angela created OAK-8316:
---------------------------
Summary: Drop userId field in TokenLoginModule
Key: OAK-8316
URL: https://issues.apache.org/jira/browse/OAK-8316
Project: Jackrabbit Oak
Issue Type: Improvement
Components: core, security
Reporter: angela
{{TokenLoginModule.login}} contains the following code that may set the
{{userId}} field:
{code}
[...]
TokenCredentials tc = (TokenCredentials) credentials;
TokenAuthentication authentication = new
TokenAuthentication(tokenProvider);
if (authentication.authenticate(tc)) {
tokenCredentials = tc;
tokenInfo = authentication.getTokenInfo();
userId = authentication.getUserId();
[...]
}
{code}
however, {{TokenAuthentication.getUserId()}} will just delegate to
{{TokenInfo.getUserId}} and setting the {{userId}} in the login module is IMO
redundant. Also, upon commit the {{AuthInfo}} is ultimately populated with the
ID retrieved from the {{TokenInfo}} and the userId field is ignored.
I would therefore suggest to drop the extra {{userId}} field and simplify the
code accordingly. [~stillalex], will attach a proposed patch later today.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
