Example 1 with DAOException
use of io.divide.shared.server.DAO.DAOException in project divide by HiddenStage.
the class AuthServerLogic method getUserFromAuthToken.
public Credentials getUserFromAuthToken(String token) throws DAOException {
AuthTokenUtils.AuthToken authToken;
try {
authToken = new AuthTokenUtils.AuthToken(keyManager.getSymmetricKey(), token);
} catch (AuthenticationException e) {
throw new DAOException(HttpStatus.SC_INTERNAL_SERVER_ERROR, "internal error");
}
if (authToken.isExpired())
throw new DAOException(HttpStatus.SC_UNAUTHORIZED, "Expired");
Query q = new QueryBuilder().select().from(Credentials.class).where(Credentials.AUTH_TOKEN_KEY, OPERAND.EQ, token).build();
TransientObject to = ObjectUtils.get1stOrNull(dao.query(q));
if (to != null) {
return new ServerCredentials(to);
} else {
throw new DAOException(HttpStatus.SC_BAD_REQUEST, "invalid auth token");
}
}
Also used :
DAOException(io.divide.shared.server.DAO.DAOException)
Query(io.divide.shared.transitory.query.Query)
AuthenticationException(io.divide.shared.util.AuthTokenUtils.AuthenticationException)
AuthTokenUtils(io.divide.shared.util.AuthTokenUtils)
QueryBuilder(io.divide.shared.transitory.query.QueryBuilder)
TransientObject(io.divide.shared.transitory.TransientObject)
Example 2 with DAOException
use of io.divide.shared.server.DAO.DAOException in project divide by HiddenStage.
the class AuthServerLogic method userSignIn.
/**
* Checks username/password against that stored in DB, if same return
* token, if token expired create new.
* @param credentials
* @return authentication token
*/
public Credentials userSignIn(Credentials credentials) throws DAOException {
Credentials dbCreds = getUserByEmail(dao, credentials.getEmailAddress());
if (dbCreds == null) {
throw new DAOException(HttpStatus.SC_UNAUTHORIZED, "User Doesnt exist");
} else {
// check if we are resetting the password
if (dbCreds.getValidation() != null && dbCreds.getValidation().equals(credentials.getValidation())) {
// decrypt the password
credentials.decryptPassword(keyManager.getPrivateKey());
// set the new password
dbCreds.setPassword(BCrypt.hashpw(credentials.getPassword(), BCrypt.gensalt(10)));
} else // else check password
{
String en = credentials.getPassword();
// decrypt the password
credentials.decryptPassword(keyManager.getPrivateKey());
String de = credentials.getPassword();
String ha = BCrypt.hashpw(de, BCrypt.gensalt(10));
System.out.println("Comparing passwords.\n" + "Encrypted: " + en + "\n" + "Decrypted: " + de + "\n" + "Hashed: " + ha + "\n" + "Stored: " + dbCreds.getPassword());
if (!BCrypt.checkpw(de, dbCreds.getPassword())) {
throw new DAOException(HttpStatus.SC_UNAUTHORIZED, "User Already Exists");
}
}
// check if token is expired, if so return/set new
AuthTokenUtils.AuthToken token;
try {
token = new AuthTokenUtils.AuthToken(keyManager.getSymmetricKey(), dbCreds.getAuthToken());
} catch (AuthenticationException e) {
throw new DAOException(HttpStatus.SC_INTERNAL_SERVER_ERROR, "internal error");
}
if (c.getTime().getTime() > token.expirationDate) {
dbCreds.setAuthToken(AuthTokenUtils.getNewToken(keyManager.getSymmetricKey(), dbCreds));
dao.save(dbCreds);
}
return dbCreds;
}
}
Also used :
DAOException(io.divide.shared.server.DAO.DAOException)
AuthenticationException(io.divide.shared.util.AuthTokenUtils.AuthenticationException)
AuthTokenUtils(io.divide.shared.util.AuthTokenUtils)
Credentials(io.divide.shared.transitory.Credentials)
Example 3 with DAOException
use of io.divide.shared.server.DAO.DAOException in project divide by HiddenStage.
the class PushEndpoint method register.
/*
currently failing as the decryption key is probably different
*/
@POST
@Consumes(MediaType.APPLICATION_JSON)
public Response register(@Context Session session, EncryptedEntity.Reader entity) {
try {
Credentials credentials = session.getUser();
entity.setKey(keyManager.getPrivateKey());
credentials.setPushMessagingKey(entity.get("token"));
dao.save(credentials);
} catch (DAOException e) {
logger.severe(ExceptionUtils.getStackTrace(e));
return fromDAOExpection(e);
} catch (Exception e) {
logger.severe(ExceptionUtils.getStackTrace(e));
return Response.serverError().entity("Shit").build();
}
return Response.ok().build();
}
Also used :
DAOException(io.divide.shared.server.DAO.DAOException)
Credentials(io.divide.shared.transitory.Credentials)
IOException(java.io.IOException)
DAOException(io.divide.shared.server.DAO.DAOException)
Example 4 with DAOException
use of io.divide.shared.server.DAO.DAOException in project divide by HiddenStage.
the class AuthServerLogic method getUserFromRecoveryToken.
public Credentials getUserFromRecoveryToken(String token) throws DAOException {
Query q = new QueryBuilder().select().from(Credentials.class).where(Credentials.RECOVERY_TOKEN_KEY, OPERAND.EQ, token).build();
TransientObject to = ObjectUtils.get1stOrNull(dao.query(q));
if (to != null) {
ServerCredentials sc = new ServerCredentials(to);
sc.setAuthToken(AuthTokenUtils.getNewToken(keyManager.getSymmetricKey(), sc));
sc.setRecoveryToken(AuthTokenUtils.getNewToken(keyManager.getSymmetricKey(), sc));
dao.save(sc);
return sc;
} else {
throw new DAOException(HttpStatus.SC_BAD_REQUEST, "invalid recovery token");
}
}
Also used :
DAOException(io.divide.shared.server.DAO.DAOException)
Query(io.divide.shared.transitory.query.Query)
QueryBuilder(io.divide.shared.transitory.query.QueryBuilder)
TransientObject(io.divide.shared.transitory.TransientObject)
Aggregations
DAOException (io.divide.shared.server.DAO.DAOException)4
Credentials (io.divide.shared.transitory.Credentials)2
TransientObject (io.divide.shared.transitory.TransientObject)2
Query (io.divide.shared.transitory.query.Query)2
QueryBuilder (io.divide.shared.transitory.query.QueryBuilder)2
AuthTokenUtils (io.divide.shared.util.AuthTokenUtils)2
AuthenticationException (io.divide.shared.util.AuthTokenUtils.AuthenticationException)2
IOException (java.io.IOException)1
