// token credentials must be created
Set<TokenCredentials> tokenCreds = ((SessionImpl) s).getSubject().getPublicCredentials(TokenCredentials.class);
assertFalse(tokenCreds.isEmpty());
assertEquals(1, tokenCreds.size());
TokenCredentials tc = tokenCreds.iterator().next();
token = tc.getToken();
// original simple credentials: token attribute should be updated
assertNotNull(creds.getAttribute(TOKEN_ATTRIBUTE));
assertFalse("".equals(creds.getAttribute(TOKEN_ATTRIBUTE)));
// simple credentials must also be present on the subject
Set<SimpleCredentials> scs = ((SessionImpl) s).getSubject().getPublicCredentials(SimpleCredentials.class);
assertFalse(scs.isEmpty());
assertEquals(1, scs.size());
SimpleCredentials sc = scs.iterator().next();
assertNotNull(sc.getAttribute(TOKEN_ATTRIBUTE));
assertFalse("".equals(sc.getAttribute(TOKEN_ATTRIBUTE)));
// test if session attributes only exposed non-mandatory attributes
assertNull(s.getAttribute(TOKEN_ATTRIBUTE));
for (String attrName : tc.getAttributeNames()) {
if (TokenBasedAuthentication.isMandatoryAttribute(attrName)) {
assertNull(s.getAttribute(attrName));
} else {
assertEquals(tc.getAttribute(attrName), s.getAttribute(attrName));
}
}
// only test node characteristics if user-node resided within the same
// workspace as 'superuser' has been created for.
if (superuser.nodeExists(testuserPath)) {
Node userNode = superuser.getNode(testuserPath);
assertTrue(userNode.hasNode(TOKENS_NAME));
Node tNode = userNode.getNode(TOKENS_NAME);
assertTrue(tNode.hasNodes());
Node ttNode = tNode.getNodes().nextNode();
assertTrue(ttNode.hasProperty("attr"));
assertEquals("attr", ttNode.getProperty("attr").getString());
assertTrue(ttNode.hasProperty(TOKEN_ATTRIBUTE + ".any"));
assertEquals("any", ttNode.getProperty(TOKEN_ATTRIBUTE + ".any").getString());
String id = ttNode.getIdentifier();
assertTrue(token.startsWith(id));
}
} finally {
s.logout();
}
// login with token only must succeed as well.
TokenCredentials tokenOnly = new TokenCredentials(token);
tokenOnly.setAttribute(TOKEN_ATTRIBUTE + ".any", "any");
s = repo.login(tokenOnly);
try {
assertEquals(creds.getUserID(), s.getUserID());
Set<TokenCredentials> tokenCreds = ((SessionImpl) s).getSubject().getPublicCredentials(TokenCredentials.class);
assertFalse(tokenCreds.isEmpty());
assertEquals(1, tokenCreds.size());
TokenCredentials tc = tokenCreds.iterator().next();
String tk = tc.getToken();
assertEquals(token, tk);
assertNull(s.getAttribute(TOKEN_ATTRIBUTE));
for (String attrName : tc.getAttributeNames()) {
if (TokenBasedAuthentication.isMandatoryAttribute(attrName)) {
assertNull(s.getAttribute(attrName));
} else {
assertEquals(tc.getAttribute(attrName), s.getAttribute(attrName));
}
}
} finally {
s.logout();