commit 1169c95d894f519c1ad881fd86cf217342e941bc
author Simon Hunt <simon@onlab.us> Mon Jun 05 11:20:11 2017 -0700
committer Simon Hunt <simon@onlab.us> Tue Jun 06 17:21:48 2017 -0700
tree 9be1d9bc1803897dbade562600dfc5d456b6b5c1
parent b125032100ce5c45b982b0203458889238af2923

OS-1 : insecure UI websocket.
- notes on authentication of UI web socket connection.
- new classes: UiSessionToken, UiTokenService.
- UiExtensionManager now implements UiTokenService.
- UiWebSocket now expects an authentication event from the client
- websocket.js now sends authentication event as first event
- (fix websocket Jasmine test)

Change-Id: I4303c67f57fc618e911be244091f00bcc2823c91

core/api/src/main/java/org/onosproject/ui/UiTokenService.java

diff --git a/core/api/src/main/java/org/onosproject/ui/UiTokenService.java b/core/api/src/main/java/org/onosproject/ui/UiTokenService.java
new file mode 100644
index 0000000..37e209d
--- /dev/null
+++ b/core/api/src/main/java/org/onosproject/ui/UiTokenService.java
@@ -0,0 +1,51 @@
+/*
+ * Copyright 2017-present Open Networking Laboratory
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.onosproject.ui;
+
+/**
+ * Service for handling UI session tokens.
+ */
+public interface UiTokenService {
+
+    /**
+     * Issues a session token. The service will generate a new token,
+     * publish it in the distributed map of valid UI session tokens, and
+     * return it to the caller.
+     *
+     * @param username the username to be associated with the token.
+     * @return the token
+     */
+    UiSessionToken issueToken(String username);
+
+    /**
+     * Revokes the specified session token. The service will remove the token
+     * from the distributed map of valid UI session tokens.
+     *
+     * @param token the token to be revoked
+     */
+    void revokeToken(UiSessionToken token);
+
+    /**
+     * Returns true if the specified token is currently in the distributed
+     * map of valid UI session tokens.
+     *
+     * @param token the token to check
+     * @return true, if the token is currently valid; false otherwise
+     */
+    boolean isTokenValid(UiSessionToken token);
+}