use of io.hops.hopsworks.api.filter.JWTNotRequired in project hopsworks by logicalclocks.
the class DownloadService method downloadFromHDFS.
@GET
@javax.ws.rs.Path("with_token/{path: .+}")
@Produces(MediaType.APPLICATION_OCTET_STREAM)
@JWTNotRequired
@ApiOperation(value = "Download file.", response = StreamingOutput.class)
public Response downloadFromHDFS(@PathParam("path") String path, @QueryParam("token") String token, @QueryParam("type") DatasetType datasetType, @Context SecurityContext sc) throws DatasetException, SigningKeyNotFoundException, VerificationException, ProjectException {
if (!settings.isDownloadAllowed()) {
throw new DatasetException(RESTCodes.DatasetErrorCode.DOWNLOAD_NOT_ALLOWED, Level.FINEST);
}
Project project = this.getProject();
DatasetPath datasetPath = datasetHelper.getDatasetPathIfFileExist(project, path, datasetType);
String fullPath = datasetPath.getFullPath().toString();
DecodedJWT djwt = jWTHelper.verifyOneTimeToken(token, fullPath);
Users user = userFacade.findByUsername(djwt.getSubject());
Pair<Path, StreamingOutput> pathStreamPair = downloadFromHDFS(project, datasetPath, user);
Response.ResponseBuilder response = Response.ok(pathStreamPair.getValue1());
response.header("Content-disposition", "attachment; filename=\"" + pathStreamPair.getValue0().getName() + "\"");
return response.build();
}
use of io.hops.hopsworks.api.filter.JWTNotRequired in project hopsworks by logicalclocks.
the class AuthService method recoverQRCode.
@POST
@Path("/recover/qrCode")
@Produces(MediaType.APPLICATION_JSON)
@JWTNotRequired
public Response recoverQRCode(@FormParam("email") String email, @FormParam("password") String password, @Context HttpServletRequest req) throws UserException, MessagingException {
RESTApiJsonResponse json = new RESTApiJsonResponse();
String reqUrl = FormatUtils.getUserURL(req);
userController.sendQRRecoveryEmail(email, password, reqUrl);
json.setSuccessMessage(ResponseMessages.QR_CODE_RESET);
return Response.ok(json).build();
}
use of io.hops.hopsworks.api.filter.JWTNotRequired in project hopsworks by logicalclocks.
the class AuthService method login.
@POST
@Path("login")
@Produces(MediaType.APPLICATION_JSON)
@JWTNotRequired
public Response login(@FormParam("email") String email, @FormParam("password") String password, @FormParam("otp") String otp, @Context HttpServletRequest req) throws UserException, SigningKeyNotFoundException, NoSuchAlgorithmException, LoginException, DuplicateSigningKeyException {
if (email == null || email.isEmpty()) {
throw new IllegalArgumentException("Email was not provided");
}
if (password == null || password.isEmpty()) {
throw new IllegalArgumentException("Password can not be empty.");
}
Users user = userFacade.findByEmail(email);
if (user == null) {
throw new LoginException("Unrecognized email address. Have you registered yet?");
}
if (!needLogin(req, user)) {
return Response.ok().build();
}
// A session needs to be create explicitly before doing to the login operation
req.getSession();
// Do pre cauth realm check
String passwordWithSaltPlusOtp = authController.preCustomRealmLoginCheck(user, password, otp);
// Do login
Response response = login(user, passwordWithSaltPlusOtp, req);
if (LOGGER.isLoggable(Level.FINEST)) {
logUserLogin(req);
}
return response;
}
use of io.hops.hopsworks.api.filter.JWTNotRequired in project hopsworks by logicalclocks.
the class UsersResource method validateOTP.
@POST
@Path("/validate/otp")
@Produces(MediaType.APPLICATION_JSON)
@JWTNotRequired
@ApiOperation(value = "Validate OTP")
public Response validateOTP(@FormParam("otp") String otp, @Context SecurityContext sc) throws UserException {
Users user = jWTHelper.getUserPrincipal(sc);
authController.validateOTP(user, otp);
return Response.ok().build();
}
use of io.hops.hopsworks.api.filter.JWTNotRequired in project hopsworks by logicalclocks.
the class VariablesService method getAuthStatus.
@GET
@Path("authStatus")
@Produces(MediaType.APPLICATION_JSON)
@JWTNotRequired
@Deprecated
public Response getAuthStatus() {
List<OauthClient> oauthClients = oauthClientFacade.findAll();
List<OpenIdProvider> providers = new ArrayList<>();
for (OauthClient client : oauthClients) {
providers.add(new OpenIdProvider(client.getProviderName(), client.getProviderDisplayName(), client.getProviderLogoURI()));
}
AuthStatus authStatus = new AuthStatus(settings.getTwoFactorAuth(), settings.getLDAPAuthStatus(), settings.getKRBAuthStatus(), settings.isPasswordLoginDisabled(), settings.isRegistrationUIDisabled(), providers);
return noCacheResponse.getNoCacheResponseBuilder(Response.Status.OK).entity(authStatus).build();
}
Aggregations