Repository: usergrid Updated Branches: refs/heads/release-2.1.1 492ac59ad -> 43d85599f
Remove extra update of token access time in OAuth2AccessTokenSecurityFilter. Project: http://git-wip-us.apache.org/repos/asf/usergrid/repo Commit: http://git-wip-us.apache.org/repos/asf/usergrid/commit/cac55698 Tree: http://git-wip-us.apache.org/repos/asf/usergrid/tree/cac55698 Diff: http://git-wip-us.apache.org/repos/asf/usergrid/diff/cac55698 Branch: refs/heads/release-2.1.1 Commit: cac55698eda777cb566b2f162769c4c9c9d5d53f Parents: f5daca5 Author: Mike Dunker <[email protected]> Authored: Thu Mar 31 18:43:32 2016 -0700 Committer: Mike Dunker <[email protected]> Committed: Thu Mar 31 18:43:32 2016 -0700 ---------------------------------------------------------------------- .../rest/applications/ServiceResource.java | 5 +-- .../OAuth2AccessTokenSecurityFilter.java | 3 +- .../cassandra/ManagementServiceImpl.java | 10 ++++- .../usergrid/security/tokens/TokenService.java | 3 ++ .../tokens/cassandra/TokenServiceImpl.java | 40 ++++++++++++-------- 5 files changed, 40 insertions(+), 21 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/usergrid/blob/cac55698/stack/rest/src/main/java/org/apache/usergrid/rest/applications/ServiceResource.java ---------------------------------------------------------------------- diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/ServiceResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/ServiceResource.java index 4c92fef..67a1eb3 100644 --- a/stack/rest/src/main/java/org/apache/usergrid/rest/applications/ServiceResource.java +++ b/stack/rest/src/main/java/org/apache/usergrid/rest/applications/ServiceResource.java @@ -151,7 +151,7 @@ public class ServiceResource extends AbstractContextResource { MultivaluedMap<String, String> params = ps.getMatrixParameters(); - if ( params != null ) { + if ( params != null && params.size() > 0) { Query query = Query.fromQueryParams( params ); if ( query != null ) { parameters = ServiceParameter.addParameter( parameters, query ); @@ -166,7 +166,7 @@ public class ServiceResource extends AbstractContextResource { throws Exception { MultivaluedMap<String, String> params = ui.getQueryParameters(); - if ( params != null ) { + if ( params != null && params.size() > 0) { //TODO TN query parameters are not being correctly decoded here. The URL encoded strings //aren't getting decoded properly Query query = Query.fromQueryParams( params ); @@ -417,7 +417,6 @@ public class ServiceResource extends AbstractContextResource { ApiResponse response = createApiResponse(); response.setAction( "put" ); - services.getApplicationRef(); response.setApplication( services.getApplication() ); response.setParams( ui.getQueryParameters() ); http://git-wip-us.apache.org/repos/asf/usergrid/blob/cac55698/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/OAuth2AccessTokenSecurityFilter.java ---------------------------------------------------------------------- diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/OAuth2AccessTokenSecurityFilter.java b/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/OAuth2AccessTokenSecurityFilter.java index 9a82b4a..03da0e8 100644 --- a/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/OAuth2AccessTokenSecurityFilter.java +++ b/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/OAuth2AccessTokenSecurityFilter.java @@ -95,7 +95,8 @@ public class OAuth2AccessTokenSecurityFilter extends SecurityFilter implements C AuthPrincipalInfo principal = null; try { - TokenInfo tokenInfo = tokens.getTokenInfo( accessToken ); + // will update access time in principal if statements below, don't do it here + TokenInfo tokenInfo = tokens.getTokenInfo( accessToken, false ); principal = tokenInfo.getPrincipal(); } catch (BadTokenException e1) { throw mappableSecurityException( BAD_ACCESS_TOKEN_ERROR ); http://git-wip-us.apache.org/repos/asf/usergrid/blob/cac55698/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java ---------------------------------------------------------------------- diff --git a/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java b/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java index 56e1de7..9179148 100644 --- a/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java +++ b/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java @@ -1437,10 +1437,18 @@ public class ManagementServiceImpl implements ManagementService { } + public TokenInfo getTokenInfoFromAccessToken(String token, String expected_token_type, AuthPrincipalType expected_principal_type) throws Exception { - TokenInfo tokenInfo = tokens.getTokenInfo( token ); + return getTokenInfoFromAccessToken(token, expected_token_type, expected_principal_type, true); + } + + public TokenInfo getTokenInfoFromAccessToken(String token, String expected_token_type, + AuthPrincipalType expected_principal_type, + boolean updateAccessTime) throws Exception { + + TokenInfo tokenInfo = tokens.getTokenInfo( token, updateAccessTime ); return validateTokenAndPrincipalTypes(tokenInfo, expected_token_type, expected_principal_type) ? tokenInfo : null; http://git-wip-us.apache.org/repos/asf/usergrid/blob/cac55698/stack/services/src/main/java/org/apache/usergrid/security/tokens/TokenService.java ---------------------------------------------------------------------- diff --git a/stack/services/src/main/java/org/apache/usergrid/security/tokens/TokenService.java b/stack/services/src/main/java/org/apache/usergrid/security/tokens/TokenService.java index d8526af..2ef5d59 100644 --- a/stack/services/src/main/java/org/apache/usergrid/security/tokens/TokenService.java +++ b/stack/services/src/main/java/org/apache/usergrid/security/tokens/TokenService.java @@ -44,6 +44,9 @@ public interface TokenService { /** Get the token info for the string version of this token */ public TokenInfo getTokenInfo( String token ) throws Exception; + /** Get the token info for the string version of this token, update of access time optional */ + public TokenInfo getTokenInfo( String token, boolean updateAccessTime ) throws Exception; + /** Get the max token age in milliseconds */ public long getMaxTokenAge( String token ); http://git-wip-us.apache.org/repos/asf/usergrid/blob/cac55698/stack/services/src/main/java/org/apache/usergrid/security/tokens/cassandra/TokenServiceImpl.java ---------------------------------------------------------------------- diff --git a/stack/services/src/main/java/org/apache/usergrid/security/tokens/cassandra/TokenServiceImpl.java b/stack/services/src/main/java/org/apache/usergrid/security/tokens/cassandra/TokenServiceImpl.java index 3f046e2..0479145 100644 --- a/stack/services/src/main/java/org/apache/usergrid/security/tokens/cassandra/TokenServiceImpl.java +++ b/stack/services/src/main/java/org/apache/usergrid/security/tokens/cassandra/TokenServiceImpl.java @@ -319,6 +319,12 @@ public class TokenServiceImpl implements TokenService { @Override public TokenInfo getTokenInfo( String token ) throws Exception { + return getTokenInfo(token, true); + } + + + @Override + public TokenInfo getTokenInfo( String token, boolean updateAccessTime ) throws Exception { UUID uuid = getUUIDForToken( token ); @@ -338,27 +344,29 @@ public class TokenServiceImpl implements TokenService { } } - //update the token - long now = currentTimeMillis(); + if (updateAccessTime) { + //update the token + long now = currentTimeMillis(); - long maxTokenTtl = getMaxTtl( TokenCategory.getFromBase64String( token ), tokenInfo.getPrincipal() ); + long maxTokenTtl = getMaxTtl(TokenCategory.getFromBase64String(token), tokenInfo.getPrincipal()); - Mutator<UUID> batch = createMutator( cassandra.getUsergridApplicationKeyspace(), ue ); + Mutator<UUID> batch = createMutator(cassandra.getUsergridApplicationKeyspace(), ue); - HColumn<String, Long> col = - createColumn( TOKEN_ACCESSED, now, calcTokenTime( tokenInfo.getExpiration( maxTokenTtl ) ), - se, le ); - batch.addInsertion( uuid, TOKENS_CF, col ); + HColumn<String, Long> col = + createColumn(TOKEN_ACCESSED, now, calcTokenTime(tokenInfo.getExpiration(maxTokenTtl)), + se, le); + batch.addInsertion(uuid, TOKENS_CF, col); - long inactive = now - tokenInfo.getAccessed(); - if ( inactive > tokenInfo.getInactive() ) { - col = createColumn( TOKEN_INACTIVE, inactive, calcTokenTime( tokenInfo.getExpiration( maxTokenTtl ) ), - se, le ); - batch.addInsertion( uuid, TOKENS_CF, col ); - tokenInfo.setInactive( inactive ); - } + long inactive = now - tokenInfo.getAccessed(); + if (inactive > tokenInfo.getInactive()) { + col = createColumn(TOKEN_INACTIVE, inactive, calcTokenTime(tokenInfo.getExpiration(maxTokenTtl)), + se, le); + batch.addInsertion(uuid, TOKENS_CF, col); + tokenInfo.setInactive(inactive); + } - batch.execute(); + batch.execute(); + } return tokenInfo; }
