You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2012/10/23 10:59:30 UTC
svn commit: r1401205 - in /jackrabbit/oak/trunk/oak-core/src:
main/java/org/apache/jackrabbit/oak/security/authentication/token/
main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/
test/java/org/apache/jackrabbit/oak/security/authent...
Author: angela
Date: Tue Oct 23 08:59:30 2012
New Revision: 1401205
URL: http://svn.apache.org/viewvc?rev=1401205&view=rev
Log:
OAK-91 - Implement Authentication Support (WIP)
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenProvider.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenLoginModuleTest.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java?rev=1401205&r1=1401204&r2=1401205&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java Tue Oct 23 08:59:30 2012
@@ -81,29 +81,35 @@ public class TokenProviderImpl implement
*/
private static final Logger log = LoggerFactory.getLogger(TokenProviderImpl.class);
+ /**
+ * Constant for the token attribute passed with valid simple credentials to
+ * trigger the generation of a new token.
+ */
+ private static final String TOKEN_ATTRIBUTE = ".token";
private static final String TOKEN_ATTRIBUTE_EXPIRY = TOKEN_ATTRIBUTE + ".exp";
private static final String TOKEN_ATTRIBUTE_KEY = TOKEN_ATTRIBUTE + ".key";
private static final String TOKENS_NODE_NAME = ".tokens";
private static final String TOKENS_NT_NAME = JcrConstants.NT_UNSTRUCTURED;
- private static final int STATUS_VALID = 0;
- private static final int STATUS_EXPIRED = 1;
- private static final int STATUS_MISMATCH = 2;
-
+ /**
+ * Default expiration time in ms for login tokens is 2 hours.
+ */
+ private static final long DEFAULT_TOKEN_EXPIRATION = 2 * 3600 * 1000;
+ private static final int DEFAULT_KEY_SIZE = 8;
private static final char DELIM = '_';
private final Root root;
+ private final ConfigurationParameters options;
+
+ private final long tokenExpiration;
private final UserManager userManager;
private final IdentifierManager identifierManager;
- private final long tokenExpiration;
public TokenProviderImpl(Root root, ConfigurationParameters options, UserConfiguration userConfiguration) {
- this(root, options.getConfigValue(PARAM_TOKEN_EXPIRATION, Long.valueOf(DEFAULT_TOKEN_EXPIRATION)), userConfiguration);
- }
-
- public TokenProviderImpl(Root root, long tokenExpiration, UserConfiguration userConfiguration) {
this.root = root;
- this.tokenExpiration = tokenExpiration;
+ this.options = options;
+
+ this.tokenExpiration = options.getConfigValue(PARAM_TOKEN_EXPIRATION, Long.valueOf(DEFAULT_TOKEN_EXPIRATION));
this.userManager = userConfiguration.getUserManager(root, NamePathMapper.DEFAULT);
this.identifierManager = new IdentifierManager(root);
}
@@ -158,7 +164,7 @@ public class TokenProviderImpl implement
NodeUtil tokenNode = tokenParent.addChild(tokenName, TOKENS_NT_NAME);
- String key = generateKey(8);
+ String key = generateKey(options.getConfigValue(PARAM_TOKEN_LENGTH, DEFAULT_KEY_SIZE));
String nodeId = identifierManager.getIdentifier(tokenNode.getTree());
String token = new StringBuilder(nodeId).append(DELIM).append(key).toString();
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenProvider.java?rev=1401205&r1=1401204&r2=1401205&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenProvider.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenProvider.java Tue Oct 23 08:59:30 2012
@@ -26,20 +26,18 @@ import javax.jcr.Credentials;
public interface TokenProvider {
/**
- * Constant for the token attribute passed with valid simple credentials to
- * trigger the generation of a new token.
- */
- public static final String TOKEN_ATTRIBUTE = ".token";
-
- /**
* Optional configuration parameter to set the token expiration time in ms.
+ * Implementations that do not support this option will ignore any config
+ * options with that name.
*/
String PARAM_TOKEN_EXPIRATION = "tokenExpiration";
/**
- * Default expiration time in ms for login tokens is 2 hours.
+ * Optional configuration parameter to define the length of the key.
+ * Implementations that do not support this option will ignore any config
+ * options with that name.
*/
- long DEFAULT_TOKEN_EXPIRATION = 2 * 3600 * 1000;
+ String PARAM_TOKEN_LENGTH = "tokenLength";
boolean doCreateToken(Credentials credentials);
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java?rev=1401205&r1=1401204&r2=1401205&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java Tue Oct 23 08:59:30 2012
@@ -28,7 +28,6 @@ import org.apache.jackrabbit.oak.api.Con
import org.apache.jackrabbit.oak.api.Root;
import org.apache.jackrabbit.oak.security.AbstractSecurityTest;
import org.apache.jackrabbit.oak.security.authentication.token.TokenLoginModule;
-import org.apache.jackrabbit.oak.security.authentication.token.TokenProviderImpl;
import org.apache.jackrabbit.oak.security.authentication.user.LoginModuleImpl;
import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo;
import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
@@ -110,7 +109,7 @@ public class TokenDefaultLoginModuleTest
ContentSession cs = null;
try {
SimpleCredentials sc = new SimpleCredentials("test", new char[0]);
- sc.setAttribute(TokenProviderImpl.TOKEN_ATTRIBUTE, "");
+ sc.setAttribute(".token", "");
cs = login(sc);
fail("Invalid simple credentials login should fail");
@@ -140,7 +139,7 @@ public class TokenDefaultLoginModuleTest
ContentSession cs = null;
try {
SimpleCredentials sc = (SimpleCredentials) getAdminCredentials();
- sc.setAttribute(TokenProviderImpl.TOKEN_ATTRIBUTE, "");
+ sc.setAttribute(".token", "");
cs = login(sc);
} finally {
if (cs != null) {
@@ -154,10 +153,10 @@ public class TokenDefaultLoginModuleTest
ContentSession cs = null;
try {
SimpleCredentials sc = (SimpleCredentials) getAdminCredentials();
- sc.setAttribute(TokenProvider.TOKEN_ATTRIBUTE, "");
+ sc.setAttribute(".token", "");
cs = login(sc);
- Object token = sc.getAttribute(TokenProvider.TOKEN_ATTRIBUTE).toString();
+ Object token = sc.getAttribute(".token").toString();
assertNotNull(token);
TokenCredentials tc = new TokenCredentials(token.toString());
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenLoginModuleTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenLoginModuleTest.java?rev=1401205&r1=1401204&r2=1401205&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenLoginModuleTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenLoginModuleTest.java Tue Oct 23 08:59:30 2012
@@ -106,7 +106,7 @@ public class TokenLoginModuleTest extend
ContentSession cs = null;
try {
SimpleCredentials sc = new SimpleCredentials("test", new char[0]);
- sc.setAttribute(TokenProvider.TOKEN_ATTRIBUTE, "");
+ sc.setAttribute(".token", "");
cs = login(sc);
fail("Unsupported credentials login should fail");
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java?rev=1401205&r1=1401204&r2=1401205&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java Tue Oct 23 08:59:30 2012
@@ -22,7 +22,6 @@ import javax.jcr.SimpleCredentials;
import org.apache.jackrabbit.api.security.authentication.token.TokenCredentials;
import org.apache.jackrabbit.oak.security.AbstractSecurityTest;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
-import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
import org.junit.Before;
import org.junit.Test;
@@ -58,13 +57,13 @@ public class TokenProviderImplTest exten
sc.setAttribute("any_attribute", "value");
assertFalse(tokenProvider.doCreateToken(sc));
- sc.setAttribute(TokenProvider.TOKEN_ATTRIBUTE + "_key", "value");
+ sc.setAttribute(".token_key", "value");
assertFalse(tokenProvider.doCreateToken(sc));
- sc.setAttribute(TokenProvider.TOKEN_ATTRIBUTE, "existing");
+ sc.setAttribute(".token", "existing");
assertFalse(tokenProvider.doCreateToken(sc));
- sc.setAttribute(TokenProvider.TOKEN_ATTRIBUTE, "");
+ sc.setAttribute(".token", "");
assertTrue(tokenProvider.doCreateToken(sc));
}