jackrabbit-oak-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ang...@apache.org
Subject svn commit: r1531869 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java
Date Mon, 14 Oct 2013 12:09:55 GMT
Author: angela
Date: Mon Oct 14 12:09:55 2013
New Revision: 1531869

URL: http://svn.apache.org/r1531869
Log:
OAK-91 : authentication (test token validation)

Modified:
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java?rev=1531869&r1=1531868&r2=1531869&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java
Mon Oct 14 12:09:55 2013
@@ -55,6 +55,7 @@ import org.apache.jackrabbit.oak.spi.sec
 import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
 import org.apache.jackrabbit.oak.spi.security.user.util.PasswordUtil;
 import org.apache.jackrabbit.oak.util.NodeUtil;
+import org.apache.jackrabbit.oak.util.TreeUtil;
 import org.apache.jackrabbit.util.ISO8601;
 import org.apache.jackrabbit.util.Text;
 import org.slf4j.Logger;
@@ -272,7 +273,7 @@ public class TokenProviderImpl implement
         String nodeId = (pos == -1) ? token : token.substring(0, pos);
         Tree tokenTree = identifierManager.getTree(nodeId);
         String userId = getUserId(tokenTree);
-        if (tokenTree == null || !tokenTree.exists() || userId == null) {
+        if (userId == null || !isValidTokenTree(tokenTree)) {
             return null;
         } else {
             return new TokenInfoImpl(new NodeUtil(tokenTree), token, userId);
@@ -319,6 +320,15 @@ public class TokenProviderImpl implement
         return res.toString();
     }
 
+    private static boolean isValidTokenTree(Tree tokenTree) {
+        if (tokenTree == null || !tokenTree.exists()) {
+            return false;
+        } else {
+            return TOKENS_NODE_NAME.equals(tokenTree.getParent().getName()) &&
+                    TOKEN_NT_NAME.equals(TreeUtil.getPrimaryTypeName(tokenTree));
+        }
+    }
+
     @CheckForNull
     private Tree getTokenTree(TokenInfo tokenInfo) {
         if (tokenInfo instanceof TokenInfoImpl) {

Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java?rev=1531869&r1=1531868&r2=1531869&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java
Mon Oct 14 12:09:55 2013
@@ -23,10 +23,12 @@ import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 import java.util.UUID;
+import javax.jcr.AccessDeniedException;
 import javax.jcr.Credentials;
 import javax.jcr.GuestCredentials;
 import javax.jcr.SimpleCredentials;
 
+import org.apache.jackrabbit.JcrConstants;
 import org.apache.jackrabbit.api.security.authentication.token.TokenCredentials;
 import org.apache.jackrabbit.oak.api.PropertyState;
 import org.apache.jackrabbit.oak.api.Tree;
@@ -35,6 +37,7 @@ import org.apache.jackrabbit.oak.plugins
 import org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials;
 import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo;
 import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
+import org.apache.jackrabbit.oak.util.NodeUtil;
 import org.junit.Before;
 import org.junit.Test;
 
@@ -185,6 +188,68 @@ public class TokenProviderImplTest exten
     }
 
     @Test
+    public void testGetTokenInfoFromInvalidLocation() throws Exception {
+        TokenInfo info = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap());
+        Tree tokenTree = getTokenTree(info);
+
+        assertNotNull(tokenProvider.getTokenInfo(info.getToken()));
+
+        NodeUtil node = new NodeUtil(root.getTree("/")).addChild("testNode", "nt:unstructured");
+        try {
+            createTokenTree(info, node, "rep:Token");
+            tokenTree.remove();
+            root.commit();
+
+            assertNull(tokenProvider.getTokenInfo(info.getToken()));
+        } finally {
+            node.getTree().remove();
+            root.commit();
+        }
+    }
+
+    @Test
+    public void testGetTokenInfoFromInvalidLocation2() throws Exception {
+        TokenInfo info = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap());
+        Tree tokenTree = getTokenTree(info);
+
+        assertNotNull(tokenProvider.getTokenInfo(info.getToken()));
+
+        Tree userTree = root.getTree(getUserManager(root).getAuthorizable(userId).getPath());
+        NodeUtil node = new NodeUtil(userTree).addChild("testNode", "nt:unstructured");
+        try {
+            createTokenTree(info, node, "rep:Token");
+            tokenTree.remove();
+            root.commit();
+
+            assertNull(tokenProvider.getTokenInfo(info.getToken()));
+        } finally {
+            node.getTree().remove();
+            root.commit();
+        }
+    }
+
+    @Test
+    public void testGetTokenInfoFromInvalidLocation3() throws Exception {
+        TokenInfo info = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap());
+        Tree tokenTree = getTokenTree(info);
+
+        assertNotNull(tokenProvider.getTokenInfo(info.getToken()));
+
+        Tree userTree = root.getTree(getUserManager(root).getAuthorizable(userId).getPath());
+        NodeUtil node = new NodeUtil(userTree.getChild(".tokens"));
+        try {
+            createTokenTree(info, node, "nt:unstructured");
+            tokenTree.remove();
+            root.commit();
+
+            assertNull(tokenProvider.getTokenInfo(info.getToken()));
+        } finally {
+            node.getTree().remove();
+            root.commit();
+        }
+    }
+
+    @Test
     public void testGetTokenInfo() throws Exception {
         String token = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap()).getToken();
         TokenInfo info = tokenProvider.getTokenInfo(token);
@@ -233,4 +298,12 @@ public class TokenProviderImplTest exten
         String nodeId = (pos == -1) ? token : token.substring(0, pos);
         return new IdentifierManager(root).getTree(nodeId);
     }
+
+    private void createTokenTree(TokenInfo base, NodeUtil parent, String ntName) throws AccessDeniedException
{
+        Tree tokenTree = getTokenTree(base);
+        Tree tree = parent.addChild("token", ntName).getTree();
+        tree.setProperty(tokenTree.getProperty(JcrConstants.JCR_UUID));
+        tree.setProperty(tokenTree.getProperty("rep:token.key"));
+        tree.setProperty(tokenTree.getProperty("rep:token.exp"));
+    }
 }
\ No newline at end of file



Mime
View raw message