Search in sources :

Example 1 with IUserManager

use of com.agiletec.aps.system.services.user.IUserManager in project entando-core by entando.

the class TokenEndpointServlet method validateClientWithAuthorizationCode.

private OAuthResponse validateClientWithAuthorizationCode(HttpServletRequest request) throws Throwable {
    try {
        final OAuthTokenRequest oauthRequest = new OAuthTokenRequest(request);
        IOAuthConsumerManager consumerManager = (IOAuthConsumerManager) ApsWebApplicationUtils.getBean(SystemConstants.OAUTH_CONSUMER_MANAGER, request);
        IApiOAuthorizationCodeManager codeManager = (IApiOAuthorizationCodeManager) ApsWebApplicationUtils.getBean(SystemConstants.OAUTH2_AUTHORIZATION_CODE_MANAGER, request);
        if (oauthRequest.getParam(OAuth.OAUTH_GRANT_TYPE).equals(GrantType.AUTHORIZATION_CODE.toString()) || oauthRequest.getParam(OAuth.OAUTH_GRANT_TYPE).equals(GrantType.REFRESH_TOKEN.toString())) {
            final String clientId = oauthRequest.getClientId();
            final String oauthType = GrantType.AUTHORIZATION_CODE.toString();
            final String authCode = oauthRequest.getParam(OAuth.OAUTH_CODE);
            final String clientSecret = oauthRequest.getClientSecret();
            boolean checkVerifyAccess = codeManager.verifyAccess(clientId, clientSecret, consumerManager);
            if (!checkVerifyAccess) {
                _logger.error(ERROR_AUTHENTICATION_FAILED);
                return null;
            } else if (!codeManager.verifyCode(authCode, request.getRemoteAddr())) {
                _logger.error("OAuth2 authcode does not match or the source of client is different");
                return null;
            }
            return this.registerToken(request, clientId, oauthType, null);
        } else if (oauthRequest.getParam(OAuth.OAUTH_GRANT_TYPE).equals(GrantType.PASSWORD.toString())) {
            final String username = oauthRequest.getUsername();
            final String password = oauthRequest.getPassword();
            final String oauthType = GrantType.PASSWORD.toString();
            IUserManager userManager = (IUserManager) ApsWebApplicationUtils.getBean(SystemConstants.USER_MANAGER, request);
            UserDetails user = userManager.getUser(username, password);
            if (user == null) {
                _logger.error(ERROR_AUTHENTICATION_FAILED);
                return null;
            }
            return this.registerToken(request, username, oauthType, null);
        } else {
            return null;
        }
    } catch (OAuthSystemException e) {
        _logger.error("OAuthSystemException - {} ", e);
        return null;
    } catch (OAuthProblemException e) {
        _logger.error("OAuthProblemException - {} ", e.getError().concat(" ").concat(e.getDescription()));
        _logger.debug("OAuthProblemException - {} ", e);
        return null;
    }
}
Also used : OAuthProblemException(org.apache.oltu.oauth2.common.exception.OAuthProblemException) UserDetails(com.agiletec.aps.system.services.user.UserDetails) IOAuthConsumerManager(org.entando.entando.aps.system.services.oauth2.IOAuthConsumerManager) IUserManager(com.agiletec.aps.system.services.user.IUserManager) IApiOAuthorizationCodeManager(org.entando.entando.aps.system.services.oauth2.IApiOAuthorizationCodeManager) OAuthSystemException(org.apache.oltu.oauth2.common.exception.OAuthSystemException) OAuthTokenRequest(org.apache.oltu.oauth2.as.request.OAuthTokenRequest)

Example 2 with IUserManager

use of com.agiletec.aps.system.services.user.IUserManager in project entando-core by entando.

the class BaseTestCase method getUser.

/**
 * Return a user (with his autority) by username.
 *
 * @param username The username
 * @param password The password
 * @return The required user.
 * @throws Exception In case of error.
 */
protected UserDetails getUser(String username, String password) throws Exception {
    IAuthenticationProviderManager provider = (IAuthenticationProviderManager) this.getService(SystemConstants.AUTHENTICATION_PROVIDER_MANAGER);
    IUserManager userManager = (IUserManager) this.getService(SystemConstants.USER_MANAGER);
    UserDetails user = null;
    if (username.equals(SystemConstants.GUEST_USER_NAME)) {
        user = userManager.getGuestUser();
    } else {
        user = provider.getUser(username, password);
    }
    return user;
}
Also used : UserDetails(com.agiletec.aps.system.services.user.UserDetails) IUserManager(com.agiletec.aps.system.services.user.IUserManager) IAuthenticationProviderManager(com.agiletec.aps.system.services.user.IAuthenticationProviderManager)

Example 3 with IUserManager

use of com.agiletec.aps.system.services.user.IUserManager in project entando-core by entando.

the class ApsAdminBaseTestCase method getUser.

/**
 * Return a user (with his autority) by username.
 *
 * @param username The username
 * @param password The password
 * @return The required user.
 * @throws Exception In case of error.
 */
protected UserDetails getUser(String username, String password) throws Exception {
    IAuthenticationProviderManager provider = (IAuthenticationProviderManager) this.getService(SystemConstants.AUTHENTICATION_PROVIDER_MANAGER);
    IUserManager userManager = (IUserManager) this.getService(SystemConstants.USER_MANAGER);
    UserDetails user = null;
    if (username.equals(SystemConstants.GUEST_USER_NAME)) {
        user = userManager.getGuestUser();
    } else {
        user = provider.getUser(username, password);
    }
    return user;
}
Also used : UserDetails(com.agiletec.aps.system.services.user.UserDetails) IUserManager(com.agiletec.aps.system.services.user.IUserManager) IAuthenticationProviderManager(com.agiletec.aps.system.services.user.IAuthenticationProviderManager)

Example 4 with IUserManager

use of com.agiletec.aps.system.services.user.IUserManager in project entando-core by entando.

the class TestApplicationContext method testGetServices.

public void testGetServices() {
    ConfigInterface configManager = (ConfigInterface) this.getService(SystemConstants.BASE_CONFIG_MANAGER);
    assertNotNull(configManager);
    ICacheInfoManager cacheInfoManager = (ICacheInfoManager) this.getService(SystemConstants.CACHE_INFO_MANAGER);
    assertNotNull(cacheInfoManager);
    ILangManager langManager = (ILangManager) this.getService(SystemConstants.LANGUAGE_MANAGER);
    assertNotNull(langManager);
    IWidgetTypeManager showletTypeManager = (IWidgetTypeManager) this.getService(SystemConstants.WIDGET_TYPE_MANAGER);
    assertNotNull(showletTypeManager);
    IPageModelManager pageModelManager = (IPageModelManager) this.getService(SystemConstants.PAGE_MODEL_MANAGER);
    assertNotNull(pageModelManager);
    IPageManager pageManager = (IPageManager) this.getService(SystemConstants.PAGE_MANAGER);
    assertNotNull(pageManager);
    IRoleManager roleManager = (IRoleManager) this.getService(SystemConstants.ROLE_MANAGER);
    assertNotNull(roleManager);
    IUserManager userManager = (IUserManager) this.getService(SystemConstants.USER_MANAGER);
    assertNotNull(userManager);
    IURLManager urlManager = (IURLManager) this.getService(SystemConstants.URL_MANAGER);
    assertNotNull(urlManager);
    II18nManager i18nManager = (II18nManager) this.getService(SystemConstants.I18N_MANAGER);
    assertNotNull(i18nManager);
    // ControllerManager controller = (ControllerManager) this.getService(SystemConstants.CONTROLLER_MANAGER);
    // assertNotNull(controller);
    IKeyGeneratorManager keyGeneratorManager = (IKeyGeneratorManager) this.getService(SystemConstants.KEY_GENERATOR_MANAGER);
    assertNotNull(keyGeneratorManager);
    ICategoryManager categoryManager = (ICategoryManager) this.getService(SystemConstants.CATEGORY_MANAGER);
    assertNotNull(categoryManager);
}
Also used : IPageManager(com.agiletec.aps.system.services.page.IPageManager) ICacheInfoManager(org.entando.entando.aps.system.services.cache.ICacheInfoManager) IWidgetTypeManager(org.entando.entando.aps.system.services.widgettype.IWidgetTypeManager) IPageModelManager(com.agiletec.aps.system.services.pagemodel.IPageModelManager) ILangManager(com.agiletec.aps.system.services.lang.ILangManager) IUserManager(com.agiletec.aps.system.services.user.IUserManager) IRoleManager(com.agiletec.aps.system.services.role.IRoleManager) IURLManager(com.agiletec.aps.system.services.url.IURLManager) ConfigInterface(com.agiletec.aps.system.services.baseconfig.ConfigInterface) IKeyGeneratorManager(com.agiletec.aps.system.services.keygenerator.IKeyGeneratorManager) II18nManager(com.agiletec.aps.system.services.i18n.II18nManager) ICategoryManager(com.agiletec.aps.system.services.category.ICategoryManager)

Example 5 with IUserManager

use of com.agiletec.aps.system.services.user.IUserManager in project entando-core by entando.

the class ApiRestServer method extractOAuthParameters.

protected void extractOAuthParameters(HttpServletRequest request, String permission) throws ApiException {
    try {
        _logger.info("Permission required: {}", permission);
        OAuthAccessResourceRequest requestMessage = new OAuthAccessResourceRequest(request, ParameterStyle.HEADER);
        // Get the access token
        String accessToken = requestMessage.getAccessToken();
        IApiOAuth2TokenManager tokenManager = (IApiOAuth2TokenManager) ApsWebApplicationUtils.getBean(IApiOAuth2TokenManager.BEAN_NAME, request);
        final OAuth2Token token = tokenManager.getApiOAuth2Token(accessToken);
        if (token != null) {
            // Validate the access token
            if (!token.getAccessToken().equals(accessToken)) {
                throw new ApiException(IApiErrorCodes.API_AUTHENTICATION_REQUIRED, "Token does not match", Response.Status.UNAUTHORIZED);
            } else // check if access token is expired
            if (token.getExpiresIn().getTime() < System.currentTimeMillis()) {
                throw new ApiException(IApiErrorCodes.API_AUTHENTICATION_REQUIRED, "Token expired", Response.Status.UNAUTHORIZED);
            }
            String username = token.getClientId();
            IUserManager userManager = (IUserManager) ApsWebApplicationUtils.getBean(SystemConstants.USER_MANAGER, request);
            UserDetails user = userManager.getUser(username);
            if (user != null) {
                _logger.info("User {} requesting resource that requires {} permission ", username, permission);
                request.getSession().setAttribute(SystemConstants.SESSIONPARAM_CURRENT_USER, user);
                if (permission != null) {
                    IAuthorizationManager authManager = (IAuthorizationManager) ApsWebApplicationUtils.getBean(SystemConstants.AUTHORIZATION_SERVICE, request);
                    user.addAuthorizations(authManager.getUserAuthorizations(username));
                    if (!authManager.isAuthOnPermission(user, permission)) {
                        List<Role> roles = authManager.getUserRoles(user);
                        for (Role role : roles) {
                            _logger.info("User {} requesting resource has {} permission ", username, role.getPermissions().toArray()[0]);
                        }
                        _logger.info("User {} requesting resource has {} permission ", username, "none");
                        throw new ApiException(IApiErrorCodes.API_AUTHENTICATION_REQUIRED, "Authentication Required", Response.Status.UNAUTHORIZED);
                    }
                }
            }
        } else {
            if (accessToken != null) {
                throw new ApiException(IApiErrorCodes.API_AUTHENTICATION_REQUIRED, "Token not found, request new one", Response.Status.UNAUTHORIZED);
            }
            throw new ApiException(IApiErrorCodes.API_AUTHENTICATION_REQUIRED, "Authentication Required", Response.Status.UNAUTHORIZED);
        }
    } catch (OAuthSystemException | ApsSystemException | OAuthProblemException ex) {
        _logger.error("System exception {}", ex);
        throw new ApiException(IApiErrorCodes.SERVER_ERROR, ex.getMessage(), Response.Status.INTERNAL_SERVER_ERROR);
    }
}
Also used : OAuthAccessResourceRequest(org.apache.oltu.oauth2.rs.request.OAuthAccessResourceRequest) IUserManager(com.agiletec.aps.system.services.user.IUserManager) OAuthSystemException(org.apache.oltu.oauth2.common.exception.OAuthSystemException) OAuth2Token(org.entando.entando.aps.system.services.oauth2.model.OAuth2Token) ApsSystemException(com.agiletec.aps.system.exception.ApsSystemException) IAuthorizationManager(com.agiletec.aps.system.services.authorization.IAuthorizationManager) Role(com.agiletec.aps.system.services.role.Role) OAuthProblemException(org.apache.oltu.oauth2.common.exception.OAuthProblemException) UserDetails(com.agiletec.aps.system.services.user.UserDetails) IApiOAuth2TokenManager(org.entando.entando.aps.system.services.oauth2.IApiOAuth2TokenManager)

Aggregations

IUserManager (com.agiletec.aps.system.services.user.IUserManager)5 UserDetails (com.agiletec.aps.system.services.user.UserDetails)4 IAuthenticationProviderManager (com.agiletec.aps.system.services.user.IAuthenticationProviderManager)2 OAuthProblemException (org.apache.oltu.oauth2.common.exception.OAuthProblemException)2 OAuthSystemException (org.apache.oltu.oauth2.common.exception.OAuthSystemException)2 ApsSystemException (com.agiletec.aps.system.exception.ApsSystemException)1 IAuthorizationManager (com.agiletec.aps.system.services.authorization.IAuthorizationManager)1 ConfigInterface (com.agiletec.aps.system.services.baseconfig.ConfigInterface)1 ICategoryManager (com.agiletec.aps.system.services.category.ICategoryManager)1 II18nManager (com.agiletec.aps.system.services.i18n.II18nManager)1 IKeyGeneratorManager (com.agiletec.aps.system.services.keygenerator.IKeyGeneratorManager)1 ILangManager (com.agiletec.aps.system.services.lang.ILangManager)1 IPageManager (com.agiletec.aps.system.services.page.IPageManager)1 IPageModelManager (com.agiletec.aps.system.services.pagemodel.IPageModelManager)1 IRoleManager (com.agiletec.aps.system.services.role.IRoleManager)1 Role (com.agiletec.aps.system.services.role.Role)1 IURLManager (com.agiletec.aps.system.services.url.IURLManager)1 OAuthTokenRequest (org.apache.oltu.oauth2.as.request.OAuthTokenRequest)1 OAuthAccessResourceRequest (org.apache.oltu.oauth2.rs.request.OAuthAccessResourceRequest)1 ICacheInfoManager (org.entando.entando.aps.system.services.cache.ICacheInfoManager)1