Return-Path: 
 <oak-commits-return-1996-apmail-jackrabbit-oak-commits-archive=jackrabbit.apache.org@jackrabbit.apache.org>
X-Original-To: apmail-jackrabbit-oak-commits-archive@minotaur.apache.org
Delivered-To: apmail-jackrabbit-oak-commits-archive@minotaur.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 15FE1D7E8
	for <apmail-jackrabbit-oak-commits-archive@minotaur.apache.org>;
 Tue, 23 Oct 2012 09:00:23 +0000 (UTC)
Received: (qmail 34046 invoked by uid 500); 23 Oct 2012 09:00:22 -0000
Delivered-To: apmail-jackrabbit-oak-commits-archive@jackrabbit.apache.org
Received: (qmail 32846 invoked by uid 500); 23 Oct 2012 09:00:20 -0000
Mailing-List: contact oak-commits-help@jackrabbit.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:oak-commits-help@jackrabbit.apache.org>
List-Unsubscribe: <mailto:oak-commits-unsubscribe@jackrabbit.apache.org>
List-Post: <mailto:oak-commits@jackrabbit.apache.org>
List-Id: <oak-commits.jackrabbit.apache.org>
Reply-To: oak-dev@jackrabbit.apache.org
Delivered-To: mailing list oak-commits@jackrabbit.apache.org
Received: (qmail 31745 invoked by uid 99); 23 Oct 2012 09:00:18 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 23 Oct 2012 09:00:18 +0000
X-ASF-Spam-Status: No, hits=-2000.0 required=5.0
	tests=ALL_TRUSTED
X-Spam-Check-By: apache.org
Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 23 Oct 2012 09:00:15 +0000
Received: from eris.apache.org (localhost [127.0.0.1])
	by eris.apache.org (Postfix) with ESMTP id DC23E23888CD;
	Tue, 23 Oct 2012 08:59:30 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: svn commit: r1401205 - in /jackrabbit/oak/trunk/oak-core/src:
 main/java/org/apache/jackrabbit/oak/security/authentication/token/
 main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/
 test/java/org/apache/jackrabbit/oak/security/authent...
Date: Tue, 23 Oct 2012 08:59:30 -0000
To: oak-commits@jackrabbit.apache.org
From: angela@apache.org
X-Mailer: svnmailer-1.0.8-patched
Message-Id: <20121023085930.DC23E23888CD@eris.apache.org>
X-Virus-Checked: Checked by ClamAV on apache.org

Author: angela
Date: Tue Oct 23 08:59:30 2012
New Revision: 1401205

URL: http://svn.apache.org/viewvc?rev=1401205&view=rev
Log:
 OAK-91 - Implement Authentication Support (WIP)

Modified:
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenProvider.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenLoginModuleTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java?rev=1401205&r1=1401204&r2=1401205&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java Tue Oct 23 08:59:30 2012
@@ -81,29 +81,35 @@ public class TokenProviderImpl implement
      */
     private static final Logger log = LoggerFactory.getLogger(TokenProviderImpl.class);
 
+    /**
+     * Constant for the token attribute passed with valid simple credentials to
+     * trigger the generation of a new token.
+     */
+    private static final String TOKEN_ATTRIBUTE = ".token";
     private static final String TOKEN_ATTRIBUTE_EXPIRY = TOKEN_ATTRIBUTE + ".exp";
     private static final String TOKEN_ATTRIBUTE_KEY = TOKEN_ATTRIBUTE + ".key";
     private static final String TOKENS_NODE_NAME = ".tokens";
     private static final String TOKENS_NT_NAME = JcrConstants.NT_UNSTRUCTURED;
 
-    private static final int STATUS_VALID = 0;
-    private static final int STATUS_EXPIRED = 1;
-    private static final int STATUS_MISMATCH = 2;
-
+    /**
+     * Default expiration time in ms for login tokens is 2 hours.
+     */
+    private static final long DEFAULT_TOKEN_EXPIRATION = 2 * 3600 * 1000;
+    private static final int DEFAULT_KEY_SIZE = 8;
     private static final char DELIM = '_';
 
     private final Root root;
+    private final ConfigurationParameters options;
+
+    private final long tokenExpiration;
     private final UserManager userManager;
     private final IdentifierManager identifierManager;
-    private final long tokenExpiration;
 
     public TokenProviderImpl(Root root, ConfigurationParameters options, UserConfiguration userConfiguration) {
-        this(root, options.getConfigValue(PARAM_TOKEN_EXPIRATION, Long.valueOf(DEFAULT_TOKEN_EXPIRATION)), userConfiguration);
-    }
-
-    public TokenProviderImpl(Root root, long tokenExpiration, UserConfiguration userConfiguration) {
         this.root = root;
-        this.tokenExpiration = tokenExpiration;
+        this.options = options;
+
+        this.tokenExpiration = options.getConfigValue(PARAM_TOKEN_EXPIRATION, Long.valueOf(DEFAULT_TOKEN_EXPIRATION));
         this.userManager = userConfiguration.getUserManager(root, NamePathMapper.DEFAULT);
         this.identifierManager = new IdentifierManager(root);
     }
@@ -158,7 +164,7 @@ public class TokenProviderImpl implement
 
                 NodeUtil tokenNode = tokenParent.addChild(tokenName, TOKENS_NT_NAME);
 
-                String key = generateKey(8);
+                String key = generateKey(options.getConfigValue(PARAM_TOKEN_LENGTH, DEFAULT_KEY_SIZE));
                 String nodeId = identifierManager.getIdentifier(tokenNode.getTree());
                 String token = new StringBuilder(nodeId).append(DELIM).append(key).toString();
 

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenProvider.java?rev=1401205&r1=1401204&r2=1401205&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenProvider.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenProvider.java Tue Oct 23 08:59:30 2012
@@ -26,20 +26,18 @@ import javax.jcr.Credentials;
 public interface TokenProvider {
 
     /**
-     * Constant for the token attribute passed with valid simple credentials to
-     * trigger the generation of a new token.
-     */
-    public static final String TOKEN_ATTRIBUTE = ".token";
-
-    /**
      * Optional configuration parameter to set the token expiration time in ms.
+     * Implementations that do not support this option will ignore any config
+     * options with that name.
      */
     String PARAM_TOKEN_EXPIRATION = "tokenExpiration";
 
     /**
-     * Default expiration time in ms for login tokens is 2 hours.
+     * Optional configuration parameter to define the length of the key.
+     * Implementations that do not support this option will ignore any config
+     * options with that name.
      */
-    long DEFAULT_TOKEN_EXPIRATION = 2 * 3600 * 1000;
+    String PARAM_TOKEN_LENGTH = "tokenLength";
 
     boolean doCreateToken(Credentials credentials);
 

Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java?rev=1401205&r1=1401204&r2=1401205&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java Tue Oct 23 08:59:30 2012
@@ -28,7 +28,6 @@ import org.apache.jackrabbit.oak.api.Con
 import org.apache.jackrabbit.oak.api.Root;
 import org.apache.jackrabbit.oak.security.AbstractSecurityTest;
 import org.apache.jackrabbit.oak.security.authentication.token.TokenLoginModule;
-import org.apache.jackrabbit.oak.security.authentication.token.TokenProviderImpl;
 import org.apache.jackrabbit.oak.security.authentication.user.LoginModuleImpl;
 import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo;
 import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
@@ -110,7 +109,7 @@ public class TokenDefaultLoginModuleTest
         ContentSession cs = null;
         try {
             SimpleCredentials sc = new SimpleCredentials("test", new char[0]);
-            sc.setAttribute(TokenProviderImpl.TOKEN_ATTRIBUTE, "");
+            sc.setAttribute(".token", "");
 
             cs = login(sc);
             fail("Invalid simple credentials login should fail");
@@ -140,7 +139,7 @@ public class TokenDefaultLoginModuleTest
         ContentSession cs = null;
         try {
             SimpleCredentials sc = (SimpleCredentials) getAdminCredentials();
-            sc.setAttribute(TokenProviderImpl.TOKEN_ATTRIBUTE, "");
+            sc.setAttribute(".token", "");
             cs = login(sc);
         } finally {
             if (cs != null) {
@@ -154,10 +153,10 @@ public class TokenDefaultLoginModuleTest
         ContentSession cs = null;
         try {
             SimpleCredentials sc = (SimpleCredentials) getAdminCredentials();
-            sc.setAttribute(TokenProvider.TOKEN_ATTRIBUTE, "");
+            sc.setAttribute(".token", "");
             cs = login(sc);
 
-            Object token = sc.getAttribute(TokenProvider.TOKEN_ATTRIBUTE).toString();
+            Object token = sc.getAttribute(".token").toString();
             assertNotNull(token);
             TokenCredentials tc = new TokenCredentials(token.toString());
 

Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenLoginModuleTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenLoginModuleTest.java?rev=1401205&r1=1401204&r2=1401205&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenLoginModuleTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenLoginModuleTest.java Tue Oct 23 08:59:30 2012
@@ -106,7 +106,7 @@ public class TokenLoginModuleTest extend
         ContentSession cs = null;
         try {
             SimpleCredentials sc = new SimpleCredentials("test", new char[0]);
-            sc.setAttribute(TokenProvider.TOKEN_ATTRIBUTE, "");
+            sc.setAttribute(".token", "");
 
             cs = login(sc);
             fail("Unsupported credentials login should fail");

Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java?rev=1401205&r1=1401204&r2=1401205&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java Tue Oct 23 08:59:30 2012
@@ -22,7 +22,6 @@ import javax.jcr.SimpleCredentials;
 import org.apache.jackrabbit.api.security.authentication.token.TokenCredentials;
 import org.apache.jackrabbit.oak.security.AbstractSecurityTest;
 import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
-import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
 import org.junit.Before;
 import org.junit.Test;
 
@@ -58,13 +57,13 @@ public class TokenProviderImplTest exten
         sc.setAttribute("any_attribute", "value");
         assertFalse(tokenProvider.doCreateToken(sc));
 
-        sc.setAttribute(TokenProvider.TOKEN_ATTRIBUTE + "_key", "value");
+        sc.setAttribute(".token_key", "value");
         assertFalse(tokenProvider.doCreateToken(sc));
 
-        sc.setAttribute(TokenProvider.TOKEN_ATTRIBUTE, "existing");
+        sc.setAttribute(".token", "existing");
         assertFalse(tokenProvider.doCreateToken(sc));
 
-        sc.setAttribute(TokenProvider.TOKEN_ATTRIBUTE, "");
+        sc.setAttribute(".token", "");
         assertTrue(tokenProvider.doCreateToken(sc));
     }