Search in sources :

Example 1 with ApiToken

use of edu.harvard.iq.dataverse.authorization.users.ApiToken in project dataverse by IQSS.

the class ApiTokenPage method generate.

public void generate() {
    if (session.getUser().isAuthenticated()) {
        AuthenticatedUser au = (AuthenticatedUser) session.getUser();
        apiToken = authSvc.findApiTokenByUser(au);
        if (apiToken != null) {
            authSvc.removeApiToken(au);
        }
        /**
         * @todo DRY! Stolen from BuiltinUsers API page
         */
        ApiToken newToken = new ApiToken();
        newToken.setTokenString(java.util.UUID.randomUUID().toString());
        newToken.setAuthenticatedUser(au);
        Calendar c = Calendar.getInstance();
        newToken.setCreateTime(new Timestamp(c.getTimeInMillis()));
        c.roll(Calendar.YEAR, 1);
        newToken.setExpireTime(new Timestamp(c.getTimeInMillis()));
        authSvc.save(newToken);
    }
}
Also used : Calendar(java.util.Calendar) ApiToken(edu.harvard.iq.dataverse.authorization.users.ApiToken) AuthenticatedUser(edu.harvard.iq.dataverse.authorization.users.AuthenticatedUser) Timestamp(java.sql.Timestamp)

Example 2 with ApiToken

use of edu.harvard.iq.dataverse.authorization.users.ApiToken in project dataverse by IQSS.

the class ExternalToolHandlerTest method testGetToolUrlWithOptionalQueryParameters.

// TODO: It would probably be better to split these into individual tests.
@Test
public void testGetToolUrlWithOptionalQueryParameters() {
    ExternalTool.Type type = ExternalTool.Type.EXPLORE;
    String toolUrl = "http://example.com";
    ExternalTool externalTool = new ExternalTool("displayName", "description", type, toolUrl, "{}");
    // One query parameter, not a reserved word, no {fileId} (required) used.
    externalTool.setToolParameters(Json.createObjectBuilder().add("queryParameters", Json.createArrayBuilder().add(Json.createObjectBuilder().add("mode", "mode1"))).build().toString());
    DataFile nullDataFile = null;
    ApiToken nullApiToken = null;
    Exception expectedException1 = null;
    try {
        ExternalToolHandler externalToolHandler1 = new ExternalToolHandler(externalTool, nullDataFile, nullApiToken);
    } catch (Exception ex) {
        expectedException1 = ex;
    }
    assertNotNull(expectedException1);
    assertEquals("A DataFile is required.", expectedException1.getMessage());
    // Two query parameters.
    externalTool.setToolParameters(Json.createObjectBuilder().add("queryParameters", Json.createArrayBuilder().add(Json.createObjectBuilder().add("mode", "mode1")).add(Json.createObjectBuilder().add("key2", "value2"))).build().toString());
    Exception expectedException2 = null;
    try {
        ExternalToolHandler externalToolHandler2 = new ExternalToolHandler(externalTool, nullDataFile, nullApiToken);
    } catch (Exception ex) {
        expectedException2 = ex;
    }
    assertNotNull(expectedException2);
    assertEquals("A DataFile is required.", expectedException2.getMessage());
    // Two query parameters, both reserved words, one is {fileId} which is required.
    externalTool.setToolParameters(Json.createObjectBuilder().add("queryParameters", Json.createArrayBuilder().add(Json.createObjectBuilder().add("key1", "{fileId}")).add(Json.createObjectBuilder().add("key2", "{apiToken}"))).build().toString());
    DataFile dataFile = new DataFile();
    dataFile.setId(42l);
    ApiToken apiToken = new ApiToken();
    apiToken.setTokenString("7196b5ce-f200-4286-8809-03ffdbc255d7");
    ExternalToolHandler externalToolHandler3 = new ExternalToolHandler(externalTool, dataFile, apiToken);
    String result3 = externalToolHandler3.getQueryParametersForUrl();
    System.out.println("result3: " + result3);
    assertEquals("?key1=42&key2=7196b5ce-f200-4286-8809-03ffdbc255d7", result3);
    // Two query parameters, both reserved words, no apiToken
    externalTool.setToolParameters(Json.createObjectBuilder().add("queryParameters", Json.createArrayBuilder().add(Json.createObjectBuilder().add("key1", "{fileId}")).add(Json.createObjectBuilder().add("key2", "{apiToken}"))).build().toString());
    ExternalToolHandler externalToolHandler4 = new ExternalToolHandler(externalTool, dataFile, nullApiToken);
    String result4 = externalToolHandler4.getQueryParametersForUrl();
    System.out.println("result4: " + result4);
    assertEquals("?key1=42", result4);
    // Two query parameters, attempt to use a reserved word that doesn't exist.
    externalTool.setToolParameters(Json.createObjectBuilder().add("queryParameters", Json.createArrayBuilder().add(Json.createObjectBuilder().add("key1", "{junk}")).add(Json.createObjectBuilder().add("key2", "{apiToken}"))).build().toString());
    Exception expectedException = null;
    try {
        ExternalToolHandler externalToolHandler5 = new ExternalToolHandler(externalTool, dataFile, nullApiToken);
        String result5 = externalToolHandler5.getQueryParametersForUrl();
        System.out.println("result5: " + result5);
    } catch (Exception ex) {
        System.out.println("Exception caught: " + ex);
        expectedException = ex;
    }
    assertNotNull(expectedException);
    assertEquals("Unknown reserved word: {junk}", expectedException.getMessage());
}
Also used : DataFile(edu.harvard.iq.dataverse.DataFile) ApiToken(edu.harvard.iq.dataverse.authorization.users.ApiToken) Test(org.junit.Test)

Example 3 with ApiToken

use of edu.harvard.iq.dataverse.authorization.users.ApiToken in project dataverse by IQSS.

the class AuthenticationServiceBean method deleteAuthenticatedUser.

/**
 * Use with care! This method was written primarily for developers
 * interested in API testing who want to:
 *
 * 1. Create a temporary user and get an API token.
 *
 * 2. Do some work with that API token.
 *
 * 3. Delete all the stuff that was created with the API token.
 *
 * 4. Delete the temporary user.
 *
 * Before calling this method, make sure you've deleted all the stuff tied
 * to the user, including stuff they've created, role assignments, group
 * assignments, etc.
 *
 * Longer term, the intention is to have a "disableAuthenticatedUser"
 * method/command. See https://github.com/IQSS/dataverse/issues/2419
 */
public void deleteAuthenticatedUser(Object pk) {
    AuthenticatedUser user = em.find(AuthenticatedUser.class, pk);
    if (user != null) {
        ApiToken apiToken = findApiTokenByUser(user);
        if (apiToken != null) {
            em.remove(apiToken);
        }
        ConfirmEmailData confirmEmailData = confirmEmailService.findSingleConfirmEmailDataByUser(user);
        if (confirmEmailData != null) {
            /**
             * @todo This could probably be a cascade delete instead.
             */
            em.remove(confirmEmailData);
        }
        userNotificationService.findByUser(user.getId()).forEach(userNotificationService::delete);
        AuthenticationProvider prv = lookupProvider(user);
        if (prv != null && prv.isUserDeletionAllowed()) {
            prv.deleteUser(user.getAuthenticatedUserLookup().getPersistentUserId());
        }
        actionLogSvc.log(new ActionLogRecord(ActionLogRecord.ActionType.Auth, "deleteUser").setInfo(user.getUserIdentifier()));
        em.remove(user.getAuthenticatedUserLookup());
        em.remove(user);
    }
}
Also used : ActionLogRecord(edu.harvard.iq.dataverse.actionlogging.ActionLogRecord) BuiltinAuthenticationProvider(edu.harvard.iq.dataverse.authorization.providers.builtin.BuiltinAuthenticationProvider) AbstractOAuth2AuthenticationProvider(edu.harvard.iq.dataverse.authorization.providers.oauth2.AbstractOAuth2AuthenticationProvider) ShibAuthenticationProvider(edu.harvard.iq.dataverse.authorization.providers.shib.ShibAuthenticationProvider) ApiToken(edu.harvard.iq.dataverse.authorization.users.ApiToken) AuthenticatedUser(edu.harvard.iq.dataverse.authorization.users.AuthenticatedUser) ConfirmEmailData(edu.harvard.iq.dataverse.confirmemail.ConfirmEmailData)

Example 4 with ApiToken

use of edu.harvard.iq.dataverse.authorization.users.ApiToken in project dataverse by IQSS.

the class ExternalToolServiceBeanTest method testfindAll.

@Test
public void testfindAll() {
    DataFile dataFile = new DataFile();
    dataFile.setId(42l);
    List<DataTable> dataTables = new ArrayList<DataTable>();
    dataTables.add(new DataTable());
    dataFile.setDataTables(dataTables);
    ApiToken apiToken = new ApiToken();
    apiToken.setTokenString("7196b5ce-f200-4286-8809-03ffdbc255d7");
    ExternalTool.Type type = ExternalTool.Type.EXPLORE;
    ExternalTool externalTool = new ExternalTool("displayName", "description", type, "http://foo.com", "{}");
    ExternalToolHandler externalToolHandler4 = new ExternalToolHandler(externalTool, dataFile, apiToken);
    List<ExternalTool> externalTools = new ArrayList<>();
    externalTools.add(externalTool);
    List<ExternalTool> availableExternalTools = ExternalToolServiceBean.findExternalToolsByFile(externalTools, dataFile);
    assertEquals(availableExternalTools.size(), 1);
}
Also used : DataFile(edu.harvard.iq.dataverse.DataFile) DataTable(edu.harvard.iq.dataverse.DataTable) ArrayList(java.util.ArrayList) ApiToken(edu.harvard.iq.dataverse.authorization.users.ApiToken) Test(org.junit.Test)

Example 5 with ApiToken

use of edu.harvard.iq.dataverse.authorization.users.ApiToken in project dataverse by IQSS.

the class ExternalToolServiceBeanTest method testParseAddExternalToolInput.

@Test
public void testParseAddExternalToolInput() {
    JsonObjectBuilder job = Json.createObjectBuilder();
    job.add("displayName", "AwesomeTool");
    job.add("description", "This tool is awesome.");
    job.add("type", "explore");
    job.add("toolUrl", "http://awesometool.com");
    job.add("toolParameters", Json.createObjectBuilder().add("queryParameters", Json.createArrayBuilder().add(Json.createObjectBuilder().add("fileid", "{fileId}").build()).add(Json.createObjectBuilder().add("key", "{apiToken}").build()).build()).build());
    String tool = job.build().toString();
    System.out.println("tool: " + tool);
    ExternalTool externalTool = ExternalToolServiceBean.parseAddExternalToolManifest(tool);
    assertEquals("AwesomeTool", externalTool.getDisplayName());
    DataFile dataFile = new DataFile();
    dataFile.setId(42l);
    ApiToken apiToken = new ApiToken();
    apiToken.setTokenString("7196b5ce-f200-4286-8809-03ffdbc255d7");
    ExternalToolHandler externalToolHandler = new ExternalToolHandler(externalTool, dataFile, apiToken);
    String toolUrl = externalToolHandler.getToolUrlWithQueryParams();
    System.out.println("result: " + toolUrl);
    assertEquals("http://awesometool.com?fileid=42&key=7196b5ce-f200-4286-8809-03ffdbc255d7", toolUrl);
}
Also used : DataFile(edu.harvard.iq.dataverse.DataFile) ApiToken(edu.harvard.iq.dataverse.authorization.users.ApiToken) JsonObjectBuilder(javax.json.JsonObjectBuilder) Test(org.junit.Test)

Aggregations

ApiToken (edu.harvard.iq.dataverse.authorization.users.ApiToken)11 AuthenticatedUser (edu.harvard.iq.dataverse.authorization.users.AuthenticatedUser)6 DataFile (edu.harvard.iq.dataverse.DataFile)3 ActionLogRecord (edu.harvard.iq.dataverse.actionlogging.ActionLogRecord)3 Timestamp (java.sql.Timestamp)3 Calendar (java.util.Calendar)3 Test (org.junit.Test)3 User (edu.harvard.iq.dataverse.authorization.users.User)2 ExternalToolHandler (edu.harvard.iq.dataverse.externaltools.ExternalToolHandler)2 JsonObjectBuilder (javax.json.JsonObjectBuilder)2 DataTable (edu.harvard.iq.dataverse.DataTable)1 Dataverse (edu.harvard.iq.dataverse.Dataverse)1 UserRecordIdentifier (edu.harvard.iq.dataverse.authorization.UserRecordIdentifier)1 BuiltinAuthenticationProvider (edu.harvard.iq.dataverse.authorization.providers.builtin.BuiltinAuthenticationProvider)1 BuiltinUser (edu.harvard.iq.dataverse.authorization.providers.builtin.BuiltinUser)1 AbstractOAuth2AuthenticationProvider (edu.harvard.iq.dataverse.authorization.providers.oauth2.AbstractOAuth2AuthenticationProvider)1 ShibAuthenticationProvider (edu.harvard.iq.dataverse.authorization.providers.shib.ShibAuthenticationProvider)1 ConfirmEmailData (edu.harvard.iq.dataverse.confirmemail.ConfirmEmailData)1 ReservedWord (edu.harvard.iq.dataverse.externaltools.ExternalTool.ReservedWord)1 IOException (java.io.IOException)1