feat: Support custom generation of token validity period (#428)

cosec-core/src/main/kotlin/me/ahoo/cosec/token/TokenCompositeAuthentication.kt

@@ -45,7 +45,7 @@ class TokenCompositeAuthentication(
     ): Mono<out CompositeToken> {
         return authenticate(credentialsType, credentials)
             .map {
-                tokenConverter.asToken(it)
+                tokenConverter.toToken(it)
             }
     }
 }

cosec-core/src/main/kotlin/me/ahoo/cosec/token/TokenConverter.kt

@@ -14,12 +14,18 @@ package me.ahoo.cosec.token
 
 import me.ahoo.cosec.api.principal.CoSecPrincipal
 import me.ahoo.cosec.api.token.CompositeToken
+import java.time.Duration
 
 /**
  * Token Converter.
  *
  * @author ahoo wang
  */
-fun interface TokenConverter {
-    fun asToken(principal: CoSecPrincipal): CompositeToken
+interface TokenConverter {
+    fun toToken(principal: CoSecPrincipal): CompositeToken
+    fun toToken(
+        principal: CoSecPrincipal,
+        accessTokenValidity: Duration,
+        refreshTokenValidity: Duration
+    ): CompositeToken
 }

cosec-core/src/test/kotlin/me/ahoo/cosec/token/TokenCompositeAuthenticationTest.kt

@@ -34,7 +34,7 @@ class TokenCompositeAuthenticationTest {
         val compositeAuthentication = CompositeAuthentication(DefaultAuthenticationProvider)
         val compositeToken = SimpleCompositeToken("accessToken", "refreshToken")
         val tokenConverter = mockk<TokenConverter> {
-            every { asToken(any()) } returns compositeToken
+            every { toToken(any()) } returns compositeToken
         }
         val tokenCompositeAuthentication = TokenCompositeAuthentication(compositeAuthentication, tokenConverter)
         assertThat(tokenCompositeAuthentication.supportCredentials, `is`(Credentials::class.java))

cosec-jwt/src/jmh/kotlin/me/ahoo/cosec/jwt/JwtTokenConverterBenchmark.kt

@@ -63,7 +63,7 @@ open class JwtTokenConverterBenchmark {
         algorithm = Algorithm.HMAC256("FyN0Igd80Gas8stTavArGKOYnS9uLWGA_")
         jwtTokenConverter = JwtTokenConverter(MockIdGenerator.INSTANCE, algorithm)
         jwtTokenVerifier = JwtTokenVerifier(algorithm)
-        token = jwtTokenConverter.asToken(SimpleTenantPrincipal.ANONYMOUS)
+        token = jwtTokenConverter.toToken(SimpleTenantPrincipal.ANONYMOUS)
     }
 
     @Benchmark

cosec-jwt/src/main/kotlin/me/ahoo/cosec/jwt/JwtTokenConverter.kt

@@ -38,7 +38,15 @@ class JwtTokenConverter(
     private val refreshTokenValidity: Duration = Duration.ofDays(7)
 ) : TokenConverter {
 
-    override fun asToken(principal: CoSecPrincipal): CompositeToken {
+    override fun toToken(principal: CoSecPrincipal): CompositeToken {
+        return toToken(principal, accessTokenValidity, refreshTokenValidity)
+    }
+
+    override fun toToken(
+        principal: CoSecPrincipal,
+        accessTokenValidity: Duration,
+        refreshTokenValidity: Duration
+    ): CompositeToken {
         val accessTokenId = idGenerator.generateAsString()
         val now = Date()
         val accessTokenExp = Date(System.currentTimeMillis() + accessTokenValidity.toMillis())

cosec-jwt/src/test/kotlin/me/ahoo/cosec/jwt/JwtTokenConverterTest.kt

@@ -30,13 +30,13 @@ internal class JwtTokenConverterTest {
     private val jwtTokenVerifier = JwtTokenVerifier(JwtFixture.ALGORITHM)
 
     @Test
-    fun anonymousAsToken() {
-        val token: CompositeToken = jwtTokenConverter.asToken(SimpleTenantPrincipal.ANONYMOUS)
+    fun anonymousToToken() {
+        val token: CompositeToken = jwtTokenConverter.toToken(SimpleTenantPrincipal.ANONYMOUS)
         assertThat(token, notNullValue())
     }
 
     @Test
-    fun asToken() {
+    fun toToken() {
         val principal =
             SimplePrincipal(
                 "id",
@@ -46,12 +46,12 @@ internal class JwtTokenConverterTest {
                     "attr_string" to "attr_string_value"
                 ),
             )
-        val token: CompositeToken = jwtTokenConverter.asToken(principal)
+        val token: CompositeToken = jwtTokenConverter.toToken(principal)
         assertThat(token, notNullValue())
         val verified = jwtTokenVerifier.verify<TokenPrincipal>(token)
         assertThat(verified.id, equalTo(principal.id))
         assertThat(verified.attributes["attr_string"], equalTo("attr_string_value"))
-        val token2 = jwtTokenConverter.asToken(verified)
+        val token2 = jwtTokenConverter.toToken(verified)
         assertThat(token2, notNullValue())
     }
 }

cosec-jwt/src/test/kotlin/me/ahoo/cosec/jwt/JwtTokenVerifierTest.kt

@@ -33,14 +33,14 @@ class JwtTokenVerifierTest {
 
     @Test
     fun verify() {
-        val token: CompositeToken = jwtTokenConverter.asToken(SimpleTenantPrincipal.ANONYMOUS)
+        val token: CompositeToken = jwtTokenConverter.toToken(SimpleTenantPrincipal.ANONYMOUS)
         val principal: TokenTenantPrincipal = jwtTokenVerifier.verify(token)
         assertThat(principal.name, equalTo(CoSecPrincipal.ANONYMOUS_ID))
     }
 
     @Test
     fun refresh() {
-        val oldToken: CompositeToken = jwtTokenConverter.asToken(SimpleTenantPrincipal.ANONYMOUS)
+        val oldToken: CompositeToken = jwtTokenConverter.toToken(SimpleTenantPrincipal.ANONYMOUS)
         val newTokenPrincipal = jwtTokenVerifier.refresh<TokenTenantPrincipal>(oldToken)
         assertThat(newTokenPrincipal.id, equalTo(SimpleTenantPrincipal.ANONYMOUS.id))
         assertThat(newTokenPrincipal.tenant.tenantId, equalTo(SimpleTenantPrincipal.ANONYMOUS.tenant.tenantId))
@@ -55,7 +55,7 @@ class JwtTokenVerifierTest {
                 Duration.ofMillis(1),
                 Duration.ofMillis(1)
             )
-        val oldToken: CompositeToken = converter.asToken(SimpleTenantPrincipal.ANONYMOUS)
+        val oldToken: CompositeToken = converter.toToken(SimpleTenantPrincipal.ANONYMOUS)
         TimeUnit.SECONDS.sleep(1)
         assertThrows(TokenExpiredException::class.java) { jwtTokenVerifier.refresh<TokenPrincipal>(oldToken) }
     }

cosec-jwt/src/test/kotlin/me/ahoo/cosec/jwt/SimpleRefreshTokenAuthenticationTest.kt

@@ -33,7 +33,7 @@ class SimpleRefreshTokenAuthenticationTest {
     fun authenticate() {
         val refreshTokenAuthentication = SimpleRefreshTokenAuthentication(jwtTokenVerifier)
         assertThat(refreshTokenAuthentication.supportCredentials, `is`(RefreshTokenCredentials::class.java))
-        val oldToken: CompositeToken = jwtTokenConverter.asToken(SimpleTenantPrincipal.ANONYMOUS)
+        val oldToken: CompositeToken = jwtTokenConverter.toToken(SimpleTenantPrincipal.ANONYMOUS)
 
         refreshTokenAuthentication.authenticate(object : RefreshTokenCredentials {
             override val accessToken: String

cosec-webflux/src/test/kotlin/me/ahoo/cosec/webflux/ReactiveAuthorizationFilterTest.kt

@@ -48,7 +48,7 @@ internal class ReactiveAuthorizationFilterTest {
         val algorithm = Algorithm.HMAC256("FyN0Igd80Gas8stTavArGKOYnS9uLWGA_")
         val jwtTokenConverter = JwtTokenConverter(MockIdGenerator.INSTANCE, algorithm)
         fun createAccessToken(principal: SimplePrincipal): String {
-            return jwtTokenConverter.asToken(principal).accessToken
+            return jwtTokenConverter.toToken(principal).accessToken
         }
     }