Merge pull request #404 from appirio-tech/dev

Use Session To Store the Token

Author: skyhit

Diff for: src/java/main/com/topcoder/direct/services/view/action/ServiceBackendDataTablesAction.java

@@ -3,11 +3,9 @@
  */
 package com.topcoder.direct.services.view.action;
 
-import com.topcoder.direct.services.configs.ServerConfiguration;
 import com.topcoder.direct.services.view.dto.contest.ContestStatus;
 import com.topcoder.direct.services.view.dto.project.ProjectBriefDTO;
 import com.topcoder.direct.services.view.util.DataProvider;
-import com.topcoder.direct.services.view.util.DirectProperties;
 import com.topcoder.direct.services.view.util.DirectUtils;
 import com.topcoder.security.TCSubject;
 import org.apache.http.HttpEntity;
@@ -18,7 +16,6 @@
 import org.apache.http.client.utils.URIBuilder;
 import org.apache.http.impl.client.DefaultHttpClient;
 import org.apache.log4j.Logger;
-import org.apache.struts2.ServletActionContext;
 import org.codehaus.jackson.JsonNode;
 import org.codehaus.jackson.map.DeserializationConfig;
 import org.codehaus.jackson.map.ObjectMapper;
@@ -320,7 +317,7 @@ protected JsonNode getJsonResultFromAPI(URI apiEndPoint) throws Exception {
             // specify the get request
             HttpGet getRequest = new HttpGet(apiEndPoint);
 
-            String jwtToken = (String)ServletActionContext.getServletContext().getAttribute(DirectProperties.TOKEN_ATTR);
+            String jwtToken = getSessionData().getToken();
 
             getRequest.setHeader(HttpHeaders.AUTHORIZATION,
                     "Bearer " + jwtToken);

Diff for: src/java/main/com/topcoder/direct/services/view/action/contest/launch/GetGroupMemberAction.java

@@ -3,10 +3,8 @@
  */
 package com.topcoder.direct.services.view.action.contest.launch;
 
-import com.topcoder.direct.services.configs.ServerConfiguration;
 import com.topcoder.direct.services.view.dto.contest.GroupMember;
 import com.topcoder.direct.services.view.dto.my.RestResult;
-import com.topcoder.direct.services.view.util.DirectProperties;
 import com.topcoder.direct.services.view.util.DirectUtils;
 import com.topcoder.direct.services.view.util.SortedCacheAddress;
 import com.topcoder.web.common.cache.CacheClient;
@@ -20,7 +18,6 @@
 import org.apache.http.HttpStatus;
 import org.apache.http.client.methods.HttpGet;
 import org.apache.http.impl.client.DefaultHttpClient;
-import org.apache.struts2.ServletActionContext;
 import org.apache.log4j.Logger;
 import org.codehaus.jackson.JsonNode;
 import org.codehaus.jackson.map.DeserializationConfig;
@@ -186,7 +183,7 @@ private RestResult<GroupMember> getGroupMemberByGid(Long gid) throws Exception {
         try{
             URI groupApiEndpointUri = new URI(String.format(groupApiEndpoint, gid));
             HttpGet request = new HttpGet(groupApiEndpointUri);
-            String jwtToken = (String)ServletActionContext.getServletContext().getAttribute(DirectProperties.TOKEN_ATTR);
+            String jwtToken = getSessionData().getToken();
 
             request.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + jwtToken);
             request.addHeader(HttpHeaders.ACCEPT, "application/json");

Diff for: src/java/main/com/topcoder/direct/services/view/interceptors/AuthenticationInterceptor.java

@@ -318,8 +318,7 @@ public String intercept(ActionInvocation invocation) throws Exception {
             return loginPageName;
         }
 
-        //put token to servlet context
-        ServletActionContext.getServletContext().setAttribute(DirectProperties.TOKEN_ATTR, jwtToken.getToken());
+        sessionData.setToken(jwtToken.getToken());
 
         if (user != null  && !user.isAnonymous()) {
             // get user roles for the user id

Diff for: src/java/main/com/topcoder/direct/services/view/util/DirectProperties.java

@@ -143,11 +143,6 @@ public final class DirectProperties {
      */
     public static String JWT_VALID_ISSUERS;
 
-    /**
-     * Jwt Attribute name
-     */
-    public static String TOKEN_ATTR = "JWT_TOKEN";
-
     /**
      * <p>
      * Initializes non-final static fields for this class with values for the same-named properties from the resource

Diff for: src/java/main/com/topcoder/direct/services/view/util/DirectUtils.java

@@ -3832,8 +3832,7 @@ public static Set<ProjectGroup> getGroupsFromApi(TCSubject tcSubject, String end
         HttpGet getRequest = new HttpGet(uri.build());
         logger.info("Getting Group with thi uri: " + uri.build().toString());
 
-        String jwtToken = (String)ServletActionContext.getServletContext().getAttribute(DirectProperties.TOKEN_ATTR);
-
+        String jwtToken = new SessionData(ServletActionContext.getRequest().getSession()).getToken();
         getRequest.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + jwtToken);
 
         getRequest.addHeader(HttpHeaders.ACCEPT, "application/json");

Diff for: src/java/main/com/topcoder/direct/services/view/util/SessionData.java

@@ -195,6 +195,24 @@ public Long getCurrentSelectDirectProjectID() {
         return (Long) this.session.getAttribute("currentSelectDirectProjectID");
     }
 
+    /**
+     * Set jwt token
+     *
+     * @param token jwt token
+     */
+    public void setToken(String token) {
+        this.session.setAttribute("token", token);
+    }
+
+    /**
+     * Get jwt token
+     *
+     * @return jwt token
+     */
+    public String getToken() {
+        return (String) this.session.getAttribute("token");
+    }
+
     /**
      * Gets the inner session.
      *