use of de.ids_mannheim.korap.user.User in project Kustvakt by KorAP.
the class SearchService method retrieveDocMetadata.
public String retrieveDocMetadata(String corpusId, String docId, String textId, String fields, String username, HttpHeaders headers) throws KustvaktException {
List<String> fieldList = null;
if (fields != null && !fields.isEmpty()) {
fieldList = convertFieldsToList(fields);
}
Pattern p = null;
if (config.isMetadataRestricted()) {
User user = createUser(username, headers);
p = determineAvailabilityPattern(user);
}
String textSigle = searchKrill.getTextSigle(corpusId, docId, textId);
return searchKrill.getFields(textSigle, fieldList, p);
}
use of de.ids_mannheim.korap.user.User in project Kustvakt by KorAP.
the class SearchService method search.
@SuppressWarnings("unchecked")
public String search(String engine, String username, HttpHeaders headers, String q, String ql, String v, List<String> cqList, String fields, String pipes, Integer pageIndex, Integer pageInteger, String ctx, Integer pageLength, Boolean cutoff, boolean accessRewriteDisabled, boolean showTokens) throws KustvaktException {
if (pageInteger != null && pageInteger < 1) {
throw new KustvaktException(StatusCodes.INVALID_ARGUMENT, "page must start from 1", "page");
}
String[] pipeArray = null;
if (pipes != null && !pipes.isEmpty()) {
pipeArray = pipes.split(",");
}
KustvaktConfiguration.BACKENDS eng = this.config.chooseBackend(engine);
User user = createUser(username, headers);
CorpusAccess corpusAccess = user.getCorpusAccess();
// it is not needed because all metadata are public.
if (accessRewriteDisabled) {
corpusAccess = CorpusAccess.ALL;
user.setCorpusAccess(CorpusAccess.ALL);
}
QuerySerializer serializer = new QuerySerializer();
serializer.setQuery(q, ql, v);
String cq = combineMultipleCorpusQuery(cqList);
if (cq != null)
serializer.setCollection(cq);
List<String> fieldList = convertFieldsToList(fields);
handleNonPublicFields(fieldList, accessRewriteDisabled, serializer);
MetaQueryBuilder meta = createMetaQuery(pageIndex, pageInteger, ctx, pageLength, cutoff, corpusAccess, fieldList, accessRewriteDisabled, showTokens);
serializer.setMeta(meta.raw());
// - either query, corpus or meta
if (serializer.hasErrors()) {
throw new KustvaktException(serializer.toJSON());
}
String query = serializer.toJSON();
if (accessRewriteDisabled && showTokens) {
Notifications n = new Notifications();
n.addWarning(StatusCodes.NOT_ALLOWED, "Tokens cannot be shown without access.");
JsonNode warning = n.toJsonNode();
query = addWarning(query, warning);
}
query = runPipes(query, pipeArray);
query = this.rewriteHandler.processQuery(query, user);
if (DEBUG) {
jlog.debug("the serialized query " + query);
}
String result;
if (eng.equals(KustvaktConfiguration.BACKENDS.NEO4J)) {
result = searchNeo4J(query, pageLength, meta, false);
} else {
result = searchKrill.search(query);
}
// jlog.debug("Query result: " + result);
return result;
}
use of de.ids_mannheim.korap.user.User in project Kustvakt by KorAP.
the class SearchService method search.
public String search(String jsonld, String username, HttpHeaders headers) throws KustvaktException {
User user = createUser(username, headers);
JsonNode node = JsonUtils.readTree(jsonld);
node = node.at("/meta/snippets");
if (node != null && node.asBoolean()) {
user.setCorpusAccess(CorpusAccess.ALL);
}
String query = this.rewriteHandler.processQuery(jsonld, user);
// jsonld = this.processor.processQuery(jsonld, user);
return searchKrill.search(query);
}
use of de.ids_mannheim.korap.user.User in project Kustvakt by KorAP.
the class AuthenticationController method requestAPIToken.
// EM: testing using spring security authentication manager
// @Deprecated
// @GET
// @Path("ldap/token")
// public Response requestToken (@Context HttpHeaders headers,
// @Context Locale locale,
// @HeaderParam(ContainerRequest.USER_AGENT) String agent,
// @HeaderParam(ContainerRequest.HOST) String host,
// @HeaderParam("referer-url") String referer,
// @QueryParam("scope") String scopes,
// // @Context WebServiceContext wsContext, // FB
// @Context SecurityContext securityContext) {
//
// Map<String, Object> attr = new HashMap<>();
// if (scopes != null && !scopes.isEmpty())
// attr.put(Attributes.SCOPES, scopes);
// attr.put(Attributes.HOST, host);
// attr.put(Attributes.USER_AGENT, agent);
//
// User user = new KorAPUser();
// user.setUsername(securityContext.getUserPrincipal().getName());
// controller.setAccessAndLocation(user, headers);
// if (DEBUG_LOG == true) System.out.printf(
// "Debug: /token/: location=%s, access='%s'.\n",
// user.locationtoString(), user.accesstoString());
// attr.put(Attributes.LOCATION, user.getLocation());
// attr.put(Attributes.CORPUS_ACCESS, user.getCorpusAccess());
//
// try {
// TokenContext context = controller.createTokenContext(user, attr,
// TokenType.API);
// return Response.ok(context.toJson()).build();
// }
// catch (KustvaktException e) {
// throw kustvaktResponseHandler.throwit(e);
// }
// }
@GET
@Path("apiToken")
public // @ResourceFilters({HeaderFilter.class})
Response requestAPIToken(@Context HttpHeaders headers, @Context Locale locale, @HeaderParam(ContainerRequest.USER_AGENT) String agent, @HeaderParam(ContainerRequest.HOST) String host, @HeaderParam("referer-url") String referer, @QueryParam("scope") String scopes, // @Context WebServiceContext wsContext, // FB
@Context SecurityContext secCtx) {
List<String> auth = headers.getRequestHeader(ContainerRequest.AUTHORIZATION);
if (auth == null || auth.isEmpty()) {
throw kustvaktResponseHandler.throwit(new KustvaktException(StatusCodes.MISSING_PARAMETER, "Authorization header is missing.", "Authorization header"));
}
AuthorizationData authorizationData;
try {
authorizationData = authorizationHandler.parseAuthorizationHeaderValue(auth.get(0));
if (authorizationData.getAuthenticationScheme().equals(AuthenticationScheme.BASIC)) {
authorizationData = authorizationHandler.parseBasicToken(authorizationData);
} else {
// EM: throw exception that auth scheme is not supported?
}
} catch (KustvaktException e) {
throw kustvaktResponseHandler.throwit(e);
}
if (DEBUG_LOG == true) {
System.out.printf("Debug: AuthService.requestAPIToken...:\n");
System.out.printf("Debug: auth.size=%d\n", auth.size());
System.out.printf("auth.get(0)='%s'\n", auth.get(0));
/* hide password etc. - FB
if( auth.size() > 0 )
{
Iterator it = auth.iterator();
while( it.hasNext() )
System.out.printf(" header '%s'\n", it.next());
}
if( values.length > 0 )
{
for(int i=0; i< values.length; i++)
{
System.out.printf(" values[%d]='%s'\n", i, values[i]);
}
}
*/
MultivaluedMap<String, String> headerMap = headers.getRequestHeaders();
if (headerMap != null && headerMap.size() > 0) {
Iterator<String> it = headerMap.keySet().iterator();
while (it.hasNext()) {
String key = (String) it.next();
List<String> vals = headerMap.get(key);
// System.out.printf("Debug: requestAPIToken: '%s' = '%s'\n",
// key, vals);
}
}
// System.out.printf("Debug: requestAPIToken: isSecure = %s.\n",
// secCtx.isSecure() ? "yes" : "no");
}
if (authorizationData.getUsername() == null || authorizationData.getUsername().isEmpty() || authorizationData.getPassword() == null || authorizationData.getPassword().isEmpty())
// is actual an invalid request
throw kustvaktResponseHandler.throwit(StatusCodes.REQUEST_INVALID);
Map<String, Object> attr = new HashMap<>();
if (scopes != null && !scopes.isEmpty())
attr.put(Attributes.SCOPE, scopes);
attr.put(Attributes.HOST, host);
attr.put(Attributes.USER_AGENT, agent);
TokenContext context;
try {
// User user = controller.authenticate(0, values[0], values[1], attr); Implementation by Hanl
User user = controller.authenticate(AuthenticationMethod.LDAP, authorizationData.getUsername(), authorizationData.getPassword(), // Implementation with IdM/LDAP
attr);
// Userdata data = this.controller.getUserData(user, UserDetails.class); // Implem. by Hanl
// todo: is this necessary?
// attr.putAll(data.fields());
// EM: add authentication time
Date authenticationTime = TimeUtils.getNow().toDate();
attr.put(Attributes.AUTHENTICATION_TIME, authenticationTime);
// -- EM
controller.setAccessAndLocation(user, headers);
if (DEBUG_LOG == true)
System.out.printf("Debug: /apiToken/: location=%s, access='%s'.\n", user.locationtoString(), user.accesstoString());
attr.put(Attributes.LOCATION, user.getLocation());
attr.put(Attributes.CORPUS_ACCESS, user.getCorpusAccess());
context = controller.createTokenContext(user, attr, TokenType.API);
// context = controller.createTokenContext(user, attr,
// Attributes.API_AUTHENTICATION);
} catch (KustvaktException e) {
throw kustvaktResponseHandler.throwit(e);
}
try {
return Response.ok(context.toJson()).build();
} catch (KustvaktException e) {
throw kustvaktResponseHandler.throwit(e);
}
}
use of de.ids_mannheim.korap.user.User in project Kustvakt by KorAP.
the class AuthenticationController method loginshib.
// fixme: security issues: setup shibboleth compatible authentication system
// todo: will be purged with token authentication --> shib is client side
@POST
@Consumes(MediaType.APPLICATION_JSON)
@Produces("application/json")
@Path("shibboleth")
public Response loginshib(@Context HttpHeaders headers, @Context Locale locale, @HeaderParam(ContainerRequest.USER_AGENT) String agent, @HeaderParam(ContainerRequest.HOST) String host, @QueryParam("client_id") String client_id) {
// the shibfilter decrypted the values
// define default provider for returned access token strategy?!
Map<String, Object> attr = new HashMap<>();
attr.put(Attributes.HOST, host);
attr.put(Attributes.USER_AGENT, agent);
TokenContext context;
try {
// todo: distinguish type KorAP/Shibusers
User user = controller.authenticate(AuthenticationMethod.SHIBBOLETH, null, null, attr);
context = controller.createTokenContext(user, attr, null);
} catch (KustvaktException e) {
throw kustvaktResponseHandler.throwit(e);
}
try {
return Response.ok().entity(context.toJson()).build();
} catch (KustvaktException e) {
throw kustvaktResponseHandler.throwit(e);
}
}
Aggregations