You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-issues@jackrabbit.apache.org by "Davide Giannella (JIRA)" <ji...@apache.org> on 2019/06/11 10:52:08 UTC
[jira] [Closed] (OAK-8316) Drop userId field in TokenLoginModule
[ https://issues.apache.org/jira/browse/OAK-8316?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Davide Giannella closed OAK-8316.
---------------------------------
bulk close 1.14.0
> Drop userId field in TokenLoginModule
> -------------------------------------
>
> Key: OAK-8316
> URL: https://issues.apache.org/jira/browse/OAK-8316
> Project: Jackrabbit Oak
> Issue Type: Improvement
> Components: core, security
> Reporter: angela
> Assignee: angela
> Priority: Minor
> Fix For: 1.14.0
>
> Attachments: OAK-8316.patch
>
>
> {{TokenLoginModule.login}} contains the following code that may set the {{userId}} field:
> {code}
> [...]
> TokenCredentials tc = (TokenCredentials) credentials;
> TokenAuthentication authentication = new TokenAuthentication(tokenProvider);
> if (authentication.authenticate(tc)) {
> tokenCredentials = tc;
> tokenInfo = authentication.getTokenInfo();
> userId = authentication.getUserId();
> [...]
> }
> {code}
> however, {{TokenAuthentication.getUserId()}} will just delegate to {{TokenInfo.getUserId}} and setting the {{userId}} in the login module is IMO redundant. Also, upon commit the {{AuthInfo}} is ultimately populated with the ID retrieved from the {{TokenInfo}} and the userId field is ignored.
> I would therefore suggest to drop the extra {{userId}} field and simplify the code accordingly. [~stillalex], will attach a proposed patch later today.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)