You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2023/05/03 10:08:23 UTC
[jackrabbit-oak] branch trunk updated: OAK-10223 : Introduce constant for the 'do-create-token' marker value
This is an automated email from the ASF dual-hosted git repository.
angela pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/jackrabbit-oak.git
The following commit(s) were added to refs/heads/trunk by this push:
new 48b88f1d8b OAK-10223 : Introduce constant for the 'do-create-token' marker value
48b88f1d8b is described below
commit 48b88f1d8b02cdbcbfac8172827bc6bb980c061f
Author: angela <an...@adobe.com>
AuthorDate: Wed May 3 12:08:13 2023 +0200
OAK-10223 : Introduce constant for the 'do-create-token' marker value
---
.../external/impl/principal/ExternalUserValidatorTest.java | 3 ++-
.../oak/security/authentication/token/TokenProviderImpl.java | 7 +++----
.../security/authentication/token/TestCredentialsSupport.java | 2 +-
.../authentication/token/TokenConfigurationImplOSGiTest.java | 2 +-
.../authentication/token/TokenConfigurationImplTest.java | 7 ++++---
.../token/TokenLoginModuleCredentialsSupportTest.java | 3 ++-
.../security/authentication/token/TokenLoginModuleTest.java | 10 ++++++----
.../security/authentication/token/TokenProviderImplTest.java | 4 ++--
.../oak/spi/security/authentication/token/TokenConstants.java | 6 ++++++
.../oak/spi/security/authentication/token/package-info.java | 2 +-
10 files changed, 28 insertions(+), 18 deletions(-)
diff --git a/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalUserValidatorTest.java b/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalUserValidatorTest.java
index 164dffdb49..66bcc6b2e4 100644
--- a/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalUserValidatorTest.java
+++ b/oak-auth-external/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/ExternalUserValidatorTest.java
@@ -70,6 +70,7 @@ import static org.apache.jackrabbit.JcrConstants.MIX_VERSIONABLE;
import static org.apache.jackrabbit.JcrConstants.NT_UNSTRUCTURED;
import static org.apache.jackrabbit.oak.spi.security.authentication.external.TestIdentityProvider.ID_SECOND_USER;
import static org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConstants.TOKENS_NODE_NAME;
+import static org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConstants.TOKEN_ATTRIBUTE_DO_CREATE;
import static org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConstants.JCR_READ;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
@@ -349,7 +350,7 @@ public class ExternalUserValidatorTest extends ExternalLoginTestBase {
// force creation of login token
SimpleCredentials sc = new SimpleCredentials(USER_ID, "".toCharArray());
- sc.setAttribute(TokenConstants.TOKEN_ATTRIBUTE, "");
+ sc.setAttribute(TokenConstants.TOKEN_ATTRIBUTE, TOKEN_ATTRIBUTE_DO_CREATE);
getContentRepository().login(sc, null).close();
root.refresh();
diff --git a/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java b/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java
index b6fa651d16..ca42d386fa 100644
--- a/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java
+++ b/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java
@@ -42,7 +42,6 @@ import org.apache.jackrabbit.oak.api.PropertyState;
import org.apache.jackrabbit.oak.api.Root;
import org.apache.jackrabbit.oak.api.Tree;
import org.apache.jackrabbit.oak.namepath.NamePathMapper;
-import org.apache.jackrabbit.oak.namepath.PathMapper;
import org.apache.jackrabbit.oak.plugins.identifier.IdentifierManager;
import org.apache.jackrabbit.oak.plugins.tree.TreeAware;
import org.apache.jackrabbit.oak.spi.namespace.NamespaceConstants;
@@ -147,11 +146,11 @@ class TokenProviderImpl implements TokenProvider, TokenConstants {
/**
* Returns {@code true} if {@code SimpleCredentials} can be extracted from
* the specified credentials object and that simple credentials object has
- * a {@link #TOKEN_ATTRIBUTE} attribute with an empty value.
+ * a {@link #TOKEN_ATTRIBUTE} attribute with an {@link #TOKEN_ATTRIBUTE_DO_CREATE empty value}.
*
* @param credentials The current credentials.
* @return {@code true} if the specified credentials or those extracted from
- * {@link ImpersonationCredentials} are supported and and if the (extracted)
+ * {@link ImpersonationCredentials} are supported and if the (extracted)
* credentials object contain a {@link #TOKEN_ATTRIBUTE} attribute with an
* empty value; {@code false} otherwise.
*/
@@ -162,7 +161,7 @@ class TokenProviderImpl implements TokenProvider, TokenConstants {
return false;
} else {
Object attr = credentialsSupport.getAttributes(creds).get(TOKEN_ATTRIBUTE);
- return (attr != null && attr.toString().isEmpty());
+ return (attr != null && TOKEN_ATTRIBUTE_DO_CREATE.equals(attr.toString()));
}
}
diff --git a/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TestCredentialsSupport.java b/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TestCredentialsSupport.java
index 3d4f7fc849..d0a21c250b 100644
--- a/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TestCredentialsSupport.java
+++ b/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TestCredentialsSupport.java
@@ -88,7 +88,7 @@ public class TestCredentialsSupport implements CredentialsSupport {
Creds() {
attributes = Maps.newHashMap();
- attributes.put(TokenConstants.TOKEN_ATTRIBUTE, "");
+ attributes.put(TokenConstants.TOKEN_ATTRIBUTE, TokenConstants.TOKEN_ATTRIBUTE_DO_CREATE);
}
}
}
diff --git a/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImplOSGiTest.java b/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImplOSGiTest.java
index faba8ce7b0..1201d91d9b 100644
--- a/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImplOSGiTest.java
+++ b/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImplOSGiTest.java
@@ -54,7 +54,7 @@ public class TokenConfigurationImplOSGiTest extends AbstractSecurityTest {
TokenProvider.PARAM_TOKEN_LENGTH, 4));
sc = new SimpleCredentials(getTestUser().getID(), new char[0]);
- sc.setAttribute(TokenConstants.TOKEN_ATTRIBUTE, "");
+ sc.setAttribute(TokenConstants.TOKEN_ATTRIBUTE, TokenConstants.TOKEN_ATTRIBUTE_DO_CREATE);
}
@Test
diff --git a/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImplTest.java b/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImplTest.java
index 672bd952f9..fe4ef003df 100644
--- a/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImplTest.java
+++ b/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConfigurationImplTest.java
@@ -36,6 +36,7 @@ import java.util.List;
import java.util.Map;
import static org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConstants.TOKEN_ATTRIBUTE;
+import static org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConstants.TOKEN_ATTRIBUTE_DO_CREATE;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
@@ -113,7 +114,7 @@ public class TokenConfigurationImplTest extends AbstractSecurityTest {
SimpleCredentials sc = new SimpleCredentials("uid", new char[0]);
assertFalse(tp.doCreateToken(sc));
- sc.setAttribute(TOKEN_ATTRIBUTE, "");
+ sc.setAttribute(TOKEN_ATTRIBUTE, TOKEN_ATTRIBUTE_DO_CREATE);
assertTrue(tp.doCreateToken(sc));
}
@@ -128,7 +129,7 @@ public class TokenConfigurationImplTest extends AbstractSecurityTest {
TokenProvider tp = tc.getTokenProvider(root);
assertFalse(tp.doCreateToken(creds));
- Map attMap = ImmutableMap.of(TOKEN_ATTRIBUTE, "");
+ Map attMap = ImmutableMap.of(TOKEN_ATTRIBUTE, TOKEN_ATTRIBUTE_DO_CREATE);
when(cs.getAttributes(creds)).thenReturn(attMap);
assertTrue(tp.doCreateToken(creds));
@@ -150,7 +151,7 @@ public class TokenConfigurationImplTest extends AbstractSecurityTest {
TokenProvider tp = tc.getTokenProvider(root);
assertFalse(tp.doCreateToken(creds));
- Map attMap = ImmutableMap.of(TOKEN_ATTRIBUTE, "");
+ Map attMap = ImmutableMap.of(TOKEN_ATTRIBUTE, TOKEN_ATTRIBUTE_DO_CREATE);
when(cs.getAttributes(creds)).thenReturn(attMap);
assertTrue(tp.doCreateToken(creds));
diff --git a/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModuleCredentialsSupportTest.java b/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModuleCredentialsSupportTest.java
index 1684dd2f2e..0bf6a70470 100644
--- a/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModuleCredentialsSupportTest.java
+++ b/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModuleCredentialsSupportTest.java
@@ -35,6 +35,7 @@ import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConstant
import org.junit.Before;
import org.junit.Test;
+import static org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConstants.TOKEN_ATTRIBUTE_DO_CREATE;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
@@ -112,7 +113,7 @@ public class TokenLoginModuleCredentialsSupportTest extends AbstractSecurityTest
@Test
public void testSimpleCredentials() throws Exception {
SimpleCredentials credentials = (SimpleCredentials) getAdminCredentials();
- credentials.setAttribute(TokenConstants.TOKEN_ATTRIBUTE, "");
+ credentials.setAttribute(TokenConstants.TOKEN_ATTRIBUTE, TOKEN_ATTRIBUTE_DO_CREATE);
try (ContentSession cs = login(credentials)) {
assertEquals(credentials.getUserID(), cs.getAuthInfo().getUserID());
diff --git a/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModuleTest.java b/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModuleTest.java
index 552d443478..9b90f61ec4 100644
--- a/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModuleTest.java
+++ b/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModuleTest.java
@@ -57,6 +57,8 @@ import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.junit.Test;
+import static org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConstants.TOKEN_ATTRIBUTE;
+import static org.apache.jackrabbit.oak.spi.security.authentication.token.TokenConstants.TOKEN_ATTRIBUTE_DO_CREATE;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
@@ -136,7 +138,7 @@ public class TokenLoginModuleTest extends AbstractSecurityTest {
ContentSession cs = null;
try {
SimpleCredentials sc = new SimpleCredentials("test", new char[0]);
- sc.setAttribute(".token", "");
+ sc.setAttribute(TOKEN_ATTRIBUTE, TOKEN_ATTRIBUTE_DO_CREATE);
cs = login(sc);
fail("Unsupported credentials login should fail");
@@ -315,7 +317,7 @@ public class TokenLoginModuleTest extends AbstractSecurityTest {
TokenProvider tp = spy(new TokenProviderImpl(root, ConfigurationParameters.EMPTY, getUserConfiguration()));
SimpleCredentials sc = new SimpleCredentials(u.getID(), u.getID().toCharArray());
- sc.setAttribute(".token", "");
+ sc.setAttribute(TOKEN_ATTRIBUTE, TOKEN_ATTRIBUTE_DO_CREATE);
TokenLoginModule lm = new TokenLoginModule();
Map sharedState = Maps.newHashMap(ImmutableMap.of(AbstractLoginModule.SHARED_KEY_CREDENTIALS, sc));
@@ -373,7 +375,7 @@ public class TokenLoginModuleTest extends AbstractSecurityTest {
};
SimpleCredentials sc = new SimpleCredentials(getTestUser().getID(), getTestUser().getID().toCharArray());
- sc.setAttribute(".token", "");
+ sc.setAttribute(TOKEN_ATTRIBUTE, TOKEN_ATTRIBUTE_DO_CREATE);
Map sharedState = Maps.newHashMap(ImmutableMap.of(AbstractLoginModule.SHARED_KEY_CREDENTIALS, sc));
TokenProvider tp = spy(new TokenProviderImpl(root, ConfigurationParameters.EMPTY, getUserConfiguration()));
@@ -400,7 +402,7 @@ public class TokenLoginModuleTest extends AbstractSecurityTest {
};
SimpleCredentials sc = new SimpleCredentials(getTestUser().getID(), getTestUser().getID().toCharArray());
- sc.setAttribute(".token", "");
+ sc.setAttribute(TOKEN_ATTRIBUTE, TOKEN_ATTRIBUTE_DO_CREATE);
Map sharedState = Maps.newHashMap(ImmutableMap.of(AbstractLoginModule.SHARED_KEY_CREDENTIALS, sc));
TokenProvider tp = spy(new TokenProviderImpl(root, ConfigurationParameters.EMPTY, getUserConfiguration()));
diff --git a/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java b/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java
index 69d65206a6..993c6e8e52 100644
--- a/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java
+++ b/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java
@@ -96,10 +96,10 @@ public class TokenProviderImplTest extends AbstractTokenTest {
sc.setAttribute("rep:token_key", "value");
assertFalse(tokenProvider.doCreateToken(sc));
- sc.setAttribute(".token", "existing");
+ sc.setAttribute(TOKEN_ATTRIBUTE, "existing");
assertFalse(tokenProvider.doCreateToken(sc));
- sc.setAttribute(".token", "");
+ sc.setAttribute(TOKEN_ATTRIBUTE, TOKEN_ATTRIBUTE_DO_CREATE);
assertTrue(tokenProvider.doCreateToken(sc));
}
diff --git a/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenConstants.java b/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenConstants.java
index 1cff88bdee..7c48c76b72 100644
--- a/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenConstants.java
+++ b/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenConstants.java
@@ -47,4 +47,10 @@ public interface TokenConstants {
* Flag set on the TokenCredentials to skip refreshing the token expiration time
*/
String TOKEN_SKIP_REFRESH = "tokenSkipRefresh";
+
+ /**
+ * Value of the {@link #TOKEN_ATTRIBUTE} property to trigger the creation of a new token.
+ */
+ String TOKEN_ATTRIBUTE_DO_CREATE = "";
+
}
\ No newline at end of file
diff --git a/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/package-info.java b/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/package-info.java
index 6b831c6d7c..06dbf0c6e6 100644
--- a/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/package-info.java
+++ b/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/package-info.java
@@ -14,7 +14,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-@Version("1.8.0")
+@Version("1.9.0")
package org.apache.jackrabbit.oak.spi.security.authentication.token;
import org.osgi.annotation.versioning.Version;