tokenType;
+    }
+
+    public String getToken() {
+        return token;
+    }
+
+    public void setToken(String token) {
+        this.token = token;
+    }
+
+    public String getChecksum() {
+        return checksum;
+    }
+
+    public void setChecksum(String checksum) {
+        this.checksum = checksum;
+    }
+
+    public String getFullToken() {
+        return this.tokenType.getType() + "_" + this.token + this.checksum;
+    }
+}

src/main/java/org/mskcc/cbio/oncokb/domain/enumeration/TokenType.java

@@ -0,0 +1,16 @@
+package org.mskcc.cbio.oncokb.domain.enumeration;
+
+public enum TokenType {
+    USER("okbu"),
+    SERVICE("okbs");
+
+    String type;
+
+    TokenType(String type) {
+        this.type = type;
+    }
+
+    public String getType() {
+        return this.type;
+    }
+}

src/main/java/org/mskcc/cbio/oncokb/repository/TokenRepository.java

@@ -33,7 +33,7 @@ public interface TokenRepository extends JpaRepository<Token, Long> {
     Optional<Token> findPublicWebsiteToken();
 
     @Cacheable(cacheResolver = "tokenCacheResolver")
-    Optional<Token> findByToken(UUID token);
+    Optional<Token> findByToken(String token);
 
     @Cacheable(cacheResolver = "tokenCacheResolver")
     @Query("select token from Token token where token.user.login = ?1")

src/main/java/org/mskcc/cbio/oncokb/security/uuid/TokenProvider.java

@@ -2,7 +2,9 @@
 
 import org.mskcc.cbio.oncokb.domain.Authority;
 import org.mskcc.cbio.oncokb.domain.Token;
+import org.mskcc.cbio.oncokb.domain.TokenKey;
 import org.mskcc.cbio.oncokb.domain.User;
+import org.mskcc.cbio.oncokb.domain.enumeration.TokenType;
 import org.mskcc.cbio.oncokb.repository.UserRepository;
 import org.mskcc.cbio.oncokb.security.AuthoritiesConstants;
 import org.mskcc.cbio.oncokb.security.SecurityUtils;
@@ -50,11 +52,11 @@ public List<Token> getUserTokens(User userLogin) {
         return tokenService.findByUser(userLogin);
     }
 
-    private Token getNewToken(Set<Authority> authorities, Optional<Instant> definedExpirationTime) {
-        return getNewToken(authorities, definedExpirationTime, Optional.of(true));
+    private Token getNewToken(Set<Authority> authorities, TokenType tokenType, Optional<Instant> definedExpirationTime) {
+        return getNewToken(authorities, tokenType, definedExpirationTime, Optional.of(true));
     }
 
-    private Token getNewToken(Set<Authority> authorities, Optional<Instant> definedExpirationTime, Optional<Boolean> isRenewable) {
+    private Token getNewToken(Set<Authority> authorities, TokenType tokenType, Optional<Instant> definedExpirationTime, Optional<Boolean> isRenewable) {
         Token token = new Token();
         Instant currentTime = Instant.now();
         token.setCreation(currentTime);
@@ -73,20 +75,20 @@ private Token getNewToken(Set<Authority> authorities, Optional<Instant> definedE
                 Instant.now().plusSeconds(EXPIRATION_TIME_PUBLIC_WEBSITE_IN_SECONDS) : currentTime.plusSeconds(EXPIRATION_TIME_IN_SECONDS);
             token.setExpiration(expirationTime);
         }
-        token.setToken(UUID.randomUUID());
+        token.setToken(TokenKey.generate(tokenType).getFullToken());
         return token;
     }
 
     public Token createTokenForCurrentUserLogin(Optional<Instant> definedExpirationTime, Optional<Boolean> isRenewable) {
         Optional<User> userOptional = userRepository.findOneWithAuthoritiesByLogin(SecurityUtils.getCurrentUserLogin().get());
         if(userOptional.isPresent()) {
-            return createToken(userOptional.get(), definedExpirationTime, isRenewable, Optional.empty());
+            return createToken(userOptional.get(), TokenType.USER ,definedExpirationTime, isRenewable, Optional.empty());
         }
         return null;
     }
 
-    public Token createToken(User user, Optional<Instant> definedExpirationTime, Optional<Boolean> isRenewable, Optional<String> name) {
-        Token token = getNewToken(user.getAuthorities(), definedExpirationTime, isRenewable);
+    public Token createToken(User user, TokenType tokenType, Optional<Instant> definedExpirationTime, Optional<Boolean> isRenewable, Optional<String> name) {
+        Token token = getNewToken(user.getAuthorities(), tokenType, definedExpirationTime, isRenewable);
         token.setUser(user);
         if (name.isPresent()) {
             token.setName(name.get());
@@ -95,29 +97,29 @@ public Token createToken(User user, Optional<Instant> definedExpirationTime, Opt
         return token;
     }
 
-    public void createToken(Token token, Optional<String> name){
-        Token newToken = createToken(token.getUser(), Optional.of(token.getExpiration()), Optional.of(token.isRenewable()), name);
+    public void createToken(Token token, TokenType tokenType, Optional<String> name){
+        Token newToken = createToken(token.getUser(), tokenType, Optional.of(token.getExpiration()), Optional.of(token.isRenewable()), name);
         newToken.setCreation(token.getCreation());
         newToken.setCurrentUsage(token.getCurrentUsage());
         newToken.setUsageLimit(token.getUsageLimit());
         tokenService.save(newToken);
     }
 
     // This method is used in the frontend thymeleaf parsing
-    public UUID getPubWebToken() {
+    public String getPubWebToken() {
         Optional<User> user = userRepository.findOneWithAuthoritiesByLogin(PUBLIC_WEBSITE_LOGIN);
         if (user.isPresent()) {
             Token userToken = new Token();
             Optional<Token> tokenOptional  = tokenService.findPublicWebsiteToken();
             if (!tokenOptional.isPresent()) {
-                Token newToken = getNewToken(user.get().getAuthorities(), Optional.empty());
+                Token newToken = getNewToken(user.get().getAuthorities(), TokenType.USER, Optional.empty());
                 newToken.setUser(user.get());
                 userToken = tokenService.save(newToken);
             } else {
                 userToken = tokenOptional.get();
                 if (userToken.getExpiration().isBefore(Instant.now())) {
                     // I want to update the token associated with public website once it's expired
-                    Token newToken = getNewToken(user.get().getAuthorities(), Optional.empty(), Optional.empty());
+                    Token newToken = getNewToken(user.get().getAuthorities(), TokenType.USER, Optional.empty(), Optional.empty());
                     userToken.setToken(newToken.getToken());
                     userToken.setCreation(newToken.getCreation());
                     userToken.setExpiration(newToken.getExpiration());
@@ -131,7 +133,7 @@ public UUID getPubWebToken() {
         return null;
     }
 
-    public Authentication getAuthentication(UUID token) {
+    public Authentication getAuthentication(String token) {
         Optional<Token> tokenOptional = tokenService.findByToken(token);
 
         Optional<User> user = userRepository.findOneWithAuthoritiesByLogin(tokenOptional.get().getUser().getLogin());
@@ -143,7 +145,7 @@ public Authentication getAuthentication(UUID token) {
         return new UsernamePasswordAuthenticationToken(user.get().getLogin(), token, authorities);
     }
 
-    public boolean validateToken(UUID tokenValue) {
+    public boolean validateToken(String tokenValue) {
         try {
             Optional<Token> token = tokenService.findByToken(tokenValue);
             if (token.isPresent() && token.get().getExpiration().isAfter(Instant.now())) {

src/main/java/org/mskcc/cbio/oncokb/security/uuid/UUIDFilter.java

@@ -11,7 +11,6 @@
 import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletRequest;
 import java.io.IOException;
-import java.util.UUID;
 
 /**
  * Filters incoming requests and installs a Spring Security principal if a header corresponding to a valid user is
@@ -31,20 +30,20 @@ public UUIDFilter(TokenProvider tokenProvider) {
     public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
         throws IOException, ServletException {
         HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
-        UUID uuid = resolveToken(httpServletRequest);
-        if (uuid != null && this.tokenProvider.validateToken(uuid)) {
-            Authentication authentication = this.tokenProvider.getAuthentication(uuid);
+        String token = resolveToken(httpServletRequest);
+        if (token != null && this.tokenProvider.validateToken(token)) {
+            Authentication authentication = this.tokenProvider.getAuthentication(token);
             SecurityContextHolder.getContext().setAuthentication(authentication);
 //            this.tokenProvider.addAccessRecord(uuid, servletRequest.getRemoteAddr());
         }
         filterChain.doFilter(servletRequest, servletResponse);
     }
 
-    private UUID resolveToken(HttpServletRequest request) {
+    private String resolveToken(HttpServletRequest request) {
         String bearerToken = request.getHeader(AUTHORIZATION_HEADER);
         if (StringUtils.hasText(bearerToken) && bearerToken.startsWith("Bearer ")) {
             try {
-                return UUID.fromString(bearerToken.substring(7));
+                return bearerToken.substring(7);
             } catch (Exception e) {
                 logger.info("Invalid token.");
                 return null;

src/main/java/org/mskcc/cbio/oncokb/service/TokenService.java

@@ -39,7 +39,7 @@ public interface TokenService {
 
     Optional<Token> findPublicWebsiteToken();
 
-    Optional<Token> findByToken(UUID token);
+    Optional<Token> findByToken(String token);
 
     List<Token> findByUserIsCurrentUser();
 

src/main/java/org/mskcc/cbio/oncokb/service/UserService.java

@@ -10,6 +10,7 @@
 import org.mskcc.cbio.oncokb.domain.enumeration.LicenseModel;
 import org.mskcc.cbio.oncokb.domain.enumeration.LicenseStatus;
 import org.mskcc.cbio.oncokb.domain.enumeration.LicenseType;
+import org.mskcc.cbio.oncokb.domain.enumeration.TokenType;
 import org.mskcc.cbio.oncokb.repository.AuthorityRepository;
 import org.mskcc.cbio.oncokb.repository.CompanyDomainRepository;
 import org.mskcc.cbio.oncokb.repository.CompanyRepository;
@@ -42,7 +43,6 @@
 import org.springframework.transaction.annotation.Transactional;
 import org.springframework.cache.annotation.Cacheable;
 
-import javax.mail.MessagingException;
 import javax.validation.constraints.NotNull;
 import java.time.Instant;
 import java.time.temporal.ChronoUnit;
@@ -645,6 +645,7 @@ private List<Token> generateTokenForUserIfNotExist(UserDTO userDTO, Optional<Int
         if (tokens.isEmpty()) {
             Token token = tokenProvider.createToken(
                 userMapper.userDTOToUser(userDTO),
+                TokenType.USER,
                 tokenValidDays.isPresent() ? Optional.of(Instant.now().plusSeconds(DAY_IN_SECONDS * (long) tokenValidDays.get())) : Optional.empty(),
                 tokenIsRenewable,
                 Optional.empty()

src/main/java/org/mskcc/cbio/oncokb/service/impl/CompanyServiceImpl.java

@@ -24,6 +24,7 @@
 import org.mskcc.cbio.oncokb.domain.UserDetails;
 import org.mskcc.cbio.oncokb.domain.enumeration.LicenseStatus;
 import org.mskcc.cbio.oncokb.domain.enumeration.LicenseType;
+import org.mskcc.cbio.oncokb.domain.enumeration.TokenType;
 import org.mskcc.cbio.oncokb.repository.CompanyRepository;
 import org.mskcc.cbio.oncokb.repository.UserDetailsRepository;
 import org.mskcc.cbio.oncokb.repository.UserRepository;
@@ -319,6 +320,7 @@ public Optional<Token> createServiceAccountToken(Long id, String name) throws To
 
         return Optional.of(tokenProvider.createToken(
             serviceUser,
+            TokenType.SERVICE,
             Optional.of(
                 LocalDateTime.of(9999, 1, 1, 0, 0).atZone(ZoneId.systemDefault()).toInstant()
             ),

src/main/java/org/mskcc/cbio/oncokb/service/impl/TokenServiceImpl.java

@@ -19,7 +19,6 @@
 import java.util.List;
 import java.util.Objects;
 import java.util.Optional;
-import java.util.UUID;
 import java.util.stream.Collectors;
 
 import static org.mskcc.cbio.oncokb.config.cache.TokenCacheResolver.TOKENS_BY_USER_LOGIN_CACHE;
@@ -85,7 +84,7 @@ public Optional<Token> findPublicWebsiteToken() {
     }
 
     @Override
-    public Optional<Token> findByToken(UUID token) {
+    public Optional<Token> findByToken(String token) {
         return tokenRepository.findByToken(token);
     }