Example 11 with OLockException
use of com.orientechnologies.common.concur.lock.OLockException in project orientdb by orientechnologies.
the class OServerCommandPostAuthToken method execute.
@Override
public boolean execute(OHttpRequest iRequest, OHttpResponse iResponse) throws Exception {
init();
String[] urlParts = checkSyntax(iRequest.url, 2, "Syntax error: token/<database>");
iRequest.databaseName = urlParts[1];
iRequest.data.commandInfo = "Generate authentication token";
// Parameter names consistent with 4.3.2 (Access Token Request) of RFC 6749
Map<String, String> content = iRequest.getUrlEncodedContent();
if (content == null) {
ODocument result = new ODocument().field("error", "missing_auth_data");
sendError(iRequest, iResponse, result);
return false;
}
// signedJWT.serialize();
String signedToken = "";
String grantType = content.get("grant_type").toLowerCase();
String username = content.get("username");
String password = content.get("password");
String authenticatedRid;
ODocument result;
if (grantType.equals("password")) {
authenticatedRid = authenticate(username, password, iRequest.databaseName);
if (authenticatedRid == null) {
sendAuthorizationRequest(iRequest, iResponse, iRequest.databaseName);
} else if (tokenHandler != null) {
// Generate and return a JWT access token
ODatabaseDocument db = null;
OSecurityUser user = null;
try {
db = (ODatabaseDocument) server.openDatabase(iRequest.databaseName, username, password);
user = db.getUser();
if (user != null) {
byte[] tokenBytes = tokenHandler.getSignedWebToken(db, user);
signedToken = new String(tokenBytes);
} else {
// Server user (not supported yet!)
}
} catch (OSecurityAccessException e) {
// WRONG USER/PASSWD
} catch (OLockException e) {
OLogManager.instance().error(this, "Cannot access to the database '" + iRequest.databaseName + "'", ODatabaseException.class, e);
} finally {
if (db != null) {
db.close();
}
}
// 4.1.4 (Access Token Response) of RFC 6749
result = new ODocument().field("access_token", signedToken).field("expires_in", 3600);
iResponse.writeRecord(result, RESPONSE_FORMAT, null);
} else {
result = new ODocument().field("error", "unsupported_grant_type");
sendError(iRequest, iResponse, result);
}
} else {
result = new ODocument().field("error", "unsupported_grant_type");
sendError(iRequest, iResponse, result);
}
return false;
}
Also used :
OSecurityAccessException(com.orientechnologies.orient.core.exception.OSecurityAccessException)
ODatabaseDocument(com.orientechnologies.orient.core.db.document.ODatabaseDocument)
OLockException(com.orientechnologies.common.concur.lock.OLockException)
OSecurityUser(com.orientechnologies.orient.core.metadata.security.OSecurityUser)
ODocument(com.orientechnologies.orient.core.record.impl.ODocument)
Example 12 with OLockException
use of com.orientechnologies.common.concur.lock.OLockException in project orientdb by orientechnologies.
the class OServerCommandPostAuthToken method authenticate.
// Return user rid if authentication successful.
// If user is server user (doesn't have a rid) then '<server user>' is returned.
// null is returned in all other cases and means authentication was unsuccessful.
protected String authenticate(final String username, final String password, final String iDatabaseName) throws IOException {
ODatabaseDocument db = null;
String userRid = null;
try {
db = (ODatabaseDocument) server.openDatabase(iDatabaseName, username, password);
userRid = (db.getUser() == null ? "<server user>" : db.getUser().getDocument().getIdentity().toString());
} catch (OSecurityAccessException e) {
// WRONG USER/PASSWD
} catch (OLockException e) {
OLogManager.instance().error(this, "Cannot access to the database '" + iDatabaseName + "'", ODatabaseException.class, e);
} finally {
if (db != null) {
db.close();
}
}
return userRid;
}
Also used :
OSecurityAccessException(com.orientechnologies.orient.core.exception.OSecurityAccessException)
ODatabaseDocument(com.orientechnologies.orient.core.db.document.ODatabaseDocument)
OLockException(com.orientechnologies.common.concur.lock.OLockException)
ODatabaseException(com.orientechnologies.orient.core.exception.ODatabaseException)
Aggregations
OLockException (com.orientechnologies.common.concur.lock.OLockException)12
ODatabaseDocument (com.orientechnologies.orient.core.db.document.ODatabaseDocument)3
OSecurityAccessException (com.orientechnologies.orient.core.exception.OSecurityAccessException)3
ODatabaseException (com.orientechnologies.orient.core.exception.ODatabaseException)2
ORID (com.orientechnologies.orient.core.id.ORID)2
OStorage (com.orientechnologies.orient.core.storage.OStorage)2
OAbstractPaginatedStorage (com.orientechnologies.orient.core.storage.impl.local.OAbstractPaginatedStorage)2
ODistributedDatabaseChunk (com.orientechnologies.orient.server.distributed.impl.ODistributedDatabaseChunk)2
ODistributedLockTask (com.orientechnologies.orient.server.distributed.impl.task.ODistributedLockTask)2
HashSet (java.util.HashSet)2
OInterruptedException (com.orientechnologies.common.concur.lock.OInterruptedException)1
OException (com.orientechnologies.common.exception.OException)1
OCommandOutputListener (com.orientechnologies.orient.core.command.OCommandOutputListener)1
ORecordId (com.orientechnologies.orient.core.id.ORecordId)1
OClass (com.orientechnologies.orient.core.metadata.schema.OClass)1
OSecurityUser (com.orientechnologies.orient.core.metadata.security.OSecurityUser)1
ODocument (com.orientechnologies.orient.core.record.impl.ODocument)1
OPaginatedCluster (com.orientechnologies.orient.core.storage.impl.local.paginated.OPaginatedCluster)1
ODistributedStorage (com.orientechnologies.orient.server.distributed.impl.ODistributedStorage)1
ODistributedOperationException (com.orientechnologies.orient.server.distributed.task.ODistributedOperationException)1
