From: Mathieu Baudier Date: Mon, 2 Oct 2017 12:54:12 +0000 (+0200) Subject: Improve token authorisation X-Git-Tag: argeo-commons-2.1.70~50 X-Git-Url: http://git.argeo.org/?a=commitdiff_plain;h=9c1e0062044a1dcf34d34c7cda840334e56a289c;p=lgpl%2Fargeo-commons.git Improve token authorisation --- diff --git a/org.argeo.enterprise/src/org/argeo/naming/NamingUtils.java b/org.argeo.enterprise/src/org/argeo/naming/NamingUtils.java index fc505022f..0b74ee18c 100644 --- a/org.argeo.enterprise/src/org/argeo/naming/NamingUtils.java +++ b/org.argeo.enterprise/src/org/argeo/naming/NamingUtils.java @@ -4,7 +4,10 @@ import java.io.UnsupportedEncodingException; import java.net.URI; import java.net.URLDecoder; import java.nio.charset.StandardCharsets; +import java.time.Instant; import java.time.OffsetDateTime; +import java.time.ZoneOffset; +import java.time.ZonedDateTime; import java.time.format.DateTimeFormatter; import java.util.LinkedHashMap; import java.util.LinkedList; @@ -12,11 +15,15 @@ import java.util.List; import java.util.Map; public class NamingUtils { - private final static DateTimeFormatter ldapDateTimeFormatter = DateTimeFormatter - .ofPattern("uuuuMMddHHmmss[,S][.S]X"); + private final static DateTimeFormatter utcLdapDate = DateTimeFormatter.ofPattern("uuuuMMddHHmmssX") + .withZone(ZoneOffset.UTC); - public static OffsetDateTime ldapDateToInstant(String ldapDate) { - return OffsetDateTime.parse(ldapDate, ldapDateTimeFormatter); + public static Instant ldapDateToInstant(String ldapDate) { + return OffsetDateTime.parse(ldapDate, utcLdapDate).toInstant(); + } + + public static String instantToLdapDate(ZonedDateTime instant) { + return utcLdapDate.format(instant.withZoneSameInstant(ZoneOffset.UTC)); } public static String getQueryValue(Map> query, String key) { @@ -59,4 +66,11 @@ public class NamingUtils { private NamingUtils() { } + +// public static void main(String args[]) { +// ZonedDateTime now = ZonedDateTime.now().withZoneSameInstant(ZoneOffset.UTC); +// String str = utcLdapDate.format(now); +// System.out.println(str); +// utcLdapDate.parse(str); +// } } diff --git a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdifUser.java b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdifUser.java index 7cf416526..4eab8cd87 100644 --- a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdifUser.java +++ b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdifUser.java @@ -4,9 +4,8 @@ import java.net.URI; import java.net.URISyntaxException; import java.nio.ByteBuffer; import java.nio.CharBuffer; -import java.nio.charset.Charset; import java.nio.charset.StandardCharsets; -import java.time.OffsetDateTime; +import java.time.Instant; import java.util.ArrayList; import java.util.Arrays; import java.util.Base64; @@ -104,8 +103,8 @@ class LdifUser implements DirectoryUser { Map> query = NamingUtils.queryToMap(uri); String expiryTimestamp = NamingUtils.getQueryValue(query, LdapAttrs.modifyTimestamp.name()); if (expiryTimestamp != null) { - OffsetDateTime expiryOdt = NamingUtils.ldapDateToInstant(expiryTimestamp); - if (expiryOdt.isBefore(OffsetDateTime.now())) + Instant expiryOdt = NamingUtils.ldapDateToInstant(expiryTimestamp); + if (expiryOdt.isBefore(Instant.now())) return false; } else { throw new UnsupportedOperationException("An expiry timestamp " @@ -143,7 +142,7 @@ class LdifUser implements DirectoryUser { CharBuffer charBuffer = CharBuffer.wrap(chars); ByteBuffer byteBuffer = StandardCharsets.UTF_8.encode(charBuffer); byte[] bytes = Arrays.copyOfRange(byteBuffer.array(), byteBuffer.position(), byteBuffer.limit()); - Arrays.fill(charBuffer.array(), '\u0000'); // clear sensitive data + // Arrays.fill(charBuffer.array(), '\u0000'); // clear sensitive data Arrays.fill(byteBuffer.array(), (byte) 0); // clear sensitive data return bytes; }