/**
   * Encode the user ID in a secure cookie.
   *
   * @param userId
   * @return
   */
  String encodeCookie(String userId, String tokenType) {
    if (userId == null) {
      return null;
    }
    if (clusterCookieServer != null) {
      return clusterCookieServer.encodeCookie(userId);
    } else {
      long expires = System.currentTimeMillis() + ttl;
      SecureCookie secretKeyHolder = tokenStore.getActiveToken();

      try {
        return secretKeyHolder.encode(expires, userId, tokenType);
      } catch (NoSuchAlgorithmException e) {
        LOG.error(e.getMessage(), e);
      } catch (InvalidKeyException e) {
        LOG.error(e.getMessage(), e);
      } catch (IllegalStateException e) {
        LOG.error(e.getMessage(), e);
      } catch (UnsupportedEncodingException e) {
        LOG.error(e.getMessage(), e);
      } catch (SecureCookieException e) {
        if (e.isError()) {
          LOG.error(e.getMessage(), e);
        } else {
          LOG.info(e.getMessage(), e);
        }
      }
      return null;
    }
  }
  @SuppressWarnings("rawtypes")
  protected void activate(ComponentContext context) {
    Dictionary props = context.getProperties();
    usingSession = PropertiesUtil.toBoolean(props.get(USE_SESSION), false);
    secureCookie = PropertiesUtil.toBoolean(props.get(SECURE_COOKIE), false);
    ttl = PropertiesUtil.toLong(props.get(TTL), 1200000);
    trustedAuthCookieName = PropertiesUtil.toString(props.get(COOKIE_NAME), "");
    sharedSecret =
        PropertiesUtil.toString(
            props.get(SERVER_TOKEN_SHARED_SECRET), "default-setting-change-before-use");
    trustedTokenEnabled = PropertiesUtil.toBoolean(props.get(SERVER_TOKEN_ENABLED), true);
    debugCookies = PropertiesUtil.toBoolean(props.get(DEBUG_COOKIES), false);
    tokenStore.setDebugCookies(debugCookies);
    String safeHostsAddr = PropertiesUtil.toString(props.get(SERVER_TOKEN_SAFE_HOSTS_ADDR), "");
    safeHostAddrSet.clear();
    if (safeHostsAddr != null) {
      for (String address : StringUtils.split(safeHostsAddr, ';')) {
        safeHostAddrSet.add(address);
      }
    }
    String trustedProxyServerAddr =
        PropertiesUtil.toString(props.get(TRUSTED_PROXY_SERVER_ADDR), "");
    trustedProxyServerAddrSet.clear();
    if (trustedProxyServerAddr != null) {
      for (String address : StringUtils.split(trustedProxyServerAddr, ';')) {
        trustedProxyServerAddrSet.add(address);
      }
    }
    String wrappers = PropertiesUtil.toString(props.get(SERVER_TOKEN_SAFE_WRAPPERS), "");
    if (wrappers == null || wrappers.length() == 0) {
      wrappers = DEFAULT_WRAPPERS;
    }
    safeWrappers = StringUtils.split(wrappers, ";");

    String tokenFile = PropertiesUtil.toString(props.get(TOKEN_FILE_NAME), "");
    String serverId = clusterTrackingService.getCurrentServerId();
    tokenStore.doInit(cacheManager, tokenFile, serverId, ttl);

    trustedHeaderName = PropertiesUtil.toString(props.get(TRUSTED_HEADER_NAME), "");
    trustedParameterName = PropertiesUtil.toString(props.get(TRUSTED_PARAMETER_NAME), "");
  }
Ejemplo n.º 3
0
  @Test
  public void test()
      throws IOException, InvalidKeyException, NoSuchAlgorithmException, IllegalStateException {
    File tokenFile = new File("target/keys.txt");
    long sessionTimeout = System.currentTimeMillis() + 5 * 60 * 1000;
    TokenStore tokenStore = new TokenStore(tokenFile, sessionTimeout, false);

    String userId = "123@1234@11";
    long expires = sessionTimeout;
    String token = null;
    for (int i = 0; i < 11; i++) {
      token = tokenStore.encode(expires, userId);
    }
    System.out.println("token: " + token);
    boolean isValid = tokenStore.isValid(token);

    String[] user = TokenStore.split(token);
    System.out.println(isValid);
    for (String string : user) {
      System.out.println(string);
    }
  }
Ejemplo n.º 4
0
 private static <T extends TokenRecord> void dumpTokens(final TokenStore<T> store, long[] ids)
     throws Exception {
   try {
     new DumpStore<T, TokenStore<T>>(System.out) {
       @Override
       protected Object transform(T record) throws Exception {
         if (record.inUse()) {
           store.ensureHeavy(record);
           return record.getId() + ": \"" + store.getStringFor(record) + "\": " + record;
         }
         return null;
       }
     }.dump(store, ids);
   } finally {
     store.close();
   }
 }
 /**
  * Decode the user ID.
  *
  * @param value
  * @return
  */
 String[] decodeCookie(String value) {
   if (value == null) {
     return null;
   }
   if (clusterCookieServer != null) {
     return clusterCookieServer.decodeCookie(value);
   } else {
     try {
       SecureCookie secureCookie = tokenStore.getSecureCookie();
       return secureCookie.decode(value);
     } catch (SecureCookieException e) {
       if (e.isError()) {
         LOG.error(e.getMessage());
       } else {
         LOG.info(e.getMessage());
       }
     }
   }
   return null;
 }
Ejemplo n.º 6
0
 /*
  * @param req The authentication request of which to request the expiration
  *        status.
  * @return The number of milliseconds until the token expires, or negative
  *         infinity if no token was found.
  */
 public double expiresIn(AuthRequest req) {
   String val = tokenStore.get(req.asString());
   return val == null
       ? Double.NEGATIVE_INFINITY
       : Double.valueOf(TokenInfo.fromString(val).expires) - clock.now();
 }
Ejemplo n.º 7
0
 /**
  * Clears all tokens stored by this class.
  *
  * <p>This will result in subsequent calls to {@link #login(AuthRequest, Callback)} displaying a
  * popup to the user. If the user has already granted access, that popup will immediately close.
  */
 public void clearAllTokens() {
   tokenStore.clear();
 }
Ejemplo n.º 8
0
 void setToken(AuthRequest req, TokenInfo info) {
   tokenStore.set(req.asString(), info.asString());
 }
Ejemplo n.º 9
0
 TokenInfo getToken(AuthRequest req) {
   String tokenStr = tokenStore.get(req.asString());
   return tokenStr != null ? TokenInfo.fromString(tokenStr) : null;
 }