token = new AuthenticationToken(shortName, ugi.getUserName(), getType()); token.setExpires(0); request.setAttribute(DELEGATION_TOKEN_UGI_ATTRIBUTE, ugi); } catch (Throwable ex) {
if (token != null && token.getExpires() != 0 && token != AuthenticationToken.ANONYMOUS) { token.setExpires(System.currentTimeMillis() + getValidity() * 1000); unauthorizedResponse = false; if (log.isDebugEnabled()) { log.debug("Request [{%s}] user [{%s}] authenticated", getRequestURL(httpRequest), token.getUserName()); if (newToken && !token.isExpired() && token != AuthenticationToken.ANONYMOUS) { String signedToken = mySigner.sign(token.toString()); tokenToAuthCookie( httpResponse, getCookieDomain(), getCookiePath(), token.getExpires(), !token.isExpired() && token.getExpires() > 0, isHttps ); getCookieDomain(), getCookiePath(), token.getExpires(), !token.isExpired() && token.getExpires() > 0, isHttps )); new AuthenticationResult(token.getName(), authorizerName, name, null) );
private AuthenticatedURL.Token getEncryptedAuthToken(Signer signer, String user) throws Exception { AuthenticationToken token = new AuthenticationToken(user, user, "kerberos"); token.setExpires(System.currentTimeMillis() + TIMEOUT); return new AuthenticatedURL.Token(signer.sign(token.toString())); }
/** * Generates the token. */ private void generateToken() { StringBuffer sb = new StringBuffer(); sb.append(USER_NAME).append("=").append(getUserName()).append(ATTR_SEPARATOR); sb.append(PRINCIPAL).append("=").append(getName()).append(ATTR_SEPARATOR); sb.append(TYPE).append("=").append(getType()).append(ATTR_SEPARATOR); sb.append(EXPIRES).append("=").append(getExpires()); token = sb.toString(); }
if (token.getMaxInactives() > 0) { token.setMaxInactives(System.currentTimeMillis() + getMaxInactiveInterval() * 1000); if (token.getExpires() != 0) { token.setExpires(System.currentTimeMillis() + getValidity() * 1000); if (LOG.isDebugEnabled()) { LOG.debug("Request [{}] user [{}] authenticated", getRequestURL(httpRequest), token.getUserName()); token.setMaxInactives(System.currentTimeMillis() + getMaxInactiveInterval() * 1000); token.setExpires(token.getExpires()); newToken = true; if (newToken && !token.isExpired() && token != AuthenticationToken.ANONYMOUS) { String signedToken = signer.sign(token.toString()); createAuthCookie(httpResponse, signedToken, getCookieDomain(), getCookiePath(), token.getExpires(), isCookiePersistent(), isHttps);
@Test public void testToStringAndParse() throws Exception { long expires = System.currentTimeMillis() + 50; AuthenticationToken token = new AuthenticationToken("u", "p", "t"); token.setExpires(expires); String str = token.toString(); token = AuthenticationToken.parse(str); Assert.assertEquals("p", token.getName()); Assert.assertEquals("t", token.getType()); Assert.assertEquals(expires, token.getExpires()); Assert.assertFalse(token.isExpired()); Thread.sleep(70); // +20 msec fuzz for timer granularity. Assert.assertTrue(token.isExpired()); }
@Test public void testGetters() throws Exception { long expires = System.currentTimeMillis() + 50; AuthenticationToken token = new AuthenticationToken("u", "p", "t"); token.setExpires(expires); Assert.assertEquals("u", token.getUserName()); Assert.assertEquals("p", token.getName()); Assert.assertEquals("t", token.getType()); Assert.assertEquals(expires, token.getExpires()); Assert.assertFalse(token.isExpired()); Thread.sleep(70); // +20 msec fuzz for timer granularity. Assert.assertTrue(token.isExpired()); }
@Test(timeout=60000) public void testAlternateAuthenticationAsBrowser() throws Exception { HttpServletRequest request = Mockito.mock(HttpServletRequest.class); HttpServletResponse response = Mockito.mock(HttpServletResponse.class); // By default, a User-Agent without "java", "curl", "wget", or "perl" in it // is considered a browser Mockito.when(request.getHeader("User-Agent")).thenReturn("Some Browser"); AuthenticationToken token = handler.authenticate(request, response); Assert.assertEquals("A", token.getUserName()); Assert.assertEquals("B", token.getName()); Assert.assertEquals(getExpectedType(), token.getType()); }
KerberosName kerberosName = new KerberosName(clientPrincipal); String userName = kerberosName.getShortName(); token = new AuthenticationToken(userName, clientPrincipal, getType()); response.setStatus(HttpServletResponse.SC_OK); log.trace("SPNEGO completed for principal [%s]", clientPrincipal);
@Test public void testParseInvalid() throws Exception { long expires = System.currentTimeMillis() + 50; AuthenticationToken token = new AuthenticationToken("u", "p", "t"); token.setExpires(expires); String str = token.toString(); str = str.substring(0, str.indexOf("e=")); try { AuthenticationToken.parse(str); Assert.fail(); } catch (AuthenticationException ex) { // Expected } catch (Exception ex) { Assert.fail(); } } }
Signer signer = new Signer(secretProvider); String value = signer.verifyAndExtract(v); AuthenticationToken token = AuthenticationToken.parse(value); assertThat(token.getMaxInactives(), not(0L)); assertThat(token.getExpires(), not(0L)); Assert.assertFalse("Token is expired.", token.isExpired()); } else {
? UserGroupInformation.createRemoteUser(token.getUserName()) : null;
/** * Parses a string into an authentication token. * * @param tokenStr string representation of a token. * * @return the parsed authentication token. * * @throws AuthenticationException thrown if the string representation could not be parsed into * an authentication token. */ public static AuthenticationToken parse(String tokenStr) throws AuthenticationException { Map<String, String> map = split(tokenStr); if (!map.keySet().equals(ATTRIBUTES)) { throw new AuthenticationException("Invalid token string, missing attributes"); } long expires = Long.parseLong(map.get(EXPIRES)); AuthenticationToken token = new AuthenticationToken(map.get(USER_NAME), map.get(PRINCIPAL), map.get(TYPE)); token.setExpires(expires); return token; }
Signer signer = new Signer(secretProvider); String value = signer.verifyAndExtract(v); AuthenticationToken token = AuthenticationToken.parse(value); assertThat(token.getExpires(), not(0L));
private AuthenticationToken(AuthToken token) { super(token.getUserName(), token.getName(), token.getType()); setMaxInactives(token.getMaxInactives()); setExpires(token.getExpires()); }
@Override public String getAuthType() { return authToken.getType(); }
private AuthenticationToken(AuthToken token) { super(token.getUserName(), token.getName(), token.getType()); setExpires(token.getExpires()); }
/** * Returns if the token has expired. * * @return if the token has expired. */ public boolean isExpired() { return getExpires() != -1 && System.currentTimeMillis() > getExpires(); }