Example 26 with TokenContext
use of de.ids_mannheim.korap.security.context.TokenContext in project Kustvakt by KorAP.
the class AuthenticationController method requestSession.
@GET
@Path("sessionToken")
public // @ResourceFilters({HeaderFilter.class})
Response requestSession(@Context HttpHeaders headers, @Context Locale locale, @HeaderParam(ContainerRequest.USER_AGENT) String agent, @HeaderParam(ContainerRequest.HOST) String host) {
List<String> auth = headers.getRequestHeader(ContainerRequest.AUTHORIZATION);
AuthorizationData authorizationData;
try {
authorizationData = authorizationHandler.parseAuthorizationHeaderValue(auth.get(0));
authorizationData = authorizationHandler.parseBasicToken(authorizationData);
} catch (KustvaktException e) {
throw kustvaktResponseHandler.throwit(e);
}
// | values[1].equalsIgnoreCase("null"))
if (authorizationData.getUsername() == null || authorizationData.getUsername().isEmpty() || authorizationData.getPassword() == null || authorizationData.getPassword().isEmpty())
// is actual an invalid request
throw kustvaktResponseHandler.throwit(StatusCodes.REQUEST_INVALID);
Map<String, Object> attr = new HashMap<>();
attr.put(Attributes.HOST, host);
attr.put(Attributes.USER_AGENT, agent);
TokenContext context;
String contextJson;
try {
// EM: authentication scheme default
User user = controller.authenticate(AuthenticationMethod.DATABASE, authorizationData.getUsername(), authorizationData.getPassword(), attr);
context = controller.createTokenContext(user, attr, TokenType.SESSION);
// context = controller.createTokenContext(user, attr,
// Attributes.SESSION_AUTHENTICATION);
contextJson = context.toJson();
jlog.debug(contextJson);
} catch (KustvaktException e) {
throw kustvaktResponseHandler.throwit(e);
}
return Response.ok().entity(contextJson).build();
}
Also used :
TokenContext(de.ids_mannheim.korap.security.context.TokenContext)
KustvaktException(de.ids_mannheim.korap.exceptions.KustvaktException)
User(de.ids_mannheim.korap.user.User)
AuthorizationData(de.ids_mannheim.korap.authentication.http.AuthorizationData)
HashMap(java.util.HashMap)
Path(javax.ws.rs.Path)
GET(javax.ws.rs.GET)
Example 27 with TokenContext
use of de.ids_mannheim.korap.security.context.TokenContext in project Kustvakt by KorAP.
the class AuthenticationController method refresh.
// todo:
@Deprecated
@GET
@Path("refresh")
public Response refresh(@Context SecurityContext context, @Context Locale locale) {
TokenContext ctx = (TokenContext) context.getUserPrincipal();
TokenContext newContext;
// return Response.ok().entity(newContext.getToken()).build();
return null;
}
Also used :
TokenContext(de.ids_mannheim.korap.security.context.TokenContext)
Path(javax.ws.rs.Path)
GET(javax.ws.rs.GET)
Example 28 with TokenContext
use of de.ids_mannheim.korap.security.context.TokenContext in project Kustvakt by KorAP.
the class OAuth2AdminController method updateClientPrivilege.
/**
* Facilitates editing client privileges for admin purposes, e.g.
* setting a specific client to be a super client.
* Only confidential clients are allowed to be super clients.
*
* When upgrading clients to super clients, existing access tokens
* and authorization codes retain their scopes.
*
* When degrading super clients, all existing tokens and
* authorization codes are invalidated.
*
* @param securityContext
* @param clientId
* OAuth2 client id
* @param super
* true indicating super client, false otherwise
* @return Response status OK, if successful
*/
@POST
@Path("client/privilege")
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
public Response updateClientPrivilege(@Context SecurityContext securityContext, @FormParam("client_id") String clientId, @FormParam("super") String isSuper) {
TokenContext context = (TokenContext) securityContext.getUserPrincipal();
try {
scopeService.verifyScope(context, OAuth2Scope.ADMIN);
adminService.updatePrivilege(clientId, Boolean.valueOf(isSuper));
return Response.ok("SUCCESS").build();
} catch (KustvaktException e) {
throw responseHandler.throwit(e);
}
}
Also used :
TokenContext(de.ids_mannheim.korap.security.context.TokenContext)
KustvaktException(de.ids_mannheim.korap.exceptions.KustvaktException)
Path(javax.ws.rs.Path)
POST(javax.ws.rs.POST)
Consumes(javax.ws.rs.Consumes)
Example 29 with TokenContext
use of de.ids_mannheim.korap.security.context.TokenContext in project Kustvakt by KorAP.
the class OAuth2AdminController method cleanExpiredInvalidToken.
@Path("token/clean")
public Response cleanExpiredInvalidToken(@Context SecurityContext securityContext) {
TokenContext context = (TokenContext) securityContext.getUserPrincipal();
try {
scopeService.verifyScope(context, OAuth2Scope.ADMIN);
adminService.cleanTokens();
} catch (KustvaktException e) {
throw responseHandler.throwit(e);
}
return Response.ok().build();
}
Also used :
TokenContext(de.ids_mannheim.korap.security.context.TokenContext)
KustvaktException(de.ids_mannheim.korap.exceptions.KustvaktException)
Path(javax.ws.rs.Path)
Example 30 with TokenContext
use of de.ids_mannheim.korap.security.context.TokenContext in project Kustvakt by KorAP.
the class OAuthClientController method listUserAuthorizedClients.
/**
* Lists user clients having active refresh tokens (not revoked,
* not expired), except super clients.
*
* This service is not part of the OAuth2 specification. It is
* intended to facilitate users revoking any suspicious and
* misused access or refresh tokens.
*
* Only super clients are allowed to use this service. It requires
* user and client authentications.
*
* @param context
* @param superClientId
* the client id of the super client
* @param superClientSecret
* the client secret of the super client
* @return a list of clients having refresh tokens of the
* given user
*/
@POST
@Path("/list")
@ResourceFilters({ AuthenticationFilter.class, BlockingFilter.class })
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
@Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
public List<OAuth2UserClientDto> listUserAuthorizedClients(@Context SecurityContext context, @FormParam("super_client_id") String superClientId, @FormParam("super_client_secret") String superClientSecret, @FormParam("authorized_only") boolean authorizedOnly) {
TokenContext tokenContext = (TokenContext) context.getUserPrincipal();
String username = tokenContext.getUsername();
try {
scopeService.verifyScope(tokenContext, OAuth2Scope.LIST_USER_CLIENT);
if (authorizedOnly) {
return clientService.listUserAuthorizedClients(username, superClientId, superClientSecret);
} else {
return clientService.listUserRegisteredClients(username, superClientId, superClientSecret);
}
} catch (KustvaktException e) {
throw responseHandler.throwit(e);
}
}
Also used :
TokenContext(de.ids_mannheim.korap.security.context.TokenContext)
KustvaktException(de.ids_mannheim.korap.exceptions.KustvaktException)
Path(javax.ws.rs.Path)
ResourceFilters(com.sun.jersey.spi.container.ResourceFilters)
POST(javax.ws.rs.POST)
Consumes(javax.ws.rs.Consumes)
Produces(javax.ws.rs.Produces)
Aggregations
TokenContext (de.ids_mannheim.korap.security.context.TokenContext)62
KustvaktException (de.ids_mannheim.korap.exceptions.KustvaktException)54
Path (javax.ws.rs.Path)40
Consumes (javax.ws.rs.Consumes)21
POST (javax.ws.rs.POST)19
User (de.ids_mannheim.korap.user.User)16
ResourceFilters (com.sun.jersey.spi.container.ResourceFilters)15
GET (javax.ws.rs.GET)11
KorAPUser (de.ids_mannheim.korap.user.KorAPUser)10
DELETE (javax.ws.rs.DELETE)10
Produces (javax.ws.rs.Produces)9
Userdata (de.ids_mannheim.korap.user.Userdata)5
ZonedDateTime (java.time.ZonedDateTime)5
HashMap (java.util.HashMap)4
PUT (javax.ws.rs.PUT)4
AuthorizationData (de.ids_mannheim.korap.authentication.http.AuthorizationData)3
FormRequestWrapper (de.ids_mannheim.korap.web.utils.FormRequestWrapper)3
HashSet (java.util.HashSet)3
OAuthProblemException (org.apache.oltu.oauth2.common.exception.OAuthProblemException)3
OAuthSystemException (org.apache.oltu.oauth2.common.exception.OAuthSystemException)3
