Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-22 20:12:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Use private Inner JdbcOneTimeTokenService classes

Browse Source 
Issue gh-15735
This commit is contained in:
Rob Winch 2024-10-01 08:59:52 -05:00
parent 612b15abcc
commit e8c71df899
2 changed files with 19 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
core/src/main/java/org/springframework/security/authentication/ott/JdbcOneTimeTokenService.java
View File

@ -224,7 +224,7 @@ public final class JdbcOneTimeTokenService implements OneTimeTokenService, Dispo
* @author Max Batischev * @author Max Batischev
* @since 6.4 * @since 6.4
*/ */
public static class OneTimeTokenParametersMapper implements Function<OneTimeToken, List<SqlParameterValue>> { private static class OneTimeTokenParametersMapper implements Function<OneTimeToken, List<SqlParameterValue>> {
@Override @Override
public List<SqlParameterValue> apply(OneTimeToken oneTimeToken) { public List<SqlParameterValue> apply(OneTimeToken oneTimeToken) {
@ -244,7 +244,7 @@ public final class JdbcOneTimeTokenService implements OneTimeTokenService, Dispo
* @author Max Batischev * @author Max Batischev
* @since 6.4 * @since 6.4
*/ */
public static class OneTimeTokenRowMapper implements RowMapper<OneTimeToken> { private static class OneTimeTokenRowMapper implements RowMapper<OneTimeToken> {
@Override @Override
public OneTimeToken mapRow(ResultSet rs, int rowNum) throws SQLException { public OneTimeToken mapRow(ResultSet rs, int rowNum) throws SQLException {

51
core/src/test/java/org/springframework/security/authentication/ott/JdbcOneTimeTokenServiceTests.java
View File

@ -17,27 +17,25 @@
package org.springframework.security.authentication.ott; package org.springframework.security.authentication.ott;
import java.time.Clock; import java.time.Clock;
import java.time.Duration;
import java.time.Instant; import java.time.Instant;
import java.time.ZoneOffset; import java.time.ZoneOffset;
import java.time.temporal.ChronoUnit; import java.time.temporal.ChronoUnit;
import java.util.List;
import org.junit.jupiter.api.AfterEach; import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test; import org.junit.jupiter.api.Test;
import org.springframework.jdbc.core.ArgumentPreparedStatementSetter;
import org.springframework.jdbc.core.JdbcOperations; import org.springframework.jdbc.core.JdbcOperations;
import org.springframework.jdbc.core.JdbcTemplate; import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.jdbc.core.PreparedStatementSetter;
import org.springframework.jdbc.core.SqlParameterValue;
import org.springframework.jdbc.datasource.embedded.EmbeddedDatabase; import org.springframework.jdbc.datasource.embedded.EmbeddedDatabase;
import org.springframework.jdbc.datasource.embedded.EmbeddedDatabaseBuilder; import org.springframework.jdbc.datasource.embedded.EmbeddedDatabaseBuilder;
import org.springframework.jdbc.datasource.embedded.EmbeddedDatabaseType; import org.springframework.jdbc.datasource.embedded.EmbeddedDatabaseType;
import org.springframework.util.CollectionUtils;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
import static org.mockito.BDDMockito.given;
import static org.mockito.Mockito.mock;
/** /**
* Tests for {@link JdbcOneTimeTokenService}. * Tests for {@link JdbcOneTimeTokenService}.
@ -58,8 +56,6 @@ public class JdbcOneTimeTokenServiceTests {
private JdbcOneTimeTokenService oneTimeTokenService; private JdbcOneTimeTokenService oneTimeTokenService;
private final JdbcOneTimeTokenService.OneTimeTokenParametersMapper oneTimeTokenParametersMapper = new JdbcOneTimeTokenService.OneTimeTokenParametersMapper();
@BeforeEach @BeforeEach
void setUp() { void setUp() {
this.db = createDb(); this.db = createDb();
@ -115,7 +111,8 @@ public class JdbcOneTimeTokenServiceTests {
void generateThenTokenValueShouldBeValidUuidAndProvidedUsernameIsUsed() { void generateThenTokenValueShouldBeValidUuidAndProvidedUsernameIsUsed() {
OneTimeToken oneTimeToken = this.oneTimeTokenService.generate(new GenerateOneTimeTokenRequest(USERNAME)); OneTimeToken oneTimeToken = this.oneTimeTokenService.generate(new GenerateOneTimeTokenRequest(USERNAME));
OneTimeToken persistedOneTimeToken = selectOneTimeToken(oneTimeToken.getTokenValue()); OneTimeToken persistedOneTimeToken = this.oneTimeTokenService
.consume(new OneTimeTokenAuthenticationToken(oneTimeToken.getTokenValue()));
assertThat(persistedOneTimeToken).isNotNull(); assertThat(persistedOneTimeToken).isNotNull();
assertThat(persistedOneTimeToken.getUsername()).isNotNull(); assertThat(persistedOneTimeToken.getUsername()).isNotNull();
assertThat(persistedOneTimeToken.getTokenValue()).isNotNull(); assertThat(persistedOneTimeToken.getTokenValue()).isNotNull();
@ -134,7 +131,8 @@ public class JdbcOneTimeTokenServiceTests {
assertThat(consumedOneTimeToken.getUsername()).isNotNull(); assertThat(consumedOneTimeToken.getUsername()).isNotNull();
assertThat(consumedOneTimeToken.getTokenValue()).isNotNull(); assertThat(consumedOneTimeToken.getTokenValue()).isNotNull();
assertThat(consumedOneTimeToken.getExpiresAt()).isNotNull(); assertThat(consumedOneTimeToken.getExpiresAt()).isNotNull();
OneTimeToken persistedOneTimeToken = selectOneTimeToken(consumedOneTimeToken.getTokenValue()); OneTimeToken persistedOneTimeToken = this.oneTimeTokenService
.consume(new OneTimeTokenAuthenticationToken(consumedOneTimeToken.getTokenValue()));
assertThat(persistedOneTimeToken).isNull(); assertThat(persistedOneTimeToken).isNull();
} }
@ -162,15 +160,19 @@ public class JdbcOneTimeTokenServiceTests {
@Test @Test
void cleanupExpiredTokens() { void cleanupExpiredTokens() {
OneTimeToken token1 = new DefaultOneTimeToken("123", USERNAME, Instant.now().minusSeconds(300)); Clock clock = mock(Clock.class);
OneTimeToken token2 = new DefaultOneTimeToken("456", USERNAME, Instant.now().minusSeconds(300)); Instant fiveMinutesAgo = Instant.now().minus(Duration.ofMinutes(5));
saveToken(token1); given(clock.instant()).willReturn(fiveMinutesAgo);
saveToken(token2); this.oneTimeTokenService.setClock(clock);
OneTimeToken token1 = this.oneTimeTokenService.generate(new GenerateOneTimeTokenRequest(USERNAME));
OneTimeToken token2 = this.oneTimeTokenService.generate(new GenerateOneTimeTokenRequest(USERNAME));
this.oneTimeTokenService.cleanupExpiredTokens(); this.oneTimeTokenService.cleanupExpiredTokens();
OneTimeToken deletedOneTimeToken1 = selectOneTimeToken("123"); OneTimeToken deletedOneTimeToken1 = this.oneTimeTokenService
OneTimeToken deletedOneTimeToken2 = selectOneTimeToken("456"); .consume(new OneTimeTokenAuthenticationToken(token1.getTokenValue()));
OneTimeToken deletedOneTimeToken2 = this.oneTimeTokenService
.consume(new OneTimeTokenAuthenticationToken(token2.getTokenValue()));
assertThat(deletedOneTimeToken1).isNull(); assertThat(deletedOneTimeToken1).isNull();
assertThat(deletedOneTimeToken2).isNull(); assertThat(deletedOneTimeToken2).isNull();
} }
@ -186,23 +188,4 @@ public class JdbcOneTimeTokenServiceTests {
this.oneTimeTokenService.setCleanupCron(null); this.oneTimeTokenService.setCleanupCron(null);
} }
private void saveToken(OneTimeToken oneTimeToken) {
List<SqlParameterValue> parameters = this.oneTimeTokenParametersMapper.apply(oneTimeToken);
PreparedStatementSetter pss = new ArgumentPreparedStatementSetter(parameters.toArray());
this.jdbcOperations.update("INSERT INTO one_time_tokens (token_value, username, expires_at) VALUES (?, ?, ?)",
pss);
}
private OneTimeToken selectOneTimeToken(String tokenValue) {
// @formatter:off
List<OneTimeToken> result = this.jdbcOperations.query(
"select token_value, username, expires_at from one_time_tokens where token_value = ?",
new JdbcOneTimeTokenService.OneTimeTokenRowMapper(), tokenValue);
if (CollectionUtils.isEmpty(result)) {
return null;
}
return result.get(0);
// @formatter:on
}
} }