From 222919cbfb9e636fc2a5d0c201d6aab5598d226f Mon Sep 17 00:00:00 2001 From: bhtibrewal Date: Sun, 3 Mar 2024 19:40:16 +0530 Subject: [PATCH] self review --- skill-tree/pom.xml | 4 + .../Authentication/AuthEntryPoint.java | 7 -- .../RDS/skilltree/Config/SecurityConfig.java | 24 ++-- .../Endorsement/EndorsementController.java | 1 + .../Filters/JWTAuthenticationFilter.java | 23 ++-- .../java/com/RDS/skilltree/User/UserDRO.java | 3 +- .../com/RDS/skilltree/User/UserModel.java | 7 +- .../java/com/RDS/skilltree/User/UserRole.java | 3 +- .../utils/GlobalExceptionHandler.java | 2 +- .../com/RDS/skilltree/utils/JWTUtils.java | 8 +- .../resources/application-test.properties | 1 - .../src/main/resources/application.properties | 2 +- .../SecurityContextIntegrationTest.java | 4 +- .../unit/JWTAuthenticationFilterTest.java | 111 ------------------ .../src/test/java/utils/RestAPIHelper.java | 21 ++-- 15 files changed, 51 insertions(+), 170 deletions(-) delete mode 100644 skill-tree/src/main/resources/application-test.properties delete mode 100644 skill-tree/src/test/java/com/RDS/skilltree/unit/JWTAuthenticationFilterTest.java diff --git a/skill-tree/pom.xml b/skill-tree/pom.xml index 8e9b85a7..dfdda6d0 100644 --- a/skill-tree/pom.xml +++ b/skill-tree/pom.xml @@ -90,6 +90,8 @@ org.springframework.boot spring-boot-starter-security + + io.jsonwebtoken jjwt-api @@ -111,6 +113,8 @@ jjwt-jackson ${io.jsonwebtoken.version} + + org.springframework.boot spring-boot-starter-actuator diff --git a/skill-tree/src/main/java/com/RDS/skilltree/Authentication/AuthEntryPoint.java b/skill-tree/src/main/java/com/RDS/skilltree/Authentication/AuthEntryPoint.java index b478da37..f5ea0ed8 100644 --- a/skill-tree/src/main/java/com/RDS/skilltree/Authentication/AuthEntryPoint.java +++ b/skill-tree/src/main/java/com/RDS/skilltree/Authentication/AuthEntryPoint.java @@ -40,11 +40,4 @@ public void commence(HttpServletRequest request, HttpServletResponse response, A this.resolver.resolveException(request, response,null, authException); } -// @ExceptionHandler(value = {AccessDeniedException.class}) -// public void commence(HttpServletRequest request, HttpServletResponse response, -// AccessDeniedException accessDeniedException) throws IOException { -// // 403 -// response.sendError(HttpServletResponse.SC_FORBIDDEN, "Authorization Failed : " + accessDeniedException.getMessage()); -// } - } diff --git a/skill-tree/src/main/java/com/RDS/skilltree/Config/SecurityConfig.java b/skill-tree/src/main/java/com/RDS/skilltree/Config/SecurityConfig.java index e40d1327..2b2bbb3c 100644 --- a/skill-tree/src/main/java/com/RDS/skilltree/Config/SecurityConfig.java +++ b/skill-tree/src/main/java/com/RDS/skilltree/Config/SecurityConfig.java @@ -12,6 +12,7 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; +import org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer; import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; @@ -28,25 +29,25 @@ public class SecurityConfig { private final AuthEntryPoint authEntryPoint; private final CustomAccessDeniedHandler accessDeniedHandler; -private final String[] roles = Arrays.stream(UserRole.values()).map(role -> role.label).toArray(String[]::new); + private final String[] roles = Arrays.stream(UserRole.values()).map(role -> role.label).toArray(String[]::new); public SecurityConfig(AuthEntryPoint authEntryPoint, CustomAccessDeniedHandler accessDeniedHandler) { this.authEntryPoint = authEntryPoint; this.accessDeniedHandler = accessDeniedHandler; } + @Bean public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { http.csrf(AbstractHttpConfigurer::disable) - .cors(httpSecurityCorsConfigurer -> httpSecurityCorsConfigurer.configurationSource(corsConfigurationSource())) - .authorizeHttpRequests(auth->auth - .requestMatchers( "/v1/endorsements/status").hasAuthority(UserRole.SUPERUSER.label) - .requestMatchers("/v1/endorsements/**").hasAnyAuthority(roles) - .anyRequest().authenticated()) - - .exceptionHandling(ex->ex.accessDeniedHandler(this.accessDeniedHandler).authenticationEntryPoint(this.authEntryPoint)) - .sessionManagement(session->session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)); - + .cors(httpSecurityCorsConfigurer -> httpSecurityCorsConfigurer.configurationSource(corsConfigurationSource())) + .authorizeHttpRequests(auth -> auth + .requestMatchers("/v1/endorsements/status").hasAuthority(UserRole.SUPERUSER.label) + .requestMatchers("/v1/endorsements/**").hasAnyAuthority(roles) + .anyRequest().authenticated()) + .exceptionHandling(ex -> ex.accessDeniedHandler(this.accessDeniedHandler).authenticationEntryPoint(this.authEntryPoint)) + .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)); +// http.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt) http.addFilterBefore(jwtAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class); return http.build(); } @@ -63,8 +64,9 @@ public CorsConfigurationSource corsConfigurationSource() { source.registerCorsConfiguration("/**", configuration); return source; } + @Bean - public JWTAuthenticationFilter jwtAuthenticationFilter(){ + public JWTAuthenticationFilter jwtAuthenticationFilter() { return new JWTAuthenticationFilter(); } } diff --git a/skill-tree/src/main/java/com/RDS/skilltree/Endorsement/EndorsementController.java b/skill-tree/src/main/java/com/RDS/skilltree/Endorsement/EndorsementController.java index 0d019b0a..388707df 100644 --- a/skill-tree/src/main/java/com/RDS/skilltree/Endorsement/EndorsementController.java +++ b/skill-tree/src/main/java/com/RDS/skilltree/Endorsement/EndorsementController.java @@ -58,6 +58,7 @@ public ResponseEntity> postEndorsement(@RequestB } + // NOTE: dummy endpoint added to check super-user authorisation @PostMapping (value="/status") public String updateEndorsementStatus(){ return "This is a Super user only route"; diff --git a/skill-tree/src/main/java/com/RDS/skilltree/Filters/JWTAuthenticationFilter.java b/skill-tree/src/main/java/com/RDS/skilltree/Filters/JWTAuthenticationFilter.java index b9a25480..caedf60b 100644 --- a/skill-tree/src/main/java/com/RDS/skilltree/Filters/JWTAuthenticationFilter.java +++ b/skill-tree/src/main/java/com/RDS/skilltree/Filters/JWTAuthenticationFilter.java @@ -27,24 +27,20 @@ public class JWTAuthenticationFilter extends OncePerRequestFilter { @Autowired private JWTUtils jwtUtils; - @Override - public void doFilterInternal(HttpServletRequest request, - HttpServletResponse response, - FilterChain filterChain) - throws ServletException, IOException { + public void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { String token = getJWTFromRequest(request); try { if (StringUtils.hasText(token) && jwtUtils.validateToken(token)) { - String rdsUserId = jwtUtils.getRDSUserId(token); - String role= jwtUtils.getUserRole(token); + String rdsUserId = jwtUtils.getRDSUserId(token); + String role = jwtUtils.getUserRole(token); - UserAuthenticationToken authentication = new UserAuthenticationToken(role, rdsUserId); - authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); - SecurityContextHolder.getContext().setAuthentication(authentication); + UserAuthenticationToken authentication = new UserAuthenticationToken(role, rdsUserId); + authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); + SecurityContextHolder.getContext().setAuthentication(authentication); } } catch (Exception e) { @@ -56,12 +52,11 @@ public void doFilterInternal(HttpServletRequest request, public String getJWTFromRequest(HttpServletRequest request) { - /* */ + /* check for cookie */ Cookie RDScookie = WebUtils.getCookie(request, cookieName); - if(RDScookie != null) - return RDScookie.getValue(); + if (RDScookie != null) return RDScookie.getValue(); - /* */ + /* extract token from header */ String bearerToken = request.getHeader("Authorization"); if (StringUtils.hasText(bearerToken) && bearerToken.startsWith("Bearer ")) { return bearerToken.substring(7); diff --git a/skill-tree/src/main/java/com/RDS/skilltree/User/UserDRO.java b/skill-tree/src/main/java/com/RDS/skilltree/User/UserDRO.java index 0cd2366f..26e747de 100644 --- a/skill-tree/src/main/java/com/RDS/skilltree/User/UserDRO.java +++ b/skill-tree/src/main/java/com/RDS/skilltree/User/UserDRO.java @@ -61,7 +61,8 @@ public static UserModel compareAndUpdateModel(UserModel user, UserDRO userDRO) { if (userDRO.getRole() != null) { user.setRole(user.getRole()); } - + user.setUpdatedAt(Instant.now()); + user.setUpdatedBy(user); return user; } } diff --git a/skill-tree/src/main/java/com/RDS/skilltree/User/UserModel.java b/skill-tree/src/main/java/com/RDS/skilltree/User/UserModel.java index 276fa848..7db15008 100644 --- a/skill-tree/src/main/java/com/RDS/skilltree/User/UserModel.java +++ b/skill-tree/src/main/java/com/RDS/skilltree/User/UserModel.java @@ -6,13 +6,8 @@ import com.fasterxml.jackson.databind.annotation.JsonSerialize; import jakarta.persistence.*; import lombok.*; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.SimpleGrantedAuthority; -import org.springframework.security.core.userdetails.UserDetails; import java.net.URL; -import java.util.Collection; -import java.util.List; import java.util.Set; import java.util.UUID; @@ -24,7 +19,7 @@ @NoArgsConstructor @AllArgsConstructor @Table(name = "Users") -public class UserModel extends TrackedProperties { +public class UserModel extends TrackedProperties { @Id @GeneratedValue @Column(name = "id", columnDefinition = "BINARY(16)") diff --git a/skill-tree/src/main/java/com/RDS/skilltree/User/UserRole.java b/skill-tree/src/main/java/com/RDS/skilltree/User/UserRole.java index 3f4de934..d0d6e52c 100644 --- a/skill-tree/src/main/java/com/RDS/skilltree/User/UserRole.java +++ b/skill-tree/src/main/java/com/RDS/skilltree/User/UserRole.java @@ -7,8 +7,7 @@ public enum UserRole { USER("user"), MEMBER("member"), - SUPERUSER("super_user"), - MAVEN("maven"); + SUPERUSER("super_user"); public final String label; diff --git a/skill-tree/src/main/java/com/RDS/skilltree/utils/GlobalExceptionHandler.java b/skill-tree/src/main/java/com/RDS/skilltree/utils/GlobalExceptionHandler.java index 0596e754..04e604b4 100644 --- a/skill-tree/src/main/java/com/RDS/skilltree/utils/GlobalExceptionHandler.java +++ b/skill-tree/src/main/java/com/RDS/skilltree/utils/GlobalExceptionHandler.java @@ -30,7 +30,7 @@ public ResponseEntity> handleNoEntityException(NoEntityE @ExceptionHandler({AuthenticationException.class, InsufficientAuthenticationException.class}) public ResponseEntity> handleInvalidBearerTokenException(Exception ex) { - return ResponseEntity.status( HttpStatus.UNAUTHORIZED).body(new GenericResponse<>(null, "The access token provided is expired, revoked, malformed, or invalid for other reasons."+ ex.getMessage())); + return ResponseEntity.status( HttpStatus.UNAUTHORIZED).body(new GenericResponse<>(null, "The access token provided is expired, revoked, malformed, or invalid for other reasons.")); } @ExceptionHandler({AccessDeniedException.class}) public ResponseEntity> handleAccessDeniedException(AccessDeniedException ex) { diff --git a/skill-tree/src/main/java/com/RDS/skilltree/utils/JWTUtils.java b/skill-tree/src/main/java/com/RDS/skilltree/utils/JWTUtils.java index 42df32b3..0b62823f 100644 --- a/skill-tree/src/main/java/com/RDS/skilltree/utils/JWTUtils.java +++ b/skill-tree/src/main/java/com/RDS/skilltree/utils/JWTUtils.java @@ -75,13 +75,9 @@ public String getUserRole(String token) throws Exception { return claims.get("role", String.class); } - public boolean validateToken(String token) throws Exception { //TODO check for the case where token is expired - try { - return (!isTokenExpired(token)); + public boolean validateToken(String token) throws Exception { - } catch (Exception e) { - throw new AuthenticationCredentialsNotFoundException("Invalid JWT"); - } + return (!isTokenExpired(token)); } } diff --git a/skill-tree/src/main/resources/application-test.properties b/skill-tree/src/main/resources/application-test.properties deleted file mode 100644 index 8fa24448..00000000 --- a/skill-tree/src/main/resources/application-test.properties +++ /dev/null @@ -1 +0,0 @@ -cookieName=rds-session-v2-development \ No newline at end of file diff --git a/skill-tree/src/main/resources/application.properties b/skill-tree/src/main/resources/application.properties index 5a721b7d..ee8d768f 100644 --- a/skill-tree/src/main/resources/application.properties +++ b/skill-tree/src/main/resources/application.properties @@ -9,4 +9,4 @@ API_V1_PREFIX=/api/v1 spring.datasource.version=8.1.0 management.endpoints.web.exposure.include=health,info,metrics logging.level.root=ERROR -cookieName=rds-session-v2-development \ No newline at end of file +cookieName={COOKIE_NAME:rds-session-v2-development} \ No newline at end of file diff --git a/skill-tree/src/test/java/com/RDS/skilltree/SecurityContextIntegrationTest.java b/skill-tree/src/test/java/com/RDS/skilltree/SecurityContextIntegrationTest.java index 9638adc4..795bc629 100644 --- a/skill-tree/src/test/java/com/RDS/skilltree/SecurityContextIntegrationTest.java +++ b/skill-tree/src/test/java/com/RDS/skilltree/SecurityContextIntegrationTest.java @@ -17,14 +17,14 @@ public class SecurityContextIntegrationTest extends TestContainerManager { public void testTokenIsNotPresent() { Response response = given().get("/v1/health"); - response.then().statusCode(401).body("message", equalTo("The access token provided is expired, revoked, malformed, or invalid for other reasons.Full authentication is required to access this resource")); + response.then().statusCode(401).body("message", equalTo("The access token provided is expired, revoked, malformed, or invalid for other reasons.")); } @Test public void testInvalidToken() { Response response = given().cookie("rds-session-v2", "invalidtoken").get("/v1/health"); - response.then().statusCode(401).body("message", equalTo("The access token provided is expired, revoked, malformed, or invalid for other reasons.Full authentication is required to access this resource")); + response.then().statusCode(401).body("message", equalTo("The access token provided is expired, revoked, malformed, or invalid for other reasons.")); } @Test diff --git a/skill-tree/src/test/java/com/RDS/skilltree/unit/JWTAuthenticationFilterTest.java b/skill-tree/src/test/java/com/RDS/skilltree/unit/JWTAuthenticationFilterTest.java deleted file mode 100644 index 0a7046c7..00000000 --- a/skill-tree/src/test/java/com/RDS/skilltree/unit/JWTAuthenticationFilterTest.java +++ /dev/null @@ -1,111 +0,0 @@ -package com.RDS.skilltree.unit; - -import com.RDS.skilltree.Filters.JWTAuthenticationFilter; -import com.RDS.skilltree.User.UserModel; -import com.RDS.skilltree.User.UserRole; -import com.RDS.skilltree.User.UserService; -import com.RDS.skilltree.utils.JWTUtils; -import jakarta.servlet.FilterChain; -import jakarta.servlet.ServletException; -import jakarta.servlet.http.Cookie; -import org.junit.Ignore; -import org.junit.jupiter.api.BeforeEach; -import org.junit.jupiter.api.Disabled; -import org.junit.jupiter.api.Test; -import org.junit.jupiter.api.extension.ExtendWith; -import org.mockito.InjectMocks; -import org.mockito.Mock; -import org.mockito.MockitoAnnotations; -import org.mockito.junit.jupiter.MockitoExtension; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.mock.web.MockHttpServletRequest; -import org.springframework.mock.web.MockHttpServletResponse; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.context.SecurityContextHolder; - -import java.io.IOException; - -import static org.junit.jupiter.api.Assertions.*; -import static org.mockito.Mockito.*; - - - -@ExtendWith(MockitoExtension.class) -class JWTAuthenticationFilterTest { - - @Mock - private JWTUtils jwtUtils; - - @InjectMocks - private JWTAuthenticationFilter jwtAuthenticationFilter; - - @Value("${cookieName}") - private String cookieName = "rds-session-v2-development"; - - @BeforeEach - void setUp() { - MockitoAnnotations.openMocks(this); // Initialize the mocks before each test - } - - - - @Disabled - @Test - void doFilterInternal_ValidToken_ShouldSetAuthentication() throws Exception { - // Arrange - MockitoAnnotations.initMocks(this); - String validToken = "validToken"; - when(jwtUtils.validateToken(validToken)).thenReturn(true); - when(jwtUtils.getRDSUserId(validToken)).thenReturn("userId"); - when(jwtUtils.getUserRole(validToken)).thenReturn(UserRole.USER.label); - MockHttpServletRequest request = new MockHttpServletRequest(); - request.setCookies(new Cookie(cookieName, validToken)); -// when(jwtAuthenticationFilter.getJWTFromRequest(request)).thenReturn(validToken); - - MockHttpServletResponse response = new MockHttpServletResponse(); - FilterChain filterChain = mock(FilterChain.class); - - // Act - jwtAuthenticationFilter.doFilterInternal(request, response, filterChain); - - // Assert - verify(filterChain).doFilter(request, response); - - verify(jwtUtils).validateToken(validToken); - verify(jwtUtils).getRDSUserId(validToken); - verify(jwtUtils).getUserRole(validToken); - - Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); -// verify(authentication instanceof UserAuthenticationToken); - - UserModel user = (UserModel) authentication.getPrincipal(); - assertEquals(UserRole.USER, user.getRole()); - -// verify("userId", user.getRdsUserId()); - } - - @Disabled - @Test - void doFilterInternal_InvalidToken_ShouldThrowError() throws ServletException, IOException, Exception { - // Arrange - MockitoAnnotations.initMocks(this); - String invalidToken = "invalidToken"; - when(jwtUtils.validateToken(invalidToken)).thenReturn(false); - - MockHttpServletRequest request = new MockHttpServletRequest(); - request.setCookies(new Cookie("yourCookieName", invalidToken)); - - MockHttpServletResponse response = new MockHttpServletResponse(); - FilterChain filterChain = mock(FilterChain.class); - - // Act and Assert - assertThrows(RuntimeException.class, - () -> jwtAuthenticationFilter.doFilterInternal(request, response, filterChain)); - - // Ensure that the SecurityContextHolder does not contain authentication - assertNull(SecurityContextHolder.getContext().getAuthentication()); - - } -} - diff --git a/skill-tree/src/test/java/utils/RestAPIHelper.java b/skill-tree/src/test/java/utils/RestAPIHelper.java index cc1234b9..8dd8c3b2 100644 --- a/skill-tree/src/test/java/utils/RestAPIHelper.java +++ b/skill-tree/src/test/java/utils/RestAPIHelper.java @@ -4,17 +4,24 @@ import java.util.Map; public class RestAPIHelper { - public static Map getSuperUserCookie(){ + public static Map getSuperUserCookie() { - Map cookie= new HashMap<>(); - cookie.put("rds-session-v2", "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOiIyZlFFbVgyRW85a3lhM3NHdlJMMiIsInJvbGUiOiJzdXBlcl91c2VyIiwiaWF0IjoxNzA4NzgyODczLCJleHAiOjE3MTEzNzQ4NzN9.pOpm_pJk9hKqZ_JDtyFietItb4P1Wr2VvA53Qo0_nx1KHjjd24MPnQg-NOUaFZ2X_GWe8zOMklLgf3vX271tXTW98GQOiQdyqJZENtwJuxhiwT-3eLhPW8Kg2flfa3_mew0_s89e_hy3i1I4GH-YsCUaQ_SxrtlmZudYlExDhj-RuPVmz5djd7ra2mz6rsQhUMY047YKm0Szi3UMK1iWYJTHehwdtG0Y3PlR2hHyBrUFPpsxdFALcKwkV7rdcJgpDwZd6AnWCFiut940Mbr9W6tq7VMQLMC9Hjlnd5_2dVdz7NEUQ7BHTTFyStt6HdS_0-IgyZZR64AUXyMp-JAOwpLJr4A3psCc1pwn0UPy_2weRfXBm7k0xJO3cmV5x19k1jHxdW6LxaJthbsx9r_dY6B4IrsIJxBS_CefPrDv8JhW1EEkkYGWMpyzvMjqf5bpexJ1KLsKsqKIh-nEfE-CG-Yj5Cm5xFhdYE5iBdyehuClnaiBkUO4DU6GrcmgYkevsJs6uhfg_iVqZKt3xisO_0DNr1chCLCGBG_M25Xj5kT_ljzqLtaxi-OTIMQXK5lhx2e_sTrxC1T3gZ2em-WRSkC960tYfP2xnVS_DbNmk5yk3ZQEpOGgKfl7MhbJVYaXMUqR-lWLU1JoFvAsBvkh65ucztmPbXTNK6VcudWWGYI"); + Map cookie = new HashMap<>(); + cookie.put("rds-session-v2", "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOiIyZlFFbVgyRW85a3lhM3NHdlJMMiIsInJvbGUiOiJzdXBlcl91c2VyIiwiaWF0IjoxNzA4NzgyODczLCJleHAiOjE3MTEzNzQ4NzN9.pOpm_pJk9hKqZ_JDtyFietItb4P1Wr2VvA53Qo0_nx1KHjjd24MPnQg-NOUaFZ2X_GWe8zOMklLgf3vX271tXTW98GQOiQdyqJZENtwJuxhiwT-3eLhPW8Kg2flfa3_mew0_s89e_hy3i1I4GH-YsCUaQ_SxrtlmZudYlExDhj-RuPVmz5djd7ra2mz6rsQhUMY047YKm0Szi3UMK1iWYJTHehwdtG0Y3PlR2hHyBrUFPpsxdFALcKwkV7rdcJgpDwZd6AnWCFiut940Mbr9W6tq7VMQLMC9Hjlnd5_2dVdz7NEUQ7BHTTFyStt6HdS_0-IgyZZR64AUXyMp-JAOwpLJr4A3psCc1pwn0UPy_2weRfXBm7k0xJO3cmV5x19k1jHxdW6LxaJthbsx9r_dY6B4IrsIJxBS_CefPrDv8JhW1EEkkYGWMpyzvMjqf5bpexJ1KLsKsqKIh-nEfE-CG-Yj5Cm5xFhdYE5iBdyehuClnaiBkUO4DU6GrcmgYkevsJs6uhfg_iVqZKt3xisO_0DNr1chCLCGBG_M25Xj5kT_ljzqLtaxi-OTIMQXK5lhx2e_sTrxC1T3gZ2em-WRSkC960tYfP2xnVS_DbNmk5yk3ZQEpOGgKfl7MhbJVYaXMUqR-lWLU1JoFvAsBvkh65ucztmPbXTNK6VcudWWGYI"); return cookie; - } + } + + public static Map getMemberCookie() { + + Map cookie = new HashMap<>(); + cookie.put("rds-session-v2", "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOiIyZlFFbVgyRW85a3lhM3NHdlJMMiIsInJvbGUiOiJtZW1iZXIiLCJpYXQiOjE3MDkzOTM1ODQsImV4cCI6MTcxMTk4NTU4NH0.Vn_s9kp3TZl4CUYh4U4A3fzhIeoObssWyntQrt9BajBRGPm9afZ72NPkq90cgySSxSICLZiXpJXv6RjmD84sOhXYnvAgLMNtoV0zYDJxrPDwOX0RHYU5xLFjQgDbwxy94BKa-FtU2ZznTtEb6jpdwTrTOvVa8oTwEVTcIID--mQzUyC6AYy8u6vo6BcruC3n7I-GNZtyNufxXuTAycXG5Ln7SitGonl7iU8XNovARavxPH-m_8lYNj5zwNNQwi0EdWvaMTczUb2X-CaaMeloGByZs4KPPHhAhDs-0PTRAHmYvhLrF4RpOnVVvEcNmQdAjJeC56ZIt5LfHtPLOGHxvPQstw_Lv4HgXhAPi3E8R0qmDj2DtS6o5ukMMmNxwUbH2Y0amt-q_yWPUU0spUUPwKVe18e1BPG3FAlDxh2sup-S2fvVvdIWnw2SnHQ7p7Mv2IhGRPsySEKkXrYYWU-IJdJnByHYEHAOaYFdF4N4Ssa-t--7wuYytlIsSwPpq7s0qHbptvsb-Imc7WXT8fl9_NY-SRRPJuoj7w1yW0N51nyQt_f4DtdlcBCRWca_A1OPi9pR_T4Q5LPn4VD7-2wgjaIBA4FYA7mxEGK3Gu9KCtRPxzZW-WmQ7HqPQIJLaq8RALi8Tljhp9srkiRE14BWmZ1fCzGnYCnTDnJLILuPHzc"); + return cookie; + } - public static Map getUserCookie(){ + public static Map getUserCookie() { - Map cookie= new HashMap<>(); - cookie.put("rds-session-v2","eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOiIyZlFFbVgyRW85a3lhM3NHdlJMMiIsInJvbGUiOiJtZW1iZXIiLCJpYXQiOjE3MDkzOTM1ODQsImV4cCI6MTcxMTk4NTU4NH0.Vn_s9kp3TZl4CUYh4U4A3fzhIeoObssWyntQrt9BajBRGPm9afZ72NPkq90cgySSxSICLZiXpJXv6RjmD84sOhXYnvAgLMNtoV0zYDJxrPDwOX0RHYU5xLFjQgDbwxy94BKa-FtU2ZznTtEb6jpdwTrTOvVa8oTwEVTcIID--mQzUyC6AYy8u6vo6BcruC3n7I-GNZtyNufxXuTAycXG5Ln7SitGonl7iU8XNovARavxPH-m_8lYNj5zwNNQwi0EdWvaMTczUb2X-CaaMeloGByZs4KPPHhAhDs-0PTRAHmYvhLrF4RpOnVVvEcNmQdAjJeC56ZIt5LfHtPLOGHxvPQstw_Lv4HgXhAPi3E8R0qmDj2DtS6o5ukMMmNxwUbH2Y0amt-q_yWPUU0spUUPwKVe18e1BPG3FAlDxh2sup-S2fvVvdIWnw2SnHQ7p7Mv2IhGRPsySEKkXrYYWU-IJdJnByHYEHAOaYFdF4N4Ssa-t--7wuYytlIsSwPpq7s0qHbptvsb-Imc7WXT8fl9_NY-SRRPJuoj7w1yW0N51nyQt_f4DtdlcBCRWca_A1OPi9pR_T4Q5LPn4VD7-2wgjaIBA4FYA7mxEGK3Gu9KCtRPxzZW-WmQ7HqPQIJLaq8RALi8Tljhp9srkiRE14BWmZ1fCzGnYCnTDnJLILuPHzc" ); + Map cookie = new HashMap<>(); + cookie.put("rds-session-v2", "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOiIyZlFFbVgyRW85a3lhM3NHdlJMMiIsInJvbGUiOiJ1c2VyIiwiaWF0IjoxNzA5NDc0Nzk0LCJleHAiOjE3MTIwNjY3OTR9.d41TxVvpnxjDSAMWrcM0hWmUbHFoNpLdhZH6pJ1CV_2Q-2yUhwEUihRjKoBlkktHG0PgAHOd1oFNZVz7zAczWBKAgwarhnfs8QKyDuGHnLZeSYeFcjzomEV29vx_VOqWeha5OvmWmegvmDNFJAr8Q1QdXM_UocPrfJEc1wEHZQu4mHymu2LL-ocieDHh9Mhh4_gM7_9g03qibcCfedj8Nz_l2k94io9QOD-qfHuQjw12h5XDGTqFvk9S_UdWjSJPXl8wFq8K9bMcNU_QVGH52D-6B1n5nICfKExnASCWzGIVcaLnq6PfTPRm2SVlmuyYWc2AT3M_lPFeWwhSIRhG4UB4vMsVTBPx2HYCwB2Kt-wTa5B8fJwxQfKqZ5a5TaJI4nhkJD17BBn_cKtNwuhNVxREwNU9JLo0qzjvaQtoMJPj8XGcjGGbpIWbYo1WkklQ5ybzIV-WNtMoiJHkTxiMtZl2RBf2zXKE1XdvbW-cFtpKfh9ZVYkXJS9FDKWEziJWREECu6De_rxl3-1DTDwe2zeC3MSueOXyy8VMwUc7gQdZlJU61I9Ci0k-xYKkOo3V-eZZ3tyf4wKiYKLKe3wzAkrGvsnDVC65rFGHwlwPaHFitllBE7yjSBIdYrXkjTudNbkYe0rVX_LliRgvmin5VFqlqG8Mgg3Pd8YIXhbzqIk"); return cookie; } }