@Override public TokenInfo getTokenInfo(@NotNull String token) { for (TokenProvider tp : providers) { TokenInfo info = tp.getTokenInfo(token); if (info != null) { return info; } } return null; }
@Override public TokenInfo getTokenInfo(@Nonnull String token) { for (TokenProvider tp : providers) { TokenInfo info = tp.getTokenInfo(token); if (info != null) { return info; } } return null; }
private boolean validateCredentials(TokenCredentials tokenCredentials) { // credentials without userID -> check if attributes provide // sufficient information for successful authentication. String token = tokenCredentials.getToken(); tokenInfo = tokenProvider.getTokenInfo(token); if (tokenInfo == null) { log.debug("No valid TokenInfo for token."); return false; } long loginTime = new Date().getTime(); if (tokenInfo.isExpired(loginTime)) { // token is expired log.debug("Token is expired"); tokenInfo.remove(); return false; } if (tokenInfo.matches(tokenCredentials)) { tokenInfo.resetExpiration(loginTime); return true; } return false; } }
tokenInfo = tokenProvider.getTokenInfo(token); if (tokenInfo == null) { log.debug("No valid TokenInfo for token.");
tokenInfo = tokenProvider.getTokenInfo(token); if (tokenInfo == null) { log.debug("No valid TokenInfo for token.");
@Test public void testGetTokenInfo() { assertSame(info, composite.getTokenInfo(TOKEN)); assertNull(composite.getTokenInfo("any")); }
@Test public void testRefreshToken() throws Exception { TokenInfo readOnlyInfo = readOnlyTp.getTokenInfo(generateToken()); assertFalse(readOnlyInfo.resetExpiration(System.currentTimeMillis() + TokenProviderImpl.DEFAULT_TOKEN_EXPIRATION - 100)); }
@Test public void testAuthenticateExpiredTokenMock() throws Exception { TokenCredentials tc = new TokenCredentials("token"); TokenProvider tp = Mockito.mock(TokenProvider.class); TokenInfo ti = Mockito.mock(TokenInfo.class); Mockito.when(tp.getTokenInfo(Mockito.anyString())).thenReturn(ti); Mockito.when(ti.isExpired(Mockito.anyLong())).thenReturn(true); TokenAuthentication auth = new TokenAuthentication(tp); try { auth.authenticate(tc); fail("LoginException expected"); } catch (LoginException e) { // success } Mockito.verify(ti, Mockito.never()).matches(Mockito.any()); Mockito.verify(ti, Mockito.never()).resetExpiration(Mockito.anyLong()); } }
@Test public void testGetTokenInfo() throws Exception { TokenInfo readOnlyInfo = readOnlyTp.getTokenInfo(generateToken()); assertNotNull(readOnlyInfo); }
@Test public void testAuthenticateRefreshToken() throws Exception { TokenCredentials tc = new TokenCredentials("token"); TokenProvider tp = Mockito.mock(TokenProvider.class); TokenInfo ti = Mockito.mock(TokenInfo.class); Mockito.when(tp.getTokenInfo(Mockito.anyString())).thenReturn(ti); Mockito.when(ti.isExpired(Mockito.anyLong())).thenReturn(false); Mockito.when(ti.matches(tc)).thenReturn(true); TokenAuthentication auth = new TokenAuthentication(tp); try { assertTrue(auth.authenticate(tc)); Mockito.verify(ti).resetExpiration(Mockito.anyLong()); } catch (LoginException e) { fail(e.getMessage()); } }
@Test public void testAuthenticateSkipRefreshToken() throws Exception { TokenCredentials tc = new TokenCredentials("token"); tc.setAttribute(TokenConstants.TOKEN_SKIP_REFRESH, ""); TokenProvider tp = Mockito.mock(TokenProvider.class); TokenInfo ti = Mockito.mock(TokenInfo.class); Mockito.when(tp.getTokenInfo(Mockito.anyString())).thenReturn(ti); Mockito.when(ti.isExpired(Mockito.anyLong())).thenReturn(false); Mockito.when(ti.matches(tc)).thenReturn(true); TokenAuthentication auth = new TokenAuthentication(tp); try { assertTrue(auth.authenticate(tc)); Mockito.verify(ti, Mockito.never()).resetExpiration(Mockito.anyLong()); } catch (LoginException e) { fail(e.getMessage()); } }
@Test public void testRemoveToken() throws Exception { TokenInfo readOnlyInfo = readOnlyTp.getTokenInfo(generateToken()); assertFalse(readOnlyInfo.remove()); } }
@Test public void testNullProvider() { TokenProvider tp = CompositeTokenProvider.newInstance(); assertSame(tp, CompositeTokenProvider.newInstance(ImmutableList.<TokenProvider>of())); Credentials creds = new Credentials() {}; assertFalse(tp.doCreateToken(null)); assertFalse(tp.doCreateToken(creds)); assertNull(tp.createToken(null, null)); assertNull(tp.createToken("userID", ImmutableMap.<String, String>of())); assertNull(tp.createToken(null)); assertNull(tp.createToken(creds)); assertNull(tp.getTokenInfo(null)); assertNull(tp.getTokenInfo("anyString")); }
@Test public void testAuthenticateExpiredToken() throws Exception { TokenProvider tp = new TokenProviderImpl(root, ConfigurationParameters.of(TokenProvider.PARAM_TOKEN_EXPIRATION, 1), getUserConfiguration()); TokenInfo info = tp.createToken(userId, Collections.<String, Object>emptyMap()); waitUntilExpired(info); try { new TokenAuthentication(tp).authenticate(new TokenCredentials(info.getToken())); fail("LoginException expected"); } catch (LoginException e) { // success } // expired token must have been removed assertNull(tp.getTokenInfo(info.getToken())); }
/** * @see <a href="https://issues.apache.org/jira/browse/OAK-1985">OAK-1985</a> */ @Test public void testTokenValidationIsCaseInsensitive() throws Exception { Root root = adminSession.getLatestRoot(); TokenConfiguration tokenConfig = getSecurityProvider().getConfiguration(TokenConfiguration.class); TokenProvider tp = tokenConfig.getTokenProvider(root); String userId = ((SimpleCredentials) getAdminCredentials()).getUserID(); TokenInfo info = tp.createToken(userId.toUpperCase(), Collections.<String, Object>emptyMap()); assertTrue(info.matches(new TokenCredentials(info.getToken()))); assertEquals(userId, info.getUserId()); info = tp.getTokenInfo(info.getToken()); assertTrue(info.matches(new TokenCredentials(info.getToken()))); assertEquals(userId, info.getUserId()); }