Package org.nuxeo.ecm.tokenauth.service
Class TokenAuthenticationServiceImpl
- java.lang.Object
-
- org.nuxeo.ecm.tokenauth.service.TokenAuthenticationServiceImpl
-
- All Implemented Interfaces:
Serializable,TokenAuthenticationService
public class TokenAuthenticationServiceImpl extends Object implements TokenAuthenticationService
Default implementation of theTokenAuthenticationService.The token is generated by the
UUID.randomUUID()method which guarantees its uniqueness. The storage back-end is a SQL Directory.- Since:
- 5.7
- Author:
- Antoine Taillefer ([email protected])
- See Also:
- Serialized Form
-
-
Field Summary
Fields Modifier and Type Field Description protected static StringAPPLICATION_NAME_FIELDprotected static StringCREATION_DATE_FIELDprotected static StringDEVICE_DESCRIPTION_FIELDprotected static StringDEVICE_ID_FIELDprotected static StringDIRECTORY_NAMEprotected static StringDIRECTORY_SCHEMAprotected static StringPERMISSION_FIELDprotected static StringTOKEN_FIELDprotected static StringUSERNAME_FIELD
-
Constructor Summary
Constructors Constructor Description TokenAuthenticationServiceImpl()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description StringacquireToken(String userName, String applicationName, String deviceId, String deviceDescription, String permission)Acquires a unique token for the specified user, application, and device.StringacquireToken(javax.servlet.http.HttpServletRequest request)Acquires a unique token for the specified request.protected DocumentModelgetBareAuthTokenModel(DirectoryService directoryService)StringgetToken(String userName, String applicationName, String deviceId)Gets the token for the specified user, application, and device.DocumentModelListgetTokenBindings(String userName)Gets the token bindings for the specified user.DocumentModelListgetTokenBindings(String userName, String applicationName)Gets the token bindings for the specified user and application.StringgetUserName(String token)Gets the user name bound to the specified token.voidrevokeToken(String token)Removes the token from the back-end.
-
-
-
Field Detail
-
DIRECTORY_NAME
protected static final String DIRECTORY_NAME
- See Also:
- Constant Field Values
-
DIRECTORY_SCHEMA
protected static final String DIRECTORY_SCHEMA
- See Also:
- Constant Field Values
-
USERNAME_FIELD
protected static final String USERNAME_FIELD
- See Also:
- Constant Field Values
-
TOKEN_FIELD
protected static final String TOKEN_FIELD
- See Also:
- Constant Field Values
-
APPLICATION_NAME_FIELD
protected static final String APPLICATION_NAME_FIELD
- See Also:
- Constant Field Values
-
DEVICE_ID_FIELD
protected static final String DEVICE_ID_FIELD
- See Also:
- Constant Field Values
-
DEVICE_DESCRIPTION_FIELD
protected static final String DEVICE_DESCRIPTION_FIELD
- See Also:
- Constant Field Values
-
PERMISSION_FIELD
protected static final String PERMISSION_FIELD
- See Also:
- Constant Field Values
-
CREATION_DATE_FIELD
protected static final String CREATION_DATE_FIELD
- See Also:
- Constant Field Values
-
-
Method Detail
-
acquireToken
public String acquireToken(String userName, String applicationName, String deviceId, String deviceDescription, String permission) throws TokenAuthenticationException
Description copied from interface:TokenAuthenticationServiceAcquires a unique token for the specified user, application, and device.If such a token exist in the back-end for the specified (userName, applicationName, deviceId) triplet, just returns it, else generates it and stores it in the back-end with the triplet attributes, the specified device description and permission.
- Specified by:
acquireTokenin interfaceTokenAuthenticationService- Throws:
TokenAuthenticationException- if one of the required parameters is null or empty (all parameters are required except for the device description)
-
acquireToken
public String acquireToken(javax.servlet.http.HttpServletRequest request) throws TokenAuthenticationException
Description copied from interface:TokenAuthenticationServiceAcquires a unique token for the specified request.Parameters needed (applicationName, deviceId, deviceDescription, permission) to acquire the token are extracted from the request itself.
If such a token exist in the back-end for the specified (userName, applicationName, deviceId) triplet, just returns it, else generates it and stores it in the back-end with the triplet attributes, the specified device description and permission.
- Specified by:
acquireTokenin interfaceTokenAuthenticationService- Returns:
- a token or null for no principal or for anonymous principal unless 'allowAnonymous' parameter is explicitly set to true in the authentication plugin configuration.
- Throws:
TokenAuthenticationException- if one of the required parameters is null or empty (all parameters are required except for the device description)
-
getToken
public String getToken(String userName, String applicationName, String deviceId) throws TokenAuthenticationException
Description copied from interface:TokenAuthenticationServiceGets the token for the specified user, application, and device.- Specified by:
getTokenin interfaceTokenAuthenticationService- Returns:
- null if such a token doesn't exist
- Throws:
TokenAuthenticationException- if one of the required parameters is null or empty (all parameters are required except for the device description)
-
getUserName
public String getUserName(String token)
Description copied from interface:TokenAuthenticationServiceGets the user name bound to the specified token.- Specified by:
getUserNamein interfaceTokenAuthenticationService- Returns:
- The user name bound to the specified token, or null if the token does not exist in the back-end.
-
revokeToken
public void revokeToken(String token)
Description copied from interface:TokenAuthenticationServiceRemoves the token from the back-end.- Specified by:
revokeTokenin interfaceTokenAuthenticationService
-
getTokenBindings
public DocumentModelList getTokenBindings(String userName)
Description copied from interface:TokenAuthenticationServiceGets the token bindings for the specified user.- Specified by:
getTokenBindingsin interfaceTokenAuthenticationService
-
getTokenBindings
public DocumentModelList getTokenBindings(String userName, String applicationName)
Description copied from interface:TokenAuthenticationServiceGets the token bindings for the specified user and application.- Specified by:
getTokenBindingsin interfaceTokenAuthenticationService
-
getBareAuthTokenModel
protected DocumentModel getBareAuthTokenModel(DirectoryService directoryService)
-
-