EFRS-1286: Added a remove expired OAuth tokens scheduler

lordunix · Nov 4, 2022 · c695401 · c695401
1 parent 19c8560
commit c695401
Show file tree

Hide file tree

Showing 2 changed files with 34 additions and 12 deletions.
diff --git a/java/admin/src/main/java/com/exadel/frs/system/security/CustomJdbcTokenStore.java b/java/admin/src/main/java/com/exadel/frs/system/security/CustomJdbcTokenStore.java
@@ -1,26 +1,36 @@
 package com.exadel.frs.system.security;
 
 import java.sql.Types;
+import java.time.LocalDateTime;
 import javax.sql.DataSource;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.jdbc.core.JdbcTemplate;
 import org.springframework.jdbc.core.support.SqlLobValue;
+import org.springframework.scheduling.annotation.Scheduled;
 import org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken;
 import org.springframework.security.oauth2.common.OAuth2AccessToken;
 import org.springframework.security.oauth2.common.OAuth2RefreshToken;
 import org.springframework.security.oauth2.provider.OAuth2Authentication;
 import org.springframework.security.oauth2.provider.token.DefaultAuthenticationKeyGenerator;
 import org.springframework.security.oauth2.provider.token.store.JdbcTokenStore;
+import org.springframework.stereotype.Component;
+import org.springframework.transaction.annotation.Transactional;
 
+@Slf4j
+@Component
 public class CustomJdbcTokenStore extends JdbcTokenStore {
 
     private static final String INSERT_ACCESS_TOKEN_WITH_EXPIRATION_SQL = "insert into oauth_access_token (token_id, token, authentication_id, user_name, client_id, authentication, refresh_token, expiration) values (?, ?, ?, ?, ?, ?, ?,?)";
     private static final String INSERT_REFRESH_TOKEN_WITH_EXPIRATION_SQL = "insert into oauth_refresh_token (token_id, token, authentication, expiration) values (?, ?, ?, ?)";
+    private static final String REMOVE_EXPIRED_ACCESS_TOKENS_SQL = "delete from oauth_access_token where expiration < ?";
+    private static final String REMOVE_EXPIRED_REFRESH_TOKENS_SQL = "delete from oauth_refresh_token where expiration < ?";
 
     private final JdbcTemplate jdbcTemplate;
 
     public CustomJdbcTokenStore(DataSource dataSource) {
         super(dataSource);
-        jdbcTemplate = new JdbcTemplate(dataSource);
+        this.jdbcTemplate = new JdbcTemplate(dataSource);
+        this.setAuthenticationKeyGenerator(new AuthenticationKeyGeneratorImpl());
     }
 
     @Override
@@ -62,4 +72,23 @@ public void storeRefreshToken(OAuth2RefreshToken refreshToken, OAuth2Authenticat
                 new int[]{Types.VARCHAR, Types.BLOB, Types.BLOB, Types.TIMESTAMP}
         );
     }
+
+    @Transactional
+    @Scheduled(cron = "@weekly")
+    public void removeExpiredTokens() {
+        LocalDateTime now = LocalDateTime.now();
+        int accessTokenCount = this.jdbcTemplate.update(
+                REMOVE_EXPIRED_ACCESS_TOKENS_SQL,
+                now
+        );
+        int refreshTokenCount = this.jdbcTemplate.update(
+                REMOVE_EXPIRED_REFRESH_TOKENS_SQL,
+                now
+        );
+        log.info(
+                "Removed {} expired access tokens and {} expired update tokens",
+                accessTokenCount,
+                refreshTokenCount
+        );
+    }
 }
diff --git a/java/admin/src/main/java/com/exadel/frs/system/security/config/AuthServerConfig.java b/java/admin/src/main/java/com/exadel/frs/system/security/config/AuthServerConfig.java
@@ -57,16 +57,9 @@ public class AuthServerConfig extends AuthorizationServerConfigurerAdapter {
     private final AuthenticationManager authenticationManager;
     private final ClientService clientService;
     private final CustomUserDetailsService userDetailsService;
-    private final DataSource dataSource;
     private final PasswordEncoder passwordEncoder;
     private final OAuthClientProperties authClientProperties;
-
-    @Bean
-    public JdbcTokenStore tokenStore() {
-        JdbcTokenStore tokenStore = new CustomJdbcTokenStore(dataSource);
-        tokenStore.setAuthenticationKeyGenerator(new AuthenticationKeyGeneratorImpl());
-        return tokenStore;
-    }
+    private final JdbcTokenStore tokenStore;
 
     @Bean
     @Primary
@@ -83,7 +76,7 @@ public TokenEndpoint tokenEndpoint(AuthorizationServerEndpointsConfiguration con
 
     @Bean
     public DefaultTokenServices tokenServices() {
-        TokenServicesImpl tokenServices = new TokenServicesImpl(tokenStore());
+        TokenServicesImpl tokenServices = new TokenServicesImpl(tokenStore);
         tokenServices.setClientDetailsService(clientService);
         return tokenServices;
     }
@@ -119,7 +112,7 @@ public void configure(final ClientDetailsServiceConfigurer clients) throws Excep
     @Override
     public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
         endpoints
-                .tokenStore(tokenStore())
+                .tokenStore(tokenStore)
                 .tokenServices(tokenServices())
                 .authenticationManager(authenticationManager)
                 .userDetailsService(userDetailsService)
@@ -136,4 +129,4 @@ public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
             }
         });
     }
-}
+}