Search in sources :

Example 1 with GXResult

use of com.genexus.security.GXResult in project JavaClasses by genexuslabs.

the class GxRestService method isAuthenticated.

private boolean isAuthenticated(IHttpServletRequest myServletRequest, int integratedSecurityLevel, boolean useAuthentication, String objPermissionPrefix) {
    if (!useAuthentication) {
        return true;
    } else {
        String token = myServletRequest.getHeader("Authorization");
        if (token == null) {
            gamError = "0";
            SetError(gamError, "This service needs an Authorization Header");
            return false;
        } else {
            GXResult result;
            token = myServletRequest.getHeader("Authorization").replace("OAuth ", "");
            boolean[] flag = new boolean[] { false };
            boolean[] permissionFlag = new boolean[] { false };
            ModelContext modelContext = ModelContext.getModelContext(getClass());
            modelContext.setHttpContext(restHttpContext);
            if (integratedSecurityLevel == SECURITY_LOW) {
                result = GXSecurityProvider.getInstance().checkaccesstoken(remoteHandle, modelContext, token, flag);
                if (!flag[0]) {
                    gamError = result.getCode();
                    String message = result.getDescription();
                    SetError(gamError, message);
                    return false;
                } else {
                    return true;
                }
            } else {
                result = GXSecurityProvider.getInstance().checkaccesstokenprm(remoteHandle, modelContext, token, objPermissionPrefix, permissionFlag, flag);
                if (flag[0]) {
                    return true;
                } else {
                    gamError = result.getCode();
                    String messagePermission = result.getDescription();
                    SetError(gamError, messagePermission);
                    if (permissionFlag[0]) {
                        forbidden = true;
                    }
                    return false;
                }
            }
        }
    }
}
Also used : GXResult(com.genexus.security.GXResult)

Example 2 with GXResult

use of com.genexus.security.GXResult in project JavaClasses by genexuslabs.

the class GXWebObjectStub method callExecute.

protected void callExecute(String method, IHttpServletRequest req, IHttpServletResponse res) throws ServletException {
    initialize(req, res);
    HttpContext httpContext = null;
    try {
        String gxcfg = getWrappedServletContext().getInitParameter("gxcfg");
        if (gxcfg != null) {
            Class gxcfgClass = Class.forName(gxcfg);
            ModelContext.gxcfgPackageClass = gxcfgClass;
            ApplicationContext appContext = ApplicationContext.getInstance();
            appContext.setServletEngine(true);
            Application.init(gxcfgClass);
        }
        httpContext = new HttpContextWeb(method, req, res, getWrappedServletContext());
        if (logger.isDebugEnabled())
            dumpRequestInfo(httpContext);
        boolean useAuthentication = IntegratedSecurityEnabled();
        if (!useAuthentication) {
            callDoExecute(httpContext);
        } else {
            init(httpContext);
            if (IntegratedSecurityLevel() == SECURITY_GXOBJECT) {
                httpContext.doNotCompress(true);
            }
            new WebApplicationStartup().init(getClass(), httpContext);
            boolean[] flag = new boolean[] { false };
            boolean[] permissionFlag = new boolean[] { false };
            String reqUrl = req.getRequestURL().toString();
            if (req.getMethod().equals("POST")) {
                if (EncryptURLParameters().equals("SESSION"))
                    reqUrl = "";
                else
                    reqUrl = req.getHeader("Referer");
            } else {
                String queryString = req.getQueryString();
                if (queryString != null) {
                    reqUrl += "?" + queryString;
                }
            }
            ModelContext modelContext = ModelContext.getModelContext(getClass());
            modelContext.setHttpContext(httpContext);
            ApplicationContext.getInstance().setPoolConnections(!Namespace.createNamespace(modelContext).isRemoteGXDB());
            String loginObject = Application.getClientContext().getClientPreferences().getProperty("IntegratedSecurityLoginWeb", "");
            loginObject = GXutil.getClassName(loginObject);
            String loginObjectURL = URLRouter.getURLRoute(loginObject.toLowerCase(), new String[] {}, new String[] {}, httpContext.getRequest().getContextPath(), modelContext.getPackageName());
            String permissionPrefix = IntegratedSecurityPermissionPrefix();
            if (IntegratedSecurityLevel() == SECURITY_GXOBJECT) {
                String token = req.getHeader("Authorization");
                if (token != null && token.length() > 0) {
                    token = token.replace("OAuth ", "");
                    GXResult result = GXSecurityProvider.getInstance().checkaccesstoken(-2, modelContext, token, flag);
                } else {
                    token = "";
                    GXSecurityProvider.getInstance().checksession(-2, modelContext, reqUrl, flag);
                }
                if (!flag[0]) {
                    String OauthRealm = "OAuth realm=\"" + httpContext.getRequest().getServerName() + "\"";
                    httpContext.getResponse().addHeader("WWW-Authenticate", OauthRealm);
                    httpContext.sendResponseStatus(401, "Not Authorized");
                } else {
                    callDoExecute(httpContext);
                }
            } else if (IntegratedSecurityLevel() == SECURITY_LOW) {
                GXSecurityProvider.getInstance().checksession(-2, modelContext, reqUrl, flag);
                if (!flag[0]) {
                    httpContext.redirect(loginObjectURL, true);
                } else {
                    callDoExecute(httpContext);
                }
            } else {
                GXSecurityProvider.getInstance().checksessionprm(-2, modelContext, reqUrl, permissionPrefix, flag, permissionFlag);
                if (permissionFlag[0]) {
                    callDoExecute(httpContext);
                } else {
                    String notAuthorizedObject = Application.getClientContext().getClientPreferences().getProperty("IntegratedSecurityNotAuthorizedWeb", "");
                    notAuthorizedObject = GXutil.getClassName(notAuthorizedObject);
                    String notAuthorizedObjectURL = URLRouter.getURLRoute(notAuthorizedObject.toLowerCase(), new String[] {}, new String[] {}, httpContext.getRequest().getContextPath(), modelContext.getPackageName());
                    if (flag[0]) {
                        httpContext.redirect(notAuthorizedObjectURL, true);
                    } else {
                        httpContext.redirect(loginObjectURL, true);
                    }
                }
            }
        }
        httpContext.setResponseCommited();
        httpContext.flushStream();
    } catch (Throwable e) {
        if (!res.isCommitted())
            res.reset();
        logger.error("Web Execution Error", e);
        if (logger.isDebugEnabled() && httpContext != null)
            dumpRequestInfo(httpContext);
        throw new ServletException(com.genexus.PrivateUtilities.getStackTraceAsString(e));
    }
}
Also used : ServletException(com.genexus.servlet.ServletException) GXResult(com.genexus.security.GXResult) HttpContext(com.genexus.internet.HttpContext)

Example 3 with GXResult

use of com.genexus.security.GXResult in project JavaClasses by genexuslabs.

the class GXOAuthAccessToken method doExecute.

protected void doExecute(HttpContext context) throws Exception {
    new WebApplicationStartup().init(Application.gxCfg, context);
    context.setStream();
    try {
        boolean isRefreshToken = false;
        boolean isDevice = false;
        boolean isExternalSDAuth = false;
        String clientId = context.getHttpRequest().getVariable("client_id");
        String clientSecret = context.getHttpRequest().getVariable("client_secret");
        String grantType = context.getHttpRequest().getVariable("grant_type");
        String nativeToken = context.getHttpRequest().getVariable("native_token");
        String nativeVerifier = context.getHttpRequest().getVariable("native_verifier");
        String avoid_redirect = context.getHttpRequest().getVariable("avoid_redirect");
        String refreshToken = "";
        String userName = "";
        String userPassword = "";
        String additional_parameters = "";
        String scope = "";
        if (grantType.equalsIgnoreCase("refresh_token")) {
            refreshToken = context.getHttpRequest().getVariable("refresh_token");
            isRefreshToken = true;
        } else {
            if (grantType.equalsIgnoreCase("device")) {
                isDevice = true;
            } else {
                if (!nativeToken.equals("")) {
                    isExternalSDAuth = true;
                    additional_parameters = context.getHttpRequest().getVariable("additional_parameters");
                } else {
                    userName = context.getHttpRequest().getVariable("username");
                    userPassword = context.getHttpRequest().getVariable("password");
                    scope = context.getHttpRequest().getVariable("scope");
                    additional_parameters = context.getHttpRequest().getVariable("additional_parameters");
                }
            }
        }
        OutData gamout = new OutData();
        GXResult result;
        String[] redirectURL = new String[] { "" };
        boolean[] flag = new boolean[] { false };
        String[] scopeInOut = new String[] { scope };
        ModelContext modelContext = new ModelContext(Application.gxCfg);
        modelContext.setHttpContext(context);
        ModelContext.getModelContext().setHttpContext(context);
        if (isRefreshToken) {
            result = GXSecurityProvider.getInstance().refreshtoken(-2, modelContext, clientId, clientSecret, refreshToken, gamout, flag);
        } else {
            if (isDevice) {
                result = GXSecurityProvider.getInstance().logindevice(-2, modelContext, clientId, clientSecret, gamout, flag);
            } else {
                if (isExternalSDAuth) {
                    result = GXSecurityProvider.getInstance().externalauthenticationfromsdusingtoken(-2, modelContext, grantType, nativeToken, nativeVerifier, clientId, clientSecret, scopeInOut, additional_parameters, gamout, flag);
                } else {
                    if (additional_parameters.equals("")) {
                        result = GXSecurityProvider.getInstance().oauthauthentication(-2, modelContext, grantType, userName, userPassword, clientId, clientSecret, scope, gamout, redirectURL, flag);
                    } else {
                        result = GXSecurityProvider.getInstance().oauthauthentication(-2, modelContext, grantType, userName, userPassword, clientId, clientSecret, scope, additional_parameters, gamout, redirectURL, flag);
                    }
                }
            }
        }
        if (!flag[0]) {
            context.getResponse().setContentType("application/json");
            String gamError = result.getCode();
            if (gamError.equals("400") || gamError.equals("410")) {
                context.getResponse().setStatus(202);
            } else {
                context.getResponse().setStatus(401);
            }
            String messagePermission = result.getDescription();
            String messagePermissionEncoded = messagePermission;
            if (PrivateUtilities.containsNoAsciiCharacter(messagePermission)) {
                messagePermissionEncoded = PrivateUtilities.encodeURL(messagePermission);
                messagePermissionEncoded = "Encoded:" + messagePermissionEncoded;
            }
            String OauthRealm = "OAuth realm=\"" + context.getRequest().getServerName() + "\"" + ",error_code=\"" + gamError + "\"" + ",error_description=\"" + messagePermissionEncoded + "\"";
            context.getResponse().addHeader("WWW-Authenticate", OauthRealm);
            SetError(gamError, messagePermission);
            context.writeText(errorJson.toString());
            context.getResponse().flushBuffer();
            return;
        } else {
            if (!isDevice && !isRefreshToken && ((String) gamout.get("gxTpr_Access_token")).equals("")) {
                context.getResponse().setContentType("application/json");
                if (avoid_redirect != null && !avoid_redirect.equals(""))
                    context.getResponse().setStatus(200);
                else
                    context.getResponse().setStatus(303);
                context.getResponse().addHeader("location", redirectURL[0]);
                JSONObject jObj = new JSONObject();
                jObj.put("Location", redirectURL[0]);
                context.writeText(jObj.toString());
                context.getResponse().flushBuffer();
                return;
            } else {
                context.getResponse().setContentType("application/json");
                context.getResponse().setStatus(200);
                context.writeText((String) gamout.getjsonString());
                context.getResponse().flushBuffer();
                return;
            }
        }
    } catch (Throwable e) {
        e.printStackTrace();
        context.sendResponseStatus(404, e.getMessage());
    }
}
Also used : ModelContext(com.genexus.ModelContext) GXResult(com.genexus.security.GXResult) JSONObject(json.org.json.JSONObject) OutData(com.genexus.security.OutData)

Aggregations

GXResult (com.genexus.security.GXResult)3 ModelContext (com.genexus.ModelContext)1 HttpContext (com.genexus.internet.HttpContext)1 OutData (com.genexus.security.OutData)1 ServletException (com.genexus.servlet.ServletException)1 JSONObject (json.org.json.JSONObject)1