Examples with OAuthServiceEntity com.peterphi.usermanager.db.entity.OAuthServiceEntity used on opensource projects

Example 1 with OAuthServiceEntity

use of com.peterphi.usermanager.db.entity.OAuthServiceEntity in project stdlib by petergeneric.

the class UserManagerOAuthServiceImpl method getAuth.

@Override
@AuthConstraint(id = "oauth2server_auth", role = "authenticated", comment = "Must be logged in to the User Manager to initiate a service login")
@Retry
public Response getAuth(final String responseType, final String clientId, final String redirectUri, final String state, final String scope) {
    // Has the current user approved this client+scope before? If so just redirect straight back
    // Otherwise, bring up the authorisation UI
    final Response response = createSessionAndRedirect(responseType, clientId, redirectUri, state, scope, autoGrantInteractiveAccessToAllServices);
    if (response != null) {
        return response;
    } else {
        final OAuthServiceEntity client = serviceDao.getByClientIdAndEndpoint(clientId, redirectUri);
        if (client == null)
            throw new IllegalArgumentException("Unknown client_id=" + clientId + " or invalid redirect uri for this service: " + redirectUri);
        final TemplateCall call = templater.template("connect_to_service");
        SessionNonceStore nonceStore = nonceStoreProvider.get();
        // Provide additional client information
        call.set("client", client);
        call.set("nonce", nonceStore.allocate());
        // Scopes as a list
        if (StringUtils.isBlank(scope))
            call.set("scopes", Collections.emptyList());
        else
            call.set("scopes", Arrays.asList(StringUtils.trimToEmpty(scope).split(" ")));
        // Copy the request info
        call.set("clientId", client.getId());
        call.set("responseType", responseType);
        call.set("redirectUri", redirectUri);
        call.set("scope", scope);
        call.set("state", state);
        return call.process(Response.ok().type(MediaType.APPLICATION_XML).cacheControl(CacheControl.valueOf(NO_CACHE)));
    }
}

Example 2 with OAuthServiceEntity

use of com.peterphi.usermanager.db.entity.OAuthServiceEntity in project stdlib by petergeneric.

the class ServiceUIServiceImpl method disable.

@Override
@Transactional
public Response disable(final String id, final String nonce) {
    nonceStore.validate(NONCE_USE, nonce);
    final OAuthServiceEntity entity = dao.getById(id);
    if (entity == null)
        throw new IllegalArgumentException("No such service with client_id: " + id);
    else if (!entity.isEnabled())
        throw new IllegalArgumentException("Cannot disable an already-disabled service: " + id);
    else if (entity.getOwner().getId() != userProvider.get().getId() && !userProvider.get().isAdmin())
        throw new IllegalArgumentException("Only the owner or an admin can change a service!");
    entity.setEnabled(false);
    dao.update(entity);
    return Response.seeOther(URI.create("/service/" + id)).build();
}

Example 3 with OAuthServiceEntity

use of com.peterphi.usermanager.db.entity.OAuthServiceEntity in project stdlib by petergeneric.

the class ServiceUIServiceImpl method create.

@Override
@Transactional
public Response create(final String nonce, final String name, final String endpoints) {
    nonceStore.validate(NONCE_USE, nonce);
    final int userId = userProvider.get().getId();
    final UserEntity user = userDao.getById(userId);
    OAuthServiceEntity entity = new OAuthServiceEntity();
    entity.setOwner(user);
    entity.setName(name);
    entity.setEndpoints(StringUtils.trimToNull(endpoints));
    entity.setEnabled(true);
    dao.save(entity);
    return Response.seeOther(URI.create("/service/" + entity.getId())).build();
}

Example 4 with OAuthServiceEntity

use of com.peterphi.usermanager.db.entity.OAuthServiceEntity in project stdlib by petergeneric.

the class UserManagerOAuthServiceImpl method createSession.

public OAuthSessionEntity createSession(final int userId, final String clientId, final String redirectUri, final String scope, final boolean allowCreateApproval) {
    final OAuthServiceEntity client = serviceDao.getByClientIdAndEndpoint(clientId, redirectUri);
    if (client == null)
        throw new IllegalArgumentException("No such client with id " + clientId + " at the provided endpoint! There is a problem with the service that sent you here.");
    OAuthSessionContextEntity context = contextDao.get(userId, client.getId(), scope);
    // Try to create a context for a session to live within (if permitted)
    if (context == null) {
        if (allowCreateApproval || autoGrantAccessToAllServices)
            context = contextDao.create(userDao.getById(userId), client, scope);
        else
            // Not allowed to create an approval so cannot create a session
            return null;
    }
    // Now create a Session
    return sessionDao.create(context, computeInitiatorInfo(), DateTime.now().plus(tokenRefreshInterval));
}

Example 5 with OAuthServiceEntity

use of com.peterphi.usermanager.db.entity.OAuthServiceEntity in project stdlib by petergeneric.

the class ServiceUIServiceImpl method getList.

@Override
@Transactional(readOnly = true)
public String getList(final UriInfo query) {
    final ConstrainedResultSet<OAuthServiceEntity> resultset = dao.findByUriQuery(new WebQuery().decode(query.getQueryParameters()));
    final TemplateCall call = templater.template("services");
    call.set("nonce", nonceStore.getValue(NONCE_USE));
    call.set("resultset", resultset);
    call.set("entities", resultset.getList());
    return call.process();
}