From 8fbfdea52598ae566beb0d67fa65515e4443ca06 Mon Sep 17 00:00:00 2001 From: Cleverson Sacramento Date: Wed, 17 Dec 2014 15:41:08 -0200 Subject: [PATCH] FWK-213: Implementação padrão do TokenManager em @ApplicationScoped (não recomendado em produção) --- archetype/html-rest/src/main/resources/archetype-resources/src/main/java/security/AppAuthenticator.java | 27 ++++++++------------------- archetype/html-rest/src/main/resources/archetype-resources/src/main/webapp/js/controller/login.js | 14 ++------------ archetype/html-rest/src/main/resources/archetype-resources/src/main/webapp/js/lib/app.js | 11 ++++++----- impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/DefaultTokenManager.java | 2 +- 4 files changed, 17 insertions(+), 37 deletions(-) diff --git a/archetype/html-rest/src/main/resources/archetype-resources/src/main/java/security/AppAuthenticator.java b/archetype/html-rest/src/main/resources/archetype-resources/src/main/java/security/AppAuthenticator.java index 40d2e00..9001412 100644 --- a/archetype/html-rest/src/main/resources/archetype-resources/src/main/java/security/AppAuthenticator.java +++ b/archetype/html-rest/src/main/resources/archetype-resources/src/main/java/security/AppAuthenticator.java @@ -2,45 +2,34 @@ package ${package}.security; import java.security.Principal; -import javax.enterprise.context.RequestScoped; - -import br.gov.frameworkdemoiselle.security.Authenticator; import br.gov.frameworkdemoiselle.security.Credentials; import br.gov.frameworkdemoiselle.security.InvalidCredentialsException; +import br.gov.frameworkdemoiselle.security.TokenAuthenticator; import br.gov.frameworkdemoiselle.util.Beans; -@RequestScoped -public class AppAuthenticator implements Authenticator { +public class AppAuthenticator extends TokenAuthenticator { private static final long serialVersionUID = 1L; - private Principal user; - @Override - public void authenticate() throws Exception { + protected Principal customAuthentication() throws Exception { + Principal user = null; final Credentials credentials = Beans.getReference(Credentials.class); + final String username = credentials.getUsername(); if (credentials.getPassword().equals("secret")) { - this.user = new Principal() { + user = new Principal() { @Override public String getName() { - return credentials.getUsername(); + return username; } }; } else { throw new InvalidCredentialsException(); } - } - @Override - public void unauthenticate() throws Exception { - this.user = null; - } - - @Override - public Principal getUser() { - return this.user; + return user; } } diff --git a/archetype/html-rest/src/main/resources/archetype-resources/src/main/webapp/js/controller/login.js b/archetype/html-rest/src/main/resources/archetype-resources/src/main/webapp/js/controller/login.js index d851127..a0598de 100644 --- a/archetype/html-rest/src/main/resources/archetype-resources/src/main/webapp/js/controller/login.js +++ b/archetype/html-rest/src/main/resources/archetype-resources/src/main/webapp/js/controller/login.js @@ -19,18 +19,8 @@ $(function() { }); }); -function make_base_auth(user, password) { - var tok = user + ':' + password; - var hash = btoa(tok); - return hash; -} - -function loginOk(data) { - var username = $("#username").val().trim(); - var password = $("#password").val().trim(); - var encoded = btoa(username + ':' + password); - - App.setToken(encoded); +function loginOk(data, status, request) { + App.setToken(request.getResponseHeader('Set-Token')); location.href = "home.html"; } diff --git a/archetype/html-rest/src/main/resources/archetype-resources/src/main/webapp/js/lib/app.js b/archetype/html-rest/src/main/resources/archetype-resources/src/main/webapp/js/lib/app.js index 062c89b..4c41ef7 100644 --- a/archetype/html-rest/src/main/resources/archetype-resources/src/main/webapp/js/lib/app.js +++ b/archetype/html-rest/src/main/resources/archetype-resources/src/main/webapp/js/lib/app.js @@ -20,21 +20,22 @@ var App = { }, setToken : function(token) { + console.log(token); sessionStorage.setItem(this.tokenKey, token); }, setHeader : function(request) { - request.setRequestHeader("Authorization", "Basic " + App.getToken()); + request.setRequestHeader("Authorization", "Token " + App.getToken()); }, removeToken : function() { sessionStorage.removeItem(this.tokenKey); + $.removeCookie("Token"); }, - + getUrlParameterByName : function(name) { name = name.replace(/[\[]/, "\\[").replace(/[\]]/, "\\]"); - var regex = new RegExp("[\\?&]" + name + "=([^&#]*)"), - results = regex.exec(location.search); - return results === null ? "" : decodeURIComponent(results[1].replace(/\+/g, " ")); + var regex = new RegExp("[\\?&]" + name + "=([^&#]*)"), results = regex.exec(location.search); + return results === null ? "" : decodeURIComponent(results[1].replace(/\+/g, " ")); } }; diff --git a/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/DefaultTokenManager.java b/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/DefaultTokenManager.java index 4e02484..541e1fa 100644 --- a/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/DefaultTokenManager.java +++ b/impl/extension/rest/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/DefaultTokenManager.java @@ -66,7 +66,7 @@ public class DefaultTokenManager implements TokenManager { return store.get(token); } - private class TokenStore implements Serializable { + public static class TokenStore implements Serializable { private static final long serialVersionUID = 1L; -- libgit2 0.21.2