diff --git a/src/main/java/org/genesys2/server/service/impl/OAuth2JPATokenStoreImpl.java b/src/main/java/org/genesys2/server/service/impl/OAuth2JPATokenStoreImpl.java index 0953f47c885f0a30cfe2a1b04535c126e5dd2ebd..f06ce6992fbb0edfee71164dfc2dc957e7a46012 100644 --- a/src/main/java/org/genesys2/server/service/impl/OAuth2JPATokenStoreImpl.java +++ b/src/main/java/org/genesys2/server/service/impl/OAuth2JPATokenStoreImpl.java @@ -68,13 +68,13 @@ import com.fasterxml.jackson.databind.ObjectMapper; /** * OAuth2JPATokenStoreImpl based on JdbcTokenStore - * + * * Original authors of JdbcTokenStore: - * + * * @author Ken Dombeck * @author Luke Taylor * @author Dave Syer - * + * * JPA: * @author Matija Obreza */ @@ -103,7 +103,7 @@ public class OAuth2JPATokenStoreImpl implements JPATokenStoreCleanup, JPATokenSt private static final String REDIRECT_URI = "redirect_uri"; @Override - public String extractKey(OAuth2Authentication authentication) { + public String extractKey(final OAuth2Authentication authentication) { final Map values = new LinkedHashMap(); final AuthorizationRequest authorizationRequest = authentication.getAuthorizationRequest(); if (!authentication.isClientOnly()) { @@ -130,7 +130,7 @@ public class OAuth2JPATokenStoreImpl implements JPATokenStoreCleanup, JPATokenSt } }; - private ObjectMapper mapper = new ObjectMapper(); + private final ObjectMapper mapper = new ObjectMapper(); /** * Cleanup executed every 10 minutes @@ -139,22 +139,30 @@ public class OAuth2JPATokenStoreImpl implements JPATokenStoreCleanup, JPATokenSt @Scheduled(fixedDelay = 600000) public void removeExpired() { final Date olderThan = new Date(new Date().getTime() - 600000); - LOG.debug("Removing OAuth access tokens from before: " + olderThan); - final int countAccessTokens = accessTokenPersistence.deleteOlderThan(olderThan); - if (countAccessTokens > 0) + if (LOG.isTraceEnabled()) { + LOG.trace("Removing OAuth access tokens from before: " + olderThan); + } + final int countAccessTokens = this.accessTokenPersistence.deleteOlderThan(olderThan); + if (countAccessTokens > 0) { LOG.info("Removed expired OAuth access tokens: " + countAccessTokens); + } - LOG.debug("Removing OAuth refresh tokens from before: " + olderThan); - final int countRefreshTokens = refreshTokenPersistence.deleteOlderThan(olderThan); - if (countRefreshTokens > 0) + if (LOG.isTraceEnabled()) { + LOG.trace("Removing OAuth refresh tokens from before: " + olderThan); + } + final int countRefreshTokens = this.refreshTokenPersistence.deleteOlderThan(olderThan); + if (countRefreshTokens > 0) { LOG.info("Removed expired OAuth refresh tokens: " + countRefreshTokens); + } } @Override - public Collection findTokensByClientId(String clientId) { - LOG.debug("findTokensByClientId clientId=" + clientId); + public Collection findTokensByClientId(final String clientId) { + if (LOG.isTraceEnabled()) { + LOG.trace("findTokensByClientId clientId=" + clientId); + } final List tokens = new ArrayList(); - for (final OAuthAccessToken token : accessTokenPersistence.findByClientId(clientId)) { + for (final OAuthAccessToken token : this.accessTokenPersistence.findByClientId(clientId)) { if (token != null) { tokens.add(toAccessToken(token)); } @@ -163,15 +171,17 @@ public class OAuth2JPATokenStoreImpl implements JPATokenStoreCleanup, JPATokenSt } @Override - public Collection findRefreshTokensByClientId(String clientId) { - return refreshTokenPersistence.findByClientId(clientId); + public Collection findRefreshTokensByClientId(final String clientId) { + return this.refreshTokenPersistence.findByClientId(clientId); } @Override - public Collection findTokensByUserName(String userUuid) { - LOG.debug("findTokensByUserName username=" + userUuid); + public Collection findTokensByUserName(final String userUuid) { + if (LOG.isTraceEnabled()) { + LOG.trace("findTokensByUserName username=" + userUuid); + } final List tokens = new ArrayList(); - for (final OAuthAccessToken token : accessTokenPersistence.findByUserUuid(userUuid)) { + for (final OAuthAccessToken token : this.accessTokenPersistence.findByUserUuid(userUuid)) { if (token != null) { tokens.add(toAccessToken(token)); } @@ -180,14 +190,16 @@ public class OAuth2JPATokenStoreImpl implements JPATokenStoreCleanup, JPATokenSt } @Override - public OAuth2AccessToken getAccessToken(OAuth2Authentication authentication) { - LOG.debug("getAccessToken authentication=" + authentication); + public OAuth2AccessToken getAccessToken(final OAuth2Authentication authentication) { + if (LOG.isTraceEnabled()) { + LOG.trace("getAccessToken authentication=" + authentication); + } OAuth2AccessToken accessToken = null; - final String key = authenticationKeyGenerator.extractKey(authentication); + final String key = this.authenticationKeyGenerator.extractKey(authentication); try { - final OAuthAccessToken persisted = accessTokenPersistence.findByAuthenticationId(key); + final OAuthAccessToken persisted = this.accessTokenPersistence.findByAuthenticationId(key); accessToken = toAccessToken(persisted); } catch (final NullPointerException e) { @@ -202,17 +214,21 @@ public class OAuth2JPATokenStoreImpl implements JPATokenStoreCleanup, JPATokenSt } @Override - public OAuth2AccessToken readAccessToken(String tokenValue) { + public OAuth2AccessToken readAccessToken(final String tokenValue) { if (StringUtils.isBlank(tokenValue)) { - LOG.debug("readAccessToken for blank token is ignored"); + if (LOG.isTraceEnabled()) { + LOG.trace("readAccessToken for blank token is ignored"); + } return null; } - LOG.debug("readAccessToken tokenValue=" + tokenValue); + if (LOG.isTraceEnabled()) { + LOG.trace("readAccessToken tokenValue=" + tokenValue); + } OAuth2AccessToken accessToken = null; try { - final OAuthAccessToken persisted = accessTokenPersistence.findByValue(tokenValue); + final OAuthAccessToken persisted = this.accessTokenPersistence.findByValue(tokenValue); accessToken = toAccessToken(persisted); } catch (final NullPointerException e) { if (LOG.isInfoEnabled()) { @@ -229,27 +245,29 @@ public class OAuth2JPATokenStoreImpl implements JPATokenStoreCleanup, JPATokenSt } @SuppressWarnings("unchecked") - private OAuth2AccessToken toAccessToken(OAuthAccessToken persisted) { + private OAuth2AccessToken toAccessToken(final OAuthAccessToken persisted) { - DefaultOAuth2AccessToken accessToken = new DefaultOAuth2AccessToken(persisted.getValue()); + final DefaultOAuth2AccessToken accessToken = new DefaultOAuth2AccessToken(persisted.getValue()); accessToken.setExpiration(persisted.getExpiration()); accessToken.setTokenType(persisted.getTokenType()); - if (persisted.getRefreshToken() != null) - accessToken.setRefreshToken(toRefreshToken(refreshTokenPersistence.findByValue(persisted.getRefreshToken()))); + if (persisted.getRefreshToken() != null) { + accessToken.setRefreshToken(toRefreshToken(this.refreshTokenPersistence.findByValue(persisted.getRefreshToken()))); + } try { - accessToken.setScope(mapper.readValue(persisted.getScopes(), HashSet.class)); - accessToken.setAdditionalInformation(mapper.readValue(persisted.getAdditionalInfo(), HashMap.class)); - } catch (IOException e) { + accessToken.setScope(this.mapper.readValue(persisted.getScopes(), HashSet.class)); + accessToken.setAdditionalInformation(this.mapper.readValue(persisted.getAdditionalInfo(), HashMap.class)); + } catch (final IOException e) { LOG.error("Could not deserialize accessToken.scope or additionalInformation", e); } return accessToken; } - private OAuth2RefreshToken toRefreshToken(OAuthRefreshToken rt) { - if (rt == null) + private OAuth2RefreshToken toRefreshToken(final OAuthRefreshToken rt) { + if (rt == null) { return null; + } if (rt.getExpiration() != null) { return new DefaultExpiringOAuth2RefreshToken(rt.getValue(), rt.getExpiration()); @@ -259,19 +277,23 @@ public class OAuth2JPATokenStoreImpl implements JPATokenStoreCleanup, JPATokenSt } @Override - public OAuth2Authentication readAuthentication(OAuth2AccessToken token) { - LOG.debug("readAuthentication token=" + token); + public OAuth2Authentication readAuthentication(final OAuth2AccessToken token) { + if (LOG.isTraceEnabled()) { + LOG.trace("readAuthentication token=" + token); + } return readAuthentication(token.getValue()); } @Override - public OAuth2Authentication readAuthentication(String token) { - LOG.debug("readAuthentication " + token); + public OAuth2Authentication readAuthentication(final String token) { + if (LOG.isTraceEnabled()) { + LOG.trace("readAuthentication " + token); + } OAuth2Authentication authentication = null; try { - final OAuthAccessToken persisted = accessTokenPersistence.findByValue(token); + final OAuthAccessToken persisted = this.accessTokenPersistence.findByValue(token); authentication = createAuthentication(persisted); } catch (final NullPointerException e) { @@ -281,7 +303,7 @@ public class OAuth2JPATokenStoreImpl implements JPATokenStoreCleanup, JPATokenSt } catch (final IllegalArgumentException e) { LOG.warn("Failed to deserialize authentication for " + token); removeAccessToken(token); - } catch (IOException e) { + } catch (final IOException e) { LOG.warn("Failed to deserialize scopes for " + token, e); } @@ -290,7 +312,7 @@ public class OAuth2JPATokenStoreImpl implements JPATokenStoreCleanup, JPATokenSt /** * Generate {@link Authentication} from access or refresh token data - * + * * @param persisted * @return * @throws IOException @@ -300,14 +322,14 @@ public class OAuth2JPATokenStoreImpl implements JPATokenStoreCleanup, JPATokenSt private OAuth2Authentication createAuthentication(final OAuthToken persisted) throws IOException, JsonParseException, JsonMappingException { OAuth2Authentication authentication; @SuppressWarnings("unchecked") - DefaultAuthorizationRequest authorizationRequest = new DefaultAuthorizationRequest(persisted.getClientId(), mapper.readValue(persisted.getScopes(), - HashSet.class)); + final DefaultAuthorizationRequest authorizationRequest = new DefaultAuthorizationRequest(persisted.getClientId(), this.mapper.readValue( + persisted.getScopes(), HashSet.class)); authorizationRequest.setApproved(true); authorizationRequest.setRedirectUri(persisted.getRedirectUri()); PreAuthenticatedAuthenticationToken userAuthentication = null; if (persisted.getUserUuid() != null) { - UserDetails userDetails = userService.getUserDetails(persisted.getUserUuid()); + final UserDetails userDetails = this.userService.getUserDetails(persisted.getUserUuid()); userAuthentication = new PreAuthenticatedAuthenticationToken(userDetails, null, userDetails.getAuthorities()); userAuthentication.setAuthenticated(true); @@ -319,17 +341,17 @@ public class OAuth2JPATokenStoreImpl implements JPATokenStoreCleanup, JPATokenSt } @Override - public OAuth2Authentication readAuthenticationForRefreshToken(OAuth2RefreshToken token) { + public OAuth2Authentication readAuthenticationForRefreshToken(final OAuth2RefreshToken token) { LOG.debug("readAuthenticationForRefreshToken " + token.getValue()); return readAuthenticationForRefreshToken(token.getValue()); } - public OAuth2Authentication readAuthenticationForRefreshToken(String value) { + public OAuth2Authentication readAuthenticationForRefreshToken(final String value) { LOG.debug("readAuthenticationForRefreshToken value=" + value); OAuth2Authentication authentication = null; try { - final OAuthRefreshToken persisted = refreshTokenPersistence.findByValue(value); + final OAuthRefreshToken persisted = this.refreshTokenPersistence.findByValue(value); authentication = createAuthentication(persisted); } catch (final NullPointerException e) { @@ -348,7 +370,7 @@ public class OAuth2JPATokenStoreImpl implements JPATokenStoreCleanup, JPATokenSt } @Override - public OAuth2RefreshToken readRefreshToken(String token) { + public OAuth2RefreshToken readRefreshToken(final String token) { if (StringUtils.isBlank(token)) { LOG.debug("readRefreshToken for blank token is ignored"); return null; @@ -357,7 +379,7 @@ public class OAuth2JPATokenStoreImpl implements JPATokenStoreCleanup, JPATokenSt OAuth2RefreshToken refreshToken = null; LOG.debug("readRefreshToken token=" + token); try { - final OAuthRefreshToken persisted = refreshTokenPersistence.findByValue(token); + final OAuthRefreshToken persisted = this.refreshTokenPersistence.findByValue(token); refreshToken = persisted.toToken(); } catch (final NullPointerException e) { if (LOG.isInfoEnabled()) { @@ -372,30 +394,30 @@ public class OAuth2JPATokenStoreImpl implements JPATokenStoreCleanup, JPATokenSt } @Override - public void removeAccessToken(OAuth2AccessToken token) { + public void removeAccessToken(final OAuth2AccessToken token) { removeAccessToken(token.getValue()); } - public void removeAccessToken(String tokenValue) { + public void removeAccessToken(final String tokenValue) { LOG.debug("removeAccessToken token=" + tokenValue); - accessTokenPersistence.deleteByValue(tokenValue); + this.accessTokenPersistence.deleteByValue(tokenValue); } @Override - public void removeAccessTokenUsingRefreshToken(OAuth2RefreshToken refreshToken) { + public void removeAccessTokenUsingRefreshToken(final OAuth2RefreshToken refreshToken) { LOG.debug("removeAccessTokenUsingRefreshToken token=" + refreshToken.getValue()); - accessTokenPersistence.deleteByRefreshToken(refreshToken.getValue()); + this.accessTokenPersistence.deleteByRefreshToken(refreshToken.getValue()); } @Override - public void removeRefreshToken(OAuth2RefreshToken token) { + public void removeRefreshToken(final OAuth2RefreshToken token) { LOG.debug("removeRefreshToken token=" + token.getValue()); removeRefreshToken(token.getValue()); } - public void removeRefreshToken(String value) { + public void removeRefreshToken(final String value) { try { - refreshTokenPersistence.deleteByValue(value); + this.refreshTokenPersistence.deleteByValue(value); ; } catch (final EmptyResultDataAccessException e) { LOG.warn("Could not delete token " + value); @@ -403,7 +425,7 @@ public class OAuth2JPATokenStoreImpl implements JPATokenStoreCleanup, JPATokenSt } @Override - public void storeAccessToken(OAuth2AccessToken token, OAuth2Authentication authentication) { + public void storeAccessToken(final OAuth2AccessToken token, final OAuth2Authentication authentication) { if (authentication == null) { LOG.warn("Authentication object is null, ignoring storeAccessToken request."); return; @@ -413,41 +435,41 @@ public class OAuth2JPATokenStoreImpl implements JPATokenStoreCleanup, JPATokenSt if (authentication != null) { LOG.debug("Access token authentication " + authentication.getClass() + " auth=" + authentication); try { - LOG.debug(mapper.writeValueAsString(authentication)); - } catch (JsonProcessingException e) { + LOG.debug(this.mapper.writeValueAsString(authentication)); + } catch (final JsonProcessingException e) { } } final OAuthAccessToken persisted = new OAuthAccessToken(); - persisted.setAuthenticationId(authenticationKeyGenerator.extractKey(authentication)); + persisted.setAuthenticationId(this.authenticationKeyGenerator.extractKey(authentication)); - DefaultOAuth2AccessToken accessToken = (DefaultOAuth2AccessToken) token; + final DefaultOAuth2AccessToken accessToken = (DefaultOAuth2AccessToken) token; persisted.setExpiration(accessToken.getExpiration()); persisted.setTokenType(accessToken.getTokenType()); LOG.info("accessToken value=" + accessToken.getValue()); persisted.setValue(accessToken.getValue()); try { - persisted.setScopes(mapper.writeValueAsString(accessToken.getScope())); - persisted.setAdditionalInfo(mapper.writeValueAsString(accessToken.getAdditionalInformation())); + persisted.setScopes(this.mapper.writeValueAsString(accessToken.getScope())); + persisted.setAdditionalInfo(this.mapper.writeValueAsString(accessToken.getAdditionalInformation())); - } catch (JsonProcessingException e) { + } catch (final JsonProcessingException e) { LOG.error("Could not serialize accessToken", e); throw new RuntimeException("Serialization of OAuth2 accessToken failed"); } - Authentication userAuthentication = authentication.getUserAuthentication(); + final Authentication userAuthentication = authentication.getUserAuthentication(); if (userAuthentication != null) { - Object userPrincipal = userAuthentication.getPrincipal(); + final Object userPrincipal = userAuthentication.getPrincipal(); if (userPrincipal != null && userPrincipal instanceof AuthUserDetails) { - AuthUserDetails authUser = (AuthUserDetails) userPrincipal; + final AuthUserDetails authUser = (AuthUserDetails) userPrincipal; LOG.info("userPrincipal=" + userPrincipal.getClass() + " " + userPrincipal); persisted.setUserUuid(authUser.getUser().getUuid()); } } - AuthorizationRequest authorizationRequest = authentication.getAuthorizationRequest(); + final AuthorizationRequest authorizationRequest = authentication.getAuthorizationRequest(); persisted.setClientId(authorizationRequest.getClientId()); persisted.setRedirectUri(authorizationRequest.getRedirectUri()); // persisted.setAuthentication(serializeAuthentication(authentication)); @@ -458,11 +480,11 @@ public class OAuth2JPATokenStoreImpl implements JPATokenStoreCleanup, JPATokenSt persisted.setCreatedDate(new Date()); - accessTokenPersistence.save(persisted); + this.accessTokenPersistence.save(persisted); } @Override - public void storeRefreshToken(OAuth2RefreshToken refreshToken, OAuth2Authentication authentication) { + public void storeRefreshToken(final OAuth2RefreshToken refreshToken, final OAuth2Authentication authentication) { if (authentication == null) { LOG.warn("Authentication object is null, ignoring storeRefreshToken request."); return; @@ -472,8 +494,8 @@ public class OAuth2JPATokenStoreImpl implements JPATokenStoreCleanup, JPATokenSt if (authentication != null) { LOG.debug("Refresh token authentication " + authentication.getClass() + " auth=" + authentication); try { - LOG.debug(mapper.writeValueAsString(authentication)); - } catch (JsonProcessingException e) { + LOG.debug(this.mapper.writeValueAsString(authentication)); + } catch (final JsonProcessingException e) { } } @@ -482,40 +504,40 @@ public class OAuth2JPATokenStoreImpl implements JPATokenStoreCleanup, JPATokenSt persisted.setValue(refreshToken.getValue()); if (refreshToken instanceof DefaultExpiringOAuth2RefreshToken) { - DefaultExpiringOAuth2RefreshToken expRefreshToken = (DefaultExpiringOAuth2RefreshToken) refreshToken; + final DefaultExpiringOAuth2RefreshToken expRefreshToken = (DefaultExpiringOAuth2RefreshToken) refreshToken; persisted.setExpiration(expRefreshToken.getExpiration()); } - Authentication userAuthentication = authentication.getUserAuthentication(); + final Authentication userAuthentication = authentication.getUserAuthentication(); if (userAuthentication != null) { - Object userPrincipal = userAuthentication.getPrincipal(); + final Object userPrincipal = userAuthentication.getPrincipal(); if (userPrincipal != null && userPrincipal instanceof AuthUserDetails) { - AuthUserDetails authUser = (AuthUserDetails) userPrincipal; + final AuthUserDetails authUser = (AuthUserDetails) userPrincipal; LOG.info("userPrincipal=" + userPrincipal.getClass() + " " + userPrincipal); persisted.setUserUuid(authUser.getUser().getUuid()); } } - AuthorizationRequest authorizationRequest = authentication.getAuthorizationRequest(); + final AuthorizationRequest authorizationRequest = authentication.getAuthorizationRequest(); try { - persisted.setScopes(mapper.writeValueAsString(authorizationRequest.getScope())); - } catch (JsonProcessingException e) { + persisted.setScopes(this.mapper.writeValueAsString(authorizationRequest.getScope())); + } catch (final JsonProcessingException e) { LOG.error("Failed to serialize refreshToken.scope", e); } persisted.setClientId(authorizationRequest.getClientId()); persisted.setRedirectUri(authorizationRequest.getRedirectUri()); - refreshTokenPersistence.save(persisted); + this.refreshTokenPersistence.save(persisted); } @Override - public void removeAccessToken(long tokenId) { - accessTokenPersistence.delete(tokenId); + public void removeAccessToken(final long tokenId) { + this.accessTokenPersistence.delete(tokenId); } @Override - public void removeRefreshToken(long tokenId) { - refreshTokenPersistence.delete(tokenId); + public void removeRefreshToken(final long tokenId) { + this.refreshTokenPersistence.delete(tokenId); } // protected String md5Digest(String value) { diff --git a/src/main/resources/log4j.properties b/src/main/resources/log4j.properties index b1cf9ac787c52b4e340e20910cd8e641c9430545..197aac69041104c13a84c85c91c93d08bb92bd7b 100644 --- a/src/main/resources/log4j.properties +++ b/src/main/resources/log4j.properties @@ -25,7 +25,7 @@ log4j.appender.stdout.layout.ConversionPattern=%d{ABSOLUTE} %t %5p %c{1}:%L - %m ### set log levels - for more verbose logging change 'info' to 'debug' ### log4j.rootLogger=warn, stdout -log4j.category.org.genesys2.server.service=debug +#log4j.category.org.genesys2.server.service=debug #log4j.category.org.genesys2.server.servlet.controller=debug #log4j.category.org.hibernate.cfg.Configuration=debug #log4j.category.org.hibernate.search=debug