KNOX-2392 - Simple file-based TokenStateService implementation

[pzampino]

What changes were proposed in this pull request?

I've created a TokenStateService implementation that avoids the unnecessary overhead associated with the AliasBasedTokenStateService (size of keystore and associated performance of access).

Since KNOX-2377 added the TokenStateJournal for addressing the potential loss of token state due to changes necessary to improve the performance of the AliasBasedTokenStateService, this new implementation leverages that journaling facility alone to manage token state. It is effectively, the AliasBasedTokenStateService without the keystore interactions.

I've not yet made this implementation the default, but I have tested it locally, and I foresee this becoming the default for the near future since the use of the keystore presents an unnecessary burden now that secrets are no longer persisted with token state.

How was this patch tested?

• mvn -T1.5C -Ppackage,release clean install
• Added unit tests (JournalBasedTokenStateServiceTest), and augmented existing tests.
• Changed (only locally) DefaultGatewayServices to use the new implementation, and tested manually, including concurrent load testing. Even with multiple concurrent clients making frequent token requests, the size of the persisted content grows at a small fraction of the rate that the keystore does under similar load.

[smolnar82]

Looks good to me in general, I've just had a minor observation about a comment and wanted to ask some qualification on why to use addToken in getExpiration.

Regarding reflection usage in unit tests: you may want to check out FieldUtils in apache-commons-lang (to make the code even more simple in the future).

[moresandeep]

Loog good