Bump version, enabled development traces
Project: http://git-wip-us.apache.org/repos/asf/incubator-wave/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-wave/commit/87f56dc5 Tree: http://git-wip-us.apache.org/repos/asf/incubator-wave/tree/87f56dc5 Diff: http://git-wip-us.apache.org/repos/asf/incubator-wave/diff/87f56dc5 Branch: refs/heads/swellrt Commit: 87f56dc522aaca7d9dc16978755c1622e6e61a41 Parents: 138ba70 Author: Pablo Ojanguren <[email protected]> Authored: Wed Sep 7 16:34:02 2016 +0200 Committer: Pablo Ojanguren <[email protected]> Committed: Wed Sep 7 16:34:02 2016 +0200 ---------------------------------------------------------------------- wave/build.gradle | 10 +- .../server/box/servlet/AccountService.java | 14 ++ .../box/servlet/AuthenticationService.java | 91 ++++++----- .../swellrt/server/box/servlet/ServiceData.java | 2 +- .../server/authentication/SessionManager.java | 32 ++-- .../authentication/SessionManagerImpl.java | 149 +++++++++++++------ .../box/server/rpc/AuthenticationServlet.java | 2 +- .../server/rpc/AuthenticationServletTest.java | 4 +- 8 files changed, 199 insertions(+), 105 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-wave/blob/87f56dc5/wave/build.gradle ---------------------------------------------------------------------- diff --git a/wave/build.gradle b/wave/build.gradle index 405e82d..c42789a 100644 --- a/wave/build.gradle +++ b/wave/build.gradle @@ -30,7 +30,7 @@ apply plugin: 'com.google.protobuf' /* Meta Data Info */ def title = 'SwellRT' def vendor = 'SwellRT Community' -version = "0.53.1-alpha" +version = "0.54.0-alpha" archivesBaseName = "swellrt" def distFolder = "swellrt" mainClassName = "org.waveprotocol.box.server.ServerMain" @@ -389,11 +389,11 @@ task compileJsWebDev { } } -// compileJsWebDev.mustRunAfter compileJava -// run.dependsOn compileJsWebDev +compileJsWebDev.mustRunAfter compileJava +run.dependsOn compileJsWebDev -compileJsWeb.mustRunAfter compileJava -run.dependsOn compileJsWeb +// compileJsWeb.mustRunAfter compileJava +// run.dependsOn compileJsWeb compileJava.dependsOn = [generateMessages, generateGXP] http://git-wip-us.apache.org/repos/asf/incubator-wave/blob/87f56dc5/wave/src/main/java/org/swellrt/server/box/servlet/AccountService.java ---------------------------------------------------------------------- diff --git a/wave/src/main/java/org/swellrt/server/box/servlet/AccountService.java b/wave/src/main/java/org/swellrt/server/box/servlet/AccountService.java index 1a642b6..af7bdad 100644 --- a/wave/src/main/java/org/swellrt/server/box/servlet/AccountService.java +++ b/wave/src/main/java/org/swellrt/server/box/servlet/AccountService.java @@ -82,6 +82,20 @@ public class AccountService extends BaseService { } + public static class ListAccountData extends ServiceData { + + public List<AccountServiceData> accounts; + + public ListAccountData() { + accounts = new ArrayList<AccountServiceData>(); + } + + public String toJson() { + return gson.toJson(accounts); + } + + } + private static final Log LOG = Log.get(AccountService.class); http://git-wip-us.apache.org/repos/asf/incubator-wave/blob/87f56dc5/wave/src/main/java/org/swellrt/server/box/servlet/AuthenticationService.java ---------------------------------------------------------------------- diff --git a/wave/src/main/java/org/swellrt/server/box/servlet/AuthenticationService.java b/wave/src/main/java/org/swellrt/server/box/servlet/AuthenticationService.java index 14d0370..fd018d3 100644 --- a/wave/src/main/java/org/swellrt/server/box/servlet/AuthenticationService.java +++ b/wave/src/main/java/org/swellrt/server/box/servlet/AuthenticationService.java @@ -6,6 +6,7 @@ import java.io.UnsupportedEncodingException; import java.nio.charset.Charset; import java.security.Principal; import java.security.cert.X509Certificate; +import java.util.List; import javax.inject.Singleton; import javax.naming.InvalidNameException; @@ -83,7 +84,7 @@ public class AuthenticationService extends BaseService { } } - + // The Object ID of the PKCS #9 email address stored in the client // certificate. // Source: @@ -118,11 +119,12 @@ public class AuthenticationService extends BaseService { public void execute(HttpServletRequest request, HttpServletResponse response) throws IOException { try { - - if (request.getMethod().equals("POST")) + if (request.getMethod().equals("POST")) // login doPost(request, response); - else if (request.getMethod().equals("GET")) + else if (request.getMethod().equals("GET")) // resume doGet(request, response); + else if (request.getMethod().equals("DELETE")) // logout + doDelete(request, response); } catch (PersistenceException e) { sendResponseError(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, @@ -229,37 +231,13 @@ public class AuthenticationService extends BaseService { loggedInAddress = ParticipantId.anonymousOfUnsafe(session.getId(), domain); } - - - } else if (!authData.isParsedField("id") || !authData.isParsedField("password")) { - // Nothing to do here, close session later } else { sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, RC_MISSING_PARAMETER); return; } - - - } - - // If we have reach this point with a no login, close current session - if (loggedInAddress == null) { - - try { - session = sessionManager.getSession(req); - LOG.info("Closing session " + (session != null ? session.getId() : "")); - sessionManager.logout(session); - if (context != null) - context.logout(); - } catch (LoginException e) { - LOG.info("An error ocurred during logout request", e); - } - - sendResponse(resp, new AuthenticationServiceData("SESSION_CLOSED")); - return; - } - sessionManager.setLoggedInUser(session, loggedInAddress); + sessionManager.login(session, loggedInAddress); LOG.info("Authenticated user " + loggedInAddress); AccountService.AccountServiceData accountData; @@ -277,6 +255,52 @@ public class AuthenticationService extends BaseService { sendResponse(resp, accountData); } + + + /** + * DELETE a session + * + * @param req + * @param resp + * @throws IOException + */ + protected void doDelete(HttpServletRequest req, HttpServletResponse resp) throws IOException { + + AuthenticationServiceData authData = new AuthenticationServiceData(); + + try { + authData = getRequestServiceData(req); + } catch (JsonParseException e) { + sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, RC_INVALID_JSON_SYNTAX); + return; + } + + HttpSession session = sessionManager.getSession(req); + + boolean wasDelete = false; + + if (authData.isParsedField("id") && authData.id != null) { + ParticipantId participant; + try { + participant = ParticipantId.of(authData.id); + } catch (InvalidParticipantAddress e) { + sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, RC_INVALID_ACCOUNT_ID_SYNTAX); + return; + } + wasDelete = sessionManager.logout(session, participant); + } else { + wasDelete = sessionManager.logout(session); + } + + if (wasDelete) { + sendResponse(resp, new AuthenticationServiceData("SESSION_CLOSED")); + return; + } else { + sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, RC_ACCOUNT_NOT_LOGGED_IN); + return; + } + +} /** * Get the participant id of the given subject. @@ -385,14 +409,7 @@ public class AuthenticationService extends BaseService { resp.setCharacterEncoding("UTF-8"); req.setCharacterEncoding("UTF-8"); - HttpSession session = sessionManager.getSession(req, false); - ParticipantId participantId = sessionManager.getLoggedInUser(req); - - // Resume last user session from other browser's tab or window. - if (participantId == null && session != null) { - participantId = sessionManager.getOtherLoggedInUser(session); - if (participantId != null) sessionManager.setLoggedInUser(session, participantId); - } + ParticipantId participantId = sessionManager.resume(req); if (participantId != null) { http://git-wip-us.apache.org/repos/asf/incubator-wave/blob/87f56dc5/wave/src/main/java/org/swellrt/server/box/servlet/ServiceData.java ---------------------------------------------------------------------- diff --git a/wave/src/main/java/org/swellrt/server/box/servlet/ServiceData.java b/wave/src/main/java/org/swellrt/server/box/servlet/ServiceData.java index 659544d..f159a72 100644 --- a/wave/src/main/java/org/swellrt/server/box/servlet/ServiceData.java +++ b/wave/src/main/java/org/swellrt/server/box/servlet/ServiceData.java @@ -11,7 +11,7 @@ import com.google.gson.JsonParser; public abstract class ServiceData { private static JsonParser jsonParser = new JsonParser(); - private static Gson gson = new Gson(); + protected static Gson gson = new Gson(); public static ServiceData fromJson(String json, Class<? extends ServiceData> classOf) http://git-wip-us.apache.org/repos/asf/incubator-wave/blob/87f56dc5/wave/src/main/java/org/waveprotocol/box/server/authentication/SessionManager.java ---------------------------------------------------------------------- diff --git a/wave/src/main/java/org/waveprotocol/box/server/authentication/SessionManager.java b/wave/src/main/java/org/waveprotocol/box/server/authentication/SessionManager.java index 57a2e06..fba9e61 100644 --- a/wave/src/main/java/org/waveprotocol/box/server/authentication/SessionManager.java +++ b/wave/src/main/java/org/waveprotocol/box/server/authentication/SessionManager.java @@ -77,7 +77,7 @@ public interface SessionManager { * request.getSession(true); * @param id the user who has been logged in */ - void setLoggedInUser(HttpSession session, ParticipantId id); + void login(HttpSession session, ParticipantId id); /** * Log the user out. @@ -87,7 +87,27 @@ public interface SessionManager { * @param session The user's HTTP session, obtainable from * request.getSession(false); */ - void logout(HttpSession session); + boolean logout(HttpSession session); + + /** + * Log the user out. + * + * If session is null, this function has no effect. + * + * @param session The user's HTTP session, obtainable from + * request.getSession(false); + * @param participant to be log out + */ + boolean logout(HttpSession session, ParticipantId id); + + /** + * Resume a session, with the last user log in any + * window session. + * + * @param request + * @return the participant or null + */ + ParticipantId resume(HttpServletRequest request); /** * Get the relative URL to redirect the user to the login page. @@ -147,13 +167,5 @@ public interface SessionManager { */ Set<ParticipantId> getAllLoggedInUser(HttpSession session); - /** - * Return the last user who has opened a session on the browser. - * - * @param session - * @return - */ - ParticipantId getOtherLoggedInUser(HttpSession session); - } http://git-wip-us.apache.org/repos/asf/incubator-wave/blob/87f56dc5/wave/src/main/java/org/waveprotocol/box/server/authentication/SessionManagerImpl.java ---------------------------------------------------------------------- diff --git a/wave/src/main/java/org/waveprotocol/box/server/authentication/SessionManagerImpl.java b/wave/src/main/java/org/waveprotocol/box/server/authentication/SessionManagerImpl.java index fe7622f..e5e29cb 100644 --- a/wave/src/main/java/org/waveprotocol/box/server/authentication/SessionManagerImpl.java +++ b/wave/src/main/java/org/waveprotocol/box/server/authentication/SessionManagerImpl.java @@ -106,7 +106,7 @@ public final class SessionManagerImpl implements SessionManager { } @Override - public void setLoggedInUser(HttpSession session, ParticipantId id) { + public void login(HttpSession session, ParticipantId id) { Preconditions.checkNotNull(session, "Session is null"); Preconditions.checkNotNull(id, "Participant id is null"); @@ -123,21 +123,107 @@ public final class SessionManagerImpl implements SessionManager { } @Override - public void logout(HttpSession session) { - String windowId = null; - if (session instanceof HttpWindowSession) { - HttpWindowSession wSession = (HttpWindowSession) session; - windowId = wSession.getWindowId(); - } + public boolean logout(HttpSession session) { - // This function should also remove any other bound fields in the session - // object. - if (windowId != null) - session.removeAttribute(USER_FIELD + "_" + windowId); - else - session.removeAttribute(USER_FIELD); + // Remove all window sessions with this user + Enumeration<String> attributes = session.getAttributeNames(); + + while (attributes.hasMoreElements()) { + String attr = attributes.nextElement(); + + Object userAttrObject = session.getAttribute(attr); + if (userAttrObject != null && userAttrObject instanceof String) { + String userAttrString = (String) userAttrObject; + if (userAttrString.startsWith(USER_FIELD)); { + session.removeAttribute(attr); + } + } + } - session.invalidate(); + return true; + } + + @Override + public boolean logout(HttpSession session, ParticipantId id) { + + boolean wasDeleted = false; + + String windowId = null; + if (session instanceof HttpWindowSession) { + HttpWindowSession wSession = (HttpWindowSession) session; + windowId = wSession.getWindowId(); + } + + if (windowId != null) { + // Remove all window sessions with this user + Enumeration<String> attributes = session.getAttributeNames(); + + while (attributes.hasMoreElements()) { + String attr = attributes.nextElement(); + + Object userAttrObject = session.getAttribute(attr); + if (userAttrObject != null && userAttrObject instanceof String) { + @SuppressWarnings("unused") + String userAttrString = (String) userAttrObject; + if (userAttrObject.equals(id.getAddress())); { + session.removeAttribute(attr); + wasDeleted = true; + } + } + } + + } else { + // Remove the session if user is in attribute + Object userAttrObject = session.getAttribute(USER_FIELD); + if (userAttrObject != null && userAttrObject instanceof String) { + @SuppressWarnings("unused") + String userAttrString = (String) userAttrObject; + if (userAttrObject.equals(id.getAddress())); { + session.removeAttribute(USER_FIELD); + wasDeleted = true; + } + } + } + return wasDeleted; + } + + @Override + public ParticipantId resume(HttpServletRequest request) { + + HttpSession session = getSession(request); + + if (session == null) return null; + + ParticipantId lastParticipant = null; + int lastParticipantIndex = -1; + Enumeration<String> names = session.getAttributeNames(); + + // Found the last participant among all the session attributes + while (names.hasMoreElements()) { + String name = names.nextElement(); + if (name.startsWith(USER_FIELD)) { + if (name.contains(USER_FIELD + "_")) { + + int index = Integer.valueOf(name.split("_")[1]); + + if (index > lastParticipantIndex) { + lastParticipantIndex = index; + lastParticipant = (ParticipantId) session.getAttribute(name); + } + + } else { + + if (lastParticipantIndex < 0) { + lastParticipantIndex = 0; + lastParticipant = (ParticipantId) session.getAttribute(name); + } + + } + } + } + + + return lastParticipant; } @Override @@ -211,39 +297,4 @@ public final class SessionManagerImpl implements SessionManager { } - @Override - public ParticipantId getOtherLoggedInUser(HttpSession session) { - - if (session == null) return null; - - ParticipantId lastParticipant = null; - int lastParticipantIndex = -1; - Enumeration<String> names = session.getAttributeNames(); - - // Found the last participant among all the session attributes - while (names.hasMoreElements()) { - String name = names.nextElement(); - if (name.contains(USER_FIELD)) { - if (name.contains(USER_FIELD + "_")) { - - int index = Integer.valueOf(name.split("_")[1]); - - if (index > lastParticipantIndex) { - lastParticipantIndex = index; - lastParticipant = (ParticipantId) session.getAttribute(name); - } - - } else { - - if (lastParticipantIndex < 0) { - lastParticipantIndex = 0; - lastParticipant = (ParticipantId) session.getAttribute(name); - } - - } - } - } - - return lastParticipant; - } } http://git-wip-us.apache.org/repos/asf/incubator-wave/blob/87f56dc5/wave/src/main/java/org/waveprotocol/box/server/rpc/AuthenticationServlet.java ---------------------------------------------------------------------- diff --git a/wave/src/main/java/org/waveprotocol/box/server/rpc/AuthenticationServlet.java b/wave/src/main/java/org/waveprotocol/box/server/rpc/AuthenticationServlet.java index 353f544..0603982 100644 --- a/wave/src/main/java/org/waveprotocol/box/server/rpc/AuthenticationServlet.java +++ b/wave/src/main/java/org/waveprotocol/box/server/rpc/AuthenticationServlet.java @@ -251,7 +251,7 @@ public class AuthenticationServlet extends HttpServlet { loggedInAddress = ParticipantId.anonymousOfUnsafe(session.getId(), domain); } - sessionManager.setLoggedInUser(session, loggedInAddress); + sessionManager.login(session, loggedInAddress); LOG.info("Authenticated user " + loggedInAddress); if (checkNoRedirect(req)) { http://git-wip-us.apache.org/repos/asf/incubator-wave/blob/87f56dc5/wave/src/test/java/org/waveprotocol/box/server/rpc/AuthenticationServletTest.java ---------------------------------------------------------------------- diff --git a/wave/src/test/java/org/waveprotocol/box/server/rpc/AuthenticationServletTest.java b/wave/src/test/java/org/waveprotocol/box/server/rpc/AuthenticationServletTest.java index cd64ca9..848954a 100644 --- a/wave/src/test/java/org/waveprotocol/box/server/rpc/AuthenticationServletTest.java +++ b/wave/src/test/java/org/waveprotocol/box/server/rpc/AuthenticationServletTest.java @@ -216,9 +216,9 @@ public class AuthenticationServletTest extends TestCase { servlet.doPost(req, resp); if (expectSuccess) { if (ParticipantId.isAnonymousName(address)) - verify(manager).setLoggedInUser(session, ANONYMOUS_USER); + verify(manager).login(session, ANONYMOUS_USER); else - verify(manager).setLoggedInUser(session, USER); + verify(manager).login(session, USER); } } }
