Skip to content

Commit

Permalink
Revert "Support concurrent refresh of refresh tokens (#38382)"
Browse files Browse the repository at this point in the history 
This reverts commit 21703fe.
  • Loading branch information
@tlrx
tlrx committed Mar 1, 2019
1 parent b199968 commit b54a95e
Show file tree
Hide file tree
Showing 12 changed files with 299 additions and 704 deletions.
19 changes: 10 additions & 9 deletions ...in/java/org/elasticsearch/xpack/core/security/authc/support/TokensInvalidationResult.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@
package org.elasticsearch.xpack.core.security.authc.support;

import org.elasticsearch.ElasticsearchException;
import org.elasticsearch.Version;
import org.elasticsearch.common.Nullable;
import org.elasticsearch.common.io.stream.StreamInput;
import org.elasticsearch.common.io.stream.StreamOutput;
Expand All @@ -33,9 +32,10 @@ public class TokensInvalidationResult implements ToXContentObject, Writeable {
private final List<String> invalidatedTokens;
private final List<String> previouslyInvalidatedTokens;
private final List<ElasticsearchException> errors;
private final int attemptCount;

public TokensInvalidationResult(List<String> invalidatedTokens, List<String> previouslyInvalidatedTokens,
@Nullable List<ElasticsearchException> errors) {
@Nullable List<ElasticsearchException> errors, int attemptCount) {
Objects.requireNonNull(invalidatedTokens, "invalidated_tokens must be provided");
this.invalidatedTokens = invalidatedTokens;
Objects.requireNonNull(previouslyInvalidatedTokens, "previously_invalidated_tokens must be provided");
Expand All @@ -45,19 +45,18 @@ public TokensInvalidationResult(List<String> invalidatedTokens, List<String> pre
} else {
this.errors = Collections.emptyList();
}
this.attemptCount = attemptCount;
}

public TokensInvalidationResult(StreamInput in) throws IOException {
this.invalidatedTokens = in.readStringList();
this.previouslyInvalidatedTokens = in.readStringList();
this.errors = in.readList(StreamInput::readException);
if (in.getVersion().before(Version.V_8_0_0)) {
in.readVInt();
}
this.attemptCount = in.readVInt();
}

public static TokensInvalidationResult emptyResult() {
return new TokensInvalidationResult(Collections.emptyList(), Collections.emptyList(), Collections.emptyList());
return new TokensInvalidationResult(Collections.emptyList(), Collections.emptyList(), Collections.emptyList(), 0);
}


Expand All @@ -73,6 +72,10 @@ public List<ElasticsearchException> getErrors() {
return errors;
}

public int getAttemptCount() {
return attemptCount;
}

@Override
public XContentBuilder toXContent(XContentBuilder builder, Params params) throws IOException {
builder.startObject()
Expand All @@ -97,8 +100,6 @@ public void writeTo(StreamOutput out) throws IOException {
out.writeStringCollection(invalidatedTokens);
out.writeStringCollection(previouslyInvalidatedTokens);
out.writeCollection(errors, StreamOutput::writeException);
if (out.getVersion().before(Version.V_8_0_0)) {
out.writeVInt(5);
}
out.writeVInt(attemptCount);
}
}
7 changes: 0 additions & 7 deletions x-pack/plugin/core/src/main/resources/security-index-template.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -199,13 +199,6 @@
"refreshed" : {
"type" : "boolean"
},
"refresh_time": {
"type": "date",
"format": "epoch_millis"
},
"superseded_by": {
"type": "keyword"
},
"invalidated" : {
"type" : "boolean"
},
Expand Down
9 changes: 6 additions & 3 deletions ...java/org/elasticsearch/xpack/core/security/action/token/InvalidateTokenResponseTests.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,8 @@ public void testSerialization() throws IOException {
TokensInvalidationResult result = new TokensInvalidationResult(Arrays.asList(generateRandomStringArray(20, 15, false)),
Arrays.asList(generateRandomStringArray(20, 15, false)),
Arrays.asList(new ElasticsearchException("foo", new IllegalArgumentException("this is an error message")),
new ElasticsearchException("bar", new IllegalArgumentException("this is an error message2"))));
new ElasticsearchException("bar", new IllegalArgumentException("this is an error message2"))),
randomIntBetween(0, 5));
InvalidateTokenResponse response = new InvalidateTokenResponse(result);
try (BytesStreamOutput output = new BytesStreamOutput()) {
response.writeTo(output);
Expand All @@ -46,7 +47,8 @@ public void testSerialization() throws IOException {
}

result = new TokensInvalidationResult(Arrays.asList(generateRandomStringArray(20, 15, false)),
Arrays.asList(generateRandomStringArray(20, 15, false)), Collections.emptyList());
Arrays.asList(generateRandomStringArray(20, 15, false)),
Collections.emptyList(), randomIntBetween(0, 5));
response = new InvalidateTokenResponse(result);
try (BytesStreamOutput output = new BytesStreamOutput()) {
response.writeTo(output);
Expand All @@ -66,7 +68,8 @@ public void testToXContent() throws IOException {
List previouslyInvalidatedTokens = Arrays.asList(generateRandomStringArray(20, 15, false));
TokensInvalidationResult result = new TokensInvalidationResult(invalidatedTokens, previouslyInvalidatedTokens,
Arrays.asList(new ElasticsearchException("foo", new IllegalArgumentException("this is an error message")),
new ElasticsearchException("bar", new IllegalArgumentException("this is an error message2"))));
new ElasticsearchException("bar", new IllegalArgumentException("this is an error message2"))),
randomIntBetween(0, 5));
InvalidateTokenResponse response = new InvalidateTokenResponse(result);
XContentBuilder builder = XContentFactory.jsonBuilder();
response.toXContent(builder, ToXContent.EMPTY_PARAMS);
Expand Down
2 changes: 1 addition & 1 deletion ...in/java/org/elasticsearch/xpack/security/action/saml/TransportSamlAuthenticateAction.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ protected void doExecute(Task task, SamlAuthenticateRequest request, ActionListe
final Map<String, Object> tokenMeta = (Map<String, Object>) result.getMetadata().get(SamlRealm.CONTEXT_TOKEN_DATA);
tokenService.createUserToken(authentication, originatingAuthentication,
ActionListener.wrap(tuple -> {
final String tokenString = tokenService.getAccessTokenAsString(tuple.v1());
final String tokenString = tokenService.getUserTokenString(tuple.v1());
final TimeValue expiresIn = tokenService.getExpirationDelay();
listener.onResponse(
new SamlAuthenticateResponse(authentication.getUser().principal(), tokenString, tuple.v2(), expiresIn));
Expand Down
2 changes: 1 addition & 1 deletion ...c/main/java/org/elasticsearch/xpack/security/action/token/TransportCreateTokenAction.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -89,7 +89,7 @@ private void createToken(CreateTokenRequest request, Authentication authenticati
boolean includeRefreshToken, ActionListener<CreateTokenResponse> listener) {
try {
tokenService.createUserToken(authentication, originatingAuth, ActionListener.wrap(tuple -> {
final String tokenStr = tokenService.getAccessTokenAsString(tuple.v1());
final String tokenStr = tokenService.getUserTokenString(tuple.v1());
final String scope = getResponseScopeValue(request.getScope());

final CreateTokenResponse response =
Expand Down
2 changes: 1 addition & 1 deletion .../main/java/org/elasticsearch/xpack/security/action/token/TransportRefreshTokenAction.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ public TransportRefreshTokenAction(TransportService transportService, ActionFilt
@Override
protected void doExecute(Task task, CreateTokenRequest request, ActionListener<CreateTokenResponse> listener) {
tokenService.refreshToken(request.getRefreshToken(), ActionListener.wrap(tuple -> {
final String tokenStr = tokenService.getAccessTokenAsString(tuple.v1());
final String tokenStr = tokenService.getUserTokenString(tuple.v1());
final String scope = getResponseScopeValue(request.getScope());

final CreateTokenResponse response =
Expand Down
Loading

0 comments on commit b54a95e

Please sign in to comment.