use of com.orientechnologies.common.concur.lock.OLockException in project orientdb by orientechnologies.
the class OServerCommandPostAuthToken method execute.
@Override
public boolean execute(OHttpRequest iRequest, OHttpResponse iResponse) throws Exception {
init();
String[] urlParts = checkSyntax(iRequest.url, 2, "Syntax error: token/<database>");
iRequest.databaseName = urlParts[1];
iRequest.data.commandInfo = "Generate authentication token";
// Parameter names consistent with 4.3.2 (Access Token Request) of RFC 6749
Map<String, String> content = iRequest.getUrlEncodedContent();
if (content == null) {
ODocument result = new ODocument().field("error", "missing_auth_data");
sendError(iRequest, iResponse, result);
return false;
}
// signedJWT.serialize();
String signedToken = "";
String grantType = content.get("grant_type").toLowerCase();
String username = content.get("username");
String password = content.get("password");
String authenticatedRid;
ODocument result;
if (grantType.equals("password")) {
authenticatedRid = authenticate(username, password, iRequest.databaseName);
if (authenticatedRid == null) {
sendAuthorizationRequest(iRequest, iResponse, iRequest.databaseName);
} else if (tokenHandler != null) {
// Generate and return a JWT access token
ODatabaseDocument db = null;
OSecurityUser user = null;
try {
db = (ODatabaseDocument) server.openDatabase(iRequest.databaseName, username, password);
user = db.getUser();
if (user != null) {
byte[] tokenBytes = tokenHandler.getSignedWebToken(db, user);
signedToken = new String(tokenBytes);
} else {
// Server user (not supported yet!)
}
} catch (OSecurityAccessException e) {
// WRONG USER/PASSWD
} catch (OLockException e) {
OLogManager.instance().error(this, "Cannot access to the database '" + iRequest.databaseName + "'", ODatabaseException.class, e);
} finally {
if (db != null) {
db.close();
}
}
// 4.1.4 (Access Token Response) of RFC 6749
result = new ODocument().field("access_token", signedToken).field("expires_in", 3600);
iResponse.writeRecord(result, RESPONSE_FORMAT, null);
} else {
result = new ODocument().field("error", "unsupported_grant_type");
sendError(iRequest, iResponse, result);
}
} else {
result = new ODocument().field("error", "unsupported_grant_type");
sendError(iRequest, iResponse, result);
}
return false;
}
use of com.orientechnologies.common.concur.lock.OLockException in project orientdb by orientechnologies.
the class OServerCommandPostAuthToken method authenticate.
// Return user rid if authentication successful.
// If user is server user (doesn't have a rid) then '<server user>' is returned.
// null is returned in all other cases and means authentication was unsuccessful.
protected String authenticate(final String username, final String password, final String iDatabaseName) throws IOException {
ODatabaseDocument db = null;
String userRid = null;
try {
db = (ODatabaseDocument) server.openDatabase(iDatabaseName, username, password);
userRid = (db.getUser() == null ? "<server user>" : db.getUser().getDocument().getIdentity().toString());
} catch (OSecurityAccessException e) {
// WRONG USER/PASSWD
} catch (OLockException e) {
OLogManager.instance().error(this, "Cannot access to the database '" + iDatabaseName + "'", ODatabaseException.class, e);
} finally {
if (db != null) {
db.close();
}
}
return userRid;
}
Aggregations