long expireTime = issueTime + tokenValidity; AccessTokenIdentifier tokenIdentifier = new AccessTokenIdentifier(username, userGroups, issueTime, expireTime); AccessToken token = tokenManager.signIdentifier(tokenIdentifier); LOG.debug("Issued token for user {}", username);
@Test public void testTokenSerialization() throws Exception { ImmutablePair<TokenManager, Codec<AccessToken>> pair = getTokenManagerAndCodec(); TokenManager tokenManager = pair.getFirst(); tokenManager.startAndWait(); Codec<AccessToken> tokenCodec = pair.getSecond(); long now = System.currentTimeMillis(); String user = "testuser"; List<String> groups = Lists.newArrayList("users", "admins"); AccessTokenIdentifier ident1 = new AccessTokenIdentifier(user, groups, now, now + TOKEN_DURATION); AccessToken token1 = tokenManager.signIdentifier(ident1); byte[] tokenBytes = tokenCodec.encode(token1); AccessToken token2 = tokenCodec.decode(tokenBytes); assertEquals(token1, token2); LOG.info("Deserialized token is: " + Bytes.toStringBinary(tokenCodec.encode(token2))); // should be valid since we just signed it tokenManager.validateSecret(token2); tokenManager.stopAndWait(); } }
long now = System.currentTimeMillis(); List<String> groups = Lists.newArrayList("users", "admins"); AccessTokenIdentifier identifier = new AccessTokenIdentifier(user, groups, now, now + TOKEN_DURATION);
@Test public void testKeyDistribution() throws Exception { DistributedKeyManager manager1 = getKeyManager(injector1, true); DistributedKeyManager manager2 = getKeyManager(injector2, false); TimeUnit.MILLISECONDS.sleep(1000); TestingTokenManager tokenManager1 = new TestingTokenManager(manager1, injector1.getInstance(AccessTokenIdentifierCodec.class)); TestingTokenManager tokenManager2 = new TestingTokenManager(manager2, injector2.getInstance(AccessTokenIdentifierCodec.class)); tokenManager1.startAndWait(); tokenManager2.startAndWait(); long now = System.currentTimeMillis(); AccessTokenIdentifier ident1 = new AccessTokenIdentifier("testuser", Lists.newArrayList("users", "admins"), now, now + 60 * 60 * 1000); AccessToken token1 = tokenManager1.signIdentifier(ident1); // make sure the second token manager has the secret key required to validate the signature tokenManager2.waitForKey(tokenManager1.getCurrentKey().getKeyId(), 2000, TimeUnit.MILLISECONDS); tokenManager2.validateSecret(token1); tokenManager2.waitForCurrentKey(2000, TimeUnit.MILLISECONDS); AccessToken token2 = tokenManager2.signIdentifier(ident1); tokenManager1.validateSecret(token2); assertEquals(token1.getIdentifier().getUsername(), token2.getIdentifier().getUsername()); assertEquals(token1.getIdentifier().getGroups(), token2.getIdentifier().getGroups()); assertEquals(token1, token2); tokenManager1.stopAndWait(); tokenManager2.stopAndWait(); }
String user = "testuser"; List<String> groups = Lists.newArrayList("users", "admins"); AccessTokenIdentifier ident1 = new AccessTokenIdentifier(user, groups, now, now + TOKEN_DURATION); AccessToken token1 = tokenManager.signIdentifier(ident1); AccessTokenIdentifier expiredIdent = new AccessTokenIdentifier(user, groups, now - 1000, now - 1); AccessToken expiredToken = tokenManager.signIdentifier(expiredIdent); try {