stillalex commented on code in PR #1921:
URL: https://github.com/apache/solr/pull/1921#discussion_r1326388797
##########
solr/core/src/java/org/apache/solr/security/PKIAuthenticationPlugin.java:
##########
@@ -485,34 +487,75 @@ private Optional<String> getUser() {
}
}
+ private static class CachedToken {
+ Instant generatedAt;
+ String token;
+
+ private CachedToken(Instant generatedAt, String token) {
+ this.generatedAt = generatedAt;
+ this.token = token;
+ }
+ }
+
+ private volatile ConcurrentHashMap<String, AtomicReference<CachedToken>>
cachedV1Tokens =
+ new ConcurrentHashMap<>();
+ private volatile ConcurrentHashMap<String, AtomicReference<CachedToken>>
cachedV2Tokens =
+ new ConcurrentHashMap<>();
+
+ private static final Duration cacheExpiryTime = Duration.ofSeconds(1);
+
+ private String getToken(String usr) {
+ AtomicReference<CachedToken> tokenRef =
+ cachedV1Tokens.computeIfAbsent(usr, u -> new
AtomicReference<>(generateToken(u)));
+ if
(tokenRef.get().generatedAt.isBefore(Instant.now().minus(cacheExpiryTime))) {
+ synchronized (tokenRef) {
+ if
(tokenRef.get().generatedAt.isBefore(Instant.now().minus(cacheExpiryTime))) {
+ tokenRef.set(generateToken(usr));
+ }
+ }
+ }
+ return tokenRef.get().token;
+ }
+
+ private synchronized String getTokenV2(String usr) {
+ AtomicReference<CachedToken> tokenRef =
+ cachedV2Tokens.computeIfAbsent(usr, u -> new
AtomicReference<>(generateTokenV2(u)));
+ if
(tokenRef.get().generatedAt.isBefore(Instant.now().minus(cacheExpiryTime))) {
+ synchronized (tokenRef) {
+ if
(tokenRef.get().generatedAt.isBefore(Instant.now().minus(cacheExpiryTime))) {
+ tokenRef.set(generateTokenV2(usr));
+ }
+ }
+ }
+ return tokenRef.get().token;
+ }
+
@SuppressForbidden(reason = "Needs currentTimeMillis to set current time in
header")
- private String generateToken(String usr) {
+ private CachedToken generateToken(String usr) {
assert usr != null;
String s = usr + " " + System.currentTimeMillis();
byte[] payload = s.getBytes(UTF_8);
byte[] payloadCipher =
publicKeyHandler.getKeyPair().encrypt(ByteBuffer.wrap(payload));
String base64Cipher = Base64.getEncoder().encodeToString(payloadCipher);
log.trace("generateToken: usr={} token={}", usr, base64Cipher);
- return myNodeName + " " + base64Cipher;
+ return new CachedToken(Instant.now(), myNodeName + " " + base64Cipher);
Review Comment:
`Instant.now(),` could move into the CachedToken constructor, doesn't need
to be specified here.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
