You are viewing a plain text version of this content. The canonical link for it is here.

Posted to oak-issues@jackrabbit.apache.org by "Davide Giannella (JIRA)" <ji...@apache.org> on 2019/06/11 10:52:08 UTC

[jira] [Closed] (OAK-8316) Drop userId field in TokenLoginModule

     [ https://issues.apache.org/jira/browse/OAK-8316?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Davide Giannella closed OAK-8316.
---------------------------------

bulk close 1.14.0

> Drop userId field in TokenLoginModule
> -------------------------------------
>
>                 Key: OAK-8316
>                 URL: https://issues.apache.org/jira/browse/OAK-8316
>             Project: Jackrabbit Oak
>          Issue Type: Improvement
>          Components: core, security
>            Reporter: angela
>            Assignee: angela
>            Priority: Minor
>             Fix For: 1.14.0
>
>         Attachments: OAK-8316.patch
>
>
> {{TokenLoginModule.login}} contains the following code that may set the {{userId}} field:
> {code}
> [...]
>             TokenCredentials tc = (TokenCredentials) credentials;
>             TokenAuthentication authentication = new TokenAuthentication(tokenProvider);
>             if (authentication.authenticate(tc)) {
>                 tokenCredentials = tc;
>                 tokenInfo = authentication.getTokenInfo();
>                 userId = authentication.getUserId();
>                 [...]
>            }
> {code}
> however, {{TokenAuthentication.getUserId()}} will just delegate to {{TokenInfo.getUserId}} and setting the {{userId}} in the login module is IMO redundant. Also, upon commit the {{AuthInfo}} is ultimately populated with the ID retrieved from the {{TokenInfo}} and the userId field is ignored.
> I would therefore suggest to drop the extra {{userId}} field and simplify the code accordingly. [~stillalex], will attach a proposed patch later today.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)