private AuthenticationCommandResponse getAuthenticationResponse()

in service/src/main/java/org/apache/fineract/cn/identity/internal/command/handler/AuthenticationCommandHandler.java [267:329]

• 55 lines of code
• 4 McCabe index (conditional complexity)

  private AuthenticationCommandResponse getAuthenticationResponse(
          final String sourceApplicationName,
          @SuppressWarnings("OptionalUsedAsFieldOrParameterType")
          final Optional<String> callEndpointSet,
          final PrivateTenantInfoEntity privateTenantInfo,
          final PrivateSignatureEntity privateSignature,
          final UserEntity user,
          final String refreshToken,
          final LocalDateTime refreshTokenExpiration) {
    final Optional<LocalDateTime> passwordExpiration = getExpiration(user);

    final int gracePeriod = privateTenantInfo.getTimeToChangePasswordAfterExpirationInDays();
    if (pastGracePeriod(passwordExpiration, gracePeriod))
      throw AmitAuthenticationException.passwordExpired();

    final Set<TokenPermission> tokenPermissions;

    if (sourceApplicationName.equals(applicationName.toString())) { //ie, this is a token for the identity manager.
      if (pastExpiration(passwordExpiration)) {
        tokenPermissions = identityEndpointsAllowedEvenWithExpiredPassword();
        logger.info("Password expired {}", passwordExpiration.map(LocalDateTime::toString).orElse("empty"));
      }
      else {
        tokenPermissions = getUserTokenPermissions(user);
      }
    }
    else {
      tokenPermissions = getApplicationTokenPermissions(user, sourceApplicationName, callEndpointSet);
    }

    final HashSet<TokenPermission> minifiedTokenPermissions = new HashSet<>(
        tokenPermissions
            .stream()
            .collect(Collectors.toMap(TokenPermission::getPath,
                tokenPermission -> tokenPermission,
                (currentTokenPermission, newTokenPermission) -> {
                  newTokenPermission.getAllowedOperations()
                      .forEach(allowedOperation -> currentTokenPermission.getAllowedOperations().add(allowedOperation));
                  return currentTokenPermission;
                })
            )
            .values()
    );


    logger.info("Access token for tenant '{}', user '{}', application '{}', and callEndpointSet '{}' being returned containing the permissions '{}'.",
            TenantContextHolder.identifier().orElse("null"),
            user.getIdentifier(),
            sourceApplicationName,
            callEndpointSet.orElse("null"),
            minifiedTokenPermissions.toString());

    final TokenSerializationResult accessToken = getAuthenticationResponse(
            user.getIdentifier(),
            minifiedTokenPermissions,
            privateSignature,
            sourceApplicationName);

    return new AuthenticationCommandResponse(
            accessToken.getToken(), DateConverter.toIsoString(accessToken.getExpiration()),
            refreshToken, DateConverter.toIsoString(refreshTokenExpiration),
            passwordExpiration.map(DateConverter::toIsoString).orElse(null));
  }