@Nullable Tree getTokenTree(@NotNull TokenInfo info) { String token = info.getToken(); int pos = token.indexOf('_'); String nodeId = (pos == -1) ? token : token.substring(0, pos); return new IdentifierManager(root).getTree(nodeId); }
private int createTokensUntilCleanup() throws Exception { int tkn = 0; boolean clean = false; while (!clean && tkn < 50) { TokenInfo tokenInfo = tokenProvider.createToken(userId, ImmutableMap.of()); clean = TokenProviderImpl.shouldRunCleanup(tokenInfo.getToken()); tkn++; } return tkn; }
@Before public void before() { info = Mockito.mock(TokenInfo.class); Mockito.when(info.getToken()).thenReturn(TOKEN); TokenProvider tp1 = Mockito.mock(TokenProvider.class); TokenProvider tp2 = new TestTokenProvider(); composite = CompositeTokenProvider.newInstance(tp1, tp2); }
@Test public void testGetTokenInfo() throws Exception { String token = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap()).getToken(); TokenInfo info = tokenProvider.getTokenInfo(token); assertTokenInfo(info, userId); }
private String generateToken() throws Exception { TokenInfo info = tokenProvider.createToken(getTestUser().getID(), ImmutableMap.<String, Object>of()); String token = info.getToken(); readOnlyRoot.refresh(); return token; }
private static void assertTokenInfo(TokenInfo info, String userId) { assertNotNull(info); assertNotNull(info.getToken()); assertEquals(userId, info.getUserId()); assertFalse(info.isExpired(new Date().getTime())); }
@Test public void testAuthenticateNotMatchingToken() throws Exception { TokenInfo info = tokenProvider.createToken(userId, ImmutableMap.of(TokenConstants.TOKEN_ATTRIBUTE + "_mandatory", "val")); try { authentication.authenticate(new TokenCredentials(info.getToken())); fail("LoginException expected"); } catch (LoginException e) { // success } }
@Test public void testAuthenticate() throws Exception { TokenInfo info = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap()); assertTrue(authentication.authenticate(new TokenCredentials(info.getToken()))); }
@Test public void testGetTokenInfoFromDisabledUser() throws Exception { TokenInfo info = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap()); getTestUser().disable("disabled"); assertNull(tokenProvider.getTokenInfo(info.getToken())); }
@Test public void testGetUserId() { TokenInfo info = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap()); assertEquals(userId, info.getUserId()); info = tokenProvider.getTokenInfo(info.getToken()); assertEquals(userId, info.getUserId()); }
@Test public void testGetUserId() throws LoginException { TokenInfo info = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap()); assertTrue(authentication.authenticate(new TokenCredentials(info.getToken()))); assertEquals(userId, authentication.getUserId()); }
@Test public void testAuthenticateExpiredToken() throws Exception { TokenProvider tp = new TokenProviderImpl(root, ConfigurationParameters.of(TokenProvider.PARAM_TOKEN_EXPIRATION, 1), getUserConfiguration()); TokenInfo info = tp.createToken(userId, Collections.<String, Object>emptyMap()); waitUntilExpired(info); try { new TokenAuthentication(tp).authenticate(new TokenCredentials(info.getToken())); fail("LoginException expected"); } catch (LoginException e) { // success } // expired token must have been removed assertNull(tp.getTokenInfo(info.getToken())); }
/** * @see <a href="https://issues.apache.org/jira/browse/OAK-1985">OAK-1985</a> */ @Test public void testTokenValidationIsCaseInsensitive() throws Exception { Root root = adminSession.getLatestRoot(); TokenConfiguration tokenConfig = getSecurityProvider().getConfiguration(TokenConfiguration.class); TokenProvider tp = tokenConfig.getTokenProvider(root); String userId = ((SimpleCredentials) getAdminCredentials()).getUserID(); TokenInfo info = tp.createToken(userId.toUpperCase(), Collections.<String, Object>emptyMap()); assertTrue(info.matches(new TokenCredentials(info.getToken()))); assertEquals(userId, info.getUserId()); info = tp.getTokenInfo(info.getToken()); assertTrue(info.matches(new TokenCredentials(info.getToken()))); assertEquals(userId, info.getUserId()); }
@Test public void testGetTokenInfoAfterAuthenticate() throws Exception { TokenInfo info = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap()); authentication.authenticate(new TokenCredentials(info.getToken())); TokenInfo info2 = authentication.getTokenInfo(); assertNotNull(info2); assertEquals(info.getUserId(), info2.getUserId()); }
@Test public void testGetUserPrincipal() throws Exception { TokenInfo info = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap()); assertTrue(authentication.authenticate(new TokenCredentials(info.getToken()))); assertEquals(getTestUser().getPrincipal(), authentication.getUserPrincipal()); }
@Test public void testGetTokenInfoFromInvalidLocation3() throws Exception { TokenInfo info = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap()); Tree tokenTree = getTokenTree(info); assertNotNull(tokenProvider.getTokenInfo(info.getToken())); Tree userTree = root.getTree(getUserManager(root).getAuthorizable(userId).getPath()); NodeUtil node = new NodeUtil(userTree.getChild(TOKENS_NODE_NAME)); try { createTokenTree(info, node, JcrConstants.NT_UNSTRUCTURED); tokenTree.remove(); assertNull(tokenProvider.getTokenInfo(info.getToken())); } finally { root.refresh(); } }
@Test public void testGetTokenInfoFromInvalidLocation() throws Exception { TokenInfo info = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap()); Tree tokenTree = getTokenTree(info); assertNotNull(tokenProvider.getTokenInfo(info.getToken())); NodeUtil node = new NodeUtil(root.getTree("/")).addChild("testNode", JcrConstants.NT_UNSTRUCTURED); try { createTokenTree(info, node, TOKEN_NT_NAME); tokenTree.remove(); assertNull(tokenProvider.getTokenInfo(info.getToken())); } finally { node.getTree().remove(); root.commit(CommitMarker.asCommitAttributes()); } }
@Test public void testValidTokenCredentials() throws Exception { Root root = adminSession.getLatestRoot(); TokenConfiguration tc = getSecurityProvider().getConfiguration(TokenConfiguration.class); TokenProvider tp = tc.getTokenProvider(root); SimpleCredentials sc = (SimpleCredentials) getAdminCredentials(); TokenInfo info = tp.createToken(sc.getUserID(), Collections.<String, Object>emptyMap()); ContentSession cs = login(new TokenCredentials(info.getToken())); try { assertEquals(sc.getUserID(), cs.getAuthInfo().getUserID()); } finally { cs.close(); } }
@Test public void testValidTokenCredentials() throws Exception { Root root = adminSession.getLatestRoot(); TokenConfiguration tokenConfig = getSecurityProvider().getConfiguration(TokenConfiguration.class); TokenProvider tp = tokenConfig.getTokenProvider(root); SimpleCredentials sc = (SimpleCredentials) getAdminCredentials(); TokenInfo info = tp.createToken(sc.getUserID(), Collections.<String, Object>emptyMap()); ContentSession cs = login(new TokenCredentials(info.getToken())); try { assertEquals(sc.getUserID(), cs.getAuthInfo().getUserID()); } finally { cs.close(); } }