Adds expiry time in User access JWT and auth also returns Refresh JWT

This adds expiry time in user jwt and auth returns refresh jwt
along with access jwt. The refresh jwt can be later used to get a
new access jwt.

Signed-off-by: Shivam Mukhade <smukhade@redhat.com>

Author: SM43

api/.env.dev

@@ -8,6 +8,10 @@ POSTGRES_PASSWORD="postgres"
 
 GH_CLIENT_ID=""
 GH_CLIENT_SECRET=""
-JWT_SIGNING_KEY=""
+
+ACCESS_JWT_SIGNING_KEY=""
+REFRESH_JWT_SIGNING_KEY=""
+ACCESS_JWT_EXPIRES_IN=""
+REFRESH_JWT_EXPIRES_IN=""
 
 CONFIG_FILE_URL="file://../config.yaml"

api/design/auth.go

@@ -35,12 +35,17 @@ var _ = Service("auth", func() {
 			Required("code")
 		})
 		Result(func() {
-			Attribute("token", String, "JSON Web Token with user details", func() {
-				Example("token", "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9."+
-					"eyJpZCI6MTAwMDEsImxvZ2luIjoidGVzdCIsIm5hbWUiOiJ0ZXN0LXVzZXIiLCJzY29wZXMiOlsicmF0aW5nOnJlYWQiLCJyYXRpbmc6d3JpdGUiXX0."+
-					"zFztueyvZLLCyx3RD7WpzzfVaTrybzxgS5a_pDsq5M8")
+			Attribute("accessToken", String, "User Access JWT", func() {
+				Example("accessToken", "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9."+
+					"eyJleHAiOjE1Nzc5NjY0MDAsImlhdCI6MTU3Nzg4MDAwMCwiaWQiOjExLCJpc3MiOiJUZWt0b24gSHViIiwibG9naW4iOiJmb28iLCJuYW1lIjoiZm9vIiwic2NvcGVzIjpbInJhdGluZzpyZWFkIiwicmF0aW5nOndyaXRlIiwiYWdlbnQ6Y3JlYXRlIl0sInR5cGUiOiJhY2Nlc3MtdG9rZW4ifQ."+
+					"ESWCc5fi2B5bOzodAznnlKtDqtg-HeARnC3RN5hU8l0")
 			})
-			Required("token")
+			Attribute("refreshToken", String, "User Refresh JWT", func() {
+				Example("refreshToken", "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9."+
+					"eyJleHAiOjE1Nzc4ODAzMDAsImlhdCI6MTU3Nzg4MDAwMCwiaWQiOjExLCJpc3MiOiJUZWt0b24gSHViIiwibG9naW4iOiJmb28iLCJuYW1lIjoiZm9vIiwic2NvcGVzIjpbInJlZnJlc2g6dG9rZW4iXSwidHlwZSI6InJlZnJlc2gtdG9rZW4ifQ."+
+					"LRMeNIcg-M7GO44FGiZexpf7nMsGMTsE6Ykx9rt3y5I")
+			})
+			Required("accessToken", "refreshToken")
 		})
 
 		HTTP(func() {

api/gen/auth/service.go

@@ -46,7 +46,8 @@ paths:
           schema:
             $ref: '#/definitions/AuthAuthenticateResponseBody'
             required:
-            - token
+            - accessToken
+            - refreshToken
         "400":
           description: Bad Request response.
           schema:
@@ -1130,14 +1131,20 @@ definitions:
     title: AuthAuthenticateResponseBody
     type: object
     properties:
-      token:
+      accessToken:
         type: string
-        description: JSON Web Token with user details
-        example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MTAwMDEsImxvZ2luIjoidGVzdCIsIm5hbWUiOiJ0ZXN0LXVzZXIiLCJzY29wZXMiOlsicmF0aW5nOnJlYWQiLCJyYXRpbmc6d3JpdGUiXX0.zFztueyvZLLCyx3RD7WpzzfVaTrybzxgS5a_pDsq5M8
+        description: User Access JWT
+        example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1Nzc5NjY0MDAsImlhdCI6MTU3Nzg4MDAwMCwiaWQiOjExLCJpc3MiOiJUZWt0b24gSHViIiwibG9naW4iOiJmb28iLCJuYW1lIjoiZm9vIiwic2NvcGVzIjpbInJhdGluZzpyZWFkIiwicmF0aW5nOndyaXRlIiwiYWdlbnQ6Y3JlYXRlIl0sInR5cGUiOiJhY2Nlc3MtdG9rZW4ifQ.ESWCc5fi2B5bOzodAznnlKtDqtg-HeARnC3RN5hU8l0
+      refreshToken:
+        type: string
+        description: User Refresh JWT
+        example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1Nzc4ODAzMDAsImlhdCI6MTU3Nzg4MDAwMCwiaWQiOjExLCJpc3MiOiJUZWt0b24gSHViIiwibG9naW4iOiJmb28iLCJuYW1lIjoiZm9vIiwic2NvcGVzIjpbInJlZnJlc2g6dG9rZW4iXSwidHlwZSI6InJlZnJlc2gtdG9rZW4ifQ.LRMeNIcg-M7GO44FGiZexpf7nMsGMTsE6Ykx9rt3y5I
     example:
-      token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MTAwMDEsImxvZ2luIjoidGVzdCIsIm5hbWUiOiJ0ZXN0LXVzZXIiLCJzY29wZXMiOlsicmF0aW5nOnJlYWQiLCJyYXRpbmc6d3JpdGUiXX0.zFztueyvZLLCyx3RD7WpzzfVaTrybzxgS5a_pDsq5M8
+      accessToken: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1Nzc5NjY0MDAsImlhdCI6MTU3Nzg4MDAwMCwiaWQiOjExLCJpc3MiOiJUZWt0b24gSHViIiwibG9naW4iOiJmb28iLCJuYW1lIjoiZm9vIiwic2NvcGVzIjpbInJhdGluZzpyZWFkIiwicmF0aW5nOndyaXRlIiwiYWdlbnQ6Y3JlYXRlIl0sInR5cGUiOiJhY2Nlc3MtdG9rZW4ifQ.ESWCc5fi2B5bOzodAznnlKtDqtg-HeARnC3RN5hU8l0
+      refreshToken: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1Nzc4ODAzMDAsImlhdCI6MTU3Nzg4MDAwMCwiaWQiOjExLCJpc3MiOiJUZWt0b24gSHViIiwibG9naW4iOiJmb28iLCJuYW1lIjoiZm9vIiwic2NvcGVzIjpbInJlZnJlc2g6dG9rZW4iXSwidHlwZSI6InJlZnJlc2gtdG9rZW4ifQ.LRMeNIcg-M7GO44FGiZexpf7nMsGMTsE6Ykx9rt3y5I
     required:
-    - token
+    - accessToken
+    - refreshToken
   CatalogRefreshInternalErrorResponseBody:
     title: 'Mediatype identifier: application/vnd.goa.error; view=default'
     type: object

api/gen/http/auth/client/types.go

@@ -57,7 +57,8 @@ paths:
               schema:
                 $ref: '#/components/schemas/AuthenticateResponseBody'
               example:
-                token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MTAwMDEsImxvZ2luIjoidGVzdCIsIm5hbWUiOiJ0ZXN0LXVzZXIiLCJzY29wZXMiOlsicmF0aW5nOnJlYWQiLCJyYXRpbmc6d3JpdGUiXX0.zFztueyvZLLCyx3RD7WpzzfVaTrybzxgS5a_pDsq5M8
+                accessToken: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1Nzc5NjY0MDAsImlhdCI6MTU3Nzg4MDAwMCwiaWQiOjExLCJpc3MiOiJUZWt0b24gSHViIiwibG9naW4iOiJmb28iLCJuYW1lIjoiZm9vIiwic2NvcGVzIjpbInJhdGluZzpyZWFkIiwicmF0aW5nOndyaXRlIiwiYWdlbnQ6Y3JlYXRlIl0sInR5cGUiOiJhY2Nlc3MtdG9rZW4ifQ.ESWCc5fi2B5bOzodAznnlKtDqtg-HeARnC3RN5hU8l0
+                refreshToken: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1Nzc4ODAzMDAsImlhdCI6MTU3Nzg4MDAwMCwiaWQiOjExLCJpc3MiOiJUZWt0b24gSHViIiwibG9naW4iOiJmb28iLCJuYW1lIjoiZm9vIiwic2NvcGVzIjpbInJlZnJlc2g6dG9rZW4iXSwidHlwZSI6InJlZnJlc2gtdG9rZW4ifQ.LRMeNIcg-M7GO44FGiZexpf7nMsGMTsE6Ykx9rt3y5I
         "400":
           description: ""
           content:
@@ -229,7 +230,7 @@ paths:
           type: array
           items:
             type: string
-            example: Ducimus ab natus autem.
+            example: Placeat et et.
           description: Kinds of resource to filter by
           example:
           - task
@@ -245,7 +246,7 @@ paths:
           type: array
           items:
             type: string
-            example: Id porro placeat et et at itaque.
+            example: Itaque aperiam tempore animi iure eum et.
           description: Tags associated with a resource to filter by
           example:
           - image
@@ -521,7 +522,7 @@ paths:
           enum:
           - task
           - pipeline
-        example: task
+        example: pipeline
       - name: name
         in: path
         description: name of resource
@@ -685,8 +686,8 @@ paths:
         schema:
           type: integer
           description: ID of a resource
-          example: 5784126447885838359
-        example: 11631482911919877445
+          example: 11620657542064230955
+        example: 11665674017405905075
       responses:
         "200":
           description: ""
@@ -769,8 +770,8 @@ paths:
         schema:
           type: integer
           description: ID of a resource
-          example: 8451480480088601963
-        example: 10151677062152764094
+          example: 4869966896348576719
+        example: 6109420220413662287
       requestBody:
         required: true
         content:
@@ -1198,7 +1199,7 @@ paths:
           content:
             application/json:
               schema:
-                $ref: '#/components/schemas/AuthenticateResponseBody'
+                $ref: '#/components/schemas/UpdateAgentResponseBody'
               example:
                 token: Nobis est voluptatibus numquam rerum.
         "400":
@@ -1265,14 +1266,20 @@ components:
     AuthenticateResponseBody:
       type: object
       properties:
-        token:
+        accessToken:
           type: string
-          description: JSON Web Token with user details
-          example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MTAwMDEsImxvZ2luIjoidGVzdCIsIm5hbWUiOiJ0ZXN0LXVzZXIiLCJzY29wZXMiOlsicmF0aW5nOnJlYWQiLCJyYXRpbmc6d3JpdGUiXX0.zFztueyvZLLCyx3RD7WpzzfVaTrybzxgS5a_pDsq5M8
+          description: User Access JWT
+          example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1Nzc5NjY0MDAsImlhdCI6MTU3Nzg4MDAwMCwiaWQiOjExLCJpc3MiOiJUZWt0b24gSHViIiwibG9naW4iOiJmb28iLCJuYW1lIjoiZm9vIiwic2NvcGVzIjpbInJhdGluZzpyZWFkIiwicmF0aW5nOndyaXRlIiwiYWdlbnQ6Y3JlYXRlIl0sInR5cGUiOiJhY2Nlc3MtdG9rZW4ifQ.ESWCc5fi2B5bOzodAznnlKtDqtg-HeARnC3RN5hU8l0
+        refreshToken:
+          type: string
+          description: User Refresh JWT
+          example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1Nzc4ODAzMDAsImlhdCI6MTU3Nzg4MDAwMCwiaWQiOjExLCJpc3MiOiJUZWt0b24gSHViIiwibG9naW4iOiJmb28iLCJuYW1lIjoiZm9vIiwic2NvcGVzIjpbInJlZnJlc2g6dG9rZW4iXSwidHlwZSI6InJlZnJlc2gtdG9rZW4ifQ.LRMeNIcg-M7GO44FGiZexpf7nMsGMTsE6Ykx9rt3y5I
       example:
-        token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MTAwMDEsImxvZ2luIjoidGVzdCIsIm5hbWUiOiJ0ZXN0LXVzZXIiLCJzY29wZXMiOlsicmF0aW5nOnJlYWQiLCJyYXRpbmc6d3JpdGUiXX0.zFztueyvZLLCyx3RD7WpzzfVaTrybzxgS5a_pDsq5M8
+        accessToken: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1Nzc5NjY0MDAsImlhdCI6MTU3Nzg4MDAwMCwiaWQiOjExLCJpc3MiOiJUZWt0b24gSHViIiwibG9naW4iOiJmb28iLCJuYW1lIjoiZm9vIiwic2NvcGVzIjpbInJhdGluZzpyZWFkIiwicmF0aW5nOndyaXRlIiwiYWdlbnQ6Y3JlYXRlIl0sInR5cGUiOiJhY2Nlc3MtdG9rZW4ifQ.ESWCc5fi2B5bOzodAznnlKtDqtg-HeARnC3RN5hU8l0
+        refreshToken: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1Nzc4ODAzMDAsImlhdCI6MTU3Nzg4MDAwMCwiaWQiOjExLCJpc3MiOiJUZWt0b24gSHViIiwibG9naW4iOiJmb28iLCJuYW1lIjoiZm9vIiwic2NvcGVzIjpbInJlZnJlc2g6dG9rZW4iXSwidHlwZSI6InJlZnJlc2gtdG9rZW4ifQ.LRMeNIcg-M7GO44FGiZexpf7nMsGMTsE6Ykx9rt3y5I
       required:
-      - token
+      - accessToken
+      - refreshToken
     Catalog:
       type: object
       properties:
@@ -1418,14 +1425,14 @@ components:
         id:
           type: integer
           description: id of the job
-          example: 2047971223909365425
+          example: 1775143685620788290
         status:
           type: string
           description: status of the job
-          example: Omnis qui aut.
+          example: Dolorum sapiente.
       example:
-        id: 11929803235502470516
-        status: Animi molestiae nam quas veniam optio accusamus.
+        id: 8451480480088601963
+        status: Vitae ducimus.
       required:
       - id
       - status
@@ -1494,9 +1501,9 @@ components:
         force:
           type: boolean
           description: Force Refresh the config file
-          example: false
+          example: true
       example:
-        force: true
+        force: false
       required:
       - force
     RefreshConfigResponseBody:
@@ -1505,9 +1512,9 @@ components:
         checksum:
           type: string
           description: Config file checksum
-          example: Mollitia dolorem laudantium.
+          example: Sint omnis consequatur.
       example:
-        checksum: Amet suscipit fuga nam.
+        checksum: Qui aut sed voluptas animi molestiae.
       required:
       - checksum
     Resource:
@@ -1673,54 +1680,6 @@ components:
           version: "0.1"
         - id: 2
           version: "0.2"
-      - catalog:
-          id: 1
-          type: community
-        id: 1
-        kind: task
-        latestVersion:
-          description: Buildah task builds source into a container image and then pushes it to a container registry.
-          displayName: Buildah
-          id: 1
-          minPipelinesVersion: 0.12.1
-          rawURL: https://raw.githubusercontent.com/tektoncd/catalog/master/task/buildah/0.1/buildah.yaml
-          updatedAt: 2020-01-01 12:00:00 +0000 UTC
-          version: "0.1"
-          webURL: https://github.com/tektoncd/catalog/blob/master/task/buildah/0.1/buildah.yaml
-        name: buildah
-        rating: 4.3
-        tags:
-        - id: 1
-          name: image-build
-        versions:
-        - id: 1
-          version: "0.1"
-        - id: 2
-          version: "0.2"
-      - catalog:
-          id: 1
-          type: community
-        id: 1
-        kind: task
-        latestVersion:
-          description: Buildah task builds source into a container image and then pushes it to a container registry.
-          displayName: Buildah
-          id: 1
-          minPipelinesVersion: 0.12.1
-          rawURL: https://raw.githubusercontent.com/tektoncd/catalog/master/task/buildah/0.1/buildah.yaml
-          updatedAt: 2020-01-01 12:00:00 +0000 UTC
-          version: "0.1"
-          webURL: https://github.com/tektoncd/catalog/blob/master/task/buildah/0.1/buildah.yaml
-        name: buildah
-        rating: 4.3
-        tags:
-        - id: 1
-          name: image-build
-        versions:
-        - id: 1
-          version: "0.1"
-        - id: 2
-          version: "0.2"
     ResourceVersion:
       type: object
       properties:
@@ -1953,6 +1912,9 @@ components:
         - error: unable to reach db
           name: api
           status: ok
+        - error: unable to reach db
+          name: api
+          status: ok
     Tag:
       type: object
       properties:
@@ -1995,17 +1957,28 @@ components:
       required:
       - name
       - scopes
+    UpdateAgentResponseBody:
+      type: object
+      properties:
+        token:
+          type: string
+          description: Agent JWT
+          example: Sequi officiis mollitia.
+      example:
+        token: Laudantium quidem amet suscipit fuga nam.
+      required:
+      - token
     UpdateRequestBody:
       type: object
       properties:
         rating:
           type: integer
           description: User rating for resource
-          example: 1
+          example: 2
           minimum: 0
           maximum: 5
       example:
-        rating: 0
+        rating: 4
       required:
       - rating
     Versions: