Revert "Bump version, enabled development traces" This reverts commit 87f56dc522aaca7d9dc16978755c1622e6e61a41.
Project: http://git-wip-us.apache.org/repos/asf/incubator-wave/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-wave/commit/2de6a68f Tree: http://git-wip-us.apache.org/repos/asf/incubator-wave/tree/2de6a68f Diff: http://git-wip-us.apache.org/repos/asf/incubator-wave/diff/2de6a68f Branch: refs/heads/swellrt Commit: 2de6a68f92451a1f4438fa9239a5e79d4d6514b5 Parents: 87f56dc Author: Pablo Ojanguren <[email protected]> Authored: Wed Sep 7 17:57:48 2016 +0200 Committer: Pablo Ojanguren <[email protected]> Committed: Wed Sep 7 17:57:48 2016 +0200 ---------------------------------------------------------------------- wave/build.gradle | 10 +- .../server/box/servlet/AccountService.java | 14 -- .../box/servlet/AuthenticationService.java | 91 +++++------ .../swellrt/server/box/servlet/ServiceData.java | 2 +- .../server/authentication/SessionManager.java | 32 ++-- .../authentication/SessionManagerImpl.java | 149 ++++++------------- .../box/server/rpc/AuthenticationServlet.java | 2 +- .../server/rpc/AuthenticationServletTest.java | 4 +- 8 files changed, 105 insertions(+), 199 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-wave/blob/2de6a68f/wave/build.gradle ---------------------------------------------------------------------- diff --git a/wave/build.gradle b/wave/build.gradle index c42789a..405e82d 100644 --- a/wave/build.gradle +++ b/wave/build.gradle @@ -30,7 +30,7 @@ apply plugin: 'com.google.protobuf' /* Meta Data Info */ def title = 'SwellRT' def vendor = 'SwellRT Community' -version = "0.54.0-alpha" +version = "0.53.1-alpha" archivesBaseName = "swellrt" def distFolder = "swellrt" mainClassName = "org.waveprotocol.box.server.ServerMain" @@ -389,11 +389,11 @@ task compileJsWebDev { } } -compileJsWebDev.mustRunAfter compileJava -run.dependsOn compileJsWebDev +// compileJsWebDev.mustRunAfter compileJava +// run.dependsOn compileJsWebDev -// compileJsWeb.mustRunAfter compileJava -// run.dependsOn compileJsWeb +compileJsWeb.mustRunAfter compileJava +run.dependsOn compileJsWeb compileJava.dependsOn = [generateMessages, generateGXP] http://git-wip-us.apache.org/repos/asf/incubator-wave/blob/2de6a68f/wave/src/main/java/org/swellrt/server/box/servlet/AccountService.java ---------------------------------------------------------------------- diff --git a/wave/src/main/java/org/swellrt/server/box/servlet/AccountService.java b/wave/src/main/java/org/swellrt/server/box/servlet/AccountService.java index af7bdad..1a642b6 100644 --- a/wave/src/main/java/org/swellrt/server/box/servlet/AccountService.java +++ b/wave/src/main/java/org/swellrt/server/box/servlet/AccountService.java @@ -82,20 +82,6 @@ public class AccountService extends BaseService { } - public static class ListAccountData extends ServiceData { - - public List<AccountServiceData> accounts; - - public ListAccountData() { - accounts = new ArrayList<AccountServiceData>(); - } - - public String toJson() { - return gson.toJson(accounts); - } - - } - private static final Log LOG = Log.get(AccountService.class); http://git-wip-us.apache.org/repos/asf/incubator-wave/blob/2de6a68f/wave/src/main/java/org/swellrt/server/box/servlet/AuthenticationService.java ---------------------------------------------------------------------- diff --git a/wave/src/main/java/org/swellrt/server/box/servlet/AuthenticationService.java b/wave/src/main/java/org/swellrt/server/box/servlet/AuthenticationService.java index fd018d3..14d0370 100644 --- a/wave/src/main/java/org/swellrt/server/box/servlet/AuthenticationService.java +++ b/wave/src/main/java/org/swellrt/server/box/servlet/AuthenticationService.java @@ -6,7 +6,6 @@ import java.io.UnsupportedEncodingException; import java.nio.charset.Charset; import java.security.Principal; import java.security.cert.X509Certificate; -import java.util.List; import javax.inject.Singleton; import javax.naming.InvalidNameException; @@ -84,7 +83,7 @@ public class AuthenticationService extends BaseService { } } - + // The Object ID of the PKCS #9 email address stored in the client // certificate. // Source: @@ -119,12 +118,11 @@ public class AuthenticationService extends BaseService { public void execute(HttpServletRequest request, HttpServletResponse response) throws IOException { try { - if (request.getMethod().equals("POST")) // login + + if (request.getMethod().equals("POST")) doPost(request, response); - else if (request.getMethod().equals("GET")) // resume + else if (request.getMethod().equals("GET")) doGet(request, response); - else if (request.getMethod().equals("DELETE")) // logout - doDelete(request, response); } catch (PersistenceException e) { sendResponseError(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, @@ -231,13 +229,37 @@ public class AuthenticationService extends BaseService { loggedInAddress = ParticipantId.anonymousOfUnsafe(session.getId(), domain); } + + + } else if (!authData.isParsedField("id") || !authData.isParsedField("password")) { + // Nothing to do here, close session later } else { sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, RC_MISSING_PARAMETER); return; } + + + } + + // If we have reach this point with a no login, close current session + if (loggedInAddress == null) { + + try { + session = sessionManager.getSession(req); + LOG.info("Closing session " + (session != null ? session.getId() : "")); + sessionManager.logout(session); + if (context != null) + context.logout(); + } catch (LoginException e) { + LOG.info("An error ocurred during logout request", e); + } + + sendResponse(resp, new AuthenticationServiceData("SESSION_CLOSED")); + return; + } - sessionManager.login(session, loggedInAddress); + sessionManager.setLoggedInUser(session, loggedInAddress); LOG.info("Authenticated user " + loggedInAddress); AccountService.AccountServiceData accountData; @@ -255,52 +277,6 @@ public class AuthenticationService extends BaseService { sendResponse(resp, accountData); } - - - /** - * DELETE a session - * - * @param req - * @param resp - * @throws IOException - */ - protected void doDelete(HttpServletRequest req, HttpServletResponse resp) throws IOException { - - AuthenticationServiceData authData = new AuthenticationServiceData(); - - try { - authData = getRequestServiceData(req); - } catch (JsonParseException e) { - sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, RC_INVALID_JSON_SYNTAX); - return; - } - - HttpSession session = sessionManager.getSession(req); - - boolean wasDelete = false; - - if (authData.isParsedField("id") && authData.id != null) { - ParticipantId participant; - try { - participant = ParticipantId.of(authData.id); - } catch (InvalidParticipantAddress e) { - sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, RC_INVALID_ACCOUNT_ID_SYNTAX); - return; - } - wasDelete = sessionManager.logout(session, participant); - } else { - wasDelete = sessionManager.logout(session); - } - - if (wasDelete) { - sendResponse(resp, new AuthenticationServiceData("SESSION_CLOSED")); - return; - } else { - sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, RC_ACCOUNT_NOT_LOGGED_IN); - return; - } - -} /** * Get the participant id of the given subject. @@ -409,7 +385,14 @@ public class AuthenticationService extends BaseService { resp.setCharacterEncoding("UTF-8"); req.setCharacterEncoding("UTF-8"); - ParticipantId participantId = sessionManager.resume(req); + HttpSession session = sessionManager.getSession(req, false); + ParticipantId participantId = sessionManager.getLoggedInUser(req); + + // Resume last user session from other browser's tab or window. + if (participantId == null && session != null) { + participantId = sessionManager.getOtherLoggedInUser(session); + if (participantId != null) sessionManager.setLoggedInUser(session, participantId); + } if (participantId != null) { http://git-wip-us.apache.org/repos/asf/incubator-wave/blob/2de6a68f/wave/src/main/java/org/swellrt/server/box/servlet/ServiceData.java ---------------------------------------------------------------------- diff --git a/wave/src/main/java/org/swellrt/server/box/servlet/ServiceData.java b/wave/src/main/java/org/swellrt/server/box/servlet/ServiceData.java index f159a72..659544d 100644 --- a/wave/src/main/java/org/swellrt/server/box/servlet/ServiceData.java +++ b/wave/src/main/java/org/swellrt/server/box/servlet/ServiceData.java @@ -11,7 +11,7 @@ import com.google.gson.JsonParser; public abstract class ServiceData { private static JsonParser jsonParser = new JsonParser(); - protected static Gson gson = new Gson(); + private static Gson gson = new Gson(); public static ServiceData fromJson(String json, Class<? extends ServiceData> classOf) http://git-wip-us.apache.org/repos/asf/incubator-wave/blob/2de6a68f/wave/src/main/java/org/waveprotocol/box/server/authentication/SessionManager.java ---------------------------------------------------------------------- diff --git a/wave/src/main/java/org/waveprotocol/box/server/authentication/SessionManager.java b/wave/src/main/java/org/waveprotocol/box/server/authentication/SessionManager.java index fba9e61..57a2e06 100644 --- a/wave/src/main/java/org/waveprotocol/box/server/authentication/SessionManager.java +++ b/wave/src/main/java/org/waveprotocol/box/server/authentication/SessionManager.java @@ -77,7 +77,7 @@ public interface SessionManager { * request.getSession(true); * @param id the user who has been logged in */ - void login(HttpSession session, ParticipantId id); + void setLoggedInUser(HttpSession session, ParticipantId id); /** * Log the user out. @@ -87,27 +87,7 @@ public interface SessionManager { * @param session The user's HTTP session, obtainable from * request.getSession(false); */ - boolean logout(HttpSession session); - - /** - * Log the user out. - * - * If session is null, this function has no effect. - * - * @param session The user's HTTP session, obtainable from - * request.getSession(false); - * @param participant to be log out - */ - boolean logout(HttpSession session, ParticipantId id); - - /** - * Resume a session, with the last user log in any - * window session. - * - * @param request - * @return the participant or null - */ - ParticipantId resume(HttpServletRequest request); + void logout(HttpSession session); /** * Get the relative URL to redirect the user to the login page. @@ -167,5 +147,13 @@ public interface SessionManager { */ Set<ParticipantId> getAllLoggedInUser(HttpSession session); + /** + * Return the last user who has opened a session on the browser. + * + * @param session + * @return + */ + ParticipantId getOtherLoggedInUser(HttpSession session); + } http://git-wip-us.apache.org/repos/asf/incubator-wave/blob/2de6a68f/wave/src/main/java/org/waveprotocol/box/server/authentication/SessionManagerImpl.java ---------------------------------------------------------------------- diff --git a/wave/src/main/java/org/waveprotocol/box/server/authentication/SessionManagerImpl.java b/wave/src/main/java/org/waveprotocol/box/server/authentication/SessionManagerImpl.java index e5e29cb..fe7622f 100644 --- a/wave/src/main/java/org/waveprotocol/box/server/authentication/SessionManagerImpl.java +++ b/wave/src/main/java/org/waveprotocol/box/server/authentication/SessionManagerImpl.java @@ -106,7 +106,7 @@ public final class SessionManagerImpl implements SessionManager { } @Override - public void login(HttpSession session, ParticipantId id) { + public void setLoggedInUser(HttpSession session, ParticipantId id) { Preconditions.checkNotNull(session, "Session is null"); Preconditions.checkNotNull(id, "Participant id is null"); @@ -123,107 +123,21 @@ public final class SessionManagerImpl implements SessionManager { } @Override - public boolean logout(HttpSession session) { - - // Remove all window sessions with this user - Enumeration<String> attributes = session.getAttributeNames(); - - while (attributes.hasMoreElements()) { - String attr = attributes.nextElement(); - - Object userAttrObject = session.getAttribute(attr); - if (userAttrObject != null && userAttrObject instanceof String) { - String userAttrString = (String) userAttrObject; - if (userAttrString.startsWith(USER_FIELD)); { - session.removeAttribute(attr); - } - } + public void logout(HttpSession session) { + String windowId = null; + if (session instanceof HttpWindowSession) { + HttpWindowSession wSession = (HttpWindowSession) session; + windowId = wSession.getWindowId(); } - - return true; - } - - @Override - public boolean logout(HttpSession session, ParticipantId id) { - - boolean wasDeleted = false; - - String windowId = null; - if (session instanceof HttpWindowSession) { - HttpWindowSession wSession = (HttpWindowSession) session; - windowId = wSession.getWindowId(); - } - - if (windowId != null) { - // Remove all window sessions with this user - Enumeration<String> attributes = session.getAttributeNames(); - - while (attributes.hasMoreElements()) { - String attr = attributes.nextElement(); - - Object userAttrObject = session.getAttribute(attr); - if (userAttrObject != null && userAttrObject instanceof String) { - @SuppressWarnings("unused") - String userAttrString = (String) userAttrObject; - if (userAttrObject.equals(id.getAddress())); { - session.removeAttribute(attr); - wasDeleted = true; - } - } - } - - } else { - // Remove the session if user is in attribute - Object userAttrObject = session.getAttribute(USER_FIELD); - if (userAttrObject != null && userAttrObject instanceof String) { - @SuppressWarnings("unused") - String userAttrString = (String) userAttrObject; - if (userAttrObject.equals(id.getAddress())); { - session.removeAttribute(USER_FIELD); - wasDeleted = true; - } - } - } - return wasDeleted; - } - - @Override - public ParticipantId resume(HttpServletRequest request) { - - HttpSession session = getSession(request); - - if (session == null) return null; - - ParticipantId lastParticipant = null; - int lastParticipantIndex = -1; - Enumeration<String> names = session.getAttributeNames(); - // Found the last participant among all the session attributes - while (names.hasMoreElements()) { - String name = names.nextElement(); - if (name.startsWith(USER_FIELD)) { - if (name.contains(USER_FIELD + "_")) { - - int index = Integer.valueOf(name.split("_")[1]); - - if (index > lastParticipantIndex) { - lastParticipantIndex = index; - lastParticipant = (ParticipantId) session.getAttribute(name); - } - - } else { - - if (lastParticipantIndex < 0) { - lastParticipantIndex = 0; - lastParticipant = (ParticipantId) session.getAttribute(name); - } - - } - } - } - - - return lastParticipant; + // This function should also remove any other bound fields in the session + // object. + if (windowId != null) + session.removeAttribute(USER_FIELD + "_" + windowId); + else + session.removeAttribute(USER_FIELD); + + session.invalidate(); } @Override @@ -297,4 +211,39 @@ public final class SessionManagerImpl implements SessionManager { } + @Override + public ParticipantId getOtherLoggedInUser(HttpSession session) { + + if (session == null) return null; + + ParticipantId lastParticipant = null; + int lastParticipantIndex = -1; + Enumeration<String> names = session.getAttributeNames(); + + // Found the last participant among all the session attributes + while (names.hasMoreElements()) { + String name = names.nextElement(); + if (name.contains(USER_FIELD)) { + if (name.contains(USER_FIELD + "_")) { + + int index = Integer.valueOf(name.split("_")[1]); + + if (index > lastParticipantIndex) { + lastParticipantIndex = index; + lastParticipant = (ParticipantId) session.getAttribute(name); + } + + } else { + + if (lastParticipantIndex < 0) { + lastParticipantIndex = 0; + lastParticipant = (ParticipantId) session.getAttribute(name); + } + + } + } + } + + return lastParticipant; + } } http://git-wip-us.apache.org/repos/asf/incubator-wave/blob/2de6a68f/wave/src/main/java/org/waveprotocol/box/server/rpc/AuthenticationServlet.java ---------------------------------------------------------------------- diff --git a/wave/src/main/java/org/waveprotocol/box/server/rpc/AuthenticationServlet.java b/wave/src/main/java/org/waveprotocol/box/server/rpc/AuthenticationServlet.java index 0603982..353f544 100644 --- a/wave/src/main/java/org/waveprotocol/box/server/rpc/AuthenticationServlet.java +++ b/wave/src/main/java/org/waveprotocol/box/server/rpc/AuthenticationServlet.java @@ -251,7 +251,7 @@ public class AuthenticationServlet extends HttpServlet { loggedInAddress = ParticipantId.anonymousOfUnsafe(session.getId(), domain); } - sessionManager.login(session, loggedInAddress); + sessionManager.setLoggedInUser(session, loggedInAddress); LOG.info("Authenticated user " + loggedInAddress); if (checkNoRedirect(req)) { http://git-wip-us.apache.org/repos/asf/incubator-wave/blob/2de6a68f/wave/src/test/java/org/waveprotocol/box/server/rpc/AuthenticationServletTest.java ---------------------------------------------------------------------- diff --git a/wave/src/test/java/org/waveprotocol/box/server/rpc/AuthenticationServletTest.java b/wave/src/test/java/org/waveprotocol/box/server/rpc/AuthenticationServletTest.java index 848954a..cd64ca9 100644 --- a/wave/src/test/java/org/waveprotocol/box/server/rpc/AuthenticationServletTest.java +++ b/wave/src/test/java/org/waveprotocol/box/server/rpc/AuthenticationServletTest.java @@ -216,9 +216,9 @@ public class AuthenticationServletTest extends TestCase { servlet.doPost(req, resp); if (expectSuccess) { if (ParticipantId.isAnonymousName(address)) - verify(manager).login(session, ANONYMOUS_USER); + verify(manager).setLoggedInUser(session, ANONYMOUS_USER); else - verify(manager).login(session, USER); + verify(manager).setLoggedInUser(session, USER); } } }
