From 8807b7e95df1e5116ee44312dc945ffb4473e470 Mon Sep 17 00:00:00 2001
From: Sergey Matvienko <smatvienko@thingsboard.io>
Date: Thu, 17 Nov 2022 11:46:42 +0100
Subject: [PATCH] Jwt settings refactored one more time

---
 .../jwt/settings/DefaultJwtSettingsService.java    | 14 +++-----------
 .../jwt/settings/DefaultJwtSettingsValidator.java  |  2 +-
 .../jwt/settings/InstallJwtSettingsValidator.java  |  7 ++++---
 .../auth/jwt/settings/JwtSettingsService.java      |  3 +++
 .../auth/jwt/settings/JwtSettingsValidator.java    |  2 --
 5 files changed, 11 insertions(+), 17 deletions(-)

diff --git a/application/src/main/java/org/thingsboard/server/service/security/auth/jwt/settings/DefaultJwtSettingsService.java b/application/src/main/java/org/thingsboard/server/service/security/auth/jwt/settings/DefaultJwtSettingsService.java
index 01f1deecbf..d6a7cf9e48 100644
--- a/application/src/main/java/org/thingsboard/server/service/security/auth/jwt/settings/DefaultJwtSettingsService.java
+++ b/application/src/main/java/org/thingsboard/server/service/security/auth/jwt/settings/DefaultJwtSettingsService.java
@@ -29,15 +29,11 @@ import org.thingsboard.server.common.data.plugin.ComponentLifecycleEvent;
 import org.thingsboard.server.common.data.security.model.JwtSettings;
 import org.thingsboard.server.dao.settings.AdminSettingsService;
 
-import javax.annotation.PostConstruct;
 import java.nio.charset.StandardCharsets;
 import java.util.Base64;
 import java.util.Objects;
 import java.util.Optional;
 
-import static org.thingsboard.server.service.security.auth.jwt.settings.JwtSettingsValidator.ADMIN_SETTINGS_JWT_KEY;
-import static org.thingsboard.server.service.security.auth.jwt.settings.JwtSettingsValidator.TOKEN_SIGNING_KEY_DEFAULT;
-
 @Service
 @RequiredArgsConstructor
 @Slf4j
@@ -48,9 +44,6 @@ public class DefaultJwtSettingsService implements JwtSettingsService {
     @Lazy
     private final Optional<TbClusterService> tbClusterService;
     private final JwtSettingsValidator jwtSettingsValidator;
-    private volatile JwtSettings jwtSettings = null; //lazy init
-    @Value("${install.upgrade:false}")
-    private boolean isUpgrade;
 
     @Value("${security.jwt.tokenExpirationTime:9000}")
     private Integer tokenExpirationTime;
@@ -61,10 +54,7 @@ public class DefaultJwtSettingsService implements JwtSettingsService {
     @Value("${security.jwt.tokenSigningKey:thingsboardDefaultSigningKey}")
     private String tokenSigningKey;
 
-    @PostConstruct
-    public void init() {
-
-    }
+    private volatile JwtSettings jwtSettings = null; //lazy init
 
     @Override
     public void reloadJwtSettings() {
@@ -142,6 +132,7 @@ public class DefaultJwtSettingsService implements JwtSettingsService {
         adminSettingsService.saveAdminSettings(TenantId.SYS_TENANT_ID, adminJwtSettings);
 
         tbClusterService.ifPresent(cs -> cs.broadcastEntityStateChangeEvent(TenantId.SYS_TENANT_ID, TenantId.SYS_TENANT_ID, ComponentLifecycleEvent.UPDATED));
+
         reloadJwtSettings();
         return getJwtSettings();
     }
@@ -165,4 +156,5 @@ public class DefaultJwtSettingsService implements JwtSettingsService {
         }
         return this.jwtSettings;
     }
+
 }
diff --git a/application/src/main/java/org/thingsboard/server/service/security/auth/jwt/settings/DefaultJwtSettingsValidator.java b/application/src/main/java/org/thingsboard/server/service/security/auth/jwt/settings/DefaultJwtSettingsValidator.java
index ef0e88753c..bf83179b78 100644
--- a/application/src/main/java/org/thingsboard/server/service/security/auth/jwt/settings/DefaultJwtSettingsValidator.java
+++ b/application/src/main/java/org/thingsboard/server/service/security/auth/jwt/settings/DefaultJwtSettingsValidator.java
@@ -59,7 +59,7 @@ public class DefaultJwtSettingsValidator implements JwtSettingsValidator {
         if (Arrays.isNullOrEmpty(decodedKey)) {
             throw new DataValidationException("JWT token signing key should be non-empty after Base64 decoding!");
         }
-        if (decodedKey.length * Byte.SIZE < 256 && !TOKEN_SIGNING_KEY_DEFAULT.equals(jwtSettings.getTokenSigningKey())) {
+        if (decodedKey.length * Byte.SIZE < 256 && !JwtSettingsService.TOKEN_SIGNING_KEY_DEFAULT.equals(jwtSettings.getTokenSigningKey())) {
             throw new DataValidationException("JWT token signing key should be a Base64 encoded string representing at least 256 bits of data!");
         }
 
diff --git a/application/src/main/java/org/thingsboard/server/service/security/auth/jwt/settings/InstallJwtSettingsValidator.java b/application/src/main/java/org/thingsboard/server/service/security/auth/jwt/settings/InstallJwtSettingsValidator.java
index b8667c45a8..6202e60c96 100644
--- a/application/src/main/java/org/thingsboard/server/service/security/auth/jwt/settings/InstallJwtSettingsValidator.java
+++ b/application/src/main/java/org/thingsboard/server/service/security/auth/jwt/settings/InstallJwtSettingsValidator.java
@@ -21,15 +21,16 @@ import org.springframework.context.annotation.Profile;
 import org.springframework.stereotype.Component;
 import org.thingsboard.server.common.data.security.model.JwtSettings;
 
+/**
+ * During Install or upgrade the validation is suppressed to keep existing data
+ * */
+
 @Primary
 @Profile("install")
 @Component
 @RequiredArgsConstructor
 public class InstallJwtSettingsValidator implements JwtSettingsValidator {
 
-    /**
-     * During Install or upgrade the validation is suppressed to keep existing data
-     * */
     @Override
     public void validate(JwtSettings jwtSettings) {
 
diff --git a/application/src/main/java/org/thingsboard/server/service/security/auth/jwt/settings/JwtSettingsService.java b/application/src/main/java/org/thingsboard/server/service/security/auth/jwt/settings/JwtSettingsService.java
index f5858b7694..f79beb3740 100644
--- a/application/src/main/java/org/thingsboard/server/service/security/auth/jwt/settings/JwtSettingsService.java
+++ b/application/src/main/java/org/thingsboard/server/service/security/auth/jwt/settings/JwtSettingsService.java
@@ -19,6 +19,9 @@ import org.thingsboard.server.common.data.security.model.JwtSettings;
 
 public interface JwtSettingsService {
 
+    String ADMIN_SETTINGS_JWT_KEY = "jwt";
+    String TOKEN_SIGNING_KEY_DEFAULT = "thingsboardDefaultSigningKey";
+
     JwtSettings getJwtSettings();
 
     void reloadJwtSettings();
diff --git a/application/src/main/java/org/thingsboard/server/service/security/auth/jwt/settings/JwtSettingsValidator.java b/application/src/main/java/org/thingsboard/server/service/security/auth/jwt/settings/JwtSettingsValidator.java
index 30d23bca00..06a82fc808 100644
--- a/application/src/main/java/org/thingsboard/server/service/security/auth/jwt/settings/JwtSettingsValidator.java
+++ b/application/src/main/java/org/thingsboard/server/service/security/auth/jwt/settings/JwtSettingsValidator.java
@@ -18,8 +18,6 @@ package org.thingsboard.server.service.security.auth.jwt.settings;
 import org.thingsboard.server.common.data.security.model.JwtSettings;
 
 public interface JwtSettingsValidator {
-    String ADMIN_SETTINGS_JWT_KEY = "jwt";
-    String TOKEN_SIGNING_KEY_DEFAULT = "thingsboardDefaultSigningKey";
 
     void validate(JwtSettings jwtSettings);
 }