From d152804fe3b05f6fda620db40e976fdc2287c768 Mon Sep 17 00:00:00 2001
From: Mike McKay <mfmckay@wustl.edu>
Date: Thu, 8 Sep 2016 15:31:36 -0500
Subject: [PATCH] XNAT-4424 Fixed timing of alias token expiration by doing
everything through Hibernate instead of direct database queries.
---
.../AliasTokenPreferenceHandlerMethod.java | 8 +++--
.../alias/ClearExpiredAliasTokens.java | 29 +++++++++----------
2 files changed, 19 insertions(+), 18 deletions(-)
diff --git a/src/main/java/org/nrg/xnat/event/listeners/methods/AliasTokenPreferenceHandlerMethod.java b/src/main/java/org/nrg/xnat/event/listeners/methods/AliasTokenPreferenceHandlerMethod.java
index 77436980..1a3192fc 100644
--- a/src/main/java/org/nrg/xnat/event/listeners/methods/AliasTokenPreferenceHandlerMethod.java
+++ b/src/main/java/org/nrg/xnat/event/listeners/methods/AliasTokenPreferenceHandlerMethod.java
@@ -2,6 +2,7 @@ package org.nrg.xnat.event.listeners.methods;
import com.google.common.collect.ImmutableList;
import org.nrg.xdat.preferences.SiteConfigPreferences;
+import org.nrg.xdat.services.AliasTokenService;
import org.nrg.xnat.security.alias.ClearExpiredAliasTokens;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -17,7 +18,8 @@ import java.util.concurrent.ScheduledFuture;
@Component
public class AliasTokenPreferenceHandlerMethod extends AbstractSiteConfigPreferenceHandlerMethod {
@Autowired
- public AliasTokenPreferenceHandlerMethod(final SiteConfigPreferences preferences, final JdbcTemplate template, final ThreadPoolTaskScheduler scheduler) {
+ public AliasTokenPreferenceHandlerMethod(final AliasTokenService service, final SiteConfigPreferences preferences, final JdbcTemplate template, final ThreadPoolTaskScheduler scheduler) {
+ _service=service;
_preferences = preferences;
_template = template;
_scheduler = scheduler;
@@ -49,7 +51,7 @@ public class AliasTokenPreferenceHandlerMethod extends AbstractSiteConfigPrefere
future.cancel(false);
}
_timeouts.clear();
- _timeouts.add(_scheduler.schedule(new ClearExpiredAliasTokens(_template), new CronTrigger(_preferences.getAliasTokenTimeoutSchedule())));
+ _timeouts.add(_scheduler.schedule(new ClearExpiredAliasTokens(_service, _preferences, _template), new CronTrigger(_preferences.getAliasTokenTimeoutSchedule())));
} catch (Exception e1) {
_log.error("", e1);
}
@@ -57,7 +59,7 @@ public class AliasTokenPreferenceHandlerMethod extends AbstractSiteConfigPrefere
private static final Logger _log = LoggerFactory.getLogger(AliasTokenPreferenceHandlerMethod.class);
private static final List<String> PREFERENCES = ImmutableList.copyOf(Arrays.asList("aliasTokenTimeout", "aliasTokenTimeoutSchedule"));
-
+ private final AliasTokenService _service;
private final SiteConfigPreferences _preferences;
private final JdbcTemplate _template;
private final ThreadPoolTaskScheduler _scheduler;
diff --git a/src/main/java/org/nrg/xnat/security/alias/ClearExpiredAliasTokens.java b/src/main/java/org/nrg/xnat/security/alias/ClearExpiredAliasTokens.java
index cf3bc7ab..eb5b64fa 100644
--- a/src/main/java/org/nrg/xnat/security/alias/ClearExpiredAliasTokens.java
+++ b/src/main/java/org/nrg/xnat/security/alias/ClearExpiredAliasTokens.java
@@ -10,20 +10,22 @@
*/
package org.nrg.xnat.security.alias;
-import org.nrg.xdat.XDAT;
+import org.hibernate.SessionFactory;
+import org.nrg.xdat.preferences.SiteConfigPreferences;
+import org.nrg.xdat.services.AliasTokenService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.jdbc.core.JdbcTemplate;
-import java.util.Arrays;
-import java.util.List;
+import javax.inject.Inject;
public class ClearExpiredAliasTokens implements Runnable {
- public ClearExpiredAliasTokens(final JdbcTemplate template) {
+ public ClearExpiredAliasTokens(final AliasTokenService aliasTokenService, final SiteConfigPreferences preferences, final JdbcTemplate template) {
if (_log.isDebugEnabled()) {
_log.debug("Initializing the alias token sweeper job");
}
-
+ _service = aliasTokenService;
+ _preferences=preferences;
_template = template;
}
@@ -34,19 +36,16 @@ public class ClearExpiredAliasTokens implements Runnable {
if (_log.isDebugEnabled()) {
_log.debug("Executing alias token sweep function");
}
- for (final String format : ALIAS_TOKEN_QUERIES) {
- final String query = String.format(format, XDAT.getSiteConfigPreferences().getAliasTokenTimeout());
- if (_log.isDebugEnabled()) {
- _log.debug("Executing alias token sweep query: " + query);
- }
- _template.execute(query);
- }
+ _service.invalidateExpiredTokens(_preferences.getAliasTokenTimeout());
}
+ private final SiteConfigPreferences _preferences;
+
+ @Inject
+ private SessionFactory _sessionFactory;
+
+ private final AliasTokenService _service;
private static final Logger _log = LoggerFactory.getLogger(ClearExpiredAliasTokens.class);
- private static final String QUERY_DELETE_TOKEN_IP_ADDRESSES = "DELETE FROM xhbm_alias_token_validipaddresses WHERE alias_token in (SELECT id FROM xhbm_alias_token WHERE created < NOW() - INTERVAL '%s')";
- private static final String QUERY_DELETE_ALIAS_TOKENS = "DELETE FROM xhbm_alias_token WHERE created < NOW() - INTERVAL '%s'";
- private static final List<String> ALIAS_TOKEN_QUERIES = Arrays.asList(QUERY_DELETE_TOKEN_IP_ADDRESSES, QUERY_DELETE_ALIAS_TOKENS);
private final JdbcTemplate _template;
}
--
GitLab