use of com.zimbra.cs.ephemeral.EphemeralInput.Expiration in project zm-mailbox by Zimbra.
the class CsrfTokenConverter method convert.
@Override
public EphemeralInput convert(String attrName, Object ldapValue) {
String ldapValueStr = (String) ldapValue;
String[] parts = ldapValueStr.split(":");
if (parts.length != 3) {
ZimbraLog.ephemeral.warn("CSRF auth token %s cannot be parsed", ldapValueStr);
return null;
}
String data = parts[0];
String crumb = parts[1];
Long expirationMillis;
try {
expirationMillis = Long.parseLong(parts[2]);
} catch (NumberFormatException e) {
ZimbraLog.ephemeral.warn("CSRF auth token %s does not have a valid expiration value", ldapValueStr);
return null;
}
EphemeralKey key = new EphemeralKey(attrName, crumb);
EphemeralInput input = new EphemeralInput(key, data);
Expiration expiration = new AbsoluteExpiration(expirationMillis);
input.setExpiration(expiration);
return input;
}
use of com.zimbra.cs.ephemeral.EphemeralInput.Expiration in project zm-mailbox by Zimbra.
the class ZimbraAuthToken method register.
private void register() {
if (!isZimbraUser() || isZMGAppBootstrap()) {
return;
}
try {
Account acct = Provisioning.getInstance().get(AccountBy.id, properties.getAccountId());
if (Provisioning.getInstance().getLocalServer().getLowestSupportedAuthVersion() > 1) {
try {
// house keeping. If we are issuing a new token, clean up old ones.
acct.cleanExpiredTokens();
} catch (ServiceException e) {
LOG.error("unable to de-register auth token", e);
}
Expiration expiration = new AbsoluteExpiration(properties.getExpires());
acct.addAuthTokens(String.valueOf(properties.getTokenID()), properties.getServerVersion(), expiration);
}
} catch (ServiceException e) {
LOG.error("unable to register auth token", e);
}
}
use of com.zimbra.cs.ephemeral.EphemeralInput.Expiration in project zm-mailbox by Zimbra.
the class ZimbraJWToken method deRegister.
@Override
public void deRegister() throws AuthTokenException {
if (!isExpired()) {
try {
Account acct = Provisioning.getInstance().getAccountById(properties.getAccountId());
if (acct != null) {
acct.cleanExpiredJWTokens();
String jwtId = JWTUtil.getJTI(properties.getEncoded());
if (jwtId != null) {
Expiration expiration = new AbsoluteExpiration(properties.getExpires());
acct.addInvalidJWTokens(jwtId, properties.getServerVersion(), expiration);
JWTCache.remove(jwtId);
ZimbraLog.account.debug("added jti: %s to invalid list", jwtId);
if (acct.getBooleanAttr(Provisioning.A_zimbraLogOutFromAllServers, false)) {
AuthTokenRegistry.addTokenToQueue(this);
}
}
}
} catch (ServiceException e) {
throw new AuthTokenException("unable to de-register auth token", e);
}
}
}
use of com.zimbra.cs.ephemeral.EphemeralInput.Expiration in project zm-mailbox by Zimbra.
the class ZimbraAuthToken method registerWithEphemeralStore.
/*
* Used when the auth token needs to be registered with a non-default
* ephemeral backend
*/
public void registerWithEphemeralStore(EphemeralStore store) throws ServiceException {
Account acct = Provisioning.getInstance().get(AccountBy.id, properties.getAccountId());
Expiration expiration = new AbsoluteExpiration(properties.getExpires());
EphemeralLocation location = new LdapEntryLocation(acct);
EphemeralKey key = new EphemeralKey(Provisioning.A_zimbraAuthTokens, String.valueOf(properties.getTokenID()));
EphemeralInput input = new EphemeralInput(key, properties.getServerVersion(), expiration);
store.update(input, location);
}
use of com.zimbra.cs.ephemeral.EphemeralInput.Expiration in project zm-mailbox by Zimbra.
the class CsrfUtil method storeTokenData.
/**
* @param tokenSalt
* @param accountId
* @param authTokenExpiration
* @param crumb
* @throws ServiceException
*/
private static void storeTokenData(String data, AuthToken authToken, long authTokenExpiration, String crumb) throws ServiceException {
Account account = getAccount(authToken, Boolean.TRUE);
if (account != null) {
Expiration expiration = new AbsoluteExpiration(authTokenExpiration);
boolean needToAdd = true;
String curData = account.getCsrfTokenData(crumb);
if (curData != null) {
if (!data.equals(curData)) {
account.removeCsrfTokenData(crumb, curData);
} else {
ZimbraLog.ephemeral.debug("CSRF token already stored in ephemeral storage");
needToAdd = false;
}
}
if (needToAdd) {
account.addCsrfTokenData(crumb, data, expiration);
}
}
}
Aggregations