Examples with JournalEntry org.apache.knox.gateway.services.token.state.JournalEntry used on opensource projects

Example 6 with JournalEntry

use of org.apache.knox.gateway.services.token.state.JournalEntry in project knox by apache.

the class FileTokenStateJournalTest method doTestParseJournalEntry.

private void doTestParseJournalEntry(final String tokenId, final String issueTime, final String expiration, final String maxLifetime, final String enabled, final String userName, final String comment) {
    StringBuilder entryStringBuilder = new StringBuilder(tokenId != null ? tokenId : "").append(',').append(issueTime != null ? issueTime : "").append(',').append(expiration != null ? expiration : "").append(',').append(maxLifetime != null ? maxLifetime : "").append(",").append(enabled != null ? enabled : "").append(",").append(userName == null ? "" : userName).append(",").append(comment == null ? "" : comment);
    JournalEntry entry = FileTokenStateJournal.FileJournalEntry.parse(entryStringBuilder.toString());
    assertNotNull(entry);
    assertJournalEntryField(tokenId, entry.getTokenId());
    assertJournalEntryField(issueTime, entry.getIssueTime());
    assertJournalEntryField(expiration, entry.getExpiration());
    assertJournalEntryField(maxLifetime, entry.getMaxLifetime());
    assertJournalEntryField(StringUtils.isBlank(enabled) ? "false" : enabled, String.valueOf(entry.getTokenMetadata().isEnabled()));
    assertJournalEntryField(userName, entry.getTokenMetadata().getUserName());
    assertJournalEntryField(comment, entry.getTokenMetadata().getComment());
}

Example 7 with JournalEntry

use of org.apache.knox.gateway.services.token.state.JournalEntry in project knox by apache.

the class AbstractFileTokenStateJournalTest method testSingleJournalEntryRoundTrip.

@Test
public void testSingleJournalEntryRoundTrip() throws Exception {
    GatewayConfig config = getGatewayConfig();
    TokenStateJournal journal = createTokenStateJournal(config);
    final String tokenId = String.valueOf(UUID.randomUUID());
    // Verify that the token state has not yet been journaled
    assertNull(journal.get(tokenId));
    long issueTime = System.currentTimeMillis();
    long expiration = issueTime + TimeUnit.MINUTES.toMillis(5);
    long maxLifetime = issueTime + (5 * TimeUnit.MINUTES.toMillis(5));
    JournalEntry original = createTestJournalEntry(tokenId, issueTime, expiration, maxLifetime);
    journal.add(original);
    // Get the token state from the journal, and validate its contents
    JournalEntry entry = journal.get(tokenId);
    assertNotNull(entry);
    assertEquals(original.getTokenId(), entry.getTokenId());
    assertEquals(original.getIssueTime(), entry.getIssueTime());
    assertEquals(original.getExpiration(), entry.getExpiration());
    assertEquals(original.getMaxLifetime(), entry.getMaxLifetime());
    journal.remove(entry);
    // Verify that the token state can no longer be gotten from the journal
    assertNull(journal.get(tokenId));
}

Example 8 with JournalEntry

use of org.apache.knox.gateway.services.token.state.JournalEntry in project knox by apache.

the class AbstractFileTokenStateJournalTest method testUpdateTokenState.

@Test
public void testUpdateTokenState() throws Exception {
    GatewayConfig config = getGatewayConfig();
    TokenStateJournal journal = createTokenStateJournal(config);
    final String tokenId = String.valueOf(UUID.randomUUID());
    // Verify that the token state has not yet been journaled
    assertNull(journal.get(tokenId));
    long issueTime = System.currentTimeMillis();
    long expiration = issueTime + TimeUnit.MINUTES.toMillis(5);
    long maxLifetime = issueTime + (5 * TimeUnit.MINUTES.toMillis(5));
    journal.add(tokenId, issueTime, expiration, maxLifetime, null);
    // Get the token state from the journal, and validate its contents
    JournalEntry entry = journal.get(tokenId);
    assertNotNull(entry);
    assertEquals(tokenId, entry.getTokenId());
    assertEquals(issueTime, Long.parseLong(entry.getIssueTime()));
    assertEquals(expiration, Long.parseLong(entry.getExpiration()));
    assertEquals(maxLifetime, Long.parseLong(entry.getMaxLifetime()));
    long updatedExpiration = System.currentTimeMillis() + TimeUnit.MINUTES.toMillis(5);
    journal.add(tokenId, issueTime, updatedExpiration, maxLifetime, null);
    // Get and validate the updated token state
    entry = journal.get(tokenId);
    assertNotNull(entry);
    assertEquals(tokenId, entry.getTokenId());
    assertEquals(issueTime, Long.parseLong(entry.getIssueTime()));
    assertEquals(updatedExpiration, Long.parseLong(entry.getExpiration()));
    assertEquals(maxLifetime, Long.parseLong(entry.getMaxLifetime()));
    // Verify that the token state can no longer be gotten from the journal
    journal.remove(tokenId);
    assertNull(journal.get(tokenId));
}

Example 9 with JournalEntry

use of org.apache.knox.gateway.services.token.state.JournalEntry in project knox by apache.

the class AliasBasedTokenStateService method init.

@Override
public void init(final GatewayConfig config, final Map<String, String> options) throws ServiceLifecycleException {
    super.init(config, options);
    if (aliasService == null) {
        throw new ServiceLifecycleException("The required AliasService reference has not been set.");
    }
    try {
        // Initialize the token state journal
        journal = TokenStateJournalFactory.create(config);
        // Load any persisted journal entries, and add them to the unpersisted state collection
        List<JournalEntry> entries = journal.get();
        for (JournalEntry entry : entries) {
            String id = entry.getTokenId();
            try {
                long issueTime = Long.parseLong(entry.getIssueTime());
                long expiration = Long.parseLong(entry.getExpiration());
                long maxLifetime = Long.parseLong(entry.getMaxLifetime());
                // Add the token state to memory
                super.addToken(id, issueTime, expiration, maxLifetime);
                synchronized (unpersistedState) {
                    // The max lifetime entry is added by way of the call to super.addToken(),
                    // so only need to add the expiration entry here.
                    unpersistedState.add(new TokenExpiration(id, expiration));
                }
            } catch (Exception e) {
                log.failedToLoadJournalEntry(Tokens.getTokenIDDisplayText(id), e);
            }
        }
    } catch (IOException e) {
        throw new ServiceLifecycleException("Failed to load persisted state from the token state journal", e);
    }
    statePersistenceInterval = config.getKnoxTokenStateAliasPersistenceInterval();
    if (tokenStateServiceStatistics != null) {
        this.gatewayCredentialsFilePath = Paths.get(config.getGatewayKeystoreDir()).resolve(AliasService.NO_CLUSTER_NAME + DefaultKeystoreService.CREDENTIALS_SUFFIX + config.getCredentialStoreType().toLowerCase(Locale.ROOT));
        tokenStateServiceStatistics.setGatewayCredentialsFileSize(this.gatewayCredentialsFilePath.toFile().length());
    }
}

Example 10 with JournalEntry

use of org.apache.knox.gateway.services.token.state.JournalEntry in project knox by apache.

the class JournalBasedTokenStateService method getTokenIssueTime.

@Override
public long getTokenIssueTime(String tokenId) throws UnknownTokenException {
    try {
        // Check the in-memory collection first, to avoid file access when possible
        return super.getTokenIssueTime(tokenId);
    } catch (UnknownTokenException e) {
    // It's not in memory
    }
    validateToken(tokenId);
    // If there is no associated state in the in-memory cache, proceed to check the journal
    long issueTime = 0;
    try {
        JournalEntry entry = journal.get(tokenId);
        if (entry == null) {
            throw new UnknownTokenException(tokenId);
        }
        issueTime = Long.parseLong(entry.getIssueTime());
    } catch (IOException e) {
        log.failedToLoadJournalEntry(e);
    }
    return issueTime;
}