LibreCCM
/
libreccm
3
0
Fork 0
Code Issues 10 Pull Requests Packages Releases Wiki Activity

CCM NG: OneTimeAuthToken Cleaner now works 

git-svn-id: https://svn.libreccm.org/ccm/ccm_ng@3980 8810af33-2d31-482b-a856-94f89814c4df
pull/2/head
jensp 2016-04-08 07:15:19 +00:00
parent 74af31b251
commit 49357d190a
2 changed files with 42 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ccm-bundle-devel-wildfly-web/src/main/resources/log4j2.xml
View File

@ -29,14 +29,15 @@
</Logger> </Logger>
<Logger name="com.arsdigita.web.CCMDispatcherServlet" <Logger name="com.arsdigita.web.CCMDispatcherServlet"
level="debug"> level="debug">
</Logger> </Logger>
<Logger name="org.libreccm.core.AbstractEntityRepository" <Logger name="org.libreccm.core.AbstractEntityRepository"
level="debug"> level="debug">
</Logger> </Logger>
<Logger name="org.libreccm.security.OneTimeAuthTokenCleaner"
level="debug">
</Logger>
<Logger name="org.libreccm.security.Shiro" <Logger name="org.libreccm.security.Shiro"
level="debug"> level="debug">
</Logger> </Logger>
</Loggers> </Loggers>
</Configuration> </Configuration>

45
ccm-core/src/main/java/org/libreccm/security/OneTimeAuthTokenCleaner.java
View File

@ -18,33 +18,40 @@
*/ */
package org.libreccm.security; package org.libreccm.security;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.libreccm.configuration.ConfigurationManager; import org.libreccm.configuration.ConfigurationManager;
import java.time.LocalDateTime;
import java.time.ZoneOffset;
import java.util.List; import java.util.List;
import javax.annotation.PostConstruct; import javax.annotation.PostConstruct;
import javax.annotation.Resource; import javax.annotation.Resource;
import javax.ejb.Singleton;
import javax.ejb.Startup; import javax.ejb.Startup;
import javax.ejb.Timeout; import javax.ejb.Timeout;
import javax.ejb.TimerConfig; import javax.ejb.TimerConfig;
import javax.ejb.TimerService; import javax.ejb.TimerService;
import javax.inject.Inject; import javax.inject.Inject;
import javax.inject.Singleton;
import javax.persistence.EntityManager; import javax.persistence.EntityManager;
import javax.persistence.TypedQuery; import javax.persistence.TypedQuery;
import javax.transaction.Transactional; import javax.transaction.Transactional;
/** /**
* This EJB uses the {@link TimerService} to run a cleanup task periodically to * This EJB uses the {@link TimerService} to run a cleanup task periodically to
* remove all expired {@link OneTimeAuthToken}s. The task period is the same * remove all expired {@link OneTimeAuthToken}s. The task period is the same as
* as the time a {@link OneTimeAuthToken} is valid. * the time a {@link OneTimeAuthToken} is valid.
* *
* @author <a href="mailto:jens.pelzetter@googlemail.com">Jens Pelzetter</a> * @author <a href="mailto:jens.pelzetter@googlemail.com">Jens Pelzetter</a>
*/ */
@Singleton
@Startup @Startup
@Singleton
public class OneTimeAuthTokenCleaner { public class OneTimeAuthTokenCleaner {
private static final Logger LOGGER = LogManager.getLogger(
OneTimeAuthTokenCleaner.class);
@Resource @Resource
private TimerService timerService; private TimerService timerService;
@ -59,24 +66,50 @@ public class OneTimeAuthTokenCleaner {
@PostConstruct @PostConstruct
public void init() { public void init() {
LOGGER.debug("Initialising OneTimeAuthTokenCleaner...");
final OneTimeAuthConfig config = configurationManager.findConfiguration( final OneTimeAuthConfig config = configurationManager.findConfiguration(
OneTimeAuthConfig.class); OneTimeAuthConfig.class);
final long interval = config.getTokenValid() * 1000; final long interval = config.getTokenValid() * 1000;
// final long interval = 60 * 60 * 1000;
LOGGER.debug("Creating interval for {} s.", interval / 1000);
timerService.createIntervalTimer(interval, interval, new TimerConfig()); timerService.createIntervalTimer(interval, interval, new TimerConfig());
} }
@Timeout @Timeout
@Transactional(Transactional.TxType.REQUIRED) @Transactional(Transactional.TxType.REQUIRED)
public void cleanupTokens() { public void cleanupTokens() {
LOGGER.debug("Cleaning up one time auth tokens...");
final TypedQuery<OneTimeAuthToken> query = entityManager.createQuery( final TypedQuery<OneTimeAuthToken> query = entityManager.createQuery(
"SELECT t FROM OneTimeAuthToken t", OneTimeAuthToken.class); "SELECT t FROM OneTimeAuthToken t", OneTimeAuthToken.class);
final List<OneTimeAuthToken> tokens = query.getResultList(); final List<OneTimeAuthToken> tokens = query.getResultList();
LOGGER.debug("Found {} one time auth tokens.", tokens.size());
if (LOGGER.isDebugEnabled()) {
final LocalDateTime now = LocalDateTime.now(ZoneOffset.UTC);
LOGGER.debug("Current time is: {}", now);
tokens.forEach(t -> {
if (oneTimeAuthManager.isValid(t)) {
LOGGER.debug("OneTimeAuthToken with id {} is still valid. "
+ "Expires at {}.",
t.getTokenId(),
t.getValidUntil());
} else {
LOGGER.debug("OneTimeAuthToken with id {} is invalid. "
+ "Expires at {}.",
t.getTokenId(),
t.getValidUntil());
}
});
}
tokens.stream() tokens.stream()
.filter((token) -> (!oneTimeAuthManager.isValid(token))) .filter((token) -> (!oneTimeAuthManager.isValid(token)))
.forEach((token) -> { .forEach((token) -> {
LOGGER.debug("Token with id {} expired at {}. "
+ "Invalidating token.",
token.getTokenId(), token.getValidUntil());
oneTimeAuthManager.invalidate(token); oneTimeAuthManager.invalidate(token);
}); });
} }