Skip to content
This repository has been archived by the owner on Jan 5, 2022. It is now read-only.

Commit

Permalink
Remove extra update of token access time in OAuth2AccessTokenSecurity…
Browse files Browse the repository at this point in the history 
…Filter.
  • Loading branch information
Mike Dunker committed Apr 1, 2016
1 parent f5daca5 commit cac5569
Show file tree
Hide file tree
Showing 5 changed files with 40 additions and 21 deletions.
5 changes: 2 additions & 3 deletions stack/rest/src/main/java/org/apache/usergrid/rest/applications/ServiceResource.java
View file
Expand Up @@ -151,7 +151,7 @@ public static List<ServiceParameter> addMatrixParams( List<ServiceParameter> par

MultivaluedMap<String, String> params = ps.getMatrixParameters();

if ( params != null ) {
if ( params != null && params.size() > 0) {
Query query = Query.fromQueryParams( params );
if ( query != null ) {
parameters = ServiceParameter.addParameter( parameters, query );
Expand All @@ -166,7 +166,7 @@ public static List<ServiceParameter> addQueryParams( List<ServiceParameter> para
throws Exception {

MultivaluedMap<String, String> params = ui.getQueryParameters();
if ( params != null ) {
if ( params != null && params.size() > 0) {
//TODO TN query parameters are not being correctly decoded here. The URL encoded strings
//aren't getting decoded properly
Query query = Query.fromQueryParams( params );
Expand Down Expand Up @@ -417,7 +417,6 @@ public ApiResponse executePutWithMap( @Context UriInfo ui, Map<String, Object> j
ApiResponse response = createApiResponse();
response.setAction( "put" );

services.getApplicationRef();
response.setApplication( services.getApplication() );
response.setParams( ui.getQueryParameters() );

Expand Down
3 changes: 2 additions & 1 deletion ...java/org/apache/usergrid/rest/security/shiro/filters/OAuth2AccessTokenSecurityFilter.java
View file
Expand Up @@ -95,7 +95,8 @@ public void filter(ContainerRequestContext request) throws IOException {

AuthPrincipalInfo principal = null;
try {
TokenInfo tokenInfo = tokens.getTokenInfo( accessToken );
// will update access time in principal if statements below, don't do it here
TokenInfo tokenInfo = tokens.getTokenInfo( accessToken, false );
principal = tokenInfo.getPrincipal();
} catch (BadTokenException e1) {
throw mappableSecurityException( BAD_ACCESS_TOKEN_ERROR );
Expand Down
10 changes: 9 additions & 1 deletion ...ervices/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java
View file
Expand Up @@ -1437,10 +1437,18 @@ public boolean validateTokenAndPrincipalTypes(TokenInfo tokenInfo, String expect
}



public TokenInfo getTokenInfoFromAccessToken(String token, String expected_token_type,
AuthPrincipalType expected_principal_type) throws Exception {

TokenInfo tokenInfo = tokens.getTokenInfo( token );
return getTokenInfoFromAccessToken(token, expected_token_type, expected_principal_type, true);
}

public TokenInfo getTokenInfoFromAccessToken(String token, String expected_token_type,
AuthPrincipalType expected_principal_type,
boolean updateAccessTime) throws Exception {

TokenInfo tokenInfo = tokens.getTokenInfo( token, updateAccessTime );

return validateTokenAndPrincipalTypes(tokenInfo, expected_token_type, expected_principal_type) ?
tokenInfo : null;
Expand Down
3 changes: 3 additions & 0 deletions stack/services/src/main/java/org/apache/usergrid/security/tokens/TokenService.java
View file
Expand Up @@ -44,6 +44,9 @@ public void importToken( String token, TokenCategory tokenCategory, String type,
/** Get the token info for the string version of this token */
public TokenInfo getTokenInfo( String token ) throws Exception;

/** Get the token info for the string version of this token, update of access time optional */
public TokenInfo getTokenInfo( String token, boolean updateAccessTime ) throws Exception;

/** Get the max token age in milliseconds */
public long getMaxTokenAge( String token );

Expand Down
40 changes: 24 additions & 16 deletions ...ervices/src/main/java/org/apache/usergrid/security/tokens/cassandra/TokenServiceImpl.java
View file
Expand Up @@ -319,6 +319,12 @@ public void importToken(String token, TokenCategory tokenCategory, String type,

@Override
public TokenInfo getTokenInfo( String token ) throws Exception {
return getTokenInfo(token, true);
}


@Override
public TokenInfo getTokenInfo( String token, boolean updateAccessTime ) throws Exception {

UUID uuid = getUUIDForToken( token );

Expand All @@ -338,27 +344,29 @@ public TokenInfo getTokenInfo( String token ) throws Exception {
}
}

//update the token
long now = currentTimeMillis();
if (updateAccessTime) {
//update the token
long now = currentTimeMillis();

long maxTokenTtl = getMaxTtl( TokenCategory.getFromBase64String( token ), tokenInfo.getPrincipal() );
long maxTokenTtl = getMaxTtl(TokenCategory.getFromBase64String(token), tokenInfo.getPrincipal());

Mutator<UUID> batch = createMutator( cassandra.getUsergridApplicationKeyspace(), ue );
Mutator<UUID> batch = createMutator(cassandra.getUsergridApplicationKeyspace(), ue);

HColumn<String, Long> col =
createColumn( TOKEN_ACCESSED, now, calcTokenTime( tokenInfo.getExpiration( maxTokenTtl ) ),
se, le );
batch.addInsertion( uuid, TOKENS_CF, col );
HColumn<String, Long> col =
createColumn(TOKEN_ACCESSED, now, calcTokenTime(tokenInfo.getExpiration(maxTokenTtl)),
se, le);
batch.addInsertion(uuid, TOKENS_CF, col);

long inactive = now - tokenInfo.getAccessed();
if ( inactive > tokenInfo.getInactive() ) {
col = createColumn( TOKEN_INACTIVE, inactive, calcTokenTime( tokenInfo.getExpiration( maxTokenTtl ) ),
se, le );
batch.addInsertion( uuid, TOKENS_CF, col );
tokenInfo.setInactive( inactive );
}
long inactive = now - tokenInfo.getAccessed();
if (inactive > tokenInfo.getInactive()) {
col = createColumn(TOKEN_INACTIVE, inactive, calcTokenTime(tokenInfo.getExpiration(maxTokenTtl)),
se, le);
batch.addInsertion(uuid, TOKENS_CF, col);
tokenInfo.setInactive(inactive);
}

batch.execute();
batch.execute();
}

return tokenInfo;
}
Expand Down

0 comments on commit cac5569

Please sign in to comment.