Package org.nuxeo.ecm.tokenauth.service
Class TokenAuthenticationServiceImpl
java.lang.Object
org.nuxeo.ecm.tokenauth.service.TokenAuthenticationServiceImpl
- All Implemented Interfaces:
Serializable,TokenAuthenticationService
Default implementation of the
TokenAuthenticationService.
The token is generated by the UUID.randomUUID() method which guarantees its uniqueness. The storage back-end
is a SQL Directory.
- Since:
- 5.7
- Author:
- Antoine Taillefer ([email protected])
- See Also:
-
Field Summary
FieldsModifier and TypeFieldDescriptionprotected static final Stringprotected static final Stringprotected static final Stringprotected static final Stringprotected static final Stringprotected static final Stringprotected static final Stringprotected static final Stringprotected static final String -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionacquireToken(String userName, String applicationName, String deviceId, String deviceDescription, String permission) Acquires a unique token for the specified user, application, and device.acquireToken(javax.servlet.http.HttpServletRequest request) Acquires a unique token for the specified request.protected DocumentModelgetBareAuthTokenModel(DirectoryService directoryService) Gets the token for the specified user, application, and device.getTokenBindings(String userName) Gets the token bindings for the specified user.getTokenBindings(String userName, String applicationName) Gets the token bindings for the specified user and application.getUserName(String token) Gets the user name bound to the specified token.voidrevokeToken(String token) Removes the token from the back-end.
-
Field Details
-
DIRECTORY_NAME
- See Also:
-
DIRECTORY_SCHEMA
- See Also:
-
USERNAME_FIELD
- See Also:
-
TOKEN_FIELD
- See Also:
-
APPLICATION_NAME_FIELD
- See Also:
-
DEVICE_ID_FIELD
- See Also:
-
DEVICE_DESCRIPTION_FIELD
- See Also:
-
PERMISSION_FIELD
- See Also:
-
CREATION_DATE_FIELD
- See Also:
-
-
Constructor Details
-
TokenAuthenticationServiceImpl
public TokenAuthenticationServiceImpl()
-
-
Method Details
-
acquireToken
public String acquireToken(String userName, String applicationName, String deviceId, String deviceDescription, String permission) throws TokenAuthenticationException Description copied from interface:TokenAuthenticationServiceAcquires a unique token for the specified user, application, and device.If such a token exist in the back-end for the specified (userName, applicationName, deviceId) triplet, just returns it, else generates it and stores it in the back-end with the triplet attributes, the specified device description and permission.
- Specified by:
acquireTokenin interfaceTokenAuthenticationService- Throws:
TokenAuthenticationException- if one of the required parameters is null or empty (all parameters are required except for the device description)
-
acquireToken
public String acquireToken(javax.servlet.http.HttpServletRequest request) throws TokenAuthenticationException Description copied from interface:TokenAuthenticationServiceAcquires a unique token for the specified request.Parameters needed (applicationName, deviceId, deviceDescription, permission) to acquire the token are extracted from the request itself.
If such a token exist in the back-end for the specified (userName, applicationName, deviceId) triplet, just returns it, else generates it and stores it in the back-end with the triplet attributes, the specified device description and permission.
- Specified by:
acquireTokenin interfaceTokenAuthenticationService- Returns:
- a token or null for no principal or for anonymous principal unless 'allowAnonymous' parameter is explicitly set to true in the authentication plugin configuration.
- Throws:
TokenAuthenticationException- if one of the required parameters is null or empty (all parameters are required except for the device description)
-
getToken
public String getToken(String userName, String applicationName, String deviceId) throws TokenAuthenticationException Description copied from interface:TokenAuthenticationServiceGets the token for the specified user, application, and device.- Specified by:
getTokenin interfaceTokenAuthenticationService- Returns:
- null if such a token doesn't exist
- Throws:
TokenAuthenticationException- if one of the required parameters is null or empty (all parameters are required except for the device description)
-
getUserName
Description copied from interface:TokenAuthenticationServiceGets the user name bound to the specified token.- Specified by:
getUserNamein interfaceTokenAuthenticationService- Returns:
- The user name bound to the specified token, or null if the token does not exist in the back-end.
-
revokeToken
Description copied from interface:TokenAuthenticationServiceRemoves the token from the back-end.- Specified by:
revokeTokenin interfaceTokenAuthenticationService
-
getTokenBindings
Description copied from interface:TokenAuthenticationServiceGets the token bindings for the specified user.- Specified by:
getTokenBindingsin interfaceTokenAuthenticationService
-
getTokenBindings
Description copied from interface:TokenAuthenticationServiceGets the token bindings for the specified user and application.- Specified by:
getTokenBindingsin interfaceTokenAuthenticationService
-
getBareAuthTokenModel
-