LibreCCM
/
libreccm
3
0
Fork 0
Code Issues 10 Pull Requests Packages Releases Wiki Activity

CCM NG: OneTimeAuthToken Cleaner now works 

git-svn-id: https://svn.libreccm.org/ccm/ccm_ng@3980 8810af33-2d31-482b-a856-94f89814c4df
pull/2/head
jensp 2016-04-08 07:15:19 +00:00
parent 74af31b251
commit 49357d190a
2 changed files with 42 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ccm-bundle-devel-wildfly-web/src/main/resources/log4j2.xml
View File

@ -29,14 +29,15 @@
</Logger>
<Logger name="com.arsdigita.web.CCMDispatcherServlet"
level="debug">
</Logger>
<Logger name="org.libreccm.core.AbstractEntityRepository"
level="debug">
</Logger>
<Logger name="org.libreccm.security.OneTimeAuthTokenCleaner"
level="debug">
</Logger>
<Logger name="org.libreccm.security.Shiro"
level="debug">
</Logger>
</Loggers>
</Configuration>

45
ccm-core/src/main/java/org/libreccm/security/OneTimeAuthTokenCleaner.java
View File

@ -18,33 +18,40 @@
*/
package org.libreccm.security;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.libreccm.configuration.ConfigurationManager;
import java.time.LocalDateTime;
import java.time.ZoneOffset;
import java.util.List;
import javax.annotation.PostConstruct;
import javax.annotation.Resource;
import javax.ejb.Singleton;
import javax.ejb.Startup;
import javax.ejb.Timeout;
import javax.ejb.TimerConfig;
import javax.ejb.TimerService;
import javax.inject.Inject;
import javax.inject.Singleton;
import javax.persistence.EntityManager;
import javax.persistence.TypedQuery;
import javax.transaction.Transactional;
/**
* This EJB uses the {@link TimerService} to run a cleanup task periodically to
* remove all expired {@link OneTimeAuthToken}s. The task period is the same
* as the time a {@link OneTimeAuthToken} is valid.
*
* This EJB uses the {@link TimerService} to run a cleanup task periodically to
* remove all expired {@link OneTimeAuthToken}s. The task period is the same as
* the time a {@link OneTimeAuthToken} is valid.
*
* @author <a href="mailto:jens.pelzetter@googlemail.com">Jens Pelzetter</a>
*/
@Singleton
@Startup
@Singleton
public class OneTimeAuthTokenCleaner {
private static final Logger LOGGER = LogManager.getLogger(
OneTimeAuthTokenCleaner.class);
@Resource
private TimerService timerService;
@ -59,24 +66,50 @@ public class OneTimeAuthTokenCleaner {
@PostConstruct
public void init() {
LOGGER.debug("Initialising OneTimeAuthTokenCleaner...");
final OneTimeAuthConfig config = configurationManager.findConfiguration(
OneTimeAuthConfig.class);
final long interval = config.getTokenValid() * 1000;
// final long interval = 60 * 60 * 1000;
LOGGER.debug("Creating interval for {} s.", interval / 1000);
timerService.createIntervalTimer(interval, interval, new TimerConfig());
}
@Timeout
@Transactional(Transactional.TxType.REQUIRED)
public void cleanupTokens() {
LOGGER.debug("Cleaning up one time auth tokens...");
final TypedQuery<OneTimeAuthToken> query = entityManager.createQuery(
"SELECT t FROM OneTimeAuthToken t", OneTimeAuthToken.class);
final List<OneTimeAuthToken> tokens = query.getResultList();
LOGGER.debug("Found {} one time auth tokens.", tokens.size());
if (LOGGER.isDebugEnabled()) {
final LocalDateTime now = LocalDateTime.now(ZoneOffset.UTC);
LOGGER.debug("Current time is: {}", now);
tokens.forEach(t -> {
if (oneTimeAuthManager.isValid(t)) {
LOGGER.debug("OneTimeAuthToken with id {} is still valid. "
+ "Expires at {}.",
t.getTokenId(),
t.getValidUntil());
} else {
LOGGER.debug("OneTimeAuthToken with id {} is invalid. "
+ "Expires at {}.",
t.getTokenId(),
t.getValidUntil());
}
});
}
tokens.stream()
.filter((token) -> (!oneTimeAuthManager.isValid(token)))
.forEach((token) -> {
LOGGER.debug("Token with id {} expired at {}. "
+ "Invalidating token.",
token.getTokenId(), token.getValidUntil());
oneTimeAuthManager.invalidate(token);
});
}