Uploaded image for project: 'Jackrabbit Oak'
  1. Jackrabbit Oak
  2. OAK-8316

Drop userId field in TokenLoginModule

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 1.14.0
    • Component/s: core, security
    • Labels:
      None

      Description

      TokenLoginModule.login contains the following code that may set the userId field:

      [...]
                  TokenCredentials tc = (TokenCredentials) credentials;
                  TokenAuthentication authentication = new TokenAuthentication(tokenProvider);
                  if (authentication.authenticate(tc)) {
                      tokenCredentials = tc;
                      tokenInfo = authentication.getTokenInfo();
                      userId = authentication.getUserId();
                      [...]
                 }
      

      however, TokenAuthentication.getUserId() will just delegate to TokenInfo.getUserId and setting the userId in the login module is IMO redundant. Also, upon commit the AuthInfo is ultimately populated with the ID retrieved from the TokenInfo and the userId field is ignored.

      I would therefore suggest to drop the extra userId field and simplify the code accordingly. Alex Deparvu, will attach a proposed patch later today.

        Attachments

        1. OAK-8316.patch
          4 kB
          Angela Schreiber

          Activity

            People

            • Assignee:
              angela Angela Schreiber
              Reporter:
              angela Angela Schreiber
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: