Examples with SMPUnauthorizedException - com.helger.phoss.smp.exception.SMPUnauthorizedException

Example 1 with SMPUnauthorizedException

use of com.helger.phoss.smp.exception.SMPUnauthorizedException in project phoss-smp by phax.

the class AbstractSMPAPIExecutor method getMandatoryAuth.

/**
 * Get the basic auth from the header
 *
 * @param aHttpHeaders
 *        Headers to extract from. May not be <code>null</code>.
 * @return The extracted basic auth. Never <code>null</code>.
 * @throws SMPUnauthorizedException
 *         If no BasicAuth HTTP header is present
 */
@Nonnull
public static BasicAuthClientCredentials getMandatoryAuth(@Nonnull final HttpHeaderMap aHttpHeaders) throws SMPUnauthorizedException {
    final ICommonsList<String> aHeaders = aHttpHeaders.getAllHeaderValues(CHttpHeader.AUTHORIZATION);
    if (aHeaders.isEmpty())
        throw new SMPUnauthorizedException("Missing required HTTP header '" + CHttpHeader.AUTHORIZATION + "' for user authentication");
    final BasicAuthClientCredentials ret = HttpBasicAuth.getBasicAuthClientCredentials(aHeaders.getFirst());
    if (ret == null)
        throw new SMPUnauthorizedException("The HTTP header '" + CHttpHeader.AUTHORIZATION + "' is malformed");
    return ret;
}

Also used : BasicAuthClientCredentials(com.helger.http.basicauth.BasicAuthClientCredentials) SMPUnauthorizedException(com.helger.phoss.smp.exception.SMPUnauthorizedException) Nonnull(javax.annotation.Nonnull)

Example 2 with SMPUnauthorizedException

use of com.helger.phoss.smp.exception.SMPUnauthorizedException in project phoss-smp by phax.

the class SMPUserManagerPhoton method verifyOwnership.

public static void verifyOwnership(@Nonnull final IParticipantIdentifier aServiceGroupID, @Nonnull final IUser aCurrentUser) throws SMPNotFoundException, SMPUnauthorizedException {
    // Resolve service group
    final ISMPServiceGroup aServiceGroup = SMPMetaManager.getServiceGroupMgr().getSMPServiceGroupOfID(aServiceGroupID);
    if (aServiceGroup == null) {
        throw new SMPNotFoundException("Service group " + aServiceGroupID.getURIEncoded() + " does not exist");
    }
    // Resolve user
    final String sOwnerID = aServiceGroup.getOwnerID();
    if (!sOwnerID.equals(aCurrentUser.getID())) {
        throw new SMPUnauthorizedException("User '" + aCurrentUser.getLoginName() + "' does not own " + aServiceGroupID.getURIEncoded());
    }
    if (LOGGER.isDebugEnabled())
        LOGGER.debug("Verified service group " + aServiceGroup.getID() + " is owned by user '" + aCurrentUser.getLoginName() + "'");
}

Also used : SMPNotFoundException(com.helger.phoss.smp.exception.SMPNotFoundException) ISMPServiceGroup(com.helger.phoss.smp.domain.servicegroup.ISMPServiceGroup) SMPUnauthorizedException(com.helger.phoss.smp.exception.SMPUnauthorizedException)

Example 3 with SMPUnauthorizedException

use of com.helger.phoss.smp.exception.SMPUnauthorizedException in project phoss-smp by phax.

the class SMPServerAPI method getServiceGroupReferenceList.

@Nonnull
public ServiceGroupReferenceListType getServiceGroupReferenceList(@Nonnull final String sPathUserID, @Nonnull final BasicAuthClientCredentials aCredentials) throws SMPServerException {
    final String sLog = LOG_PREFIX + "GET /list/" + sPathUserID;
    final String sAction = "getServiceGroupReferenceList";
    if (LOGGER.isInfoEnabled())
        LOGGER.info(sLog);
    STATS_COUNTER_INVOCATION.increment(sAction);
    try {
        if (!aCredentials.getUserName().equals(sPathUserID)) {
            throw new SMPUnauthorizedException("URL user name '" + sPathUserID + "' does not match HTTP Basic Auth user name '" + aCredentials.getUserName() + "'", m_aAPIDataProvider.getCurrentURI());
        }
        final IUser aSMPUser = SMPUserManagerPhoton.validateUserCredentials(aCredentials);
        final ISMPServiceGroupManager aSGMgr = SMPMetaManager.getServiceGroupMgr();
        final ICommonsList<ISMPServiceGroup> aServiceGroups = aSGMgr.getAllSMPServiceGroupsOfOwner(aSMPUser.getID());
        final ServiceGroupReferenceListType aRefList = new ServiceGroupReferenceListType();
        for (final ISMPServiceGroup aServiceGroup : aServiceGroups) {
            final String sHref = m_aAPIDataProvider.getServiceGroupHref(aServiceGroup.getParticipantIdentifier());
            final ServiceGroupReferenceType aServGroupRefType = new ServiceGroupReferenceType();
            aServGroupRefType.setHref(sHref);
            aRefList.addServiceGroupReference(aServGroupRefType);
        }
        if (LOGGER.isInfoEnabled())
            LOGGER.info(sLog + " SUCCESS");
        STATS_COUNTER_SUCCESS.increment(sAction);
        return aRefList;
    } catch (final SMPServerException ex) {
        if (LOGGER.isWarnEnabled())
            LOGGER.warn(sLog + " ERROR - " + ex.getMessage());
        STATS_COUNTER_ERROR.increment(sAction);
        throw ex;
    }
}

Also used : ISMPServiceGroupManager(com.helger.phoss.smp.domain.servicegroup.ISMPServiceGroupManager) ISMPServiceGroup(com.helger.phoss.smp.domain.servicegroup.ISMPServiceGroup) ServiceGroupReferenceListType(com.helger.xsds.peppol.smp1.ServiceGroupReferenceListType) IUser(com.helger.photon.security.user.IUser) ServiceGroupReferenceType(com.helger.xsds.peppol.smp1.ServiceGroupReferenceType) SMPUnauthorizedException(com.helger.phoss.smp.exception.SMPUnauthorizedException) SMPServerException(com.helger.phoss.smp.exception.SMPServerException) Nonnull(javax.annotation.Nonnull)

Example 4 with SMPUnauthorizedException

use of com.helger.phoss.smp.exception.SMPUnauthorizedException in project phoss-smp by phax.

the class BDXR1ServerAPI method getServiceGroupReferenceList.

@Nonnull
public ServiceGroupReferenceListType getServiceGroupReferenceList(@Nonnull final String sPathUserID, @Nonnull final BasicAuthClientCredentials aCredentials) throws SMPServerException {
    final String sLog = LOG_PREFIX + "GET /list/" + sPathUserID;
    final String sAction = "getServiceGroupReferenceList";
    if (LOGGER.isInfoEnabled())
        LOGGER.info(sLog);
    STATS_COUNTER_INVOCATION.increment(sAction);
    try {
        if (!aCredentials.getUserName().equals(sPathUserID)) {
            throw new SMPUnauthorizedException("URL user name '" + sPathUserID + "' does not match HTTP Basic Auth user name '" + aCredentials.getUserName() + "'", m_aAPIDataProvider.getCurrentURI());
        }
        final IUser aSMPUser = SMPUserManagerPhoton.validateUserCredentials(aCredentials);
        final ISMPServiceGroupManager aSGMgr = SMPMetaManager.getServiceGroupMgr();
        final ICommonsList<ISMPServiceGroup> aServiceGroups = aSGMgr.getAllSMPServiceGroupsOfOwner(aSMPUser.getID());
        final ServiceGroupReferenceListType aRefList = new ServiceGroupReferenceListType();
        for (final ISMPServiceGroup aServiceGroup : aServiceGroups) {
            final String sHref = m_aAPIDataProvider.getServiceGroupHref(aServiceGroup.getParticipantIdentifier());
            final ServiceGroupReferenceType aServGroupRefType = new ServiceGroupReferenceType();
            aServGroupRefType.setHref(sHref);
            aRefList.addServiceGroupReference(aServGroupRefType);
        }
        if (LOGGER.isInfoEnabled())
            LOGGER.info(sLog + " SUCCESS");
        STATS_COUNTER_SUCCESS.increment(sAction);
        return aRefList;
    } catch (final SMPServerException ex) {
        if (LOGGER.isWarnEnabled())
            LOGGER.warn(sLog + " ERROR - " + ex.getMessage());
        STATS_COUNTER_ERROR.increment(sAction);
        throw ex;
    }
}

Also used : ISMPServiceGroupManager(com.helger.phoss.smp.domain.servicegroup.ISMPServiceGroupManager) ISMPServiceGroup(com.helger.phoss.smp.domain.servicegroup.ISMPServiceGroup) ServiceGroupReferenceListType(com.helger.xsds.bdxr.smp1.ServiceGroupReferenceListType) IUser(com.helger.photon.security.user.IUser) ServiceGroupReferenceType(com.helger.xsds.bdxr.smp1.ServiceGroupReferenceType) SMPUnauthorizedException(com.helger.phoss.smp.exception.SMPUnauthorizedException) SMPServerException(com.helger.phoss.smp.exception.SMPServerException) Nonnull(javax.annotation.Nonnull)

Example 5 with SMPUnauthorizedException

use of com.helger.phoss.smp.exception.SMPUnauthorizedException in project phoss-smp by phax.

the class SMPUserManagerPhoton method validateUserCredentials.

/**
 * Check if the provided credentials are valid. This checks if the user
 * exists, if it is not deleted, if the password matches and if the user is
 * not disabled. If valid, the resolved user is returned.
 *
 * @param aCredentials
 *        The credentials to check. May not be <code>null</code>.
 * @return <code>null</code> if something does wrong, the user on success
 *         only.
 * @throws SMPUnknownUserException
 *         if the user does not exist or if the user is marked as deleted.
 * @throws SMPUnauthorizedException
 *         If the password is invalid or if the user is marked as disabled
 */
@Nonnull
public static IUser validateUserCredentials(@Nonnull final BasicAuthClientCredentials aCredentials) throws SMPUnknownUserException, SMPUnauthorizedException {
    final IUserManager aUserMgr = PhotonSecurityManager.getUserMgr();
    final IUser aUser = aUserMgr.getUserOfLoginName(aCredentials.getUserName());
    if (aUser == null || aUser.isDeleted()) {
        // Deleted users are handled like non-existing users
        LOGGER.warn("Invalid login name provided: '" + aCredentials.getUserName() + "'");
        throw new SMPUnknownUserException(aCredentials.getUserName());
    }
    if (!aUserMgr.areUserIDAndPasswordValid(aUser.getID(), aCredentials.getPassword())) {
        LOGGER.warn("Invalid password provided for '" + aCredentials.getUserName() + "'");
        throw new SMPUnauthorizedException("Username and/or password are invalid!");
    }
    if (aUser.isDisabled()) {
        LOGGER.warn("User '" + aCredentials.getUserName() + "' is disabled");
        throw new SMPUnauthorizedException("User is disabled!");
    }
    return aUser;
}

Also used : IUserManager(com.helger.photon.security.user.IUserManager) IUser(com.helger.photon.security.user.IUser) SMPUnknownUserException(com.helger.phoss.smp.exception.SMPUnknownUserException) SMPUnauthorizedException(com.helger.phoss.smp.exception.SMPUnauthorizedException) Nonnull(javax.annotation.Nonnull)

Aggregations

SMPUnauthorizedException (com.helger.phoss.smp.exception.SMPUnauthorizedException)6 ISMPServiceGroup (com.helger.phoss.smp.domain.servicegroup.ISMPServiceGroup)4 IUser (com.helger.photon.security.user.IUser)4 Nonnull (javax.annotation.Nonnull)4 ISMPServiceGroupManager (com.helger.phoss.smp.domain.servicegroup.ISMPServiceGroupManager)3 BasicAuthClientCredentials (com.helger.http.basicauth.BasicAuthClientCredentials)2 SMPServerException (com.helger.phoss.smp.exception.SMPServerException)2 CMimeType (com.helger.commons.mime.CMimeType)1 MimeType (com.helger.commons.mime.MimeType)1 SMPNotFoundException (com.helger.phoss.smp.exception.SMPNotFoundException)1 SMPUnknownUserException (com.helger.phoss.smp.exception.SMPUnknownUserException)1 ISMPServerAPIDataProvider (com.helger.phoss.smp.restapi.ISMPServerAPIDataProvider)1 ISMPSettingsManager (com.helger.phoss.smp.settings.ISMPSettingsManager)1 IUserManager (com.helger.photon.security.user.IUserManager)1 IMicroDocument (com.helger.xml.microdom.IMicroDocument)1 IXMLWriterSettings (com.helger.xml.serialize.write.IXMLWriterSettings)1 XMLWriterSettings (com.helger.xml.serialize.write.XMLWriterSettings)1 ServiceGroupReferenceListType (com.helger.xsds.bdxr.smp1.ServiceGroupReferenceListType)1 ServiceGroupReferenceType (com.helger.xsds.bdxr.smp1.ServiceGroupReferenceType)1 ServiceGroupReferenceListType (com.helger.xsds.peppol.smp1.ServiceGroupReferenceListType)1