Author: stillalex Date: Mon Nov 20 15:11:27 2017 New Revision: 1815818 URL: http://svn.apache.org/viewvc?rev=1815818&view=rev Log: OAK-6940 Login token name generation is prone to race conditions
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java?rev=1815818&r1=1815817&r2=1815818&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java Mon Nov 20 15:11:27 2017 @@ -24,8 +24,6 @@ import java.util.Arrays; import java.util.Calendar; import java.util.Collection; import java.util.Collections; -import java.util.Date; -import java.util.GregorianCalendar; import java.util.HashMap; import java.util.Map; import java.util.UUID; @@ -204,7 +202,7 @@ class TokenProviderImpl implements Token if (tokenParent != null) { try { String id = user.getID(); - long creationTime = new Date().getTime(); + long creationTime = System.currentTimeMillis(); long exp; if (attributes.containsKey(PARAM_TOKEN_EXPIRATION)) { exp = Long.parseLong(attributes.get(PARAM_TOKEN_EXPIRATION).toString()); @@ -216,7 +214,7 @@ class TokenProviderImpl implements Token TokenInfo tokenInfo; try { - String tokenName = generateTokenName(creationTime); + String tokenName = uuid; tokenInfo = createTokenNode(tokenParent, tokenName, expTime, uuid, id, attributes); root.commit(CommitMarker.asCommitAttributes()); } catch (CommitFailedException e) { @@ -327,13 +325,6 @@ class TokenProviderImpl implements Token } @Nonnull - private static String generateTokenName(long creationTime) { - Calendar creation = GregorianCalendar.getInstance(); - creation.setTimeInMillis(creationTime); - return Text.replace(ISO8601.format(creation), ":", "."); - } - - @Nonnull private Tree getTokenTree(@Nonnull TokenInfoImpl tokenInfo) { return root.getTree(tokenInfo.tokenPath); } Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java?rev=1815818&r1=1815817&r2=1815818&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java (original) +++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java Mon Nov 20 15:11:27 2017 @@ -411,21 +411,6 @@ public class TokenProviderImplTest exten assertEquals(userId, info.getUserId()); } - @Test - public void testTokenNodeName() throws Exception { - TokenInfo info = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap()); - Tree tokenTree = getTokenTree(info); - - // name must not be a uuid which is only used in case of conflict during - // creation which is not expected here. - try { - UUID.fromString(tokenTree.getName()); - fail("UUID-name should only be used in case of conflict"); - } catch (IllegalArgumentException e) { - // success - } - } - //-------------------------------------------------------------------------- private static void assertTokenInfo(TokenInfo info, String userId) { assertNotNull(info);