use of com.bluenimble.platform.api.ApiOutput in project serverless by bluenimble.
the class ScriptableApiServiceSpi method execute.
@Override
public ApiOutput execute(Api api, ApiConsumer consumer, ApiRequest request, ApiResponse response) throws ApiServiceExecutionException {
Object jsApi = ((SpecAndSpiPair) api.getHelper()).spec();
if (jsApi == null) {
throw new ApiServiceExecutionException("api '" + api.getNamespace() + "' doesn't support scripting");
}
SpecAndSpiPair serviceHelper = (SpecAndSpiPair) request.getService().getHelper();
Object spi = serviceHelper.spi();
if (spi == null) {
throw new ApiServiceExecutionException("service spi not found");
}
ScriptingEngine engine = api.space().feature(ScriptingEngine.class, ApiSpace.Features.Default, request);
if (!engine.has(spi, Functions.Execute)) {
return null;
}
// invoke execute
Object result = null;
try {
result = engine.invoke(spi, Functions.Execute, jsApi, consumer, request, response);
} catch (ScriptingEngineException ex) {
ex.setScript(Json.getString(request.getService().getRuntime(), Api.Spec.Runtime.Function));
throw new ApiServiceExecutionException(ex.getMessage(), ex);
}
if (result == null || (result instanceof Undefined)) {
return null;
}
if (ApiOutput.class.isAssignableFrom(result.getClass())) {
return (ApiOutput) result;
}
if (ScriptObjectMirror.class.isAssignableFrom(result.getClass())) {
ScriptObjectMirror som = (ScriptObjectMirror) result;
Object clazz = som.get(ClassField);
if (clazz == null) {
return new ApiSomOutput(som);
}
if (clazz.equals(ApiOutputClass)) {
return (ApiOutput) som.getMember(ProxyField);
}
}
Object converted = Converters.convert(result);
if (converted instanceof JsonArray) {
converted = new JsonObject().set(ApiOutput.Defaults.Items, converted);
}
if (!(converted instanceof JsonObject)) {
throw new ApiServiceExecutionException("result should be a valid json object");
}
return new JsonApiOutput((JsonObject) converted);
}
use of com.bluenimble.platform.api.ApiOutput in project serverless by bluenimble.
the class LoginServiceSpi method execute.
@Override
public ApiOutput execute(Api api, ApiConsumer consumer, ApiRequest request, ApiResponse response) throws ApiServiceExecutionException {
JsonObject config = request.getService().getCustom();
JsonObject payload = (JsonObject) request.get(ApiRequest.Payload);
Database db = api.space().feature(Database.class, Json.getString(config, Config.Database, ApiSpace.Features.Default), request);
boolean encryptPassword = Json.getBoolean(config, Config.EncryptPassword, true);
DatabaseObject account = null;
try {
JsonObject query = Json.getObject(config, Config.Query);
if (query == null) {
query = new JsonObject();
JsonObject where = new JsonObject();
query.set(Query.Construct.where.name(), where);
where.set(Json.getString(config, Config.UserProperty, Fields.Email), payload.get(Spec.User));
where.set(Json.getString(config, Config.PasswordProperty, Fields.Password), encryptPassword ? Crypto.md5(Json.getString(payload, Spec.Password), Encodings.UTF8) : Json.getString(payload, Spec.Password));
}
account = db.findOne(Json.getString(config, Config.UsersEntity, Defaults.Users), new JsonQuery(query));
} catch (Exception ex) {
throw new ApiServiceExecutionException(ex.getMessage(), ex);
}
if (account == null) {
throw new ApiServiceExecutionException("account not found").status(ApiResponse.UNAUTHORIZED);
}
boolean active = true;
boolean requiresActivation = Json.getBoolean(config, Config.RequiresActivation, false);
if (requiresActivation && account.get(Json.getString(config, Config.ActivationCodeProperty, Defaults.ActivationCode)) != null) {
active = false;
}
JsonObject oAccount = account.toJson(DefaultDatabaseObjectSerializer.Default);
oAccount.remove(Json.getString(config, Config.PasswordProperty, Spec.Password));
if (active) {
Date now = new Date();
// update lastLogin
try {
account.set(Json.getString(config, Config.LastLoginProperty, Fields.LastLogin), now);
account.save();
} catch (Exception ex) {
throw new ApiServiceExecutionException(ex.getMessage(), ex);
}
// create token
String[] tokenAndExpiration = SecurityUtils.tokenAndExpiration(api, oAccount, now);
oAccount.set(Defaults.Token, tokenAndExpiration[0]);
oAccount.set(Defaults.ExpiresOn, tokenAndExpiration[1]);
}
// call extend if any
JsonObject onFinish = Json.getObject(config, Config.onFinish.class.getSimpleName());
ApiOutput onFinishOutput = SecurityUtils.onFinish(api, consumer, request, onFinish, oAccount);
oAccount.remove(Database.Fields.Id);
if (onFinishOutput != null) {
oAccount.set(Json.getString(onFinish, Config.onFinish.ResultProperty, Config.onFinish.class.getSimpleName()), onFinishOutput.data());
}
return new JsonApiOutput(oAccount);
}
use of com.bluenimble.platform.api.ApiOutput in project serverless by bluenimble.
the class OAuthServiceSpi method execute.
@Override
public ApiOutput execute(Api api, ApiConsumer consumer, ApiRequest request, ApiResponse response) throws ApiServiceExecutionException {
JsonObject config = request.getService().getCustom();
JsonObject providers = Json.getObject(config, Providers);
JsonObject provider = Json.getObject(providers, (String) request.get(Spec.Provider));
if (provider == null || provider.isEmpty()) {
throw new ApiServiceExecutionException("provider " + request.get(Spec.Provider) + " not supported").status(ApiResponse.NOT_ACCEPTABLE);
}
JsonObject oAuthKeys = Json.getObject(provider, OAuth.Keys);
if (oAuthKeys == null || oAuthKeys.isEmpty()) {
throw new ApiServiceExecutionException("provider " + request.get(Spec.Provider) + ". client_id and client_secret not found").status(ApiResponse.NOT_ACCEPTABLE);
}
JsonObject oAuthEndpoints = Json.getObject(provider, OAuth.Endpoints);
if (oAuthEndpoints == null || oAuthEndpoints.isEmpty()) {
throw new ApiServiceExecutionException("provider " + request.get(Spec.Provider) + ". oAuth endpoints authorize and profile not configured").status(ApiResponse.NOT_ACCEPTABLE);
}
JsonObject endpoint = Json.getObject(oAuthEndpoints, OAuth.Urls.Authorize);
if (endpoint == null || endpoint.isEmpty()) {
throw new ApiServiceExecutionException("provider " + request.get(Spec.Provider) + ". oAuth authorize endpoint not configured").status(ApiResponse.NOT_ACCEPTABLE);
}
JsonObject data = (JsonObject) new JsonObject().set(OAuth.Code, request.get(Spec.AuthCode)).set(OAuth.ClientId, Json.getString(oAuthKeys, OAuth.ClientId)).set(OAuth.ClientSecret, Json.getString(oAuthKeys, OAuth.ClientSecret));
if (provider.containsKey(OAuth.Redirect)) {
data.set(OAuth.RedirectUri, Json.getString(provider, OAuth.Redirect));
}
JsonObject params = Json.getObject(endpoint, OAuth.Endpoint.Parameters);
if (params != null && !params.isEmpty()) {
Iterator<String> keys = params.keys();
while (keys.hasNext()) {
String p = keys.next();
data.set(p, params.get(p));
}
}
JsonObject hRequest = (JsonObject) new JsonObject().set(OAuth.Endpoint.Url, Json.getString(endpoint, OAuth.Endpoint.Url)).set(OAuth.Endpoint.Headers, new JsonObject().set(HttpHeaders.ACCEPT, ContentTypes.Json)).set(OAuth.Endpoint.Data, data);
HttpResponse hResponse = null;
try {
hResponse = Http.post(hRequest, null);
} catch (HttpClientException e) {
throw new ApiServiceExecutionException(e.getMessage(), e);
}
if (hResponse.getStatus() != 200) {
throw new ApiServiceExecutionException("invalid authorization code");
}
InputStream out = hResponse.getBody().get(0).toInputStream();
JsonObject oAuthResult = null;
try {
oAuthResult = new JsonObject(out);
} catch (Exception e) {
throw new ApiServiceExecutionException(e.getMessage(), e);
} finally {
IOUtils.closeQuietly(out);
}
// get profile
endpoint = Json.getObject(oAuthEndpoints, OAuth.Urls.Profile);
if (endpoint == null || endpoint.isEmpty()) {
return new JsonApiOutput(oAuthResult);
}
String accessToken = Json.getString(oAuthResult, OAuth.AccessToken);
data.clear();
data.set(OAuth.AccessToken, accessToken);
hRequest = (JsonObject) new JsonObject().set(OAuth.Endpoint.Url, Json.getString(endpoint, OAuth.Endpoint.Url)).set(OAuth.Endpoint.Headers, new JsonObject().set(HttpHeaders.ACCEPT, ContentTypes.Json)).set(OAuth.Endpoint.Data, data);
try {
hResponse = Http.post(hRequest, null);
} catch (HttpClientException e) {
throw new ApiServiceExecutionException(e.getMessage(), e);
}
if (hResponse.getStatus() != 200) {
throw new ApiServiceExecutionException("invalid access token");
}
out = hResponse.getBody().get(0).toInputStream();
try {
oAuthResult = new JsonObject(out);
} catch (Exception e) {
throw new ApiServiceExecutionException(e.getMessage(), e);
} finally {
IOUtils.closeQuietly(out);
}
// email endpoint
endpoint = Json.getObject(oAuthEndpoints, OAuth.Urls.Email);
if (endpoint == null || endpoint.isEmpty()) {
return new JsonApiOutput(oAuthResult);
}
hRequest = (JsonObject) new JsonObject().set(OAuth.Endpoint.Url, Json.getString(endpoint, OAuth.Endpoint.Url)).set(OAuth.Endpoint.Headers, new JsonObject().set(HttpHeaders.ACCEPT, ContentTypes.Json)).set(OAuth.Endpoint.Data, data);
try {
hResponse = Http.post(hRequest, null);
} catch (HttpClientException e) {
throw new ApiServiceExecutionException(e.getMessage(), e);
}
if (hResponse.getStatus() != 200) {
throw new ApiServiceExecutionException("invalid access token");
}
out = hResponse.getBody().get(0).toInputStream();
JsonObject oEmail = null;
try {
oEmail = new JsonObject(out);
} catch (Exception e) {
throw new ApiServiceExecutionException(e.getMessage(), e);
} finally {
IOUtils.closeQuietly(out);
}
Iterator<String> keys = oEmail.keys();
while (keys.hasNext()) {
String k = keys.next();
oAuthResult.set(k, oEmail.get(k));
}
// call extend if any
JsonObject onFinish = Json.getObject(config, Config.onFinish.class.getSimpleName());
ApiOutput onFinishOutput = SecurityUtils.onFinish(api, consumer, request, onFinish, oAuthResult);
if (onFinishOutput != null) {
oAuthResult.set(Json.getString(onFinish, Config.onFinish.ResultProperty, Config.onFinish.class.getSimpleName()), onFinishOutput.data());
}
return new JsonApiOutput(oAuthResult);
}
use of com.bluenimble.platform.api.ApiOutput in project serverless by bluenimble.
the class SignupServiceSpi method execute.
@Override
public ApiOutput execute(Api api, ApiConsumer consumer, ApiRequest request, ApiResponse response) throws ApiServiceExecutionException {
JsonObject config = request.getService().getCustom();
JsonObject payload = (JsonObject) request.get(ApiRequest.Payload);
Database db = api.space().feature(Database.class, Json.getString(config, Config.Database, ApiSpace.Features.Default), request);
DatabaseObject account = null;
try {
JsonObject where = null;
JsonObject query = Json.getObject(config, Config.Query);
if (query == null) {
query = new JsonObject();
where = new JsonObject();
query.set(Query.Construct.where.name(), where);
} else {
where = Json.getObject(query, Query.Construct.where.name());
}
query.set(Database.Fields.Entity, Json.getString(config, Config.UsersEntity, Defaults.Users));
where.set(Json.getString(config, Config.UserProperty, Fields.Email), Json.getString(payload, Spec.User));
account = db.findOne(null, new JsonQuery(query));
} catch (Exception ex) {
throw new ApiServiceExecutionException(ex.getMessage(), ex);
}
if (account != null) {
throw new ApiServiceExecutionException("account already exists").status(ApiResponse.CONFLICT);
}
boolean requiresActivation = Json.getBoolean(config, Config.RequiresActivation, false);
try {
account = db.create(Json.getString(config, Config.UsersEntity, Defaults.Users));
account.load(payload);
// set user property
account.set(Json.getString(config, Config.UserProperty, Fields.Email), Json.getString(payload, Spec.User));
account.remove(Spec.User);
boolean encryptPassword = Json.getBoolean(config, Config.EncryptPassword, true);
account.set(Json.getString(config, Config.PasswordProperty, Spec.Password), encryptPassword ? Crypto.md5(Json.getString(payload, Spec.Password), Encodings.UTF8) : Json.getString(payload, Spec.Password));
JsonObject extraData = Json.getObject(config, Config.Data);
if (extraData != null && !extraData.isEmpty()) {
Iterator<String> keys = extraData.keys();
while (keys.hasNext()) {
String key = keys.next();
account.set(key, extraData.get(key));
}
}
} catch (Exception ex) {
throw new ApiServiceExecutionException(ex.getMessage(), ex);
}
try {
String activationCode = null;
if (requiresActivation) {
String acType = Json.getString(config, Config.ActivationCodeType, ActivationCodeTypes.CPIN).toLowerCase();
int pinLength = Json.getInteger(config, Config.PinLength, 6);
if (acType.equals(ActivationCodeTypes.CPIN)) {
activationCode = Lang.UUID(pinLength);
} else if (acType.equals(ActivationCodeTypes.NPIN)) {
activationCode = Lang.pin(pinLength);
} else {
activationCode = Lang.rand();
}
account.set(Json.getString(config, Config.ActivationCodeProperty, Defaults.ActivationCode), activationCode);
}
account.save();
} catch (Exception ex) {
throw new ApiServiceExecutionException(ex.getMessage(), ex);
}
payload.remove(Spec.Password);
JsonObject result = account.toJson(DefaultDatabaseObjectSerializer.Default);
String email = Json.getString(payload, Spec.Email);
if (Lang.isNullOrEmpty(email)) {
if (Json.getBoolean(config, Config.UseUserAsEmailAddress, false)) {
email = Json.getString(payload, Spec.User);
}
}
result.remove(Json.getString(config, Config.PasswordProperty, Spec.Password));
if (!requiresActivation || Lang.isNullOrEmpty(email)) {
Date now = new Date();
// update lastLogin
try {
account.set(Json.getString(config, Config.LastLoginProperty, Fields.LastLogin), now);
account.save();
} catch (Exception ex) {
throw new ApiServiceExecutionException(ex.getMessage(), ex);
}
// create token
String[] tokenAndExpiration = SecurityUtils.tokenAndExpiration(api, result, now);
result.set(Defaults.Token, tokenAndExpiration[0]);
result.set(Defaults.ExpiresOn, tokenAndExpiration[1]);
return new JsonApiOutput(result);
}
// requires activation and email is present in payload
JsonObject oEmail = Json.getObject(config, Config.SignupEmail);
String feature = Json.getString(oEmail, Email.Messenger);
String template = Json.getString(oEmail, Email.Template);
if (oEmail != null && !Lang.isNullOrEmpty(feature) && !Lang.isNullOrEmpty(template)) {
String fromEmail = Json.getString(oEmail, Email.FromEmail);
String fromName = Json.getString(oEmail, Email.FromName);
String subject = Json.getString(oEmail, Email.Subject, "Welcome to " + api.getName());
final Messenger messenger = api.space().feature(Messenger.class, feature, request);
final JsonObject emailTemplateData = account.toJson(null);
try {
final String fEmail = email;
api.space().executor().execute(new Callable<Void>() {
@Override
public Void call() {
try {
messenger.send(new JsonSender((JsonObject) new JsonObject().set(JsonActor.Spec.Id, fromEmail).set(JsonActor.Spec.Name, fromName)), new JsonRecipient[] { new JsonRecipient((JsonObject) new JsonObject().set(JsonActor.Spec.Id, fEmail)) }, subject, api.getResourcesManager().get(Lang.split(template, Lang.SLASH)), emailTemplateData);
} catch (Exception ex) {
throw new RuntimeException(ex.getMessage(), ex);
}
return null;
}
}, CodeExecutor.Mode.Async);
} catch (Exception ex) {
throw new ApiServiceExecutionException(ex.getMessage(), ex);
}
}
// call extend if any
JsonObject onFinish = Json.getObject(config, Config.onFinish.class.getSimpleName());
ApiOutput onFinishOutput = SecurityUtils.onFinish(api, consumer, request, onFinish, result);
if (onFinishOutput != null) {
result.set(Json.getString(onFinish, Config.onFinish.ResultProperty, Config.onFinish.class.getSimpleName()), onFinishOutput.data());
}
return new JsonApiOutput(result);
}
use of com.bluenimble.platform.api.ApiOutput in project serverless by bluenimble.
the class ActivateServiceSpi method execute.
@Override
public ApiOutput execute(Api api, ApiConsumer consumer, ApiRequest request, ApiResponse response) throws ApiServiceExecutionException {
JsonObject config = request.getService().getCustom();
Database db = api.space().feature(Database.class, Json.getString(config, Config.Database, ApiSpace.Features.Default), request);
DatabaseObject account = null;
try {
JsonObject query = Json.getObject(config, Config.Query);
if (query == null) {
query = new JsonObject();
JsonObject where = new JsonObject();
query.set(Query.Construct.where.name(), where);
where.set(Json.getString(config, Config.ActivationCodeProperty, Defaults.ActivationCode), request.get(Spec.ActivationCode));
}
account = db.findOne(Json.getString(config, Config.UsersEntity, Defaults.Users), new JsonQuery(query));
} catch (Exception ex) {
throw new ApiServiceExecutionException(ex.getMessage(), ex);
}
if (account == null) {
throw new ApiServiceExecutionException("account not found").status(ApiResponse.NOT_FOUND);
}
Date now = new Date();
// remove activationCode
account.remove(Json.getString(config, Config.ActivationCodeProperty, Defaults.ActivationCode));
// update lastLogin
try {
account.set(Json.getString(config, Config.LastLoginProperty, Fields.LastLogin), now);
account.save();
} catch (Exception ex) {
throw new ApiServiceExecutionException(ex.getMessage(), ex);
}
JsonObject oAccount = account.toJson(DefaultDatabaseObjectSerializer.Default);
// create token
String[] tokenAndExpiration = SecurityUtils.tokenAndExpiration(api, oAccount, now);
oAccount.remove(Json.getString(config, Config.PasswordProperty, Spec.Password));
oAccount.set(Defaults.Token, tokenAndExpiration[0]);
oAccount.set(Defaults.ExpiresOn, tokenAndExpiration[1]);
// call onFinish if any
JsonObject onFinish = Json.getObject(config, Config.onFinish.class.getSimpleName());
ApiOutput onFinishOutput = SecurityUtils.onFinish(api, consumer, request, onFinish, oAccount);
if (onFinishOutput != null) {
oAccount.set(Json.getString(onFinish, Config.onFinish.ResultProperty, Config.onFinish.class.getSimpleName()), onFinishOutput.data());
}
return new JsonApiOutput(oAccount);
}
Aggregations