You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jackrabbit.apache.org by an...@apache.org on 2014/07/11 15:30:39 UTC
svn commit: r1609712 - in /jackrabbit/trunk/jackrabbit-core/src:
main/java/org/apache/jackrabbit/core/security/authentication/token/
test/java/org/apache/jackrabbit/core/security/authentication/token/
Author: angela
Date: Fri Jul 11 13:30:38 2014
New Revision: 1609712
URL: http://svn.apache.org/r1609712
Log:
JCR-3796
TokenProvider.createToken is case sensitive
Added:
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/token/CompatTokenProviderTest.java
- copied, changed from r1601878, jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/token/TokenProviderTest.java
Modified:
jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/token/TokenProvider.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/token/TestAll.java
jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/token/TokenProviderTest.java
Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/token/TokenProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/token/TokenProvider.java?rev=1609712&r1=1609711&r2=1609712&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/token/TokenProvider.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/token/TokenProvider.java Fri Jul 11 13:30:38 2014
@@ -116,7 +116,7 @@ public class TokenProvider extends Prote
*/
public TokenInfo createToken(User user, SimpleCredentials sc) throws RepositoryException {
TokenInfo tokenInfo = null;
- if (sc != null && user != null && user.getID().equals(sc.getUserID())) {
+ if (sc != null && user != null && user.getID().equalsIgnoreCase(sc.getUserID())) {
String[] attrNames = sc.getAttributeNames();
Map<String, String> attributes = new HashMap<String, String>(attrNames.length);
for (String attrName : sc.getAttributeNames()) {
Copied: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/token/CompatTokenProviderTest.java (from r1601878, jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/token/TokenProviderTest.java)
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/token/CompatTokenProviderTest.java?p2=jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/token/CompatTokenProviderTest.java&p1=jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/token/TokenProviderTest.java&r1=1601878&r2=1609712&rev=1609712&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/token/TokenProviderTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/token/CompatTokenProviderTest.java Fri Jul 11 13:30:38 2014
@@ -35,13 +35,13 @@ import org.apache.jackrabbit.core.Sessio
import org.apache.jackrabbit.test.AbstractJCRTest;
import org.apache.jackrabbit.test.NotExecutableException;
-public class TokenProviderTest extends AbstractJCRTest {
+public class CompatTokenProviderTest extends AbstractJCRTest {
private User testuser;
private String userId;
private SessionImpl session;
- private TokenProvider tokenProvider;
+ private CompatTokenProvider tokenProvider;
@Override
protected void setUp() throws Exception {
@@ -68,7 +68,7 @@ public class TokenProviderTest extends A
} else {
session = (SessionImpl) getHelper().getSuperuserSession("security");
}
- tokenProvider = new TokenProvider((SessionImpl) session, TokenBasedAuthentication.TOKEN_EXPIRATION);
+ tokenProvider = new CompatTokenProvider((SessionImpl) session, TokenBasedAuthentication.TOKEN_EXPIRATION);
}
@Override
@@ -81,15 +81,17 @@ public class TokenProviderTest extends A
}
}
- public void testCreateTokenFromInvalidCredentials() throws Exception {
- assertNull(tokenProvider.createToken(testuser, new SimpleCredentials("unknownUserId", new char[0])));
- }
-
public void testCreateTokenFromCredentials() throws Exception {
TokenInfo info = tokenProvider.createToken(testuser, new SimpleCredentials(userId, new char[0]));
assertTokenInfo(info);
}
+ public void testCreateTokenIsCaseInsensitive() throws Exception {
+ String upperCaseUserId = userId.toUpperCase();
+ TokenInfo info = tokenProvider.createToken(testuser, new SimpleCredentials(upperCaseUserId, new char[0]));
+ assertTokenInfo(info);
+ }
+
public void testTokenNode() throws Exception {
Map<String, String> privateAttributes = new HashMap<String, String>();
privateAttributes.put(".token_exp", "value");
@@ -111,15 +113,15 @@ public class TokenProviderTest extends A
TokenInfo info = tokenProvider.createToken(testuser, sc);
Node tokenNode = getTokenNode(info);
- Property prop = tokenNode.getProperty("rep:token.key");
+ Property prop = tokenNode.getProperty(".token.key");
assertNotNull(prop);
assertEquals(PropertyType.STRING, prop.getType());
- assertTrue(prop.getDefinition().isProtected());
+ assertFalse(prop.getDefinition().isProtected());
- prop = tokenNode.getProperty("rep:token.exp");
+ prop = tokenNode.getProperty(".token.exp");
assertNotNull(prop);
assertEquals(PropertyType.DATE, prop.getType());
- assertTrue(prop.getDefinition().isProtected());
+ assertFalse(prop.getDefinition().isProtected());
for (String key : privateAttributes.keySet()) {
assertEquals(privateAttributes.get(key), tokenNode.getProperty(key).getString());
@@ -154,21 +156,19 @@ public class TokenProviderTest extends A
public void testIsExpired() throws Exception {
TokenInfo info = tokenProvider.createToken(testuser, new SimpleCredentials(userId, userId.toCharArray()));
- long loginTime = System.currentTimeMillis();
+ long loginTime = waitForSystemTimeIncrement(System.currentTimeMillis());
assertFalse(info.isExpired(loginTime));
assertTrue(info.isExpired(loginTime + TokenBasedAuthentication.TOKEN_EXPIRATION));
}
public void testReset() throws Exception {
TokenInfo info = tokenProvider.createToken(testuser, new SimpleCredentials(userId, userId.toCharArray()));
- long expTime = getTokenNode(info).getProperty("rep:token.exp").getLong();
+ long expTime = getTokenNode(info).getProperty(".token.exp").getLong();
long loginTime = System.currentTimeMillis();
assertFalse(info.resetExpiration(loginTime));
- assertFalse(info.resetExpiration(loginTime + TokenBasedAuthentication.TOKEN_EXPIRATION));
-
assertTrue(info.resetExpiration(loginTime + TokenBasedAuthentication.TOKEN_EXPIRATION / 2));
- long expTime2 = getTokenNode(info).getProperty("rep:token.exp").getLong();
+ long expTime2 = getTokenNode(info).getProperty(".token.exp").getLong();
assertFalse(expTime == expTime2);
}
@@ -180,6 +180,13 @@ public class TokenProviderTest extends A
}
private Node getTokenNode(TokenInfo info) throws RepositoryException {
- return TokenProvider.getTokenNode(info.getToken(), session);
+ return CompatTokenProvider.getTokenNode(info.getToken(), session);
+ }
+
+ private static long waitForSystemTimeIncrement(long old){
+ while (old == System.currentTimeMillis()) {
+ // wait for system timer to move
+ }
+ return System.currentTimeMillis();
}
}
\ No newline at end of file
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/token/TestAll.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/token/TestAll.java?rev=1609712&r1=1609711&r2=1609712&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/token/TestAll.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/token/TestAll.java Fri Jul 11 13:30:38 2014
@@ -36,6 +36,7 @@ public class TestAll extends TestCase {
suite.addTestSuite(TokenBasedAuthenticationTest.class);
suite.addTestSuite(TokenBasedLoginTest.class);
suite.addTestSuite(TokenProviderTest.class);
+ suite.addTestSuite(CompatTokenProviderTest.class);
return suite;
}
Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/token/TokenProviderTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/token/TokenProviderTest.java?rev=1609712&r1=1609711&r2=1609712&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/token/TokenProviderTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/token/TokenProviderTest.java Fri Jul 11 13:30:38 2014
@@ -90,6 +90,12 @@ public class TokenProviderTest extends A
assertTokenInfo(info);
}
+ public void testCreateTokenIsCaseInsensitive() throws Exception {
+ String upperCaseUserId = userId.toUpperCase();
+ TokenInfo info = tokenProvider.createToken(testuser, new SimpleCredentials(upperCaseUserId, new char[0]));
+ assertTokenInfo(info);
+ }
+
public void testTokenNode() throws Exception {
Map<String, String> privateAttributes = new HashMap<String, String>();
privateAttributes.put(".token_exp", "value");