TokenUtil.java
3.62 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
/*
* Decompiled with CFR 0_118.
*
* Could not load the following classes:
* com.adobe.granite.crypto.CryptoException
* javax.jcr.Credentials
* javax.jcr.RepositoryException
* javax.jcr.Session
* javax.jcr.SimpleCredentials
* javax.jcr.Workspace
* javax.servlet.http.HttpServletRequest
* javax.servlet.http.HttpServletResponse
* org.apache.jackrabbit.api.security.authentication.token.TokenCredentials
* org.apache.sling.auth.core.spi.AuthenticationInfo
* org.apache.sling.jcr.api.SlingRepository
*/
package com.day.crx.security.token;
import com.adobe.granite.crypto.CryptoException;
import com.day.crx.security.token.TokenCookie;
import com.day.crx.security.token.impl.TokenAuthenticationHandler;
import javax.jcr.Credentials;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.jcr.SimpleCredentials;
import javax.jcr.Workspace;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.jackrabbit.api.security.authentication.token.TokenCredentials;
import org.apache.sling.auth.core.spi.AuthenticationInfo;
import org.apache.sling.jcr.api.SlingRepository;
public class TokenUtil {
private static final String AUTH_TYPE = "TOKEN";
private static final String TOKEN_ATTRIBUTE = ".token";
private static final String JCR_CREDENTIALS_ATTRIBUTE = "user.jcr.credentials";
private TokenUtil() {
}
public static AuthenticationInfo createCredentials(HttpServletRequest request, HttpServletResponse response, SlingRepository repository, String userId, boolean httpOnly) throws RepositoryException {
Session adminSession = null;
Session userSession = null;
try {
SimpleCredentials sc;
adminSession = repository.loginAdministrative(null);
AuthenticationInfo authInfo = new AuthenticationInfo("TOKEN", userId);
boolean encapsulatedToken = TokenAuthenticationHandler.isEncapsulatedToken();
if (encapsulatedToken) {
String token = TokenAuthenticationHandler.buildEncapsulatedToken(userId);
TokenCredentials tc = new TokenCredentials(token);
authInfo.put("user.jcr.credentials", (Object)tc);
TokenCookie.update(request, response, TokenUtil.getRepositoryId(encapsulatedToken), tc.getToken(), adminSession.getWorkspace().getName(), httpOnly);
} else {
sc = new SimpleCredentials(userId, new char[0]);
sc.setAttribute(".token", (Object)"");
userSession = adminSession.impersonate((Credentials)sc);
TokenCredentials tc = new TokenCredentials((String)sc.getAttribute(".token"));
authInfo.put("user.jcr.credentials", (Object)tc);
TokenCookie.update(request, response, TokenUtil.getRepositoryId(encapsulatedToken), tc.getToken(), adminSession.getWorkspace().getName(), httpOnly);
}
sc = authInfo;
return sc;
}
catch (RepositoryException e) {
throw new RepositoryException("Failed to generate login-token: Could not access Repository", (Throwable)e);
}
catch (CryptoException e) {
throw new RepositoryException("Failed to generate login-token", (Throwable)e);
}
finally {
if (userSession != null) {
userSession.logout();
}
if (adminSession != null) {
adminSession.logout();
}
}
}
private static String getRepositoryId(boolean encapsulatedToken) {
return TokenAuthenticationHandler.getRepositoryId(encapsulatedToken);
}
}