5 years ago · d2050e11bd
--- a/src/main/java/com/jfinal/plugin/auth/AccessTokenBuilder.java
+++ b/src/main/java/com/jfinal/plugin/auth/AccessTokenBuilder.java
@@ -1,58 +0,0 @@
 
				-/**

			
 
				- * Copyright (c) 2011-2019, James Zhan 詹波 (jfinal@126.com).

			
 
				- *

			
 
				- * Licensed under the Apache License, Version 2.0 (the "License");

			
 
				- * you may not use this file except in compliance with the License.

			
 
				- * You may obtain a copy of the License at

			
 
				- *

			
 
				- *      http://www.apache.org/licenses/LICENSE-2.0

			
 
				- *

			
 
				- * Unless required by applicable law or agreed to in writing, software

			
 
				- * distributed under the License is distributed on an "AS IS" BASIS,

			
 
				- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

			
 
				- * See the License for the specific language governing permissions and

			
 
				- * limitations under the License.

			
 
				- */

			
 
				-

			
 
				-package com.jfinal.plugin.auth;

			
 
				-

			
 
				-import java.security.SecureRandom;

			
 
				-import java.util.Random;

			
 
				-import javax.servlet.http.HttpServletRequest;

			
 
				-

			
 
				-/**

			
 
				- * TODO 考虑改名为 SessionIdBuilder

			
 
				- */

			
 
				-public class AccessTokenBuilder {

			
 
				-	

			
 
				-	private static Random random;

			
 
				-    private static boolean weakRandom;

			
 
				-    private static int hashCode = new AccessTokenBuilder().hashCode();

			
 
				-    

			
 
				-    private AccessTokenBuilder() {

			
 
				-		try {

			
 
				-			// This operation may block on some systems with low entropy. See

			
 
				-			// this page for workaround suggestions:

			
 
				-			// http://docs.codehaus.org/display/JETTY/Connectors+slow+to+startup

			
 
				-			// System.out.println("Init SecureRandom.");

			
 
				-			random = new SecureRandom();

			
 
				-			weakRandom = false;

			
 
				-		} catch (Exception e) {

			
 
				-			random = new Random();

			
 
				-			weakRandom = true;

			
 
				-			System.err.println("Could not generate SecureRandom for accessToken randomness");

			
 
				-		}

			
 
				-	}

			
 
				-	

			
 
				-	public static String getAccessToken(HttpServletRequest request) {

			
 
				-		String accessToken = null;

			
 
				-        while (accessToken == null || accessToken.length() == 0) {

			
 
				-            long r0 = weakRandom ? (hashCode ^ Runtime.getRuntime().freeMemory() ^ random.nextInt() ^ (((long)request.hashCode()) << 32)) : random.nextLong();

			
 
				-            long r1 = random.nextLong();

			
 
				-            if (r0 < 0) r0 = -r0;

			
 
				-            if (r1 < 0) r1 = -r1;

			
 
				-            accessToken = Long.toString(r0, 36) + Long.toString(r1, 36);

			
 
				-        }

			
 
				-        return accessToken;

			
 
				-	}

			
 
				-}

			
--- a/src/main/java/com/jfinal/plugin/auth/ISession.java
+++ b/src/main/java/com/jfinal/plugin/auth/ISession.java
@@ -1,26 +0,0 @@
 
				-/**

			
 
				- * Copyright (c) 2011-2019, James Zhan 詹波 (jfinal@126.com).

			
 
				- *

			
 
				- * Licensed under the Apache License, Version 2.0 (the "License");

			
 
				- * you may not use this file except in compliance with the License.

			
 
				- * You may obtain a copy of the License at

			
 
				- *

			
 
				- *      http://www.apache.org/licenses/LICENSE-2.0

			
 
				- *

			
 
				- * Unless required by applicable law or agreed to in writing, software

			
 
				- * distributed under the License is distributed on an "AS IS" BASIS,

			
 
				- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

			
 
				- * See the License for the specific language governing permissions and

			
 
				- * limitations under the License.

			
 
				- */

			
 
				-

			
 
				-package com.jfinal.plugin.auth;

			
 
				-

			
 
				-public interface ISession {

			
 
				-	String getId();

			
 
				-	Object getAttr(String name);

			
 
				-	ISession setAttr(String name, Object value);

			
 
				-	String[] getAttrNames();

			
 
				-	void removeAttr(String name);

			
 
				-	void invalidate(String accessToken);

			
 
				-}

			
--- a/src/main/java/com/jfinal/plugin/auth/SessionKit.java
+++ b/src/main/java/com/jfinal/plugin/auth/SessionKit.java
@@ -1,32 +0,0 @@
 
				-/**

			
 
				- * Copyright (c) 2011-2019, James Zhan 詹波 (jfinal@126.com).

			
 
				- *

			
 
				- * Licensed under the Apache License, Version 2.0 (the "License");

			
 
				- * you may not use this file except in compliance with the License.

			
 
				- * You may obtain a copy of the License at

			
 
				- *

			
 
				- *      http://www.apache.org/licenses/LICENSE-2.0

			
 
				- *

			
 
				- * Unless required by applicable law or agreed to in writing, software

			
 
				- * distributed under the License is distributed on an "AS IS" BASIS,

			
 
				- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

			
 
				- * See the License for the specific language governing permissions and

			
 
				- * limitations under the License.

			
 
				- */

			
 
				-

			
 
				-package com.jfinal.plugin.auth;

			
 
				-

			
 
				-public class SessionKit {

			
 
				-	

			
 
				-	public ISession getSession(String accessToken, boolean create) {

			
 
				-		return null;

			
 
				-	}

			
 
				-	

			
 
				-	public ISession getSession(String accessToken) {

			
 
				-		return getSession(accessToken, true);

			
 
				-	}

			
 
				-	

			
 
				-	public void removeSession(String accessToken) {

			
 
				-		

			
 
				-	}

			
 
				-}