sec_get_token (public)

 sec_get_token token_id

Defined in packages/acs-tcl/tcl/security-procs.tcl

Returns the token corresponding to the token_id. This first checks the thread-persistent Tcl cache, then checks the server size-limited cache before finally hitting the db in the worst case if the secret_token value is not in either cache. The procedure also updates the caches. Cache eviction is handled by the ns_cache API for the size-limited cache and is handled by AOLserver (via thread termination) for the thread-persistent Tcl cache.

Parameters:
token_id

Partial Call Graph (max 5 caller/called nodes):
%3 test_secret_tokens_get secret_tokens_get (test acs-tcl) sec_get_token sec_get_token test_secret_tokens_get->sec_get_token db_string db_string (public) sec_get_token->db_string sec_get_token_from_nsv sec_get_token_from_nsv (private) sec_get_token->sec_get_token_from_nsv sec_populate_secret_tokens_thread_cache sec_populate_secret_tokens_thread_cache (private) sec_get_token->sec_populate_secret_tokens_thread_cache __ad_verify_signature __ad_verify_signature (private) __ad_verify_signature->sec_get_token ad_sign ad_sign (public) ad_sign->sec_get_token auth::get_user_secret_token auth::get_user_secret_token (public) auth::get_user_secret_token->sec_get_token packages/acs-subsite/lib/login.tcl packages/acs-subsite/ lib/login.tcl packages/acs-subsite/lib/login.tcl->sec_get_token

Testcases:
secret_tokens_get
Source code:

    #
    # First check the per-thread cache to obtain a token from the
    # token_id.
    #
    set key ::security::tcl_secret_tokens($token_id)
    if { [info exists $key] } {
        return [set $key]
    }

    #
    # If there is no secret token available per thread,
    # get it and try again.
    #
    if {[array size ::security::tcl_secret_tokens] == 0} {
        sec_populate_secret_tokens_thread_cache
        if { [info exists $key] } {
            return [set $key]
        }
    }

    #
    # We might get token_ids from previous runs, so we have fetch these
    # from the secret tokens cache, or from the data base.
    #
    if {![sec_get_token_from_nsv $token_id token]} {
        set token [db_string get_token {select token from secret_tokens
            where token_id = :token_id} -default 0]
        if {$token ne 0} {
            nsv_set secret_tokens $token_id $token
        } else {
            #
            # Very important to throw the error here if $token == 0
            #
            error "Invalid token ID"
        }
    }

    set $key $token
    return $token
Generic XQL file:
<fullquery name="sec_get_token.get_token">
    <querytext>
      select token from secret_tokens where token_id = :token_id
      </querytext>
</fullquery>
packages/acs-tcl/tcl/security-procs.xql

PostgreSQL XQL file:
packages/acs-tcl/tcl/security-procs-postgresql.xql

Oracle XQL file:
packages/acs-tcl/tcl/security-procs-oracle.xql

[ hide source ] | [ make this the default ]
Show another procedure: