use of com.agiletec.aps.system.services.user.IUserManager in project entando-core by entando.
the class TokenEndpointServlet method validateClientWithAuthorizationCode.
private OAuthResponse validateClientWithAuthorizationCode(HttpServletRequest request) throws Throwable {
try {
final OAuthTokenRequest oauthRequest = new OAuthTokenRequest(request);
IOAuthConsumerManager consumerManager = (IOAuthConsumerManager) ApsWebApplicationUtils.getBean(SystemConstants.OAUTH_CONSUMER_MANAGER, request);
IApiOAuthorizationCodeManager codeManager = (IApiOAuthorizationCodeManager) ApsWebApplicationUtils.getBean(SystemConstants.OAUTH2_AUTHORIZATION_CODE_MANAGER, request);
if (oauthRequest.getParam(OAuth.OAUTH_GRANT_TYPE).equals(GrantType.AUTHORIZATION_CODE.toString()) || oauthRequest.getParam(OAuth.OAUTH_GRANT_TYPE).equals(GrantType.REFRESH_TOKEN.toString())) {
final String clientId = oauthRequest.getClientId();
final String oauthType = GrantType.AUTHORIZATION_CODE.toString();
final String authCode = oauthRequest.getParam(OAuth.OAUTH_CODE);
final String clientSecret = oauthRequest.getClientSecret();
boolean checkVerifyAccess = codeManager.verifyAccess(clientId, clientSecret, consumerManager);
if (!checkVerifyAccess) {
_logger.error(ERROR_AUTHENTICATION_FAILED);
return null;
} else if (!codeManager.verifyCode(authCode, request.getRemoteAddr())) {
_logger.error("OAuth2 authcode does not match or the source of client is different");
return null;
}
return this.registerToken(request, clientId, oauthType, null);
} else if (oauthRequest.getParam(OAuth.OAUTH_GRANT_TYPE).equals(GrantType.PASSWORD.toString())) {
final String username = oauthRequest.getUsername();
final String password = oauthRequest.getPassword();
final String oauthType = GrantType.PASSWORD.toString();
IUserManager userManager = (IUserManager) ApsWebApplicationUtils.getBean(SystemConstants.USER_MANAGER, request);
UserDetails user = userManager.getUser(username, password);
if (user == null) {
_logger.error(ERROR_AUTHENTICATION_FAILED);
return null;
}
return this.registerToken(request, username, oauthType, null);
} else {
return null;
}
} catch (OAuthSystemException e) {
_logger.error("OAuthSystemException - {} ", e);
return null;
} catch (OAuthProblemException e) {
_logger.error("OAuthProblemException - {} ", e.getError().concat(" ").concat(e.getDescription()));
_logger.debug("OAuthProblemException - {} ", e);
return null;
}
}
use of com.agiletec.aps.system.services.user.IUserManager in project entando-core by entando.
the class BaseTestCase method getUser.
/**
* Return a user (with his autority) by username.
*
* @param username The username
* @param password The password
* @return The required user.
* @throws Exception In case of error.
*/
protected UserDetails getUser(String username, String password) throws Exception {
IAuthenticationProviderManager provider = (IAuthenticationProviderManager) this.getService(SystemConstants.AUTHENTICATION_PROVIDER_MANAGER);
IUserManager userManager = (IUserManager) this.getService(SystemConstants.USER_MANAGER);
UserDetails user = null;
if (username.equals(SystemConstants.GUEST_USER_NAME)) {
user = userManager.getGuestUser();
} else {
user = provider.getUser(username, password);
}
return user;
}
use of com.agiletec.aps.system.services.user.IUserManager in project entando-core by entando.
the class ApsAdminBaseTestCase method getUser.
/**
* Return a user (with his autority) by username.
*
* @param username The username
* @param password The password
* @return The required user.
* @throws Exception In case of error.
*/
protected UserDetails getUser(String username, String password) throws Exception {
IAuthenticationProviderManager provider = (IAuthenticationProviderManager) this.getService(SystemConstants.AUTHENTICATION_PROVIDER_MANAGER);
IUserManager userManager = (IUserManager) this.getService(SystemConstants.USER_MANAGER);
UserDetails user = null;
if (username.equals(SystemConstants.GUEST_USER_NAME)) {
user = userManager.getGuestUser();
} else {
user = provider.getUser(username, password);
}
return user;
}
use of com.agiletec.aps.system.services.user.IUserManager in project entando-core by entando.
the class TestApplicationContext method testGetServices.
public void testGetServices() {
ConfigInterface configManager = (ConfigInterface) this.getService(SystemConstants.BASE_CONFIG_MANAGER);
assertNotNull(configManager);
ICacheInfoManager cacheInfoManager = (ICacheInfoManager) this.getService(SystemConstants.CACHE_INFO_MANAGER);
assertNotNull(cacheInfoManager);
ILangManager langManager = (ILangManager) this.getService(SystemConstants.LANGUAGE_MANAGER);
assertNotNull(langManager);
IWidgetTypeManager showletTypeManager = (IWidgetTypeManager) this.getService(SystemConstants.WIDGET_TYPE_MANAGER);
assertNotNull(showletTypeManager);
IPageModelManager pageModelManager = (IPageModelManager) this.getService(SystemConstants.PAGE_MODEL_MANAGER);
assertNotNull(pageModelManager);
IPageManager pageManager = (IPageManager) this.getService(SystemConstants.PAGE_MANAGER);
assertNotNull(pageManager);
IRoleManager roleManager = (IRoleManager) this.getService(SystemConstants.ROLE_MANAGER);
assertNotNull(roleManager);
IUserManager userManager = (IUserManager) this.getService(SystemConstants.USER_MANAGER);
assertNotNull(userManager);
IURLManager urlManager = (IURLManager) this.getService(SystemConstants.URL_MANAGER);
assertNotNull(urlManager);
II18nManager i18nManager = (II18nManager) this.getService(SystemConstants.I18N_MANAGER);
assertNotNull(i18nManager);
// ControllerManager controller = (ControllerManager) this.getService(SystemConstants.CONTROLLER_MANAGER);
// assertNotNull(controller);
IKeyGeneratorManager keyGeneratorManager = (IKeyGeneratorManager) this.getService(SystemConstants.KEY_GENERATOR_MANAGER);
assertNotNull(keyGeneratorManager);
ICategoryManager categoryManager = (ICategoryManager) this.getService(SystemConstants.CATEGORY_MANAGER);
assertNotNull(categoryManager);
}
use of com.agiletec.aps.system.services.user.IUserManager in project entando-core by entando.
the class ApiRestServer method extractOAuthParameters.
protected void extractOAuthParameters(HttpServletRequest request, String permission) throws ApiException {
try {
_logger.info("Permission required: {}", permission);
OAuthAccessResourceRequest requestMessage = new OAuthAccessResourceRequest(request, ParameterStyle.HEADER);
// Get the access token
String accessToken = requestMessage.getAccessToken();
IApiOAuth2TokenManager tokenManager = (IApiOAuth2TokenManager) ApsWebApplicationUtils.getBean(IApiOAuth2TokenManager.BEAN_NAME, request);
final OAuth2Token token = tokenManager.getApiOAuth2Token(accessToken);
if (token != null) {
// Validate the access token
if (!token.getAccessToken().equals(accessToken)) {
throw new ApiException(IApiErrorCodes.API_AUTHENTICATION_REQUIRED, "Token does not match", Response.Status.UNAUTHORIZED);
} else // check if access token is expired
if (token.getExpiresIn().getTime() < System.currentTimeMillis()) {
throw new ApiException(IApiErrorCodes.API_AUTHENTICATION_REQUIRED, "Token expired", Response.Status.UNAUTHORIZED);
}
String username = token.getClientId();
IUserManager userManager = (IUserManager) ApsWebApplicationUtils.getBean(SystemConstants.USER_MANAGER, request);
UserDetails user = userManager.getUser(username);
if (user != null) {
_logger.info("User {} requesting resource that requires {} permission ", username, permission);
request.getSession().setAttribute(SystemConstants.SESSIONPARAM_CURRENT_USER, user);
if (permission != null) {
IAuthorizationManager authManager = (IAuthorizationManager) ApsWebApplicationUtils.getBean(SystemConstants.AUTHORIZATION_SERVICE, request);
user.addAuthorizations(authManager.getUserAuthorizations(username));
if (!authManager.isAuthOnPermission(user, permission)) {
List<Role> roles = authManager.getUserRoles(user);
for (Role role : roles) {
_logger.info("User {} requesting resource has {} permission ", username, role.getPermissions().toArray()[0]);
}
_logger.info("User {} requesting resource has {} permission ", username, "none");
throw new ApiException(IApiErrorCodes.API_AUTHENTICATION_REQUIRED, "Authentication Required", Response.Status.UNAUTHORIZED);
}
}
}
} else {
if (accessToken != null) {
throw new ApiException(IApiErrorCodes.API_AUTHENTICATION_REQUIRED, "Token not found, request new one", Response.Status.UNAUTHORIZED);
}
throw new ApiException(IApiErrorCodes.API_AUTHENTICATION_REQUIRED, "Authentication Required", Response.Status.UNAUTHORIZED);
}
} catch (OAuthSystemException | ApsSystemException | OAuthProblemException ex) {
_logger.error("System exception {}", ex);
throw new ApiException(IApiErrorCodes.SERVER_ERROR, ex.getMessage(), Response.Status.INTERNAL_SERVER_ERROR);
}
}
Aggregations