Mercurial > hg > AnnotationManager
diff src/de/mpiwg/itgroup/annotationManager/restlet/AnnotatorResourceImpl.java @ 15:6c7c4140630d
on the way to updating annotations.
| author | casties |
|---|---|
| date | Wed, 21 Mar 2012 18:12:45 +0100 |
| parents | 0f64de5fff5a |
| children | b0ef5c860464 |
line wrap: on
line diff
--- a/src/de/mpiwg/itgroup/annotationManager/restlet/AnnotatorResourceImpl.java Wed Mar 21 16:38:50 2012 +0100 +++ b/src/de/mpiwg/itgroup/annotationManager/restlet/AnnotatorResourceImpl.java Wed Mar 21 18:12:45 2012 +0100 @@ -144,9 +144,10 @@ String computedToken = getSha256Digest(consumerSecret + userId + issueTime); // compare to the token we got String authToken = requestHeaders.getFirstValue("x-annotator-auth-token", true); - logger.debug(String.format("got: authToken=%s consumerSecret=%s userId=%s issueTime=%s", authToken, consumerSecret, userId, - issueTime)); - if (!computedToken.equals(authToken)) { + logger.debug(String.format("got: authToken=%s consumerSecret=%s userId=%s issueTime=%s computedToken=%s", + authToken, consumerSecret, userId, issueTime, computedToken)); + if (!computedToken.equalsIgnoreCase(authToken)) { + logger.warn("authToken differ!"); return null; } // check token lifetime @@ -164,10 +165,13 @@ } catch (NumberFormatException e) { e.printStackTrace(); } - if (tokenValidity == null || tokenValidity.isAfterNow() || tokenExpiry.isBeforeNow()) { - return null; + if (tokenValidity == null || tokenValidity.isAfterNow() || tokenExpiry == null || tokenExpiry.isBeforeNow()) { + logger.warn(String.format("authToken invalid! tokenValidity=%s tokenExpiry=%s now=%s", tokenValidity, tokenExpiry, DateTime.now())); + // we dont care about validity right now + //return null; } // must be ok then + logger.debug("auth OK! user="+userId); return userId; }