1 files changed, 24 insertions, 6 deletions

diff --git a/src/main/java/org/traccar/api/resource/SessionResource.java b/src/main/java/org/traccar/api/resource/SessionResource.java
index 8eabdc63c..f70b67cde 100644
--- a/src/main/java/org/traccar/api/resource/SessionResource.java
+++ b/src/main/java/org/traccar/api/resource/SessionResource.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2015 - 2021 Anton Tananaev (anton@traccar.org)
+ * Copyright 2015 - 2022 Anton Tananaev (anton@traccar.org)
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -17,6 +17,7 @@ package org.traccar.api.resource;
 
 import org.traccar.api.BaseResource;
 import org.traccar.api.security.LoginService;
+import org.traccar.api.signature.TokenManager;
 import org.traccar.helper.DataConverter;
 import org.traccar.helper.ServletHelper;
 import org.traccar.helper.LogAction;
@@ -40,12 +41,16 @@ import javax.ws.rs.PathParam;
 import javax.ws.rs.Produces;
 import javax.ws.rs.QueryParam;
 import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.core.Context;
 import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
 
-import java.io.UnsupportedEncodingException;
+import java.io.IOException;
 import java.net.URLDecoder;
 import java.nio.charset.StandardCharsets;
+import java.security.GeneralSecurityException;
+import java.util.Date;
+import java.util.concurrent.TimeUnit;
 
 @Path("session")
 @Produces(MediaType.APPLICATION_JSON)
@@ -59,12 +64,15 @@ public class SessionResource extends BaseResource {
     @Inject
     private LoginService loginService;
 
-    @javax.ws.rs.core.Context
+    @Inject
+    private TokenManager tokenManager;
+
+    @Context
     private HttpServletRequest request;
 
     @PermitAll
     @GET
-    public User get(@QueryParam("token") String token) throws StorageException, UnsupportedEncodingException {
+    public User get(@QueryParam("token") String token) throws StorageException, IOException, GeneralSecurityException {
 
         if (token != null) {
             User user = loginService.login(token);
@@ -84,11 +92,11 @@ public class SessionResource extends BaseResource {
                 for (Cookie cookie : cookies) {
                     if (cookie.getName().equals(USER_COOKIE_KEY)) {
                         byte[] emailBytes = DataConverter.parseBase64(
-                                URLDecoder.decode(cookie.getValue(), StandardCharsets.US_ASCII.name()));
+                                URLDecoder.decode(cookie.getValue(), StandardCharsets.US_ASCII));
                         email = new String(emailBytes, StandardCharsets.UTF_8);
                     } else if (cookie.getName().equals(PASS_COOKIE_KEY)) {
                         byte[] passwordBytes = DataConverter.parseBase64(
-                                URLDecoder.decode(cookie.getValue(), StandardCharsets.US_ASCII.name()));
+                                URLDecoder.decode(cookie.getValue(), StandardCharsets.US_ASCII));
                         password = new String(passwordBytes, StandardCharsets.UTF_8);
                     }
                 }
@@ -144,4 +152,14 @@ public class SessionResource extends BaseResource {
         return Response.noContent().build();
     }
 
+    @Path("token")
+    @POST
+    public String requestToken(
+            @FormParam("expiration") Date expiration) throws StorageException, GeneralSecurityException, IOException {
+        if (expiration == null) {
+            expiration = new Date(System.currentTimeMillis() + TimeUnit.DAYS.toMillis(7));
+        }
+        return tokenManager.generateToken(getUserId(), expiration);
+    }
+
 }