SEC-178: Refactor AbstractAuthenticationToken.

core/src/main/java/org/acegisecurity/providers/AbstractAuthenticationToken.java

@@ -20,8 +20,12 @@ import org.acegisecurity.GrantedAuthority;
 
 import org.acegisecurity.userdetails.UserDetails;
 
+import org.springframework.util.Assert;
+
+
 /**
- * Base class for Authentication objects.
+ * Base class for <code>Authentication</code> objects.
+ * 
  * <p>
  * Implementations which use this class should be immutable.
  * </p>
@@ -31,9 +35,11 @@ import org.acegisecurity.userdetails.UserDetails;
  * @version $Id$
  */
 public abstract class AbstractAuthenticationToken implements Authentication {
+    //~ Instance fields ========================================================
 
-    //~ Instance fields
+    private Object details;
     private GrantedAuthority[] authorities;
+    private boolean authenticated = false;
 
     //~ Constructors ===========================================================
 
@@ -42,27 +48,27 @@ public abstract class AbstractAuthenticationToken implements Authentication {
      * <tt>AbstractAuthenticationToken(GrantedAuthority[])</tt> constructor
      * was introduced.
      *
-     * @deprecated in favour of the constructor which takes a GrantedAuthority[]
-     * argument. 
+     * @deprecated in favour of the constructor which takes a
+     *             <code>GrantedAuthority[]</code> argument.
      */
-    public AbstractAuthenticationToken() {
-
-    }
+    public AbstractAuthenticationToken() {}
 
     /**
      * Creates a token with the supplied array of authorities.
      *
-     * @param authorities the list of <tt>GrantedAuthority</tt>s for the principal
-     *                    represented by this authentication object. A null value
-     *                    indicates that no authorities have been granted.
+     * @param authorities the list of <tt>GrantedAuthority</tt>s for the
+     *        principal represented by this authentication object. A
+     *        <code>null</code> value indicates that no authorities have been
+     *        granted (pursuant to the interface contract specified by {@link
+     *        Authentication#getAuthorities()}<code>null</code> should only be
+     *        presented if the principal has not been authenticated).
      */
     public AbstractAuthenticationToken(GrantedAuthority[] authorities) {
-        if(authorities != null) {
+        if (authorities != null) {
             for (int i = 0; i < authorities.length; i++) {
-                if(authorities[i] == null) {
-                    throw new IllegalArgumentException("Granted authority element " + i
-                        + " is null - GrantedAuthority[] cannot contain any null elements");
-                }
+                Assert.notNull(authorities[i],
+                    "Granted authority element " + i
+                    + " is null - GrantedAuthority[] cannot contain any null elements");
             }
         }
 
@@ -94,34 +100,29 @@ public abstract class AbstractAuthenticationToken implements Authentication {
                 }
             }
 
-            return (this.getPrincipal().equals(test.getPrincipal())
-                && this.getCredentials().equals(test.getCredentials())
-                && (this.isAuthenticated() == test.isAuthenticated()));
-        }
+            if ((this.details == null) && (test.getDetails() != null)) {
+                return false;
+            }
 
-        return false;
-    }
+            if ((this.details != null) && (test.getDetails() == null)) {
+                return false;
+            }
 
-    /**
-     * Subclasses should override if they wish to provide additional details
-     * about the authentication event.
-     *
-     * @return always <code>null</code>
-     */
-    public Object getDetails() {
-        return null;
-    }
+            if ((this.details != null)
+                && (!this.details.equals(test.getDetails()))) {
+                return false;
+            }
 
-    public String getName() {
-        if (this.getPrincipal() instanceof UserDetails) {
-            return ((UserDetails) this.getPrincipal()).getUsername();
+            return (this.getPrincipal().equals(test.getPrincipal())
+            && this.getCredentials().equals(test.getCredentials())
+            && (this.isAuthenticated() == test.isAuthenticated()));
         }
 
-        return this.getPrincipal().toString();
+        return false;
     }
 
     public GrantedAuthority[] getAuthorities() {
-        if(authorities == null) {
+        if (authorities == null) {
             return null;
         }
 
@@ -131,6 +132,18 @@ public abstract class AbstractAuthenticationToken implements Authentication {
         return copy;
     }
 
+    public Object getDetails() {
+        return details;
+    }
+
+    public String getName() {
+        if (this.getPrincipal() instanceof UserDetails) {
+            return ((UserDetails) this.getPrincipal()).getUsername();
+        }
+
+        return this.getPrincipal().toString();
+    }
+
     public int hashCode() {
         int code = 2305;
 
@@ -148,13 +161,29 @@ public abstract class AbstractAuthenticationToken implements Authentication {
             code = code * (this.getCredentials().hashCode() % 7);
         }
 
+        if (this.getDetails() != null) {
+            code = code * (this.getDetails().hashCode() % 7);
+        }
+
         if (this.isAuthenticated()) {
-            code = code * -1;
+            code = code * -3;
         }
 
         return code;
     }
 
+    public boolean isAuthenticated() {
+        return authenticated;
+    }
+
+    public void setAuthenticated(boolean authenticated) {
+        this.authenticated = authenticated;
+    }
+
+    public void setDetails(Object details) {
+        this.details = details;
+    }
+
     public String toString() {
         StringBuffer sb = new StringBuffer();
         sb.append(super.toString()).append(": ");

core/src/main/java/org/acegisecurity/providers/TestingAuthenticationToken.java

@@ -1,4 +1,4 @@
-/* Copyright 2004 Acegi Technology Pty Limited
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -19,8 +19,8 @@ import org.acegisecurity.GrantedAuthority;
 
 
 /**
- * An {@link org.acegisecurity.Authentication} implementation that is
- * designed for use whilst unit testing.
+ * An {@link org.acegisecurity.Authentication} implementation that is designed
+ * for use whilst unit testing.
  * 
  * <p>
  * The corresponding authentication provider is  {@link
@@ -35,7 +35,6 @@ public class TestingAuthenticationToken extends AbstractAuthenticationToken {
 
     private Object credentials;
     private Object principal;
-    private boolean authenticated = false;
 
     //~ Constructors ===========================================================
 
@@ -48,14 +47,6 @@ public class TestingAuthenticationToken extends AbstractAuthenticationToken {
 
     //~ Methods ================================================================
 
-    public void setAuthenticated(boolean isAuthenticated) {
-        this.authenticated = isAuthenticated;
-    }
-
-    public boolean isAuthenticated() {
-        return this.authenticated;
-    }
-
     public Object getCredentials() {
         return this.credentials;
     }

core/src/main/java/org/acegisecurity/providers/UsernamePasswordAuthenticationToken.java

@@ -1,4 +1,4 @@
-/* Copyright 2004, 2005 Acegi Technology Pty Limited
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -19,8 +19,8 @@ import org.acegisecurity.GrantedAuthority;
 
 
 /**
- * An {@link org.acegisecurity.Authentication} implementation that is
- * designed for simple presentation of a username and password.
+ * An {@link org.acegisecurity.Authentication} implementation that is designed
+ * for simple presentation of a username and password.
  * 
  * <p>
  * The <code>principal</code> and <code>credentials</code> should be set with
@@ -37,9 +37,7 @@ public class UsernamePasswordAuthenticationToken
     //~ Instance fields ========================================================
 
     private Object credentials;
-    private Object details = null;
     private Object principal;
-    private boolean authenticated;
 
     //~ Constructors ===========================================================
 
@@ -56,7 +54,7 @@ public class UsernamePasswordAuthenticationToken
         super(null);
         this.principal = principal;
         this.credentials = credentials;
-        this.authenticated = false;
+        setAuthenticated(false);
     }
 
     /**
@@ -75,43 +73,26 @@ public class UsernamePasswordAuthenticationToken
         super(authorities);
         this.principal = principal;
         this.credentials = credentials;
-        this.authenticated = true;
+        super.setAuthenticated(true); // must use super, as we override
     }
 
     //~ Methods ================================================================
 
-    public void setAuthenticated(boolean isAuthenticated)
-        throws IllegalArgumentException {
-        if (isAuthenticated) {
-            throw new IllegalArgumentException(
-                "Cannot set this token to trusted - use constructor containing GrantedAuthority[]s instead");
-        }
-
-        this.authenticated = isAuthenticated;
-    }
-
-    public boolean isAuthenticated() {
-        return this.authenticated;
-    }
-
     public Object getCredentials() {
         return this.credentials;
     }
 
-    public void setDetails(Object details) {
-        this.details = details;
+    public Object getPrincipal() {
+        return this.principal;
     }
 
-    /**
-     * Usually a {@link org.acegisecurity.ui.WebAuthenticationDetails}.
-     *
-     * @return the authentication request details, or <code>null</code>
-     */
-    public Object getDetails() {
-        return details;
-    }
+    public void setAuthenticated(boolean isAuthenticated)
+        throws IllegalArgumentException {
+        if (isAuthenticated == true) {
+            throw new IllegalArgumentException(
+                "Cannot set this token to trusted - use constructor containing GrantedAuthority[]s instead");
+        }
 
-    public Object getPrincipal() {
-        return this.principal;
+        super.setAuthenticated(false);
     }
 }

core/src/main/java/org/acegisecurity/providers/anonymous/AnonymousAuthenticationToken.java

@@ -32,9 +32,7 @@ public class AnonymousAuthenticationToken extends AbstractAuthenticationToken
     implements Serializable {
     //~ Instance fields ========================================================
 
-    private Object details;
     private Object principal;
-    private boolean authenticated;
     private int keyHash;
 
     //~ Constructors ===========================================================
@@ -61,7 +59,7 @@ public class AnonymousAuthenticationToken extends AbstractAuthenticationToken
 
         this.keyHash = key.hashCode();
         this.principal = principal;
-        this.authenticated = true;
+        setAuthenticated(true);
     }
 
     //~ Methods ================================================================
@@ -77,20 +75,8 @@ public class AnonymousAuthenticationToken extends AbstractAuthenticationToken
             if (this.getKeyHash() != test.getKeyHash()) {
                 return false;
             }
-
-            if ((this.details == null) && (test.getDetails() == null)) {
-                return true;
-            }
-
-            if ((this.details == null) && (test.getDetails() != null)) {
-                return false;
-            }
-
-            if ((this.details != null) && (test.getDetails() == null)) {
-                return false;
-            }
-
-            return this.details.equals(test.getDetails());
+            
+            return true;
         }
 
         return false;
@@ -105,10 +91,6 @@ public class AnonymousAuthenticationToken extends AbstractAuthenticationToken
         return "";
     }
 
-    public Object getDetails() {
-        return details;
-    }
-
     public int getKeyHash() {
         return this.keyHash;
     }
@@ -116,16 +98,4 @@ public class AnonymousAuthenticationToken extends AbstractAuthenticationToken
     public Object getPrincipal() {
         return this.principal;
     }
-
-    public boolean isAuthenticated() {
-        return this.authenticated;
-    }
-
-    public void setAuthenticated(boolean isAuthenticated) {
-        this.authenticated = isAuthenticated;
-    }
-
-    public void setDetails(Object details) {
-        this.details = details;
-    }
 }

core/src/main/java/org/acegisecurity/providers/cas/CasAuthenticationToken.java

@@ -21,8 +21,6 @@ import org.acegisecurity.providers.AbstractAuthenticationToken;
 
 import org.acegisecurity.userdetails.UserDetails;
 
-import org.springframework.util.Assert;
-
 import java.io.Serializable;
 
 import java.util.List;
@@ -43,7 +41,6 @@ public class CasAuthenticationToken extends AbstractAuthenticationToken
     private Object principal;
     private String proxyGrantingTicketIou;
     private UserDetails userDetails;
-    private boolean authenticated;
     private int keyHash;
 
     //~ Constructors ===========================================================
@@ -72,6 +69,7 @@ public class CasAuthenticationToken extends AbstractAuthenticationToken
         Object credentials, GrantedAuthority[] authorities,
         UserDetails userDetails, List proxyList, String proxyGrantingTicketIou) {
         super(authorities);
+
         if ((key == null) || ("".equals(key)) || (principal == null)
             || "".equals(principal) || (credentials == null)
             || "".equals(credentials) || (authorities == null)
@@ -87,7 +85,7 @@ public class CasAuthenticationToken extends AbstractAuthenticationToken
         this.userDetails = userDetails;
         this.proxyList = proxyList;
         this.proxyGrantingTicketIou = proxyGrantingTicketIou;
-        this.authenticated = true;
+        setAuthenticated(true);
     }
 
     //~ Methods ================================================================
@@ -151,22 +149,15 @@ public class CasAuthenticationToken extends AbstractAuthenticationToken
         return userDetails;
     }
 
-    public boolean isAuthenticated() {
-        return this.authenticated;
-    }
-
-    public void setAuthenticated(boolean isAuthenticated) {
-        this.authenticated = isAuthenticated;
-    }
-
     public String toString() {
         StringBuffer sb = new StringBuffer();
         sb.append(super.toString());
-        sb.append("; Credentials (Service/Proxy Ticket): ").append(this.credentials);
-        sb.append("; Proxy-Granting Ticket IOU: ").append(this.proxyGrantingTicketIou);
+        sb.append("; Credentials (Service/Proxy Ticket): ")
+          .append(this.credentials);
+        sb.append("; Proxy-Granting Ticket IOU: ")
+          .append(this.proxyGrantingTicketIou);
         sb.append("; Proxy List: ").append(this.proxyList);
 
-
         return (sb.toString());
     }
 }

core/src/main/java/org/acegisecurity/providers/rememberme/RememberMeAuthenticationToken.java

@@ -1,4 +1,4 @@
-/* Copyright 2004, 2005 Acegi Technology Pty Limited
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,12 +16,13 @@
 package org.acegisecurity.providers.rememberme;
 
 import org.acegisecurity.GrantedAuthority;
-import org.acegisecurity.providers.AbstractAuthenticationToken;
 
-import java.io.Serializable;
+import org.acegisecurity.providers.AbstractAuthenticationToken;
 
 import org.springframework.util.Assert;
 
+import java.io.Serializable;
+
 
 /**
  * Represents a remembered <code>Authentication</code>.
@@ -41,7 +42,6 @@ public class RememberMeAuthenticationToken extends AbstractAuthenticationToken
 
     private Object principal;
     private int keyHash;
-	private boolean authenticated;
 
     //~ Constructors ===========================================================
 
@@ -66,24 +66,34 @@ public class RememberMeAuthenticationToken extends AbstractAuthenticationToken
         }
 
         for (int i = 0; i < authorities.length; i++) {
-            Assert.notNull(authorities[i], "Granted authority element "
-                    + i
-                    + " is null - GrantedAuthority[] cannot contain any null elements");
+            Assert.notNull(authorities[i],
+                "Granted authority element " + i
+                + " is null - GrantedAuthority[] cannot contain any null elements");
         }
 
         this.keyHash = key.hashCode();
         this.principal = principal;
-		this.authenticated = true;
+        setAuthenticated(true);
     }
 
     //~ Methods ================================================================
 
-    public void setAuthenticated(boolean isAuthenticated) {
-        this.authenticated = isAuthenticated;
-    }
+    public boolean equals(Object obj) {
+        if (!super.equals(obj)) {
+            return false;
+        }
+
+        if (obj instanceof RememberMeAuthenticationToken) {
+            RememberMeAuthenticationToken test = (RememberMeAuthenticationToken) obj;
+
+            if (this.getKeyHash() != test.getKeyHash()) {
+                return false;
+            }
+
+            return true;
+        }
 
-    public boolean isAuthenticated() {
-        return this.authenticated;
+        return false;
     }
 
     /**
@@ -102,22 +112,4 @@ public class RememberMeAuthenticationToken extends AbstractAuthenticationToken
     public Object getPrincipal() {
         return this.principal;
     }
-
-    public boolean equals(Object obj) {
-        if (!super.equals(obj)) {
-            return false;
-        }
-
-        if (obj instanceof RememberMeAuthenticationToken) {
-            RememberMeAuthenticationToken test = (RememberMeAuthenticationToken) obj;
-
-            if (this.getKeyHash() != test.getKeyHash()) {
-                return false;
-            }
-
-            return true;
-        }
-
-        return false;
-    }
 }

core/src/main/java/org/acegisecurity/providers/x509/X509AuthenticationToken.java

@@ -1,4 +1,4 @@
-/* Copyright 2004, 2005 Acegi Technology Pty Limited
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -15,13 +15,16 @@
 
 package org.acegisecurity.providers.x509;
 
-import org.acegisecurity.providers.AbstractAuthenticationToken;
 import org.acegisecurity.GrantedAuthority;
 
+import org.acegisecurity.providers.AbstractAuthenticationToken;
+
 import java.security.cert.X509Certificate;
 
+
 /**
- * <code>Authentication</code> implementation for X.509 client-certificate authentication.
+ * <code>Authentication</code> implementation for X.509 client-certificate
+ * authentication.
  *
  * @author Luke Taylor
  * @version $Id$
@@ -29,46 +32,30 @@ import java.security.cert.X509Certificate;
 public class X509AuthenticationToken extends AbstractAuthenticationToken {
     //~ Instance fields ========================================================
 
-    private X509Certificate credentials;
     private Object principal;
-    private boolean authenticated = false;
-    private Object details = null;
+    private X509Certificate credentials;
 
     //~ Constructors ===========================================================
 
-    /** Used for an authentication request */
+    /**
+     * Used for an authentication request
+     *
+     * @param credentials DOCUMENT ME!
+     */
     public X509AuthenticationToken(X509Certificate credentials) {
         super(null);
         this.credentials = credentials;
     }
 
     public X509AuthenticationToken(Object principal,
-                                   X509Certificate credentials,
-                                   GrantedAuthority[] authorities) {
+        X509Certificate credentials, GrantedAuthority[] authorities) {
         super(authorities);
-        this.principal = principal;        
+        this.principal = principal;
         this.credentials = credentials;
     }
 
     //~ Methods ================================================================
 
-    public Object getDetails() {
-        return details;
-    }
-
-    public void setDetails(Object details) {
-        this.details = details;
-    }
-
-
-    public void setAuthenticated(boolean isAuthenticated) {
-        this.authenticated = isAuthenticated;
-    }
-
-    public boolean isAuthenticated() {
-        return authenticated;
-    }
-
     public Object getCredentials() {
         return credentials;
     }

core/src/main/java/org/acegisecurity/runas/RunAsUserToken.java

@@ -1,4 +1,4 @@
-/* Copyright 2004 Acegi Technology Pty Limited
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,12 +16,13 @@
 package org.acegisecurity.runas;
 
 import org.acegisecurity.GrantedAuthority;
+
 import org.acegisecurity.providers.AbstractAuthenticationToken;
 
 
 /**
- * An immutable {@link org.acegisecurity.Authentication}  implementation
- * that supports {@link RunAsManagerImpl}.
+ * An immutable {@link org.acegisecurity.Authentication}  implementation that
+ * supports {@link RunAsManagerImpl}.
  *
  * @author Ben Alex
  * @version $Id$
@@ -33,7 +34,6 @@ public class RunAsUserToken extends AbstractAuthenticationToken {
     private Object credentials;
     private Object principal;
     private int keyHash;
-	private boolean authenticated;
 
     //~ Constructors ===========================================================
 
@@ -44,19 +44,11 @@ public class RunAsUserToken extends AbstractAuthenticationToken {
         this.principal = principal;
         this.credentials = credentials;
         this.originalAuthentication = originalAuthentication;
-		this.authenticated = true;
+        setAuthenticated(true);
     }
 
     //~ Methods ================================================================
 
-    public void setAuthenticated(boolean isAuthenticated) {
-        this.authenticated = isAuthenticated;
-    }
-
-    public boolean isAuthenticated() {
-        return this.authenticated;
-    }
-
     public Object getCredentials() {
         return this.credentials;
     }
@@ -75,7 +67,8 @@ public class RunAsUserToken extends AbstractAuthenticationToken {
 
     public String toString() {
         StringBuffer sb = new StringBuffer(super.toString());
-        sb.append("; Original Class: ").append(this.originalAuthentication.getName());
+        sb.append("; Original Class: ")
+          .append(this.originalAuthentication.getName());
 
         return sb.toString();
     }

core/src/test/java/org/acegisecurity/MockRunAsAuthenticationToken.java

@@ -1,4 +1,4 @@
-/* Copyright 2004 Acegi Technology Pty Limited
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -26,10 +26,6 @@ import org.acegisecurity.providers.AbstractAuthenticationToken;
  * @version $Id$
  */
 public class MockRunAsAuthenticationToken extends AbstractAuthenticationToken {
-    //~ Instance fields ========================================================
-
-    private boolean authenticated = false;
-
     //~ Constructors ===========================================================
 
     public MockRunAsAuthenticationToken() {
@@ -38,14 +34,6 @@ public class MockRunAsAuthenticationToken extends AbstractAuthenticationToken {
 
     //~ Methods ================================================================
 
-    public void setAuthenticated(boolean isAuthenticated) {
-        authenticated = isAuthenticated;
-    }
-
-    public boolean isAuthenticated() {
-        return authenticated;
-    }
-
     public Object getCredentials() {
         return null;
     }

core/src/test/java/org/acegisecurity/providers/AbstractAuthenticationTokenTests.java

@@ -148,7 +148,6 @@ public class AbstractAuthenticationTokenTests extends TestCase {
     private class MockAuthenticationImpl extends AbstractAuthenticationToken {
         private Object credentials;
         private Object principal;
-        private boolean authenticated = false;
 
         public MockAuthenticationImpl(Object principal, Object credentials,
             GrantedAuthority[] authorities) {
@@ -168,13 +167,5 @@ public class AbstractAuthenticationTokenTests extends TestCase {
         public Object getPrincipal() {
             return this.principal;
         }
-
-        public boolean isAuthenticated() {
-            return this.authenticated;
-        }
-
-        public void setAuthenticated(boolean isAuthenticated) {
-            this.authenticated = isAuthenticated;
-        }
     }
 }

sandbox/src/main/java/org/acegisecurity/providers/smb/NtlmAuthenticationToken.java

@@ -1,4 +1,4 @@
-/* Copyright 2004, 2005 Acegi Technology Pty Limited
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -21,6 +21,7 @@ import jcifs.smb.NtlmPasswordAuthentication;
 
 import org.acegisecurity.Authentication;
 import org.acegisecurity.GrantedAuthority;
+
 import org.acegisecurity.providers.AbstractAuthenticationToken;
 
 
@@ -38,7 +39,6 @@ public class NtlmAuthenticationToken extends AbstractAuthenticationToken {
 
     private NtlmPasswordAuthentication ntlmPasswordAuthentication;
     private transient UniAddress domainController;
-    private boolean authenticated;
 
     //~ Constructors ===========================================================
 
@@ -52,14 +52,6 @@ public class NtlmAuthenticationToken extends AbstractAuthenticationToken {
 
     //~ Methods ================================================================
 
-    public void setAuthenticated(boolean isAuthenticated) {
-        this.authenticated = isAuthenticated;
-    }
-
-    public boolean isAuthenticated() {
-        return authenticated;
-    }
-
     public Object getCredentials() {
         return ntlmPasswordAuthentication.getPassword();
     }