Search in sources :

Example 61 with JsonObject

use of com.bluenimble.platform.json.JsonObject in project serverless by bluenimble.

the class LoginServiceSpi method execute.

@Override
public ApiOutput execute(Api api, ApiConsumer consumer, ApiRequest request, ApiResponse response) throws ApiServiceExecutionException {
    JsonObject config = request.getService().getCustom();
    JsonObject payload = (JsonObject) request.get(ApiRequest.Payload);
    Database db = api.space().feature(Database.class, Json.getString(config, Config.Database, ApiSpace.Features.Default), request);
    boolean encryptPassword = Json.getBoolean(config, Config.EncryptPassword, true);
    DatabaseObject account = null;
    try {
        JsonObject query = Json.getObject(config, Config.Query);
        if (query == null) {
            query = new JsonObject();
            JsonObject where = new JsonObject();
            query.set(Query.Construct.where.name(), where);
            where.set(Json.getString(config, Config.UserProperty, Fields.Email), payload.get(Spec.User));
            where.set(Json.getString(config, Config.PasswordProperty, Fields.Password), encryptPassword ? Crypto.md5(Json.getString(payload, Spec.Password), Encodings.UTF8) : Json.getString(payload, Spec.Password));
        }
        account = db.findOne(Json.getString(config, Config.UsersEntity, Defaults.Users), new JsonQuery(query));
    } catch (Exception ex) {
        throw new ApiServiceExecutionException(ex.getMessage(), ex);
    }
    if (account == null) {
        throw new ApiServiceExecutionException("account not found").status(ApiResponse.UNAUTHORIZED);
    }
    boolean active = true;
    boolean requiresActivation = Json.getBoolean(config, Config.RequiresActivation, false);
    if (requiresActivation && account.get(Json.getString(config, Config.ActivationCodeProperty, Defaults.ActivationCode)) != null) {
        active = false;
    }
    JsonObject oAccount = account.toJson(DefaultDatabaseObjectSerializer.Default);
    oAccount.remove(Json.getString(config, Config.PasswordProperty, Spec.Password));
    if (active) {
        Date now = new Date();
        // update lastLogin
        try {
            account.set(Json.getString(config, Config.LastLoginProperty, Fields.LastLogin), now);
            account.save();
        } catch (Exception ex) {
            throw new ApiServiceExecutionException(ex.getMessage(), ex);
        }
        // create token
        String[] tokenAndExpiration = SecurityUtils.tokenAndExpiration(api, oAccount, now);
        oAccount.set(Defaults.Token, tokenAndExpiration[0]);
        oAccount.set(Defaults.ExpiresOn, tokenAndExpiration[1]);
    }
    // call extend if any
    JsonObject onFinish = Json.getObject(config, Config.onFinish.class.getSimpleName());
    ApiOutput onFinishOutput = SecurityUtils.onFinish(api, consumer, request, onFinish, oAccount);
    oAccount.remove(Database.Fields.Id);
    if (onFinishOutput != null) {
        oAccount.set(Json.getString(onFinish, Config.onFinish.ResultProperty, Config.onFinish.class.getSimpleName()), onFinishOutput.data());
    }
    return new JsonApiOutput(oAccount);
}
Also used : JsonQuery(com.bluenimble.platform.db.query.impls.JsonQuery) JsonObject(com.bluenimble.platform.json.JsonObject) ApiServiceExecutionException(com.bluenimble.platform.api.ApiServiceExecutionException) Date(java.util.Date) ApiOutput(com.bluenimble.platform.api.ApiOutput) JsonApiOutput(com.bluenimble.platform.api.impls.JsonApiOutput) ApiServiceExecutionException(com.bluenimble.platform.api.ApiServiceExecutionException) Database(com.bluenimble.platform.db.Database) DatabaseObject(com.bluenimble.platform.db.DatabaseObject) JsonApiOutput(com.bluenimble.platform.api.impls.JsonApiOutput)

Example 62 with JsonObject

use of com.bluenimble.platform.json.JsonObject in project serverless by bluenimble.

the class OAuthServiceSpi method execute.

@Override
public ApiOutput execute(Api api, ApiConsumer consumer, ApiRequest request, ApiResponse response) throws ApiServiceExecutionException {
    JsonObject config = request.getService().getCustom();
    JsonObject providers = Json.getObject(config, Providers);
    JsonObject provider = Json.getObject(providers, (String) request.get(Spec.Provider));
    if (provider == null || provider.isEmpty()) {
        throw new ApiServiceExecutionException("provider " + request.get(Spec.Provider) + " not supported").status(ApiResponse.NOT_ACCEPTABLE);
    }
    JsonObject oAuthKeys = Json.getObject(provider, OAuth.Keys);
    if (oAuthKeys == null || oAuthKeys.isEmpty()) {
        throw new ApiServiceExecutionException("provider " + request.get(Spec.Provider) + ". client_id and client_secret not found").status(ApiResponse.NOT_ACCEPTABLE);
    }
    JsonObject oAuthEndpoints = Json.getObject(provider, OAuth.Endpoints);
    if (oAuthEndpoints == null || oAuthEndpoints.isEmpty()) {
        throw new ApiServiceExecutionException("provider " + request.get(Spec.Provider) + ". oAuth endpoints authorize and profile not configured").status(ApiResponse.NOT_ACCEPTABLE);
    }
    JsonObject endpoint = Json.getObject(oAuthEndpoints, OAuth.Urls.Authorize);
    if (endpoint == null || endpoint.isEmpty()) {
        throw new ApiServiceExecutionException("provider " + request.get(Spec.Provider) + ". oAuth authorize endpoint not configured").status(ApiResponse.NOT_ACCEPTABLE);
    }
    JsonObject data = (JsonObject) new JsonObject().set(OAuth.Code, request.get(Spec.AuthCode)).set(OAuth.ClientId, Json.getString(oAuthKeys, OAuth.ClientId)).set(OAuth.ClientSecret, Json.getString(oAuthKeys, OAuth.ClientSecret));
    if (provider.containsKey(OAuth.Redirect)) {
        data.set(OAuth.RedirectUri, Json.getString(provider, OAuth.Redirect));
    }
    JsonObject params = Json.getObject(endpoint, OAuth.Endpoint.Parameters);
    if (params != null && !params.isEmpty()) {
        Iterator<String> keys = params.keys();
        while (keys.hasNext()) {
            String p = keys.next();
            data.set(p, params.get(p));
        }
    }
    JsonObject hRequest = (JsonObject) new JsonObject().set(OAuth.Endpoint.Url, Json.getString(endpoint, OAuth.Endpoint.Url)).set(OAuth.Endpoint.Headers, new JsonObject().set(HttpHeaders.ACCEPT, ContentTypes.Json)).set(OAuth.Endpoint.Data, data);
    HttpResponse hResponse = null;
    try {
        hResponse = Http.post(hRequest, null);
    } catch (HttpClientException e) {
        throw new ApiServiceExecutionException(e.getMessage(), e);
    }
    if (hResponse.getStatus() != 200) {
        throw new ApiServiceExecutionException("invalid authorization code");
    }
    InputStream out = hResponse.getBody().get(0).toInputStream();
    JsonObject oAuthResult = null;
    try {
        oAuthResult = new JsonObject(out);
    } catch (Exception e) {
        throw new ApiServiceExecutionException(e.getMessage(), e);
    } finally {
        IOUtils.closeQuietly(out);
    }
    // get profile
    endpoint = Json.getObject(oAuthEndpoints, OAuth.Urls.Profile);
    if (endpoint == null || endpoint.isEmpty()) {
        return new JsonApiOutput(oAuthResult);
    }
    String accessToken = Json.getString(oAuthResult, OAuth.AccessToken);
    data.clear();
    data.set(OAuth.AccessToken, accessToken);
    hRequest = (JsonObject) new JsonObject().set(OAuth.Endpoint.Url, Json.getString(endpoint, OAuth.Endpoint.Url)).set(OAuth.Endpoint.Headers, new JsonObject().set(HttpHeaders.ACCEPT, ContentTypes.Json)).set(OAuth.Endpoint.Data, data);
    try {
        hResponse = Http.post(hRequest, null);
    } catch (HttpClientException e) {
        throw new ApiServiceExecutionException(e.getMessage(), e);
    }
    if (hResponse.getStatus() != 200) {
        throw new ApiServiceExecutionException("invalid access token");
    }
    out = hResponse.getBody().get(0).toInputStream();
    try {
        oAuthResult = new JsonObject(out);
    } catch (Exception e) {
        throw new ApiServiceExecutionException(e.getMessage(), e);
    } finally {
        IOUtils.closeQuietly(out);
    }
    // email endpoint
    endpoint = Json.getObject(oAuthEndpoints, OAuth.Urls.Email);
    if (endpoint == null || endpoint.isEmpty()) {
        return new JsonApiOutput(oAuthResult);
    }
    hRequest = (JsonObject) new JsonObject().set(OAuth.Endpoint.Url, Json.getString(endpoint, OAuth.Endpoint.Url)).set(OAuth.Endpoint.Headers, new JsonObject().set(HttpHeaders.ACCEPT, ContentTypes.Json)).set(OAuth.Endpoint.Data, data);
    try {
        hResponse = Http.post(hRequest, null);
    } catch (HttpClientException e) {
        throw new ApiServiceExecutionException(e.getMessage(), e);
    }
    if (hResponse.getStatus() != 200) {
        throw new ApiServiceExecutionException("invalid access token");
    }
    out = hResponse.getBody().get(0).toInputStream();
    JsonObject oEmail = null;
    try {
        oEmail = new JsonObject(out);
    } catch (Exception e) {
        throw new ApiServiceExecutionException(e.getMessage(), e);
    } finally {
        IOUtils.closeQuietly(out);
    }
    Iterator<String> keys = oEmail.keys();
    while (keys.hasNext()) {
        String k = keys.next();
        oAuthResult.set(k, oEmail.get(k));
    }
    // call extend if any
    JsonObject onFinish = Json.getObject(config, Config.onFinish.class.getSimpleName());
    ApiOutput onFinishOutput = SecurityUtils.onFinish(api, consumer, request, onFinish, oAuthResult);
    if (onFinishOutput != null) {
        oAuthResult.set(Json.getString(onFinish, Config.onFinish.ResultProperty, Config.onFinish.class.getSimpleName()), onFinishOutput.data());
    }
    return new JsonApiOutput(oAuthResult);
}
Also used : HttpClientException(com.bluenimble.platform.http.HttpClientException) ApiOutput(com.bluenimble.platform.api.ApiOutput) JsonApiOutput(com.bluenimble.platform.api.impls.JsonApiOutput) ApiServiceExecutionException(com.bluenimble.platform.api.ApiServiceExecutionException) InputStream(java.io.InputStream) Config(com.bluenimble.platform.api.impls.im.LoginServiceSpi.Config) JsonObject(com.bluenimble.platform.json.JsonObject) HttpResponse(com.bluenimble.platform.http.response.HttpResponse) HttpClientException(com.bluenimble.platform.http.HttpClientException) ApiServiceExecutionException(com.bluenimble.platform.api.ApiServiceExecutionException) JsonApiOutput(com.bluenimble.platform.api.impls.JsonApiOutput)

Example 63 with JsonObject

use of com.bluenimble.platform.json.JsonObject in project serverless by bluenimble.

the class ResendActivationRequestSpi method execute.

@Override
public ApiOutput execute(Api api, ApiConsumer consumer, ApiRequest request, ApiResponse response) throws ApiServiceExecutionException {
    JsonObject config = request.getService().getCustom();
    Database db = api.space().feature(Database.class, Json.getString(config, Config.Database, ApiSpace.Features.Default), request);
    DatabaseObject account = null;
    try {
        account = db.get(Json.getString(config, Config.UsersEntity, Defaults.Users), (String) consumer.get(ApiConsumer.Fields.Id));
    } catch (Exception ex) {
        throw new ApiServiceExecutionException(ex.getMessage(), ex);
    }
    if (account == null) {
        throw new ApiServiceExecutionException("account not found").status(ApiResponse.NOT_FOUND);
    }
    String email = (String) account.get(Json.getString(config, Config.UserProperty, Fields.Email));
    if (Lang.isNullOrEmpty(email)) {
        throw new ApiServiceExecutionException("user email not found").status(ApiResponse.NOT_FOUND);
    }
    JsonObject oEmail = Json.getObject(config, Config.SignupEmail);
    String feature = Json.getString(oEmail, Email.Messenger);
    String template = Json.getString(oEmail, Email.Template);
    if (oEmail != null && !Lang.isNullOrEmpty(feature) && !Lang.isNullOrEmpty(template)) {
        String fromEmail = Json.getString(oEmail, Email.FromEmail);
        String fromName = Json.getString(oEmail, Email.FromName);
        String subject = Json.getString(oEmail, Email.Subject, "Welcome to " + api.getName());
        final Messenger messenger = api.space().feature(Messenger.class, feature, request);
        final JsonObject emailTemplateData = account.toJson(null);
        try {
            final String fEmail = email;
            api.space().executor().execute(new Callable<Void>() {

                @Override
                public Void call() {
                    try {
                        messenger.send(new JsonSender((JsonObject) new JsonObject().set(JsonActor.Spec.Id, fromEmail).set(JsonActor.Spec.Name, fromName)), new JsonRecipient[] { new JsonRecipient((JsonObject) new JsonObject().set(JsonActor.Spec.Id, fEmail)) }, subject, api.getResourcesManager().get(Lang.split(template, Lang.SLASH)), emailTemplateData);
                    } catch (Exception ex) {
                        throw new RuntimeException(ex.getMessage(), ex);
                    }
                    return null;
                }
            }, CodeExecutor.Mode.Async);
        } catch (Exception ex) {
            throw new ApiServiceExecutionException(ex.getMessage(), ex);
        }
    }
    return new JsonApiOutput(JsonObject.Blank);
}
Also used : JsonObject(com.bluenimble.platform.json.JsonObject) JsonRecipient(com.bluenimble.platform.messaging.impls.JsonRecipient) Messenger(com.bluenimble.platform.messaging.Messenger) ApiServiceExecutionException(com.bluenimble.platform.api.ApiServiceExecutionException) JsonSender(com.bluenimble.platform.messaging.impls.JsonSender) ApiServiceExecutionException(com.bluenimble.platform.api.ApiServiceExecutionException) Database(com.bluenimble.platform.db.Database) DatabaseObject(com.bluenimble.platform.db.DatabaseObject) JsonApiOutput(com.bluenimble.platform.api.impls.JsonApiOutput)

Example 64 with JsonObject

use of com.bluenimble.platform.json.JsonObject in project serverless by bluenimble.

the class SignupServiceSpi method execute.

@Override
public ApiOutput execute(Api api, ApiConsumer consumer, ApiRequest request, ApiResponse response) throws ApiServiceExecutionException {
    JsonObject config = request.getService().getCustom();
    JsonObject payload = (JsonObject) request.get(ApiRequest.Payload);
    Database db = api.space().feature(Database.class, Json.getString(config, Config.Database, ApiSpace.Features.Default), request);
    DatabaseObject account = null;
    try {
        JsonObject where = null;
        JsonObject query = Json.getObject(config, Config.Query);
        if (query == null) {
            query = new JsonObject();
            where = new JsonObject();
            query.set(Query.Construct.where.name(), where);
        } else {
            where = Json.getObject(query, Query.Construct.where.name());
        }
        query.set(Database.Fields.Entity, Json.getString(config, Config.UsersEntity, Defaults.Users));
        where.set(Json.getString(config, Config.UserProperty, Fields.Email), Json.getString(payload, Spec.User));
        account = db.findOne(null, new JsonQuery(query));
    } catch (Exception ex) {
        throw new ApiServiceExecutionException(ex.getMessage(), ex);
    }
    if (account != null) {
        throw new ApiServiceExecutionException("account already exists").status(ApiResponse.CONFLICT);
    }
    boolean requiresActivation = Json.getBoolean(config, Config.RequiresActivation, false);
    try {
        account = db.create(Json.getString(config, Config.UsersEntity, Defaults.Users));
        account.load(payload);
        // set user property
        account.set(Json.getString(config, Config.UserProperty, Fields.Email), Json.getString(payload, Spec.User));
        account.remove(Spec.User);
        boolean encryptPassword = Json.getBoolean(config, Config.EncryptPassword, true);
        account.set(Json.getString(config, Config.PasswordProperty, Spec.Password), encryptPassword ? Crypto.md5(Json.getString(payload, Spec.Password), Encodings.UTF8) : Json.getString(payload, Spec.Password));
        JsonObject extraData = Json.getObject(config, Config.Data);
        if (extraData != null && !extraData.isEmpty()) {
            Iterator<String> keys = extraData.keys();
            while (keys.hasNext()) {
                String key = keys.next();
                account.set(key, extraData.get(key));
            }
        }
    } catch (Exception ex) {
        throw new ApiServiceExecutionException(ex.getMessage(), ex);
    }
    try {
        String activationCode = null;
        if (requiresActivation) {
            String acType = Json.getString(config, Config.ActivationCodeType, ActivationCodeTypes.CPIN).toLowerCase();
            int pinLength = Json.getInteger(config, Config.PinLength, 6);
            if (acType.equals(ActivationCodeTypes.CPIN)) {
                activationCode = Lang.UUID(pinLength);
            } else if (acType.equals(ActivationCodeTypes.NPIN)) {
                activationCode = Lang.pin(pinLength);
            } else {
                activationCode = Lang.rand();
            }
            account.set(Json.getString(config, Config.ActivationCodeProperty, Defaults.ActivationCode), activationCode);
        }
        account.save();
    } catch (Exception ex) {
        throw new ApiServiceExecutionException(ex.getMessage(), ex);
    }
    payload.remove(Spec.Password);
    JsonObject result = account.toJson(DefaultDatabaseObjectSerializer.Default);
    String email = Json.getString(payload, Spec.Email);
    if (Lang.isNullOrEmpty(email)) {
        if (Json.getBoolean(config, Config.UseUserAsEmailAddress, false)) {
            email = Json.getString(payload, Spec.User);
        }
    }
    result.remove(Json.getString(config, Config.PasswordProperty, Spec.Password));
    if (!requiresActivation || Lang.isNullOrEmpty(email)) {
        Date now = new Date();
        // update lastLogin
        try {
            account.set(Json.getString(config, Config.LastLoginProperty, Fields.LastLogin), now);
            account.save();
        } catch (Exception ex) {
            throw new ApiServiceExecutionException(ex.getMessage(), ex);
        }
        // create token
        String[] tokenAndExpiration = SecurityUtils.tokenAndExpiration(api, result, now);
        result.set(Defaults.Token, tokenAndExpiration[0]);
        result.set(Defaults.ExpiresOn, tokenAndExpiration[1]);
        return new JsonApiOutput(result);
    }
    // requires activation and email is present in payload
    JsonObject oEmail = Json.getObject(config, Config.SignupEmail);
    String feature = Json.getString(oEmail, Email.Messenger);
    String template = Json.getString(oEmail, Email.Template);
    if (oEmail != null && !Lang.isNullOrEmpty(feature) && !Lang.isNullOrEmpty(template)) {
        String fromEmail = Json.getString(oEmail, Email.FromEmail);
        String fromName = Json.getString(oEmail, Email.FromName);
        String subject = Json.getString(oEmail, Email.Subject, "Welcome to " + api.getName());
        final Messenger messenger = api.space().feature(Messenger.class, feature, request);
        final JsonObject emailTemplateData = account.toJson(null);
        try {
            final String fEmail = email;
            api.space().executor().execute(new Callable<Void>() {

                @Override
                public Void call() {
                    try {
                        messenger.send(new JsonSender((JsonObject) new JsonObject().set(JsonActor.Spec.Id, fromEmail).set(JsonActor.Spec.Name, fromName)), new JsonRecipient[] { new JsonRecipient((JsonObject) new JsonObject().set(JsonActor.Spec.Id, fEmail)) }, subject, api.getResourcesManager().get(Lang.split(template, Lang.SLASH)), emailTemplateData);
                    } catch (Exception ex) {
                        throw new RuntimeException(ex.getMessage(), ex);
                    }
                    return null;
                }
            }, CodeExecutor.Mode.Async);
        } catch (Exception ex) {
            throw new ApiServiceExecutionException(ex.getMessage(), ex);
        }
    }
    // call extend if any
    JsonObject onFinish = Json.getObject(config, Config.onFinish.class.getSimpleName());
    ApiOutput onFinishOutput = SecurityUtils.onFinish(api, consumer, request, onFinish, result);
    if (onFinishOutput != null) {
        result.set(Json.getString(onFinish, Config.onFinish.ResultProperty, Config.onFinish.class.getSimpleName()), onFinishOutput.data());
    }
    return new JsonApiOutput(result);
}
Also used : JsonQuery(com.bluenimble.platform.db.query.impls.JsonQuery) Config(com.bluenimble.platform.api.impls.im.LoginServiceSpi.Config) JsonObject(com.bluenimble.platform.json.JsonObject) JsonRecipient(com.bluenimble.platform.messaging.impls.JsonRecipient) Messenger(com.bluenimble.platform.messaging.Messenger) ApiServiceExecutionException(com.bluenimble.platform.api.ApiServiceExecutionException) Date(java.util.Date) JsonSender(com.bluenimble.platform.messaging.impls.JsonSender) ApiOutput(com.bluenimble.platform.api.ApiOutput) JsonApiOutput(com.bluenimble.platform.api.impls.JsonApiOutput) ApiServiceExecutionException(com.bluenimble.platform.api.ApiServiceExecutionException) Database(com.bluenimble.platform.db.Database) DatabaseObject(com.bluenimble.platform.db.DatabaseObject) JsonApiOutput(com.bluenimble.platform.api.impls.JsonApiOutput)

Example 65 with JsonObject

use of com.bluenimble.platform.json.JsonObject in project serverless by bluenimble.

the class SecurityUtils method salt.

private static String salt(Api api, JsonObject entity) {
    JsonArray fields = Json.getArray(api.getSecurity(), Api.Spec.Security.Encrypt);
    if (fields == null || fields.isEmpty()) {
        return String.valueOf(entity.get(Database.Fields.Id));
    }
    StringBuilder sb = new StringBuilder();
    for (int i = 0; i < fields.count(); i++) {
        Object v = Json.find(entity, Lang.split(String.valueOf(fields.get(i)), Lang.DOT));
        if (v != null) {
            sb.append(String.valueOf(v));
        }
        if (i < (fields.count() - 1)) {
            sb.append(Lang.SEMICOLON);
        }
    }
    String salt = sb.toString();
    sb.setLength(0);
    return salt;
}
Also used : JsonArray(com.bluenimble.platform.json.JsonArray) JsonObject(com.bluenimble.platform.json.JsonObject) Endpoint(com.bluenimble.platform.api.ApiSpace.Endpoint)

Aggregations

JsonObject (com.bluenimble.platform.json.JsonObject)230 ApiServiceExecutionException (com.bluenimble.platform.api.ApiServiceExecutionException)40 DatabaseObject (com.bluenimble.platform.db.DatabaseObject)37 JsonArray (com.bluenimble.platform.json.JsonArray)37 JsonApiOutput (com.bluenimble.platform.api.impls.JsonApiOutput)34 Database (com.bluenimble.platform.db.Database)29 ApiSpace (com.bluenimble.platform.api.ApiSpace)26 File (java.io.File)25 ApiAccessDeniedException (com.bluenimble.platform.api.ApiAccessDeniedException)23 Map (java.util.Map)22 IOException (java.io.IOException)20 CommandExecutionException (com.bluenimble.platform.cli.command.CommandExecutionException)17 JsonQuery (com.bluenimble.platform.db.query.impls.JsonQuery)16 InputStream (java.io.InputStream)14 Date (java.util.Date)14 DefaultCommandResult (com.bluenimble.platform.cli.command.impls.DefaultCommandResult)13 ApiManagementException (com.bluenimble.platform.api.ApiManagementException)12 DefaultDatabaseObjectSerializer (com.bluenimble.platform.db.impls.DefaultDatabaseObjectSerializer)11 HashMap (java.util.HashMap)11 DatabaseException (com.bluenimble.platform.db.DatabaseException)9