Package org.restlet.ext.oauth.internal

Source Code of org.restlet.ext.oauth.internal.MemTokenGenerator

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
/**
* Copyright 2005-2011 Noelios Technologies.
*
* The contents of this file are subject to the terms of one of the following
* open source licenses: LGPL 3.0 or LGPL 2.1 or CDDL 1.0 or EPL 1.0 (the
* "Licenses"). You can select the license that you prefer but you may not use
* this file except in compliance with one of these Licenses.
*
* You can obtain a copy of the LGPL 3.0 license at
* http://www.opensource.org/licenses/lgpl-3.0.html
*
* You can obtain a copy of the LGPL 2.1 license at
* http://www.opensource.org/licenses/lgpl-2.1.php
*
* You can obtain a copy of the CDDL 1.0 license at
* http://www.opensource.org/licenses/cddl1.php
*
* You can obtain a copy of the EPL 1.0 license at
* http://www.opensource.org/licenses/eclipse-1.0.php
*
* See the Licenses for the specific language governing permissions and
* limitations under the Licenses.
*
* Alternatively, you can obtain a royalty free commercial license with less
* limitations, transferable or non-transferable, directly at
* http://www.noelios.com/products/restlet-engine
*
* Restlet is a registered trademark of Noelios Technologies.
*/

package org.restlet.ext.oauth.internal;

import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ScheduledFuture;
import java.util.concurrent.ScheduledThreadPoolExecutor;
import java.util.concurrent.TimeUnit;

import org.restlet.ext.oauth.AuthenticatedUser;

/**
* TokenGenerator implementation that keeps tokens in memory. Note that tokens
* generated will not be persisted after a JVM restart.
*
* @author Kristoffer Gronowski
*/
public class MemTokenGenerator extends TokenGenerator {

    private final Map<String, AuthenticatedUser> codeStore = new ConcurrentHashMap<String, AuthenticatedUser>();

    // Used only to store tokens
    private final Map<String, Token> tokenStore = new ConcurrentHashMap<String, Token>();

    private final ScheduledThreadPoolExecutor timers;

    public MemTokenGenerator(ScheduledThreadPoolExecutor executor) {
        timers = executor;
    }

    @Override
    public String generateCode(AuthenticatedUser user) {
        String code = super.generateCode(user);

        // Store the code for later use
        AuthenticatedUser oldValue = codeStore.put(code, user);
        // Something is wrong in the code generation!
        // log("WARNIG - bad generation ALG!");
        if (oldValue != null)
            oldValue.setCode(code);

        return code;
    }

    @Override
    public Token generateToken(AuthenticatedUser user, long expire) {
        Token t = super.generateToken(user, expire);
        if (expire != Token.UNLIMITED) {
            ExpireToken et = (ExpireToken) t;
            // RefreshToken is stored twice for faster lookup
            // One key is the token while the other the refreshToken
            tokenStore.put(et.getRefreshToken(), et);
            // Add Token to timeout mechanism
            scheduleCleanup(et, expire);
        }

        tokenStore.put(t.getToken(), t);

        return t;
    }

    @Override
    public Token exchangeForToken(String code, long expire)
            throws IllegalArgumentException {
        // TODO handle exp tokens
        AuthenticatedUser user = codeStore.remove(code);
        // if( expire > 0 ) user.setExpire(expire);
        if (user == null)
            throw new IllegalArgumentException("Code not valid");
        Token t = generateToken(user, expire);
        user.clearCode(); // TODO could also match if the user code matches
                          // codestore
        return t;
    }

    @Override
    public void revokeToken(Token token) {
        String id = token.getToken();
        if (id != null && tokenStore.containsKey(id)) {
            tokenStore.remove(token.getToken());
            // t.getUser().removeToken(t);
        }
    }

    @Override
    public void revokeExpireToken(ExpireToken token) {
        if (tokenStore.containsKey(token.getRefreshToken())) {
            Token t = tokenStore.remove(token.getRefreshToken());
            revokeToken(t); // Also clean pending tokens
            // t.getUser().removeToken(t);
        }
    }

    @Override
    public Token findToken(String token) {
        return tokenStore.get(token);
    }

    @Override
    public void refreshToken(ExpireToken token) {
        super.refreshToken(token);

        scheduleCleanup(token, token.getExpirePeriod());
        // Store the new generated token in DB
        tokenStore.put(token.getToken(), token);
    }

    private void scheduleCleanup(final ExpireToken et, long expire) {
        Runnable r = new Runnable() {
            public void run() {
                String token = et.getToken();
                // Remove the binding
                tokenStore.remove(token);
                // Set the token to null until refreshed
                et.expireToken();

            }
        };
        ScheduledFuture<?> future = timers
                .schedule(r, expire, TimeUnit.SECONDS);
        et.setFuture(future);
    }
}
TOP

Related Classes of org.restlet.ext.oauth.internal.MemTokenGenerator

  • org.restlet.ext.oauth.AuthenticatedUser
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.