forked from actframework/actframework
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathSecureTicketCodec.java
More file actions
141 lines (123 loc) · 4.34 KB
/
SecureTicketCodec.java
File metadata and controls
141 lines (123 loc) · 4.34 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
package act.ws;
/*-
* #%L
* ACT Framework
* %%
* Copyright (C) 2014 - 2017 ActFramework
* %%
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
* #L%
*/
import org.osgl.$;
import org.osgl.http.H;
import org.osgl.util.C;
import org.osgl.util.S;
import java.util.Collection;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
/**
* Encode/decode a secure ticket from/to {@link H.Session}, or part of the session info
* @param <T> the encoded type
*/
public interface SecureTicketCodec<T> {
/**
* Generate a secure ticket from a session data
* @param session the session data
* @return a secure ticket
*/
T createTicket(H.Session session);
/**
* Parse a secure ticket and construct a session data. Note
* if the `ticket` specified is invalid then it shall return
* a `null` session
*
* @param ticket the secure ticket
* @return a session data from the ticket or `null` if the ticket is invalid to this codec
*/
H.Session parseTicket(T ticket);
/**
* Do sanity check on an object to quickly probe if it is a
* ticket that can be processed by this codec
*
* @param ticket the object to be tested
* @return `true` if the codec believe it can process the ticket or `false` if not sure
*/
boolean probeTicket(Object ticket);
abstract class Base<T> implements SecureTicketCodec<T> {
/**
* Encode the session id and payload data into the ticket with type `<T>`
* @param id the session id
* @param payload the payload data
* @return the ticket
*/
protected abstract T serialize(String id, Map<String, String> payload);
/**
* Decode the ticket and return the session ID and fill the payload map
*
* Note if the ticket is invalid, the implementation shall return a `null`
* `id` and leave the `payload` map untouched
*
* @param ticket the ticket to be decoded
* @param payload a Map passed in to be filled with decoded payload
* @return the session ID decoded from the ticket specified
*/
protected abstract String deserialize(T ticket, Map<String, String> payload);
private Set<String> keys;
public Base() {this(C.<String>set());}
public Base(Collection<String> keys) {
this.keys = C.set($.requireNotNull(keys));
}
public Base(String ... keys) {
this(C.listOf(keys));
}
public Base(String keys) {
this(C.listOf(keys.split(S.COMMON_SEP)));
}
@Override
public final T createTicket(H.Session session) {
String id = session.id();
Map<String, String> map = new HashMap<>();
Set<String> keys = this.keys;
if (keys.isEmpty()) {
keys = C.newSet(session.keySet());
keys.remove(H.Session.KEY_EXPIRATION);
keys.remove(H.Session.KEY_ID);
}
for (String key : keys) {
String val = session.get(key);
if (null != val) {
map.put(key, val);
}
}
return serialize(id, map);
}
@Override
public final H.Session parseTicket(T ticket) {
Map<String, String> payload = new HashMap<>();
String id = deserialize(ticket, payload);
if (null == payload) {
return null;
}
H.Session session = new H.Session();
$.setField("id", session, id);
if (payload.isEmpty()) {
return session;
}
for (Map.Entry<String, String> entry : payload.entrySet()) {
session.put(entry.getKey(), entry.getValue());
}
return session;
}
}
}