#2756 fix - chnaged API to allow activation by code and other UI changes

rsanchez

2015-09-24 94c288b4f8d353c44b64e40c0863c7fce6782293

 securis/src/main/java/net/curisit/securis/utils/TokenHelper.java
..
..
@@ -11,6 +11,7 @@
11
11
 import javax.inject.Inject;
12
12
 
13
13
 import net.curisit.integrity.commons.Utils;
14
+import net.curisit.securis.services.ApiResource;
14
15
 
15
16
 import org.apache.commons.lang3.StringUtils;
16
17
 import org.apache.logging.log4j.LogManager;
..
..
@@ -42,8 +43,12 @@
42
43
      * @return
43
44
      */
44
45
     public String generateToken(String user) {
46
+
47
+        return generateToken(user, new Date());
48
+    }
49
+
50
+    public String generateToken(String user, Date date) {
45
51
         try {
46
-            Date date = new Date();
47
52
             String secret = generateSecret(user, date);
48
53
             StringBuffer sb = new StringBuffer();
49
54
             sb.append(secret);
..
..
@@ -58,7 +63,6 @@
58
63
             LOG.error("Error generating SHA-256 hash", e);
59
64
         }
60
65
         return null;
61
-
62
66
     }
63
67
 
64
68
     private String generateSecret(String user, Date date) throws UnsupportedEncodingException, NoSuchAlgorithmException {
..
..
@@ -90,9 +94,11 @@
90
94
             String secret = parts[0];
91
95
             String user = parts[1];
92
96
             Date date = Utils.toDateFromIso(parts[2]);
93
-            if (new Date().after(new Date(date.getTime() + VALID_TOKEN_PERIOD * 60 * 60 * 1000))) {
94
-                return false;
95
-            }
97
+            if (date.getTime() > 0 || !user.equals(ApiResource.API_CLIENT_USERNAME)) {
98
+                if (new Date().after(new Date(date.getTime() + VALID_TOKEN_PERIOD * 60 * 60 * 1000))) {
99
+                    return false;
100
+                }
101
+            } // else: It's a securis-client API call
96
102
             String newSecret = generateSecret(user, date);
97
103
             return newSecret.equals(secret);
98
104
         } catch (IOException e) {
..
..
@@ -136,4 +142,10 @@
136
142
         return null;
137
143
     }
138
144
 
145
+    public static void main(String[] args) {
146
+        // client token:
147
+        // OTk3ODRiMzY5NzQ5MWI5NmYyZGQyODRiYjY2ZTU2YzdmMTZjYzM3YTY3N2ExM2M3ODI2MjU5ZTMzOTIyYjUzNSBfY2xpZW50IDE5NzAtMDEtMDFUMDA6NTk6NTkuOTk5KzAxMDA=
148
+        // OTk3ODRiMzY5NzQ5MWI5NmYyZGQyODRiYjY2ZTU2YzdmMTZjYzM3YTY3N2ExM2M3ODI2MjU5ZTMzOTIyYjUzNSBfY2xpZW50IDE5NzAtMDEtMDFUMDA6NTk6NTkuOTk5KzAxMDA=
149
+        System.out.print("client token: " + new TokenHelper().generateToken("_client", new Date(-1)));
150
+    }
139
151
 }