use of com.genexus.security.GXResult in project JavaClasses by genexuslabs.
the class GxRestService method isAuthenticated.
private boolean isAuthenticated(IHttpServletRequest myServletRequest, int integratedSecurityLevel, boolean useAuthentication, String objPermissionPrefix) {
if (!useAuthentication) {
return true;
} else {
String token = myServletRequest.getHeader("Authorization");
if (token == null) {
gamError = "0";
SetError(gamError, "This service needs an Authorization Header");
return false;
} else {
GXResult result;
token = myServletRequest.getHeader("Authorization").replace("OAuth ", "");
boolean[] flag = new boolean[] { false };
boolean[] permissionFlag = new boolean[] { false };
ModelContext modelContext = ModelContext.getModelContext(getClass());
modelContext.setHttpContext(restHttpContext);
if (integratedSecurityLevel == SECURITY_LOW) {
result = GXSecurityProvider.getInstance().checkaccesstoken(remoteHandle, modelContext, token, flag);
if (!flag[0]) {
gamError = result.getCode();
String message = result.getDescription();
SetError(gamError, message);
return false;
} else {
return true;
}
} else {
result = GXSecurityProvider.getInstance().checkaccesstokenprm(remoteHandle, modelContext, token, objPermissionPrefix, permissionFlag, flag);
if (flag[0]) {
return true;
} else {
gamError = result.getCode();
String messagePermission = result.getDescription();
SetError(gamError, messagePermission);
if (permissionFlag[0]) {
forbidden = true;
}
return false;
}
}
}
}
}
use of com.genexus.security.GXResult in project JavaClasses by genexuslabs.
the class GXWebObjectStub method callExecute.
protected void callExecute(String method, IHttpServletRequest req, IHttpServletResponse res) throws ServletException {
initialize(req, res);
HttpContext httpContext = null;
try {
String gxcfg = getWrappedServletContext().getInitParameter("gxcfg");
if (gxcfg != null) {
Class gxcfgClass = Class.forName(gxcfg);
ModelContext.gxcfgPackageClass = gxcfgClass;
ApplicationContext appContext = ApplicationContext.getInstance();
appContext.setServletEngine(true);
Application.init(gxcfgClass);
}
httpContext = new HttpContextWeb(method, req, res, getWrappedServletContext());
if (logger.isDebugEnabled())
dumpRequestInfo(httpContext);
boolean useAuthentication = IntegratedSecurityEnabled();
if (!useAuthentication) {
callDoExecute(httpContext);
} else {
init(httpContext);
if (IntegratedSecurityLevel() == SECURITY_GXOBJECT) {
httpContext.doNotCompress(true);
}
new WebApplicationStartup().init(getClass(), httpContext);
boolean[] flag = new boolean[] { false };
boolean[] permissionFlag = new boolean[] { false };
String reqUrl = req.getRequestURL().toString();
if (req.getMethod().equals("POST")) {
if (EncryptURLParameters().equals("SESSION"))
reqUrl = "";
else
reqUrl = req.getHeader("Referer");
} else {
String queryString = req.getQueryString();
if (queryString != null) {
reqUrl += "?" + queryString;
}
}
ModelContext modelContext = ModelContext.getModelContext(getClass());
modelContext.setHttpContext(httpContext);
ApplicationContext.getInstance().setPoolConnections(!Namespace.createNamespace(modelContext).isRemoteGXDB());
String loginObject = Application.getClientContext().getClientPreferences().getProperty("IntegratedSecurityLoginWeb", "");
loginObject = GXutil.getClassName(loginObject);
String loginObjectURL = URLRouter.getURLRoute(loginObject.toLowerCase(), new String[] {}, new String[] {}, httpContext.getRequest().getContextPath(), modelContext.getPackageName());
String permissionPrefix = IntegratedSecurityPermissionPrefix();
if (IntegratedSecurityLevel() == SECURITY_GXOBJECT) {
String token = req.getHeader("Authorization");
if (token != null && token.length() > 0) {
token = token.replace("OAuth ", "");
GXResult result = GXSecurityProvider.getInstance().checkaccesstoken(-2, modelContext, token, flag);
} else {
token = "";
GXSecurityProvider.getInstance().checksession(-2, modelContext, reqUrl, flag);
}
if (!flag[0]) {
String OauthRealm = "OAuth realm=\"" + httpContext.getRequest().getServerName() + "\"";
httpContext.getResponse().addHeader("WWW-Authenticate", OauthRealm);
httpContext.sendResponseStatus(401, "Not Authorized");
} else {
callDoExecute(httpContext);
}
} else if (IntegratedSecurityLevel() == SECURITY_LOW) {
GXSecurityProvider.getInstance().checksession(-2, modelContext, reqUrl, flag);
if (!flag[0]) {
httpContext.redirect(loginObjectURL, true);
} else {
callDoExecute(httpContext);
}
} else {
GXSecurityProvider.getInstance().checksessionprm(-2, modelContext, reqUrl, permissionPrefix, flag, permissionFlag);
if (permissionFlag[0]) {
callDoExecute(httpContext);
} else {
String notAuthorizedObject = Application.getClientContext().getClientPreferences().getProperty("IntegratedSecurityNotAuthorizedWeb", "");
notAuthorizedObject = GXutil.getClassName(notAuthorizedObject);
String notAuthorizedObjectURL = URLRouter.getURLRoute(notAuthorizedObject.toLowerCase(), new String[] {}, new String[] {}, httpContext.getRequest().getContextPath(), modelContext.getPackageName());
if (flag[0]) {
httpContext.redirect(notAuthorizedObjectURL, true);
} else {
httpContext.redirect(loginObjectURL, true);
}
}
}
}
httpContext.setResponseCommited();
httpContext.flushStream();
} catch (Throwable e) {
if (!res.isCommitted())
res.reset();
logger.error("Web Execution Error", e);
if (logger.isDebugEnabled() && httpContext != null)
dumpRequestInfo(httpContext);
throw new ServletException(com.genexus.PrivateUtilities.getStackTraceAsString(e));
}
}
use of com.genexus.security.GXResult in project JavaClasses by genexuslabs.
the class GXOAuthAccessToken method doExecute.
protected void doExecute(HttpContext context) throws Exception {
new WebApplicationStartup().init(Application.gxCfg, context);
context.setStream();
try {
boolean isRefreshToken = false;
boolean isDevice = false;
boolean isExternalSDAuth = false;
String clientId = context.getHttpRequest().getVariable("client_id");
String clientSecret = context.getHttpRequest().getVariable("client_secret");
String grantType = context.getHttpRequest().getVariable("grant_type");
String nativeToken = context.getHttpRequest().getVariable("native_token");
String nativeVerifier = context.getHttpRequest().getVariable("native_verifier");
String avoid_redirect = context.getHttpRequest().getVariable("avoid_redirect");
String refreshToken = "";
String userName = "";
String userPassword = "";
String additional_parameters = "";
String scope = "";
if (grantType.equalsIgnoreCase("refresh_token")) {
refreshToken = context.getHttpRequest().getVariable("refresh_token");
isRefreshToken = true;
} else {
if (grantType.equalsIgnoreCase("device")) {
isDevice = true;
} else {
if (!nativeToken.equals("")) {
isExternalSDAuth = true;
additional_parameters = context.getHttpRequest().getVariable("additional_parameters");
} else {
userName = context.getHttpRequest().getVariable("username");
userPassword = context.getHttpRequest().getVariable("password");
scope = context.getHttpRequest().getVariable("scope");
additional_parameters = context.getHttpRequest().getVariable("additional_parameters");
}
}
}
OutData gamout = new OutData();
GXResult result;
String[] redirectURL = new String[] { "" };
boolean[] flag = new boolean[] { false };
String[] scopeInOut = new String[] { scope };
ModelContext modelContext = new ModelContext(Application.gxCfg);
modelContext.setHttpContext(context);
ModelContext.getModelContext().setHttpContext(context);
if (isRefreshToken) {
result = GXSecurityProvider.getInstance().refreshtoken(-2, modelContext, clientId, clientSecret, refreshToken, gamout, flag);
} else {
if (isDevice) {
result = GXSecurityProvider.getInstance().logindevice(-2, modelContext, clientId, clientSecret, gamout, flag);
} else {
if (isExternalSDAuth) {
result = GXSecurityProvider.getInstance().externalauthenticationfromsdusingtoken(-2, modelContext, grantType, nativeToken, nativeVerifier, clientId, clientSecret, scopeInOut, additional_parameters, gamout, flag);
} else {
if (additional_parameters.equals("")) {
result = GXSecurityProvider.getInstance().oauthauthentication(-2, modelContext, grantType, userName, userPassword, clientId, clientSecret, scope, gamout, redirectURL, flag);
} else {
result = GXSecurityProvider.getInstance().oauthauthentication(-2, modelContext, grantType, userName, userPassword, clientId, clientSecret, scope, additional_parameters, gamout, redirectURL, flag);
}
}
}
}
if (!flag[0]) {
context.getResponse().setContentType("application/json");
String gamError = result.getCode();
if (gamError.equals("400") || gamError.equals("410")) {
context.getResponse().setStatus(202);
} else {
context.getResponse().setStatus(401);
}
String messagePermission = result.getDescription();
String messagePermissionEncoded = messagePermission;
if (PrivateUtilities.containsNoAsciiCharacter(messagePermission)) {
messagePermissionEncoded = PrivateUtilities.encodeURL(messagePermission);
messagePermissionEncoded = "Encoded:" + messagePermissionEncoded;
}
String OauthRealm = "OAuth realm=\"" + context.getRequest().getServerName() + "\"" + ",error_code=\"" + gamError + "\"" + ",error_description=\"" + messagePermissionEncoded + "\"";
context.getResponse().addHeader("WWW-Authenticate", OauthRealm);
SetError(gamError, messagePermission);
context.writeText(errorJson.toString());
context.getResponse().flushBuffer();
return;
} else {
if (!isDevice && !isRefreshToken && ((String) gamout.get("gxTpr_Access_token")).equals("")) {
context.getResponse().setContentType("application/json");
if (avoid_redirect != null && !avoid_redirect.equals(""))
context.getResponse().setStatus(200);
else
context.getResponse().setStatus(303);
context.getResponse().addHeader("location", redirectURL[0]);
JSONObject jObj = new JSONObject();
jObj.put("Location", redirectURL[0]);
context.writeText(jObj.toString());
context.getResponse().flushBuffer();
return;
} else {
context.getResponse().setContentType("application/json");
context.getResponse().setStatus(200);
context.writeText((String) gamout.getjsonString());
context.getResponse().flushBuffer();
return;
}
}
} catch (Throwable e) {
e.printStackTrace();
context.sendResponseStatus(404, e.getMessage());
}
}
Aggregations