HADOOP-11864. JWTRedirectAuthenticationHandler breaks java8 javadocs. (Larry McCay via stevel)

This commit is contained in:
Steve Loughran 2015-04-23 09:06:02 +01:00
parent 18eb5e7934
commit 08d4386162
2 changed files with 18 additions and 18 deletions

View File

@ -59,8 +59,9 @@ import com.nimbusds.jose.crypto.RSASSAVerifier;
* The user identity is then extracted from the token and used to create an
* AuthenticationToken - as expected by the AuthenticationFilter.
*
* <p/>
* <p>
* The supported configuration properties are:
* </p>
* <ul>
* <li>authentication.provider.url: the full URL to the authentication server.
* This is the URL that the handler will redirect the browser to in order to
@ -96,7 +97,7 @@ public class JWTRedirectAuthenticationHandler extends
* Primarily for testing, this provides a way to set the publicKey for
* signature verification without needing to get a PEM encoded value.
*
* @param pk
* @param pk publicKey for the token signtature verification
*/
public void setPublicKey(RSAPublicKey pk) {
publicKey = pk;
@ -104,9 +105,9 @@ public class JWTRedirectAuthenticationHandler extends
/**
* Initializes the authentication handler instance.
* <p/>
* <p>
* This method is invoked by the {@link AuthenticationFilter#init} method.
*
* </p>
* @param config
* configuration properties to initialize the handler.
*
@ -162,7 +163,7 @@ public class JWTRedirectAuthenticationHandler extends
HttpServletRequest req = (HttpServletRequest) request;
serializedJWT = getJWTFromCookie(req);
if (serializedJWT == null) {
String loginURL = constructLoginURL(request, response);
String loginURL = constructLoginURL(request);
LOG.info("sending redirect to: " + loginURL);
((HttpServletResponse) response).sendRedirect(loginURL);
} else {
@ -186,7 +187,7 @@ public class JWTRedirectAuthenticationHandler extends
LOG.debug("Issuing AuthenticationToken for user.");
token = new AuthenticationToken(userName, userName, getType());
} else {
String loginURL = constructLoginURL(request, response);
String loginURL = constructLoginURL(request);
LOG.info("token validation failed - sending redirect to: " + loginURL);
((HttpServletResponse) response).sendRedirect(loginURL);
}
@ -198,8 +199,7 @@ public class JWTRedirectAuthenticationHandler extends
* Encapsulate the acquisition of the JWT token from HTTP cookies within the
* request.
*
* @param serializedJWT
* @param req
* @param req servlet request to get the JWT token from
* @return serialized JWT token
*/
protected String getJWTFromCookie(HttpServletRequest req) {
@ -223,12 +223,10 @@ public class JWTRedirectAuthenticationHandler extends
* Create the URL to be used for authentication of the user in the absence of
* a JWT token within the incoming request.
*
* @param request
* @param response
* @param request for getting the original request URL
* @return url to use as login url for redirect
*/
protected String constructLoginURL(HttpServletRequest request,
HttpServletResponse response) {
protected String constructLoginURL(HttpServletRequest request) {
String delimiter = "?";
if (authenticationProviderUrl.contains("?")) {
delimiter = "&";
@ -245,9 +243,8 @@ public class JWTRedirectAuthenticationHandler extends
* this implementation through submethods used within but also allows for the
* override of the entire token validation algorithm.
*
* @param jwtToken
* @param jwtToken the token to validate
* @return true if valid
* @throws AuthenticationException
*/
protected boolean validateToken(SignedJWT jwtToken) {
boolean sigValid = validateSignature(jwtToken);
@ -272,8 +269,8 @@ public class JWTRedirectAuthenticationHandler extends
* provisioned public key. Override this method in subclasses in order to
* customize the signature verification behavior.
*
* @param jwtToken
* @throws AuthenticationException
* @param jwtToken the token that contains the signature to be validated
* @return valid true if signature verifies successfully; false otherwise
*/
protected boolean validateSignature(SignedJWT jwtToken) {
boolean valid = false;
@ -341,8 +338,8 @@ public class JWTRedirectAuthenticationHandler extends
* If it has then throw an AuthenticationException. Override this method in
* subclasses in order to customize the expiration validation behavior.
*
* @param jwtToken
* @throws AuthenticationException
* @param jwtToken the token that contains the expiration date to validate
* @return valid true if the token has not expired; false otherwise
*/
protected boolean validateExpiration(SignedJWT jwtToken) {
boolean valid = false;

View File

@ -545,6 +545,9 @@ Release 2.8.0 - UNRELEASED
HADOOP-11861. test-patch.sh rewrite addendum patch.
(Allen Wittenauer via cnauroth)
HADOOP-11864. JWTRedirectAuthenticationHandler breaks java8 javadocs.
(Larry McCay via stevel)
Release 2.7.1 - UNRELEASED
INCOMPATIBLE CHANGES