You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2013/10/14 14:09:55 UTC
svn commit: r1531869 - in /jackrabbit/oak/trunk/oak-core/src:
main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java
test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java
Author: angela
Date: Mon Oct 14 12:09:55 2013
New Revision: 1531869
URL: http://svn.apache.org/r1531869
Log:
OAK-91 : authentication (test token validation)
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java?rev=1531869&r1=1531868&r2=1531869&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java Mon Oct 14 12:09:55 2013
@@ -55,6 +55,7 @@ import org.apache.jackrabbit.oak.spi.sec
import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
import org.apache.jackrabbit.oak.spi.security.user.util.PasswordUtil;
import org.apache.jackrabbit.oak.util.NodeUtil;
+import org.apache.jackrabbit.oak.util.TreeUtil;
import org.apache.jackrabbit.util.ISO8601;
import org.apache.jackrabbit.util.Text;
import org.slf4j.Logger;
@@ -272,7 +273,7 @@ public class TokenProviderImpl implement
String nodeId = (pos == -1) ? token : token.substring(0, pos);
Tree tokenTree = identifierManager.getTree(nodeId);
String userId = getUserId(tokenTree);
- if (tokenTree == null || !tokenTree.exists() || userId == null) {
+ if (userId == null || !isValidTokenTree(tokenTree)) {
return null;
} else {
return new TokenInfoImpl(new NodeUtil(tokenTree), token, userId);
@@ -319,6 +320,15 @@ public class TokenProviderImpl implement
return res.toString();
}
+ private static boolean isValidTokenTree(Tree tokenTree) {
+ if (tokenTree == null || !tokenTree.exists()) {
+ return false;
+ } else {
+ return TOKENS_NODE_NAME.equals(tokenTree.getParent().getName()) &&
+ TOKEN_NT_NAME.equals(TreeUtil.getPrimaryTypeName(tokenTree));
+ }
+ }
+
@CheckForNull
private Tree getTokenTree(TokenInfo tokenInfo) {
if (tokenInfo instanceof TokenInfoImpl) {
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java?rev=1531869&r1=1531868&r2=1531869&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java Mon Oct 14 12:09:55 2013
@@ -23,10 +23,12 @@ import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.UUID;
+import javax.jcr.AccessDeniedException;
import javax.jcr.Credentials;
import javax.jcr.GuestCredentials;
import javax.jcr.SimpleCredentials;
+import org.apache.jackrabbit.JcrConstants;
import org.apache.jackrabbit.api.security.authentication.token.TokenCredentials;
import org.apache.jackrabbit.oak.api.PropertyState;
import org.apache.jackrabbit.oak.api.Tree;
@@ -35,6 +37,7 @@ import org.apache.jackrabbit.oak.plugins
import org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials;
import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo;
import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
+import org.apache.jackrabbit.oak.util.NodeUtil;
import org.junit.Before;
import org.junit.Test;
@@ -185,6 +188,68 @@ public class TokenProviderImplTest exten
}
@Test
+ public void testGetTokenInfoFromInvalidLocation() throws Exception {
+ TokenInfo info = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap());
+ Tree tokenTree = getTokenTree(info);
+
+ assertNotNull(tokenProvider.getTokenInfo(info.getToken()));
+
+ NodeUtil node = new NodeUtil(root.getTree("/")).addChild("testNode", "nt:unstructured");
+ try {
+ createTokenTree(info, node, "rep:Token");
+ tokenTree.remove();
+ root.commit();
+
+ assertNull(tokenProvider.getTokenInfo(info.getToken()));
+ } finally {
+ node.getTree().remove();
+ root.commit();
+ }
+ }
+
+ @Test
+ public void testGetTokenInfoFromInvalidLocation2() throws Exception {
+ TokenInfo info = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap());
+ Tree tokenTree = getTokenTree(info);
+
+ assertNotNull(tokenProvider.getTokenInfo(info.getToken()));
+
+ Tree userTree = root.getTree(getUserManager(root).getAuthorizable(userId).getPath());
+ NodeUtil node = new NodeUtil(userTree).addChild("testNode", "nt:unstructured");
+ try {
+ createTokenTree(info, node, "rep:Token");
+ tokenTree.remove();
+ root.commit();
+
+ assertNull(tokenProvider.getTokenInfo(info.getToken()));
+ } finally {
+ node.getTree().remove();
+ root.commit();
+ }
+ }
+
+ @Test
+ public void testGetTokenInfoFromInvalidLocation3() throws Exception {
+ TokenInfo info = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap());
+ Tree tokenTree = getTokenTree(info);
+
+ assertNotNull(tokenProvider.getTokenInfo(info.getToken()));
+
+ Tree userTree = root.getTree(getUserManager(root).getAuthorizable(userId).getPath());
+ NodeUtil node = new NodeUtil(userTree.getChild(".tokens"));
+ try {
+ createTokenTree(info, node, "nt:unstructured");
+ tokenTree.remove();
+ root.commit();
+
+ assertNull(tokenProvider.getTokenInfo(info.getToken()));
+ } finally {
+ node.getTree().remove();
+ root.commit();
+ }
+ }
+
+ @Test
public void testGetTokenInfo() throws Exception {
String token = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap()).getToken();
TokenInfo info = tokenProvider.getTokenInfo(token);
@@ -233,4 +298,12 @@ public class TokenProviderImplTest exten
String nodeId = (pos == -1) ? token : token.substring(0, pos);
return new IdentifierManager(root).getTree(nodeId);
}
+
+ private void createTokenTree(TokenInfo base, NodeUtil parent, String ntName) throws AccessDeniedException {
+ Tree tokenTree = getTokenTree(base);
+ Tree tree = parent.addChild("token", ntName).getTree();
+ tree.setProperty(tokenTree.getProperty(JcrConstants.JCR_UUID));
+ tree.setProperty(tokenTree.getProperty("rep:token.key"));
+ tree.setProperty(tokenTree.getProperty("rep:token.exp"));
+ }
}
\ No newline at end of file