Examples with ServerCredentials - io.divide.server.dao.ServerCredentials

Example 1 with ServerCredentials

use of io.divide.server.dao.ServerCredentials in project divide by HiddenStage.

the class SecurityFilter method authenticate.

private UserContext authenticate(ContainerRequestContext request) {
    // Extract authentication credentials
    String authentication = request.getHeaderString(ContainerRequest.AUTHORIZATION);
    System.out.println("HeaderCount: " + request.getHeaders().keySet().size());
    System.out.println(request.getHeaders().keySet());
    System.out.println(request.getPropertyNames());
    System.out.println(request.getCookies().keySet());
    if (authentication == null) {
        return abort(request, "Authentication credentials are required");
    }
    if (!authentication.startsWith("CUSTOM ")) {
        return abort(request, "Only CUSTOM authentication is supported: " + authentication);
    }
    authentication = authentication.substring("CUSTOM ".length());
    String token = authentication;
    if (token == null) {
        return abort(request, "Missing token");
    }
    // TODO verify
    try {
        AuthTokenUtils.AuthToken authToken = new AuthTokenUtils.AuthToken(securityManager.getSymmetricKey(), token);
        if (authToken.isExpired()) {
            return abort(request, "Auth Token Expired: " + System.currentTimeMillis() + " : " + authToken.expirationDate);
        }
    } catch (AuthTokenUtils.AuthenticationException e) {
        return abort(request, "Auth Token Expired: " + e.getMessage());
    }
    // Validate the extracted credentials
    synchronized (dao) {
        Query q = new QueryBuilder().select().from(Credentials.class).where(Credentials.AUTH_TOKEN_KEY, OPERAND.EQ, token).build();
        try {
            TransientObject temp = ObjectUtils.get1stOrNull(dao.query(q));
            if (temp != null) {
                ServerCredentials creds = new ServerCredentials(temp);
                // creds.setAuthToken(AuthTokenUtils.getNewToken(securityManager.getSymmetricKey(),creds)); // assign new token
                return new UserContext(request.getUriInfo(), new ServerCredentials(creds));
            } else {
                // System.err.println("IN DB: " + dao.query(new QueryBuilder().select().from(Credentials.class).build()));
                request.abortWith(notAuthReponse("Invalid authentication token"));
                return abort(request, "Invalid authentication token");
            }
        } catch (ServerDAO.DAOException e) {
            log.severe("Authentication Failed(" + e.getStatusCode() + ") " + e.getMessage());
            e.printStackTrace();
            return abort(request, "Invalid authentication token");
        }
    }
}

Also used : ServerDAO(io.divide.dao.ServerDAO) Query(io.divide.shared.transitory.query.Query) ServerCredentials(io.divide.server.dao.ServerCredentials) AuthTokenUtils(io.divide.shared.util.AuthTokenUtils) QueryBuilder(io.divide.shared.transitory.query.QueryBuilder) TransientObject(io.divide.shared.transitory.TransientObject)

Example 2 with ServerCredentials

use of io.divide.server.dao.ServerCredentials in project divide by HiddenStage.

the class TestEndpoint method setup.

@Produces(MediaType.APPLICATION_JSON)
@GET
@Path("/setup")
public Response setup() throws Exception {
    // logger.info("setup");
    // Credentials user = TestUtils.getTestUser();
    // user = new ServerCredentials(user);
    // user.setPassword(BCrypt.hashpw(user.getPassword(), BCrypt.gensalt(10)));
    ServerCredentials toSave = new ServerCredentials(TestUtils.getTestUser());
    // String en = toSave.getPassword();
    // toSave.decryptPassword(keyManager.getPrivateKey()); //decrypt the password
    // String de = toSave.getPassword();
    String ha = BCrypt.hashpw(toSave.getPassword(), BCrypt.gensalt(10));
    // hash the password for storage
    toSave.setPassword(ha);
    toSave.setAuthToken(AuthTokenUtils.getNewToken(securityManager.getSymmetricKey(), toSave));
    toSave.setRecoveryToken(AuthTokenUtils.getNewToken(securityManager.getSymmetricKey(), toSave));
    toSave.setOwnerId(dao.count(Credentials.class.getName()) + 1);
    dao.save(toSave);
    return Response.ok().entity(toSave).build();
}

Also used : ServerCredentials(io.divide.server.dao.ServerCredentials) Credentials(io.divide.shared.transitory.Credentials) ServerCredentials(io.divide.server.dao.ServerCredentials) Path(javax.ws.rs.Path) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET)

Example 3 with ServerCredentials

use of io.divide.server.dao.ServerCredentials in project divide by HiddenStage.

the class TestUtils method getTestUser.

public static Credentials getTestUser() {
    Credentials c = new Credentials("someUsername", "someEmail", "somePassword");
    ServerCredentials sc = new ServerCredentials(c);
    sc.setOwnerId(1);
    FilePermissions fp = sc.getFilePermissions();
    fp.setReadable(true, FilePermissions.Level.WORLD);
    fp.setWritable(true, FilePermissions.Level.WORLD);
    sc.setFilePermissions(fp);
    sc.setAuthToken(AuthTokenUtils.getNewToken(KEY, sc));
    sc.setRecoveryToken(AuthTokenUtils.getNewToken(KEY, sc));
    return sc;
}

Also used : ServerCredentials(io.divide.server.dao.ServerCredentials) FilePermissions(io.divide.shared.transitory.FilePermissions) Credentials(io.divide.shared.transitory.Credentials) ServerCredentials(io.divide.server.dao.ServerCredentials)

Aggregations

ServerCredentials (io.divide.server.dao.ServerCredentials)3 Credentials (io.divide.shared.transitory.Credentials)2 ServerDAO (io.divide.dao.ServerDAO)1 FilePermissions (io.divide.shared.transitory.FilePermissions)1 TransientObject (io.divide.shared.transitory.TransientObject)1 Query (io.divide.shared.transitory.query.Query)1 QueryBuilder (io.divide.shared.transitory.query.QueryBuilder)1 AuthTokenUtils (io.divide.shared.util.AuthTokenUtils)1 GET (javax.ws.rs.GET)1 Path (javax.ws.rs.Path)1 Produces (javax.ws.rs.Produces)1