KNOX-2623 - Lifespan attributes are optional on token generation UI and default to 1 hour (#460)
diff --git a/gateway-applications/src/main/resources/applications/tokengen/app/index.html b/gateway-applications/src/main/resources/applications/tokengen/app/index.html
index ce0ea37..36d0fa1 100644
--- a/gateway-applications/src/main/resources/applications/tokengen/app/index.html
+++ b/gateway-applications/src/main/resources/applications/tokengen/app/index.html
@@ -67,15 +67,18 @@
<label><i class="icon-info"></i> Configured maximum lifetime: </label>
<label id="maximumLifetimeText"></label>
<input type="number" id="maximumLifetimeSeconds" name="maximumLifetimeSeconds" style="display: none;">
- <label><i class="icon-time"></i> Lifetime (days, hours, mins):</label>
- <table>
- <tr>
- <td><input type="number" id="lt_days" name="lt_days" step="1" min="0" max="3650" value="1" size="3"></td> <!-- 10 years limit -->
- <td><input type="number" id="lt_hours" name="lt_hours" step="1" min="0" max="23" value="0" size="3"></td>
- <td><input type="number" id="lt_mins" name="lt_mins" step="1" min="0" max="59" value="0" size="3"></td>
- </tr>
- </table>
- <label style="display: none; color: red;" id="invalidLifetimeText"><i class="icon-warning"></i>Invalid lifetime!</label>
+ <div id="lifespanFields" style="display: none;">
+ <input id="lifespanInputEnabled" name="lifespanInputEnabled" type="text" style="display: none" value="false" />
+ <label><i class="icon-time"></i> Lifetime (days, hours, mins):</label>
+ <table>
+ <tr>
+ <td><input type="number" id="lt_days" name="lt_days" step="1" min="0" max="3650" value="0" size="3"></td> <!-- 10 years limit -->
+ <td><input type="number" id="lt_hours" name="lt_hours" step="1" min="0" max="23" value="1" size="3"></td>
+ <td><input type="number" id="lt_mins" name="lt_mins" step="1" min="0" max="59" value="0" size="3"></td>
+ </tr>
+ </table>
+ <label style="display: none; color: red;" id="invalidLifetimeText"><i class="icon-warning"></i>Invalid lifetime!</label>
+ </div>
</div>
<span id="errorBox" class="help-inline" style="color:white;display:none;"><span class="errorMsg"></span>
<i class="icon-warning-sign" style="color:#ae2817;"></i>
diff --git a/gateway-applications/src/main/resources/applications/tokengen/app/js/tokengen.js b/gateway-applications/src/main/resources/applications/tokengen/app/js/tokengen.js
index b5b4963..42d19c3 100644
--- a/gateway-applications/src/main/resources/applications/tokengen/app/js/tokengen.js
+++ b/gateway-applications/src/main/resources/applications/tokengen/app/js/tokengen.js
@@ -107,12 +107,21 @@
$('#maximumLifetimeText').text(resp.maximumLifetimeText);
$('#maximumLifetimeSeconds').text(resp.maximumLifetimeSeconds);
+
+ if (resp.lifespanInputEnabled === "true") {
+ $('#lifespanFields').show();
+ document.getElementById("lifespanInputEnabled").value = "true";
+ }
}
}
}
}
-function validateLifespan(days, hours, mins) {
+function validateLifespan(lifespanInputEnabled, days, hours, mins) {
+ if (lifespanInputEnabled === "false") {
+ return true;
+ }
+
//show possible contraint violations
days.reportValidity();
hours.reportValidity();
@@ -174,12 +183,16 @@
var lt_days = form.lt_days.value;
var lt_hours = form.lt_hours.value;
var lt_mins = form.lt_mins.value;
+ var lifespanInputEnabled = form.lifespanInputEnabled.value;
var _gen = function() {
var apiUrl = tokenURL;
- //Instantiate HTTP Request
- var params = '?lifespan=P' + lt_days + "DT" + lt_hours + "H" + lt_mins + "M"; //we need to support Java's Duration pattern
+ var params = "";
+ if (lifespanInputEnabled === "true") {
+ params = params + '?lifespan=P' + lt_days + "DT" + lt_hours + "H" + lt_mins + "M"; //we need to support Java's Duration pattern
+ }
+
if (form.comment.value != '') {
- params = params + '&comment=' + encodeURIComponent(form.comment.value);
+ params = params + (lifespanInputEnabled === "true" ? "&" : "?") + 'comment=' + encodeURIComponent(form.comment.value);
}
var request = ((window.XMLHttpRequest) ? new XMLHttpRequest() : new ActiveXObject("Microsoft.XMLHTTP"));
request.open("GET", apiUrl + params, true);
@@ -217,7 +230,7 @@
}
}
- if (validateLifespan(form.lt_days, form.lt_hours, form.lt_mins) && validateComment(form.comment)) {
+ if (validateLifespan(lifespanInputEnabled, form.lt_days, form.lt_hours, form.lt_mins) && validateComment(form.comment)) {
if (maximumLifetimeExceeded(form.maximumLifetimeSeconds.textContent, lt_days, lt_hours, lt_mins)) {
swal({
title: "Warning",
diff --git a/gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/TokenResource.java b/gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/TokenResource.java
index 213969c..c743a52 100644
--- a/gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/TokenResource.java
+++ b/gateway-service-knoxtoken/src/main/java/org/apache/knox/gateway/service/knoxtoken/TokenResource.java
@@ -104,6 +104,8 @@
private static final String TSS_ALLOWED_BACKEND_FOR_TOKENGEN = "allowedTssForTokengen";
private static final String TSS_MAXIMUM_LIFETIME_SECONDS = "maximumLifetimeSeconds";
private static final String TSS_MAXIMUM_LIFETIME_TEXT = "maximumLifetimeText";
+ private static final String LIFESPAN_INPUT_ENABLED_PARAM = "knox.token.lifespan.input.enabled";
+ private static final String LIFESPAN_INPUT_ENABLED_TEXT = "lifespanInputEnabled";
private static final long TOKEN_TTL_DEFAULT = 30000L;
static final String TOKEN_API_PATH = "knoxtoken/api/v1";
static final String RESOURCE_PATH = TOKEN_API_PATH + "/token";
@@ -278,6 +280,9 @@
} else {
tokenStateServiceStatusMap.put(TSS_STATUS_IS_MANAGEMENT_ENABLED, "false");
}
+ final String lifespanInputEnabledValue = context.getInitParameter(LIFESPAN_INPUT_ENABLED_PARAM);
+ final Boolean lifespanInputEnabled = lifespanInputEnabledValue == null ? Boolean.TRUE : Boolean.parseBoolean(lifespanInputEnabledValue);
+ tokenStateServiceStatusMap.put(LIFESPAN_INPUT_ENABLED_TEXT, lifespanInputEnabled.toString());
}
private void populateAllowedTokenStateBackendForTokenGenApp(final String actualTokenServiceName) {
diff --git a/gateway-service-knoxtoken/src/test/java/org/apache/knox/gateway/service/knoxtoken/TokenServiceResourceTest.java b/gateway-service-knoxtoken/src/test/java/org/apache/knox/gateway/service/knoxtoken/TokenServiceResourceTest.java
index 9438a79..d233ded 100644
--- a/gateway-service-knoxtoken/src/test/java/org/apache/knox/gateway/service/knoxtoken/TokenServiceResourceTest.java
+++ b/gateway-service-knoxtoken/src/test/java/org/apache/knox/gateway/service/knoxtoken/TokenServiceResourceTest.java
@@ -857,6 +857,7 @@
if (expectedAllowedTssFlag != null) {
assertEquals(statusMap.get("allowedTssForTokengen"), expectedAllowedTssFlag);
}
+ assertTrue(Boolean.parseBoolean(statusMap.get("lifespanInputEnabled")));
}
@Test
