From 08cb38a2126e91ccde44e9f91d2ad1f149c7e6b5 Mon Sep 17 00:00:00 2001
From: Anton Tananaev <anton@traccar.org>
Date: Sun, 26 Nov 2023 08:03:53 -0800
Subject: Add login result class

---
 .../java/org/traccar/api/security/LoginResult.java | 25 ++++++++++++++++++++++
 .../org/traccar/api/security/LoginService.java     | 18 ++++++++--------
 .../api/security/SecurityRequestFilter.java        |  7 +++---
 3 files changed, 38 insertions(+), 12 deletions(-)
 create mode 100644 src/main/java/org/traccar/api/security/LoginResult.java

(limited to 'src/main/java/org/traccar/api/security')

diff --git a/src/main/java/org/traccar/api/security/LoginResult.java b/src/main/java/org/traccar/api/security/LoginResult.java
new file mode 100644
index 000000000..66c35bbed
--- /dev/null
+++ b/src/main/java/org/traccar/api/security/LoginResult.java
@@ -0,0 +1,25 @@
+package org.traccar.api.security;
+
+import org.traccar.model.User;
+
+import java.util.Date;
+
+public class LoginResult {
+
+    private final User user;
+    private final Date expiration;
+
+    public LoginResult(User user) {
+        this.user = user;
+        expiration = null;
+    }
+
+    public User getUser() {
+        return user;
+    }
+
+    public Date getExpiration() {
+        return expiration;
+    }
+
+}
diff --git a/src/main/java/org/traccar/api/security/LoginService.java b/src/main/java/org/traccar/api/security/LoginService.java
index 829f5d2fa..6246d2494 100644
--- a/src/main/java/org/traccar/api/security/LoginService.java
+++ b/src/main/java/org/traccar/api/security/LoginService.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2022 Anton Tananaev (anton@traccar.org)
+ * Copyright 2022 - 2023 Anton Tananaev (anton@traccar.org)
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -58,9 +58,9 @@ public class LoginService {
         forceOpenId = config.getBoolean(Keys.OPENID_FORCE);
     }
 
-    public User login(String token) throws StorageException, GeneralSecurityException, IOException {
+    public LoginResult login(String token) throws StorageException, GeneralSecurityException, IOException {
         if (serviceAccountToken != null && serviceAccountToken.equals(token)) {
-            return new ServiceAccountUser();
+            return new LoginResult(new ServiceAccountUser());
         }
         long userId = tokenManager.verifyToken(token);
         User user = storage.getObject(User.class, new Request(
@@ -68,10 +68,10 @@ public class LoginService {
         if (user != null) {
             checkUserEnabled(user);
         }
-        return user;
+        return new LoginResult(user);
     }
 
-    public User login(String email, String password, Integer code) throws StorageException {
+    public LoginResult login(String email, String password, Integer code) throws StorageException {
         if (forceOpenId) {
             return null;
         }
@@ -87,20 +87,20 @@ public class LoginService {
                     || !forceLdap && user.isPasswordValid(password)) {
                 checkUserCode(user, code);
                 checkUserEnabled(user);
-                return user;
+                return new LoginResult(user);
             }
         } else {
             if (ldapProvider != null && ldapProvider.login(email, password)) {
                 user = ldapProvider.getUser(email);
                 user.setId(storage.addObject(user, new Request(new Columns.Exclude("id"))));
                 checkUserEnabled(user);
-                return user;
+                return new LoginResult(user);
             }
         }
         return null;
     }
 
-    public User login(String email, String name, boolean administrator) throws StorageException {
+    public LoginResult login(String email, String name, boolean administrator) throws StorageException {
         User user = storage.getObject(User.class, new Request(
             new Columns.All(),
             new Condition.Equals("email", email)));
@@ -115,7 +115,7 @@ public class LoginService {
             user.setId(storage.addObject(user, new Request(new Columns.Exclude("id"))));
         }
         checkUserEnabled(user);
-        return user;
+        return new LoginResult(user);
     }
 
     private void checkUserEnabled(User user) throws SecurityException {
diff --git a/src/main/java/org/traccar/api/security/SecurityRequestFilter.java b/src/main/java/org/traccar/api/security/SecurityRequestFilter.java
index cb523177e..e308024da 100644
--- a/src/main/java/org/traccar/api/security/SecurityRequestFilter.java
+++ b/src/main/java/org/traccar/api/security/SecurityRequestFilter.java
@@ -82,13 +82,14 @@ public class SecurityRequestFilter implements ContainerRequestFilter {
             if (authHeader != null) {
 
                 try {
-                    User user;
+                    LoginResult loginResult;
                     if (authHeader.startsWith("Bearer ")) {
-                        user = loginService.login(authHeader.substring(7));
+                        loginResult = loginService.login(authHeader.substring(7));
                     } else {
                         String[] auth = decodeBasicAuth(authHeader);
-                        user = loginService.login(auth[0], auth[1], null);
+                        loginResult = loginService.login(auth[0], auth[1], null);
                     }
+                    User user = loginResult.getUser();
                     if (user != null) {
                         statisticsManager.registerRequest(user.getId());
                         securityContext = new UserSecurityContext(new UserPrincipal(user.getId()));
-- 
cgit v1.2.3