use of org.graylog2.rest.models.users.responses.Token in project graylog2-server by Graylog2.
the class PasswordAlgorithmCredentialsMatcher method doCredentialsMatch.
@Override
public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
if (token instanceof UsernamePasswordToken && info instanceof UserAccount) {
final UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) token;
final UserAccount userAccount = (UserAccount) info;
final User user = userAccount.getUser();
return user.isUserPassword(String.valueOf(usernamePasswordToken.getPassword()));
} else {
return false;
}
}
use of org.graylog2.rest.models.users.responses.Token in project graylog2-server by Graylog2.
the class PasswordAuthenticator method doGetAuthenticationInfo.
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authToken) throws AuthenticationException {
UsernamePasswordToken token = (UsernamePasswordToken) authToken;
LOG.debug("Retrieving authc info for user {}", token.getUsername());
final User user = userService.load(token.getUsername());
if (user == null || user.isLocalAdmin()) {
// skip the local admin user here, it's ugly, but for auth that user is treated specially.
return null;
}
if (user.isExternalUser()) {
// we don't store passwords for LDAP users, so we can't handle them here.
LOG.trace("Skipping mongodb-based password check for LDAP user {}", token.getUsername());
return null;
}
if (LOG.isDebugEnabled()) {
LOG.debug("Found user {} to be authenticated with password.", user.getName());
}
return new UserAccount(token.getPrincipal(), user.getHashedPassword(), credentialsSalt, "graylog2MongoDbRealm", user);
}
use of org.graylog2.rest.models.users.responses.Token in project graylog2-server by Graylog2.
the class UsersResource method listTokens.
@GET
@Path("{username}/tokens")
@RequiresPermissions(RestPermissions.USERS_TOKENLIST)
@ApiOperation("Retrieves the list of access tokens for a user")
public TokenList listTokens(@ApiParam(name = "username", required = true) @PathParam("username") String username) {
final User user = _tokensCheckAndLoadUser(username);
final ImmutableList.Builder<Token> tokenList = ImmutableList.builder();
for (AccessToken token : accessTokenService.loadAll(user.getName())) {
tokenList.add(Token.create(token.getName(), token.getToken(), token.getLastAccess()));
}
return TokenList.create(tokenList.build());
}
use of org.graylog2.rest.models.users.responses.Token in project graylog2-server by Graylog2.
the class UsersResource method revokeToken.
@DELETE
@RequiresPermissions(RestPermissions.USERS_TOKENREMOVE)
@Path("{username}/tokens/{token}")
@ApiOperation("Removes a token for a user")
@AuditEvent(type = AuditEventTypes.USER_ACCESS_TOKEN_DELETE)
public void revokeToken(@ApiParam(name = "username", required = true) @PathParam("username") String username, @ApiParam(name = "token", required = true) @PathParam("token") String token) {
_tokensCheckAndLoadUser(username);
final AccessToken accessToken = accessTokenService.load(token);
if (accessToken != null) {
accessTokenService.destroy(accessToken);
} else {
throw new NotFoundException("Couldn't find access token for user " + username);
}
}
use of org.graylog2.rest.models.users.responses.Token in project graylog2-server by Graylog2.
the class SearchResource method createRequestExceptionForParseFailure.
protected WebApplicationException createRequestExceptionForParseFailure(String query, SearchPhaseExecutionException e) {
LOG.warn("Unable to execute search: {}", e.getMessage());
QueryParseError errorMessage = QueryParseError.create(query, "Unable to execute search", e.getClass().getCanonicalName());
// We're so going to hell for this…
if (e.toString().contains("nested: QueryParsingException")) {
final QueryParser queryParser = new QueryParser("", new StandardAnalyzer());
try {
queryParser.parse(query);
} catch (ParseException parseException) {
Token currentToken = null;
try {
// FIXME I have no idea why this is necessary but without that call currentToken will be null.
final ParseException exception = queryParser.generateParseException();
currentToken = exception.currentToken;
} catch (NullPointerException npe) {
// "Normal" exception and no need to spam the logs with it.
LOG.debug("Exception thrown while generating parse exception.", npe);
}
if (currentToken == null) {
LOG.warn("No position/token available for ParseException.", parseException);
errorMessage = QueryParseError.create(query, parseException.getMessage(), parseException.getClass().getCanonicalName());
} else {
// scan for first usable token with position information
int beginColumn = 0;
int beginLine = 0;
int endColumn = 0;
int endLine = 0;
while (currentToken != null && beginLine == 0) {
beginColumn = currentToken.beginColumn;
beginLine = currentToken.beginLine;
endColumn = currentToken.endColumn;
endLine = currentToken.endLine;
currentToken = currentToken.next;
}
errorMessage = QueryParseError.create(query, beginColumn, beginLine, endColumn, endLine, parseException.getMessage(), parseException.getClass().getCanonicalName());
}
}
return new BadRequestException(Response.status(Response.Status.BAD_REQUEST).entity(errorMessage).build());
} else {
return new InternalServerErrorException("Unable to fulfill search request", e);
}
}
Aggregations