move AccessTokenCookieIssue from scm-webapp to scm-core

scm-core/src/main/java/sonia/scm/security/AccessTokenCookieIssuer.java

@@ -0,0 +1,30 @@
+package sonia.scm.security;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * Generates cookies and invalidates access token cookies.
+ *
+ * @author Sebastian Sdorra
+ * @since 2.0.0
+ */
+public interface AccessTokenCookieIssuer {
+
+  /**
+   * Creates a cookie for token authentication and attaches it to the response.
+   *
+   * @param request http servlet request
+   * @param response http servlet response
+   * @param accessToken access token
+   */
+  void authenticate(HttpServletRequest request, HttpServletResponse response, AccessToken accessToken);
+  /**
+   * Invalidates the authentication cookie.
+   *
+   * @param request http servlet request
+   * @param response http servlet response
+   */
+  void invalidate(HttpServletRequest request, HttpServletResponse response);
+
+}

scm-webapp/src/main/java/sonia/scm/ScmServletModule.java

@@ -79,14 +79,14 @@ import sonia.scm.repository.spi.HookEventFacade;
 import sonia.scm.repository.xml.XmlRepositoryDAO;
 import sonia.scm.schedule.QuartzScheduler;
 import sonia.scm.schedule.Scheduler;
+import sonia.scm.security.AccessTokenCookieIssuer;
 import sonia.scm.security.AuthorizationChangedEventProducer;
 import sonia.scm.security.CipherHandler;
 import sonia.scm.security.CipherUtil;
 import sonia.scm.security.ConfigurableLoginAttemptHandler;
-import sonia.scm.security.DefaultJwtAccessTokenRefreshStrategy;
+import sonia.scm.security.DefaultAccessTokenCookieIssuer;
 import sonia.scm.security.DefaultKeyGenerator;
 import sonia.scm.security.DefaultSecuritySystem;
-import sonia.scm.security.JwtAccessTokenRefreshStrategy;
 import sonia.scm.security.KeyGenerator;
 import sonia.scm.security.LoginAttemptHandler;
 import sonia.scm.security.SecuritySystem;
@@ -320,6 +320,7 @@ public class ScmServletModule extends ServletModule
     // bind events
     // bind(LastModifiedUpdateListener.class);
 
+    bind(AccessTokenCookieIssuer.class).to(DefaultAccessTokenCookieIssuer.class);
     bind(PushStateDispatcher.class).toProvider(PushStateDispatcherProvider.class);
   }
 

scm-webapp/src/main/java/sonia/scm/security/DefaultAccessTokenCookieIssuer.java

@@ -51,12 +51,12 @@ import java.util.concurrent.TimeUnit;
  * @author Sebastian Sdorra
  * @since 2.0.0
  */
-public final class AccessTokenCookieIssuer {
+public final class DefaultAccessTokenCookieIssuer implements AccessTokenCookieIssuer {
   
   /**
-   * the logger for AccessTokenCookieIssuer
+   * the logger for DefaultAccessTokenCookieIssuer
    */
-  private static final Logger LOG = LoggerFactory.getLogger(AccessTokenCookieIssuer.class);
+  private static final Logger LOG = LoggerFactory.getLogger(DefaultAccessTokenCookieIssuer.class);
   
   private final ScmConfiguration configuration;
 
@@ -66,7 +66,7 @@ public final class AccessTokenCookieIssuer {
    * @param configuration scm main configuration
    */
   @Inject
-  public AccessTokenCookieIssuer(ScmConfiguration configuration) {
+  public DefaultAccessTokenCookieIssuer(ScmConfiguration configuration) {
     this.configuration = configuration;
   }
   

scm-webapp/src/test/java/sonia/scm/security/DefaultAccessTokenCookieIssuerTest.java

@@ -20,11 +20,11 @@ import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.when;
 
 @RunWith(MockitoJUnitRunner.class)
-public class AccessTokenCookieIssuerTest {
+public class DefaultAccessTokenCookieIssuerTest {
 
   private ScmConfiguration configuration;
 
-  private AccessTokenCookieIssuer issuer;
+  private DefaultAccessTokenCookieIssuer issuer;
 
   @Mock
   private HttpServletRequest request;
@@ -41,7 +41,7 @@ public class AccessTokenCookieIssuerTest {
   @Before
   public void setUp() {
     configuration = new ScmConfiguration();
-    issuer = new AccessTokenCookieIssuer(configuration);
+    issuer = new DefaultAccessTokenCookieIssuer(configuration);
   }
 
   @Test