cameleer/cameleer-server
1
0
Fork 0
Code Issues 46 Pull Requests Actions Packages Projects Releases Wiki Activity

fix: persist environment in JWT claims for auto-heal recovery
All checks were successful
CI / cleanup-branch (push) Has been skipped
Details
CI / build (push) Successful in 1m4s
Details
CI / docker (push) Successful in 1m7s
Details
CI / deploy (push) Successful in 45s
Details
CI / deploy-feature (push) Has been skipped
Details

Browse Source 
Add 'env' claim to agent JWTs (set at registration, carried through
refresh). Auto-heal on heartbeat/SSE now reads environment from the
JWT instead of hardcoding 'default', so agents retain their correct
environment after server restart.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
hsiegeln
2026-04-04 16:12:25 +02:00
parent 346e38ee1d
commit 72ec87a3ba
4 changed files with 36 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/JwtServiceImpl.java
View File

@@ -60,13 +60,13 @@ public class JwtServiceImpl implements JwtService {
}
@Override
public String createAccessToken(String subject, String application, List<String> roles) {
return createToken(subject, application, roles, "access", properties.getAccessTokenExpiryMs());
public String createAccessToken(String subject, String application, String environment, List<String> roles) {
return createToken(subject, application, environment, roles, "access", properties.getAccessTokenExpiryMs());
}
@Override
public String createRefreshToken(String subject, String application, List<String> roles) {
return createToken(subject, application, roles, "refresh", properties.getRefreshTokenExpiryMs());
public String createRefreshToken(String subject, String application, String environment, List<String> roles) {
return createToken(subject, application, environment, roles, "refresh", properties.getRefreshTokenExpiryMs());
}
@Override
@@ -84,12 +84,13 @@ public class JwtServiceImpl implements JwtService {
return validateAccessToken(token).subject();
}
private String createToken(String subject, String application, List<String> roles,
String type, long expiryMs) {
private String createToken(String subject, String application, String environment,
List<String> roles, String type, long expiryMs) {
Instant now = Instant.now();
JWTClaimsSet claims = new JWTClaimsSet.Builder()
.subject(subject)
.claim("group", application)
.claim("env", environment)
.claim("type", type)
.claim("roles", roles)
.issueTime(Date.from(now))
@@ -145,7 +146,9 @@ public class JwtServiceImpl implements JwtService {
roles = List.of();
}
return new JwtValidationResult(subject, application, roles);
String environment = claims.getStringClaim("env");
return new JwtValidationResult(subject, application, environment, roles);
} catch (ParseException e) {
throw new InvalidTokenException("Failed to parse JWT", e);
} catch (JOSEException e) {