opendev/gerrit
Code Issues Proposed changes

Set AuthMethod on every request not just initial login

Browse Source 
The WebSession needs the current authentication method all
of the time, not just during an initial login.

Change-Id: I54a442d6e525fdf4fa5b4675dfcaa2aacb4ab44c
This commit is contained in:
Shawn O. Pearce
2012-06-19 18:19:38 -07:00
parent ead5078200
commit ec689b4b80
4 changed files with 12 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
gerrit-httpd/src/main/java/com/google/gerrit/httpd/CacheBasedWebSession.java
View File

@@ -93,6 +93,7 @@ public final class CacheBasedWebSession implements WebSession {
key = null;
val = null;
}
authMethod = isSignedIn() ? AuthMethod.COOKIE : AuthMethod.NONE;
if (isSignedIn() && val.needsCookieRefresh()) {
// Cookie is more than half old. Send the cookie again to the
@@ -166,9 +167,10 @@ public final class CacheBasedWebSession implements WebSession {
}
/** Set the user account for this current request only. */
public void setUserAccountId(Account.Id id) {
public void setUserAccountId(Account.Id id, AuthMethod method) {
key = new Key("id:" + id);
val = new Val(id, 0, false, null, "", 0);
authMethod = method;
}
public void logout() {

5
gerrit-httpd/src/main/java/com/google/gerrit/httpd/ContainerAuthFilter.java
View File

@@ -19,6 +19,7 @@ import static javax.servlet.http.HttpServletResponse.SC_UNAUTHORIZED;
import com.google.gerrit.server.account.AccountCache;
import com.google.gerrit.server.account.AccountState;
import com.google.gerrit.server.account.AuthMethod;
import com.google.gerrit.server.config.GerritServerConfig;
import com.google.inject.Inject;
import com.google.inject.Provider;
@@ -99,7 +100,9 @@ class ContainerAuthFilter implements Filter {
rsp.sendError(SC_UNAUTHORIZED);
return false;
}
session.get().setUserAccountId(who.getAccount().getId());
session.get().setUserAccountId(
who.getAccount().getId(),
AuthMethod.PASSWORD);
return true;
}
}

5
gerrit-httpd/src/main/java/com/google/gerrit/httpd/ProjectDigestFilter.java
View File

@@ -22,6 +22,7 @@ import static javax.servlet.http.HttpServletResponse.SC_UNAUTHORIZED;
import com.google.gerrit.server.account.AccountCache;
import com.google.gerrit.server.account.AccountState;
import com.google.gerrit.server.account.AuthMethod;
import com.google.gerrit.server.config.CanonicalWebUrl;
import com.google.gerrit.server.config.GerritServerConfig;
import com.google.gwtjsonrpc.server.SignedToken;
@@ -164,7 +165,9 @@ class ProjectDigestFilter implements Filter {
if (expect.equals(response)) {
try {
if (tokens.checkToken(nonce, "") != null) {
session.get().setUserAccountId(who.getAccount().getId());
session.get().setUserAccountId(
who.getAccount().getId(),
AuthMethod.PASSWORD);
return true;
} else {

2
gerrit-httpd/src/main/java/com/google/gerrit/httpd/WebSession.java
View File

@@ -40,7 +40,7 @@ public interface WebSession {
public void setAccessPath(AccessPath path);
/** Set the user account for this current request only. */
public void setUserAccountId(Account.Id id);
public void setUserAccountId(Account.Id id, AuthMethod method);
public void logout();
}