Search in sources :

Example 1 with UnauthorizedException

use of com.google.api.server.spi.response.UnauthorizedException in project cryptonomica by Cryptonomica.

the class OnlineVerificationAPI method getOnlineVerificationByFingerprint.

/* --- Get online verification info by OpenPGP Public Key fingerprint  : */
@ApiMethod(name = "getOnlineVerificationByFingerprint", path = "getOnlineVerificationByFingerprint", httpMethod = ApiMethod.HttpMethod.GET)
@SuppressWarnings("unused")
public OnlineVerificationView getOnlineVerificationByFingerprint(final HttpServletRequest httpServletRequest, final User googleUser, @Named("fingerprint") final String fingerprint) throws // see: https://cloud.google.com/appengine/docs/java/endpoints/exceptions
UnauthorizedException, BadRequestException, NotFoundException {
    /* --- Check input: */
    if (fingerprint == null || fingerprint.equals("") || fingerprint.length() != 40) {
        throw new BadRequestException("fingerprint is missing or invalid");
    }
    PGPPublicKeyData pgpPublicKeyData = ofy().load().type(PGPPublicKeyData.class).filter("fingerprintStr", fingerprint).first().now();
    if (pgpPublicKeyData == null) {
        throw new NotFoundException("Key with fingerprint " + fingerprint + " not found");
    }
    /* --- Check authorization: */
    // only allowed users can get verification data:
    // << registered user
    CryptonomicaUser requester = UserTools.ensureCryptonomicaRegisteredUser(googleUser);
    LOG.warning(GSON.toJson(requester));
    // >>>>>>>>>>>>>>>>>> New OnlineVerifications are created here !!!
    // (user first have to request verification to make changes to it)
    OnlineVerification onlineVerification = ofy().load().key(Key.create(OnlineVerification.class, fingerprint)).now();
    if (onlineVerification == null) {
        if (requester.getUserId().equalsIgnoreCase(pgpPublicKeyData.getCryptonomicaUserId())) {
            onlineVerification = new OnlineVerification(pgpPublicKeyData);
            ofy().save().entity(onlineVerification).now();
        } else {
            throw new NotFoundException("Online verification data for fingerprint " + fingerprint + " not found");
        }
    }
    if (requester.getUserId().equalsIgnoreCase(pgpPublicKeyData.getCryptonomicaUserId()) || (requester.getCryptonomicaOfficer() != null && requester.getCryptonomicaOfficer()) || // || (requester.getNotary() != null && requester.getNotary()) // TODO: should all notaries have access?
    (onlineVerification.getAllowedUsers().contains(requester.getUserId()))) {
        LOG.warning("user " + requester.getUserId() + "is allowed to get online verification data for key " + fingerprint);
    } else {
        throw new UnauthorizedException("you are not allowed to get online verification data for key " + fingerprint);
    }
    LOG.warning(GSON.toJson(onlineVerification));
    ArrayList<VerificationDocument> verificationDocumentArrayList = new ArrayList<>();
    int verificationDocumentsListSize = ofy().load().type(VerificationDocument.class).filter("fingerprint", fingerprint).filter("hidden", false).list().size();
    LOG.warning("verificationDocumentsListSize: " + verificationDocumentsListSize);
    if (verificationDocumentsListSize > 0) {
        List<VerificationDocument> verificationDocumentList = ofy().load().type(VerificationDocument.class).filter("fingerprint", fingerprint).filter("hidden", false).list();
        verificationDocumentArrayList.addAll(verificationDocumentList);
        LOG.warning(GSON.toJson(verificationDocumentArrayList));
    }
    OnlineVerificationView onlineVerificationView = new OnlineVerificationView(onlineVerification, verificationDocumentArrayList);
    LOG.warning("onlineVerificationView:");
    LOG.warning(onlineVerificationView.toString());
    return onlineVerificationView;
}
Also used : UnauthorizedException(com.google.api.server.spi.response.UnauthorizedException) ArrayList(java.util.ArrayList) BadRequestException(com.google.api.server.spi.response.BadRequestException) NotFoundException(com.google.api.server.spi.response.NotFoundException) OnlineVerificationView(net.cryptonomica.returns.OnlineVerificationView) ApiMethod(com.google.api.server.spi.config.ApiMethod)

Example 2 with UnauthorizedException

use of com.google.api.server.spi.response.UnauthorizedException in project cryptonomica by Cryptonomica.

the class UserTools method ensureCryptonomicaOfficer.

// end of ensureCryptonomicaRegisteredUser method
/* --- Check if user is an IACC officer: */
public static CryptonomicaUser ensureCryptonomicaOfficer(final User googleUser) throws UnauthorizedException {
    // 
    CryptonomicaUser cryptonomicaUser = ensureCryptonomicaRegisteredUser(googleUser);
    LOG.warning("cryptonomicaUser.getCryptonomicaOfficer(): " + cryptonomicaUser.getCryptonomicaOfficer());
    if (cryptonomicaUser.getCryptonomicaOfficer() == null || !cryptonomicaUser.getCryptonomicaOfficer()) {
        throw new UnauthorizedException("You are not a Cryptonomica officer");
    }
    return cryptonomicaUser;
}
Also used : UnauthorizedException(com.google.api.server.spi.response.UnauthorizedException) CryptonomicaUser(net.cryptonomica.entities.CryptonomicaUser)

Example 3 with UnauthorizedException

use of com.google.api.server.spi.response.UnauthorizedException in project iosched by google.

the class ReservationsEndpoint method reset.

/**
 * Reset reservations in datastore to match those in RTDB. Reservations in RTDB are used
 * as the source of truth, corresponding reservations in datastore are updated to match
 * those in RTDB. Reservations in RTDB that do not exist in datastore are added to datastore.
 * Reservations that exist in datastore and do not exist in RTDB are updated in datastore
 * with status DELETED.
 *
 * Use of this endpoint should be followed by a user data sync.
 *
 * @param user User making request (injected by Endpoints)
 */
@ApiMethod(name = "reset", path = "reset")
public void reset(User user) throws UnauthorizedException {
    if (user == null) {
        throw new UnauthorizedException("Invalid credentials");
    }
    // Add Sync Reservations worker to queue.
    Queue queue = QueueFactory.getQueue("SyncReservationsQueue");
    TaskOptions taskOptions = TaskOptions.Builder.withUrl("/queue/syncres").method(Method.GET);
    queue.add(taskOptions);
}
Also used : TaskOptions(com.google.appengine.api.taskqueue.TaskOptions) UnauthorizedException(com.google.api.server.spi.response.UnauthorizedException) Queue(com.google.appengine.api.taskqueue.Queue) ApiMethod(com.google.api.server.spi.config.ApiMethod)

Example 4 with UnauthorizedException

use of com.google.api.server.spi.response.UnauthorizedException in project iosched by google.

the class CmsUpdateEndpoint method getDataFromCms.

/**
 * Retrieve session data from CMS and make it ready for processing.
 *
 * @param user User making the request (injected by Endpoints)
 * @throws UnauthorizedException
 * @throws IOException
 */
@ApiMethod(name = "getDataFromCms", path = "topics")
public void getDataFromCms(User user) throws UnauthorizedException, IOException {
    if (user == null || !isAllowed(user)) {
        throw new UnauthorizedException("Invalid credentials");
    }
    // everything ok, let's update
    StringBuilder summary = new StringBuilder();
    JsonObject contents = new JsonObject();
    JsonDataSources sources = new VendorDynamicInput().fetchAllDataSources();
    for (String entity : sources) {
        JsonArray array = new JsonArray();
        JsonDataSource source = sources.getSource(entity);
        for (JsonObject obj : source) {
            array.add(obj);
        }
        summary.append(entity).append(": ").append(source.size()).append("\n");
        contents.add(entity, array);
    }
    // Fetch new images and set up serving URLs.
    new ImageUpdater().run(sources);
    // Write file to cloud storage
    CloudFileManager fileManager = new CloudFileManager();
    fileManager.createOrUpdate("__raw_session_data.json", contents, true);
}
Also used : JsonArray(com.google.gson.JsonArray) JsonDataSource(com.google.samples.apps.iosched.server.schedule.model.JsonDataSource) CloudFileManager(com.google.samples.apps.iosched.server.schedule.server.cloudstorage.CloudFileManager) ImageUpdater(com.google.samples.apps.iosched.server.schedule.server.image.ImageUpdater) JsonDataSources(com.google.samples.apps.iosched.server.schedule.model.JsonDataSources) UnauthorizedException(com.google.api.server.spi.response.UnauthorizedException) JsonObject(com.google.gson.JsonObject) VendorDynamicInput(com.google.samples.apps.iosched.server.schedule.server.input.VendorDynamicInput) ApiMethod(com.google.api.server.spi.config.ApiMethod)

Example 5 with UnauthorizedException

use of com.google.api.server.spi.response.UnauthorizedException in project iosched by google.

the class FcmRegistrationEndpoint method unregister.

/**
 * Remove a registration of a user's device. When a user signs out of a client they should
 * unregister. This will prevent messages from being sent to the wrong user if multiple users
 * are using the same device.
 *
 * @param deviceId FCM token representing the device.
 * @return Result containing a message about the un-registration.
 * @throws BadRequestException Thrown when there is no device ID in the request.
 */
@ApiMethod(path = "unregister", httpMethod = HttpMethod.POST)
public void unregister(User user, @Named(PARAMETER_DEVICE_ID) String deviceId) throws BadRequestException, UnauthorizedException, com.google.api.server.spi.response.NotFoundException, ForbiddenException {
    // Check to see if deviceId.
    if (Strings.isNullOrEmpty(deviceId)) {
        // Drop request.
        throw new BadRequestException("Invalid request: Request must contain " + PARAMETER_DEVICE_ID);
    }
    // Check that user making requests is non null.
    if (user == null) {
        throw new UnauthorizedException("Invalid credentials");
    }
    try {
        Device device = ofy().load().type(Device.class).id(deviceId).safe();
        // Check that the user trying to unregister the token is the same one that registered it.
        if (!device.getUserId().equals(user.getId())) {
            throw new ForbiddenException("Not authorized to unregister token");
        }
        DeviceStore.unregister(deviceId);
    } catch (NotFoundException e) {
        throw new com.google.api.server.spi.response.NotFoundException("Device ID: " + deviceId + " not found");
    }
}
Also used : ForbiddenException(com.google.api.server.spi.response.ForbiddenException) Device(com.google.samples.apps.iosched.server.gcm.db.models.Device) UnauthorizedException(com.google.api.server.spi.response.UnauthorizedException) BadRequestException(com.google.api.server.spi.response.BadRequestException) NotFoundException(com.googlecode.objectify.NotFoundException) ApiMethod(com.google.api.server.spi.config.ApiMethod)

Aggregations

UnauthorizedException (com.google.api.server.spi.response.UnauthorizedException)15 ApiMethod (com.google.api.server.spi.config.ApiMethod)7 CryptonomicaUser (net.cryptonomica.entities.CryptonomicaUser)4 EndpointMethod (com.google.api.server.spi.EndpointMethod)3 User (com.google.api.server.spi.auth.common.User)3 BadRequestException (com.google.api.server.spi.response.BadRequestException)3 Device (com.google.samples.apps.iosched.server.gcm.db.models.Device)3 Test (org.junit.Test)3 ApiMethodConfig (com.google.api.server.spi.config.model.ApiMethodConfig)2 MessageSender (com.google.samples.apps.iosched.server.gcm.device.MessageSender)2 Method (java.lang.reflect.Method)2 JsonNode (com.fasterxml.jackson.databind.JsonNode)1 ForbiddenException (com.google.api.server.spi.response.ForbiddenException)1 InternalServerErrorException (com.google.api.server.spi.response.InternalServerErrorException)1 NotFoundException (com.google.api.server.spi.response.NotFoundException)1 Queue (com.google.appengine.api.taskqueue.Queue)1 TaskOptions (com.google.appengine.api.taskqueue.TaskOptions)1 HTTPResponse (com.google.appengine.api.urlfetch.HTTPResponse)1 TypeToken (com.google.common.reflect.TypeToken)1 Gson (com.google.gson.Gson)1