You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by st...@apache.org on 2018/10/19 08:44:19 UTC
svn commit: r1844314 - in /jackrabbit/oak/branches/1.6: ./ oak-core/
oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/
oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/
Author: stillalex
Date: Fri Oct 19 08:44:19 2018
New Revision: 1844314
URL: http://svn.apache.org/viewvc?rev=1844314&view=rev
Log:
OAK-7741 Token LoginModule flag to skip refreshing the token expiration
- merged rev 1840226 to 1.6 branch
Modified:
jackrabbit/oak/branches/1.6/ (props changed)
jackrabbit/oak/branches/1.6/oak-core/ (props changed)
jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java
jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConstants.java
jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java
Propchange: jackrabbit/oak/branches/1.6/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Fri Oct 19 08:44:19 2018
@@ -1,3 +1,3 @@
/jackrabbit/oak/branches/1.0:1665962
-/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785161,1785172,1785283,1785652,1785838,1785916-1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790006,1790013,1790069,1790077,1790079,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119
,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808053,1808125,1808128,1808142,1808240,1808246,1808731,1809024,1809026,1809131,1809163,1809178-1809179,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1813538,1814189,1814332,1814397,1814475,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818137,1818554,1818576,1818645,1819048,1819050,1821237,1821325,1821358,1821495,1821516,1821847,1822207,1822850,1823172,1823655,1824896,1825471,1825654,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1828502,1829527,1829569,1829587,1829665,1829854,1829864,1829987,1829998,1830019,1830160,1830239,1830748,1831190,1831374,1832379,1832535,1833308,1834648-1834649,1834681,1835060,1836082,1837475,1837998,1838637,1839746,1840024,1842677,1843222,1843
231
+/jackrabbit/oak/trunk:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785161,1785172,1785283,1785652,1785838,1785916-1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789534,1789925,1789940,1789987,1790006,1790013,1790069,1790077,1790079,1790382,1790502-1790503,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799924,1800244,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119
,1801675,1802260,1802262,1802286,1802548,1802905,1802934,1802938,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808022,1808053,1808125,1808128,1808142,1808240,1808246,1808731,1809024,1809026,1809131,1809163,1809178-1809179,1809253,1809255-1809256,1809289,1809745,1811071-1811072,1811155,1811380,1811655,1811952,1811963,1811986,1813192,1813538,1814189,1814332,1814397,1814475,1815201,1815438,1815926,1817326,1817919,1817987-1817988,1817990,1818038,1818042,1818056,1818124,1818137,1818554,1818576,1818645,1819048,1819050,1821237,1821325,1821358,1821495,1821516,1821847,1822207,1822850,1823172,1823655,1824896,1825471,1825654,1826237,1826338,1826532,1826640,1826932,1826957,1827472,1827486,1827977,1828502,1829527,1829569,1829587,1829665,1829854,1829864,1829987,1829998,1830019,1830160,1830239,1830748,1831190,1831374,1832379,1832535,1833308,1834648-1834649,1834681,1835060,1836082,1837475,1837998,1838637,1839746,1840024,1840226,1842677,1843
222,1843231
/jackrabbit/trunk:1345480
Propchange: jackrabbit/oak/branches/1.6/oak-core/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Fri Oct 19 08:44:19 2018
@@ -1,6 +1,6 @@
/jackrabbit/oak/branches/1.0/oak-core:1665962
/jackrabbit/oak/trunk:1834823
/jackrabbit/oak/trunk/oak-blob-plugins:1819950
-/jackrabbit/oak/trunk/oak-core:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789441,1789534,1789925,1789940,1789987,1790006,1790013,1790069,1790077,1790079,1790382,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799861,1799924,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260,180226
2,1802286,1802548,1802905,1802934,1802938,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809178-1809179,1809253,1809255-1809256,1811380,1811952,1811963,1811986,1814332,1818645,1821325,1821358,1821516,1830160
+/jackrabbit/oak/trunk/oak-core:1781068,1781075,1781248,1781386,1781846,1781907,1782000,1782029,1782196,1782447,1782476,1782770,1782945,1782966,1782973,1782990,1783061,1783066,1783089,1783104-1783105,1783110,1783619,1783720,1783731,1783733,1783738,1783742,1783773,1783855,1783891,1784023,1784034,1784130,1784162,1784251,1784401,1784551,1784574,1784689,1785095,1785108,1785283,1785652,1785838,1785917,1785919,1785946,1786122,1787074,1787145,1787151,1787217,1787425,1788056,1788378,1788387-1788389,1788463,1788476,1788850,1789056,1789441,1789534,1789925,1789940,1789987,1790006,1790013,1790069,1790077,1790079,1790382,1792049,1792463,1792742,1792746,1793013,1793088,1793618,1793627,1793644,1794393,1794417,1794683,1795138,1795314,1795330,1795475,1795488,1795491,1795502,1795594,1795613,1795618,1796144,1796230,1796239,1796274,1796278,1796988,1797378,1798035,1798832,1798834,1799219,1799389,1799393,1799861,1799924,1800269,1800606,1800613,1800974,1801011,1801013,1801118-1801119,1801675,1802260,180226
2,1802286,1802548,1802905,1802934,1802938,1802973,1803026,1803247-1803249,1803951,1803953-1803955,1804437,1805851-1805852,1806668,1807308,1807688,1808125,1808128,1808142,1808240,1808246,1809024,1809026,1809131,1809163,1809178-1809179,1809253,1809255-1809256,1811380,1811952,1811963,1811986,1814332,1818645,1821325,1821358,1821516,1830160,1840226
/jackrabbit/oak/trunk/oak-store-document:1809866,1811575,1811702,1811709,1811823,1811835,1811931,1812739,1812750,1812753,1814407,1814499,1814579,1815450,1815466,1815940,1816436,1817379,1817772,1818301,1818303,1818903,1818906,1819421,1820199,1820661,1821130,1821477,1821487,1823163,1823169,1824962,1825065,1825442,1825470,1828349,1830048,1830209,1834610,1834823,1838076,1840455
/jackrabbit/trunk/oak-core:1345480
Modified: jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java?rev=1844314&r1=1844313&r2=1844314&view=diff
==============================================================================
--- jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java (original)
+++ jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java Fri Oct 19 08:44:19 2018
@@ -93,7 +93,12 @@ class TokenAuthentication implements Aut
}
if (tokenInfo.matches(tokenCredentials)) {
- tokenInfo.resetExpiration(loginTime);
+ if (tokenCredentials.getAttribute(TokenConstants.TOKEN_SKIP_REFRESH) == null) {
+ boolean reset = tokenInfo.resetExpiration(loginTime);
+ log.debug("Token reset={}", reset);
+ } else {
+ log.debug("Token reset skipped.");
+ }
return true;
}
Modified: jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConstants.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConstants.java?rev=1844314&r1=1844313&r2=1844314&view=diff
==============================================================================
--- jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConstants.java (original)
+++ jackrabbit/oak/branches/1.6/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenConstants.java Fri Oct 19 08:44:19 2018
@@ -42,4 +42,9 @@ interface TokenConstants {
TOKEN_ATTRIBUTE_KEY);
Set<String> TOKEN_PROPERTY_NAMES = ImmutableSet.of(TOKEN_ATTRIBUTE_EXPIRY, TOKEN_ATTRIBUTE_KEY);
+
+ /**
+ * Flag set on the TokenCredentials to skip refreshing the token expiration time
+ */
+ String TOKEN_SKIP_REFRESH = "tokenSkipRefresh";
}
\ No newline at end of file
Modified: jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java?rev=1844314&r1=1844313&r2=1844314&view=diff
==============================================================================
--- jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java (original)
+++ jackrabbit/oak/branches/1.6/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.java Fri Oct 19 08:44:19 2018
@@ -36,6 +36,7 @@ import org.apache.jackrabbit.oak.spi.sec
import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
import org.junit.Before;
import org.junit.Test;
+import org.mockito.Mockito;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
@@ -156,4 +157,65 @@ public class TokenAuthenticationTest ext
now = waitForSystemTimeIncrement(now);
}
}
+
+ @Test
+ public void testAuthenticateRefreshToken() throws Exception {
+ TokenCredentials tc = new TokenCredentials("token");
+ TokenProvider tp = Mockito.mock(TokenProvider.class);
+ TokenInfo ti = Mockito.mock(TokenInfo.class);
+
+ Mockito.when(tp.getTokenInfo(Mockito.anyString())).thenReturn(ti);
+ Mockito.when(ti.isExpired(Mockito.anyLong())).thenReturn(false);
+ Mockito.when(ti.matches(tc)).thenReturn(true);
+
+ TokenAuthentication auth = new TokenAuthentication(tp);
+ try {
+ assertTrue(auth.authenticate(tc));
+ Mockito.verify(ti).resetExpiration(Mockito.anyLong());
+ } catch (LoginException e) {
+ fail(e.getMessage());
+ }
+ }
+
+ @Test
+ public void testAuthenticateSkipRefreshToken() throws Exception {
+ TokenCredentials tc = new TokenCredentials("token");
+ tc.setAttribute(TokenConstants.TOKEN_SKIP_REFRESH, "");
+
+ TokenProvider tp = Mockito.mock(TokenProvider.class);
+ TokenInfo ti = Mockito.mock(TokenInfo.class);
+
+ Mockito.when(tp.getTokenInfo(Mockito.anyString())).thenReturn(ti);
+ Mockito.when(ti.isExpired(Mockito.anyLong())).thenReturn(false);
+ Mockito.when(ti.matches(tc)).thenReturn(true);
+
+ TokenAuthentication auth = new TokenAuthentication(tp);
+ try {
+ assertTrue(auth.authenticate(tc));
+ Mockito.verify(ti, Mockito.never()).resetExpiration(Mockito.anyLong());
+ } catch (LoginException e) {
+ fail(e.getMessage());
+ }
+ }
+
+ @Test
+ public void testAuthenticateExpiredTokenMock() throws Exception {
+ TokenCredentials tc = new TokenCredentials("token");
+ TokenProvider tp = Mockito.mock(TokenProvider.class);
+ TokenInfo ti = Mockito.mock(TokenInfo.class);
+
+ Mockito.when(tp.getTokenInfo(Mockito.anyString())).thenReturn(ti);
+ Mockito.when(ti.isExpired(Mockito.anyLong())).thenReturn(true);
+
+ TokenAuthentication auth = new TokenAuthentication(tp);
+ try {
+ auth.authenticate(tc);
+ fail("LoginException expected");
+ } catch (LoginException e) {
+ // success
+ }
+
+ Mockito.verify(ti, Mockito.never()).matches(Mockito.<TokenCredentials>any());
+ Mockito.verify(ti, Mockito.never()).resetExpiration(Mockito.anyLong());
+ }
}
\ No newline at end of file