fix authentication

src/main/java/com/iconplus/smartproc/configuration/JwtRequestFilter.java

@@ -54,7 +54,7 @@ public class JwtRequestFilter extends OncePerRequestFilter {
 
 	private void isValidToken(HttpServletRequest request, String jwtToken) {
 		String requestUrl = request.getRequestURI();
-		String refreshTokenUrl = "/authentication-service/authentication/v1/refresh-token";
+		String refreshTokenUrl = "/api/authentication/refresh-token";
 		if (!refreshTokenUrl.equals(requestUrl)) {
 			var isValid = isValidAuthenticateToken(jwtToken);
 			if (!isValid) {

src/main/java/com/iconplus/smartproc/configuration/WebSecurityConfig.java

@@ -34,6 +34,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 				.csrf().disable();
 		httpSecurity.authorizeRequests()
 				.antMatchers("/api*/**").permitAll()
+				.antMatchers("/api/authentication/*").permitAll()
 				.antMatchers("/actuator/health").permitAll()
 				.antMatchers("/swagger*/**").permitAll()
 				.antMatchers("/v2*/**").permitAll()

src/main/java/com/iconplus/smartproc/model/entity/TokenManagement.java

@@ -31,12 +31,10 @@ public class TokenManagement extends BaseEntity {
     @Column(name = "user_id")
     private Long userId;
 
-    @Lob
+    @Column(name = "access_token", length = 2500)
-    @Column(name = "access_token")
     private String accessToken;
 
-    @Lob
+    @Column(name = "refresh_token", length = 2500)
-    @Column(name = "refresh_token")
     private String refreshToken;
 
     @Column(name = "issued_time")

src/main/java/com/iconplus/smartproc/model/projection/TokenManagementView.java

@@ -7,10 +7,10 @@ public interface TokenManagementView {
     String getId();
     void setId(String id);
 
-    String getUserId();
+    Long getUserId();
-    void setUserId(String userId);
+    void setUserId(Long userId);
 
-    Clob getAccessToken();
+    String getAccessToken();
-    void setAccessToken(Clob accessToken);
+    void setAccessToken(String accessToken);
 
 }

src/main/java/com/iconplus/smartproc/repository/TokenManagementRepository.java

@@ -14,9 +14,9 @@ public interface TokenManagementRepository extends JpaRepository<TokenManagement
 
     @Query(value = "SELECT access_token as accessToken FROM token_management " +
             "WHERE user_id = :userId " +
-            "AND isDelete = false " +
+            "AND is_delete = 0 " +
-            "AND expired_time >= SYSDATE", nativeQuery = true)
+            "AND expired_time >= CURRENT_TIMESTAMP", nativeQuery = true)
-    List<TokenManagementView> findAccessTokenByUserIdAndDeletedFalse(String userId);
+    List<TokenManagementView> findAccessTokenByUserIdAndDeletedFalse(Long userId);
 
     @Query(value = "SELECT tm from TokenManagement tm " +
             "WHERE tm.refreshToken = :refreshToken " +

src/main/java/com/iconplus/smartproc/service/authentication/LoginService.java

@@ -18,6 +18,7 @@ import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
 import java.util.HashMap;
+import java.util.HashSet;
 import java.util.Map;
 
 @Service
@@ -65,7 +66,7 @@ public class LoginService implements BaseService<LoginRequest, LoginResponse> {
                 .username(userRoleView.getUsername())
                 .nama(userRoleView.getNama())
                 .role(userRoleView.getRole())
-                .accessMenu(null)
+                .accessMenu(new HashSet<>())
                 .build();
 
         Map<String, Object> claims = new HashMap<>();

src/main/java/com/iconplus/smartproc/service/authentication/PostCheckAccessTokenService.java

@@ -27,7 +27,7 @@ public class PostCheckAccessTokenService implements BaseService<PostAccessTokenR
     public PostAccessTokenResponse execute(PostAccessTokenRequest input) {
 
         var decodeToken = TokenUtils.decodeToken(input.getAccessToken());
-        String userId = decodeToken.get("user_id");
+        Long userId = Long.valueOf(decodeToken.get("user_id"));
 
         List<TokenManagementView> tokenManagementViews = tokenManagementRepository.findAccessTokenByUserIdAndDeletedFalse(userId);
         if (tokenManagementViews.isEmpty()) {
@@ -38,7 +38,7 @@ public class PostCheckAccessTokenService implements BaseService<PostAccessTokenR
         }
 
         List<String> userTokenList = tokenManagementViews.stream()
-                .map(c-> CommonUtil.clobToString(c.getAccessToken()))
+                .map(TokenManagementView::getAccessToken)
                 .collect(Collectors.toList());
 
         boolean isMatch = userTokenList.stream().anyMatch(s -> s.equals(input.getAccessToken()));

src/main/java/com/iconplus/smartproc/service/authentication/TokenManagementService.java

@@ -17,6 +17,7 @@ import org.springframework.http.HttpStatus;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
+import java.util.HashSet;
 import java.util.Objects;
 
 @Service
@@ -72,7 +73,7 @@ public class TokenManagementService implements BaseService<RefreshTokenRequest,
                 .username(userRoleView.getUsername())
                 .nama(userRoleView.getNama())
                 .role(userRoleView.getRole())
-                .accessMenu(null)
+                .accessMenu(new HashSet<>())
                 .build();
 
         final String accessToken = jwtTokenUtil.generateToken(String.valueOf(userRoleView.getId()), tokenContent, accessTokenExp * 60000);