Package jenkins.security

Class ApiTokenProperty.DescriptorImpl

java.lang.Object
hudson.model.Descriptor<UserProperty>
hudson.model.UserPropertyDescriptor
jenkins.security.ApiTokenProperty.DescriptorImpl
All Implemented Interfaces:
Saveable, Loadable, OnMaster
Enclosing class:
ApiTokenProperty
@Extension @Symbol("apiToken") public static final class ApiTokenProperty.DescriptorImpl extends UserPropertyDescriptor

  • Constructor Details

    • DescriptorImpl

      public DescriptorImpl()

  • Method Details

    • getDisplayName

      @NonNull public String getDisplayName()
      Description copied from class: Descriptor
      Human readable name of this kind of configurable object. Should be overridden for most descriptors, if the display name is visible somehow. As a fallback it uses Class.getSimpleName() on Descriptor.clazz, so for example MyThing from some.pkg.MyThing.DescriptorImpl. Historically some implementations returned null as a way of hiding the descriptor from the UI, but this is generally managed by an explicit method such as isEnabled or isApplicable.
      Overrides:
      getDisplayName in class Descriptor<UserProperty>

    • getNoLegacyToken

      @Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class) public String getNoLegacyToken()

    • newInstance

      public ApiTokenProperty newInstance(User user)
      New approach: API Token are generated only when a user request a new one. The value is randomly generated without any link to the user and only displayed to him the first time. We only store the hash for future comparisons. Legacy approach: When we are creating a default ApiTokenProperty for User, we need to make sure it yields the same value for the same user, because there's no guarantee that the property is saved. But we also need to make sure that an attacker won't be able to guess the initial API token value. So we take the seed by hashing the secret + user ID.
      Specified by:
      newInstance in class UserPropertyDescriptor
      Returns:
      null if the implementation choose not to add any property object for such user.

    • isStatisticsEnabled

      @Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class) public boolean isStatisticsEnabled()

    • mustDisplayLegacyApiToken

      @Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class) public boolean mustDisplayLegacyApiToken(User propertyOwner)

    • hasCurrentUserRightToGenerateNewToken

      @Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class) public boolean hasCurrentUserRightToGenerateNewToken(User propertyOwner)

    • doChangeToken

      @Deprecated public org.kohsuke.stapler.HttpResponse doChangeToken(@AncestorInPath User u, org.kohsuke.stapler.StaplerResponse rsp) throws IOException
      Deprecated.
      use doGenerateNewToken(User, String) instead
      Throws:
      IOException

    • doGenerateNewToken

      public org.kohsuke.stapler.HttpResponse doGenerateNewToken(@AncestorInPath User u, @QueryParameter String newTokenName) throws IOException
      Throws:
      IOException

    • doAddFixedToken

      @Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class) public org.kohsuke.stapler.HttpResponse doAddFixedToken(@AncestorInPath User u, @QueryParameter String newTokenName, @QueryParameter String newTokenPlainValue) throws IOException
      This method is dangerous and should not be used without caution. The token passed here could have been tracked by different network system during its trip. It is recommended to revoke this token after the generation of a new one.
      Throws:
      IOException

    • doRename

      public org.kohsuke.stapler.HttpResponse doRename(@AncestorInPath User u, @QueryParameter String tokenUuid, @QueryParameter String newName) throws IOException
      Throws:
      IOException

    • doRevoke

      public org.kohsuke.stapler.HttpResponse doRevoke(@AncestorInPath User u, @QueryParameter String tokenUuid) throws IOException
      Throws:
      IOException

    • doRevokeAll

      @Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class) public org.kohsuke.stapler.HttpResponse doRevokeAll(@AncestorInPath User u) throws IOException
      Throws:
      IOException

    • doRevokeAllExcept

      @Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class) public org.kohsuke.stapler.HttpResponse doRevokeAllExcept(@AncestorInPath User u, @QueryParameter String tokenUuid) throws IOException
      Throws:
      IOException

    • getUserPropertyCategory

      @NonNull public UserPropertyCategory getUserPropertyCategory()
      Description copied from class: UserPropertyDescriptor
      Define the category for this user property descriptor.
      Overrides:
      getUserPropertyCategory in class UserPropertyDescriptor
      Returns:
      never null, always the same value for a given instance of Descriptor.