Search in sources :

Example 1 with JWTNotRequired

use of io.hops.hopsworks.api.filter.JWTNotRequired in project hopsworks by logicalclocks.

the class DownloadService method downloadFromHDFS.

@GET
@javax.ws.rs.Path("with_token/{path: .+}")
@Produces(MediaType.APPLICATION_OCTET_STREAM)
@JWTNotRequired
@ApiOperation(value = "Download file.", response = StreamingOutput.class)
public Response downloadFromHDFS(@PathParam("path") String path, @QueryParam("token") String token, @QueryParam("type") DatasetType datasetType, @Context SecurityContext sc) throws DatasetException, SigningKeyNotFoundException, VerificationException, ProjectException {
    if (!settings.isDownloadAllowed()) {
        throw new DatasetException(RESTCodes.DatasetErrorCode.DOWNLOAD_NOT_ALLOWED, Level.FINEST);
    }
    Project project = this.getProject();
    DatasetPath datasetPath = datasetHelper.getDatasetPathIfFileExist(project, path, datasetType);
    String fullPath = datasetPath.getFullPath().toString();
    DecodedJWT djwt = jWTHelper.verifyOneTimeToken(token, fullPath);
    Users user = userFacade.findByUsername(djwt.getSubject());
    Pair<Path, StreamingOutput> pathStreamPair = downloadFromHDFS(project, datasetPath, user);
    Response.ResponseBuilder response = Response.ok(pathStreamPair.getValue1());
    response.header("Content-disposition", "attachment; filename=\"" + pathStreamPair.getValue0().getName() + "\"");
    return response.build();
}
Also used : Path(org.apache.hadoop.fs.Path) DatasetPath(io.hops.hopsworks.common.dataset.util.DatasetPath) Response(javax.ws.rs.core.Response) Project(io.hops.hopsworks.persistence.entity.project.Project) StreamingOutput(javax.ws.rs.core.StreamingOutput) DatasetPath(io.hops.hopsworks.common.dataset.util.DatasetPath) Users(io.hops.hopsworks.persistence.entity.user.Users) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT) DatasetException(io.hops.hopsworks.exceptions.DatasetException) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET) ApiOperation(io.swagger.annotations.ApiOperation) JWTNotRequired(io.hops.hopsworks.api.filter.JWTNotRequired)

Example 2 with JWTNotRequired

use of io.hops.hopsworks.api.filter.JWTNotRequired in project hopsworks by logicalclocks.

the class AuthService method recoverQRCode.

@POST
@Path("/recover/qrCode")
@Produces(MediaType.APPLICATION_JSON)
@JWTNotRequired
public Response recoverQRCode(@FormParam("email") String email, @FormParam("password") String password, @Context HttpServletRequest req) throws UserException, MessagingException {
    RESTApiJsonResponse json = new RESTApiJsonResponse();
    String reqUrl = FormatUtils.getUserURL(req);
    userController.sendQRRecoveryEmail(email, password, reqUrl);
    json.setSuccessMessage(ResponseMessages.QR_CODE_RESET);
    return Response.ok(json).build();
}
Also used : RESTApiJsonResponse(io.hops.hopsworks.api.util.RESTApiJsonResponse) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Produces(javax.ws.rs.Produces) JWTNotRequired(io.hops.hopsworks.api.filter.JWTNotRequired)

Example 3 with JWTNotRequired

use of io.hops.hopsworks.api.filter.JWTNotRequired in project hopsworks by logicalclocks.

the class AuthService method login.

@POST
@Path("login")
@Produces(MediaType.APPLICATION_JSON)
@JWTNotRequired
public Response login(@FormParam("email") String email, @FormParam("password") String password, @FormParam("otp") String otp, @Context HttpServletRequest req) throws UserException, SigningKeyNotFoundException, NoSuchAlgorithmException, LoginException, DuplicateSigningKeyException {
    if (email == null || email.isEmpty()) {
        throw new IllegalArgumentException("Email was not provided");
    }
    if (password == null || password.isEmpty()) {
        throw new IllegalArgumentException("Password can not be empty.");
    }
    Users user = userFacade.findByEmail(email);
    if (user == null) {
        throw new LoginException("Unrecognized email address. Have you registered yet?");
    }
    if (!needLogin(req, user)) {
        return Response.ok().build();
    }
    // A session needs to be create explicitly before doing to the login operation
    req.getSession();
    // Do pre cauth realm check
    String passwordWithSaltPlusOtp = authController.preCustomRealmLoginCheck(user, password, otp);
    // Do login
    Response response = login(user, passwordWithSaltPlusOtp, req);
    if (LOGGER.isLoggable(Level.FINEST)) {
        logUserLogin(req);
    }
    return response;
}
Also used : RESTApiJsonResponse(io.hops.hopsworks.api.util.RESTApiJsonResponse) NoCacheResponse(io.hops.hopsworks.api.filter.NoCacheResponse) Response(javax.ws.rs.core.Response) LoginException(javax.security.auth.login.LoginException) Users(io.hops.hopsworks.persistence.entity.user.Users) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Produces(javax.ws.rs.Produces) JWTNotRequired(io.hops.hopsworks.api.filter.JWTNotRequired)

Example 4 with JWTNotRequired

use of io.hops.hopsworks.api.filter.JWTNotRequired in project hopsworks by logicalclocks.

the class UsersResource method validateOTP.

@POST
@Path("/validate/otp")
@Produces(MediaType.APPLICATION_JSON)
@JWTNotRequired
@ApiOperation(value = "Validate OTP")
public Response validateOTP(@FormParam("otp") String otp, @Context SecurityContext sc) throws UserException {
    Users user = jWTHelper.getUserPrincipal(sc);
    authController.validateOTP(user, otp);
    return Response.ok().build();
}
Also used : Users(io.hops.hopsworks.persistence.entity.user.Users) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Produces(javax.ws.rs.Produces) ApiOperation(io.swagger.annotations.ApiOperation) JWTNotRequired(io.hops.hopsworks.api.filter.JWTNotRequired)

Example 5 with JWTNotRequired

use of io.hops.hopsworks.api.filter.JWTNotRequired in project hopsworks by logicalclocks.

the class VariablesService method getAuthStatus.

@GET
@Path("authStatus")
@Produces(MediaType.APPLICATION_JSON)
@JWTNotRequired
@Deprecated
public Response getAuthStatus() {
    List<OauthClient> oauthClients = oauthClientFacade.findAll();
    List<OpenIdProvider> providers = new ArrayList<>();
    for (OauthClient client : oauthClients) {
        providers.add(new OpenIdProvider(client.getProviderName(), client.getProviderDisplayName(), client.getProviderLogoURI()));
    }
    AuthStatus authStatus = new AuthStatus(settings.getTwoFactorAuth(), settings.getLDAPAuthStatus(), settings.getKRBAuthStatus(), settings.isPasswordLoginDisabled(), settings.isRegistrationUIDisabled(), providers);
    return noCacheResponse.getNoCacheResponseBuilder(Response.Status.OK).entity(authStatus).build();
}
Also used : OauthClient(io.hops.hopsworks.persistence.entity.remote.oauth.OauthClient) ArrayList(java.util.ArrayList) Path(javax.ws.rs.Path) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET) JWTNotRequired(io.hops.hopsworks.api.filter.JWTNotRequired)

Aggregations

JWTNotRequired (io.hops.hopsworks.api.filter.JWTNotRequired)12 Produces (javax.ws.rs.Produces)12 Path (javax.ws.rs.Path)10 POST (javax.ws.rs.POST)7 RESTApiJsonResponse (io.hops.hopsworks.api.util.RESTApiJsonResponse)5 GET (javax.ws.rs.GET)5 Users (io.hops.hopsworks.persistence.entity.user.Users)4 UserException (io.hops.hopsworks.exceptions.UserException)2 OauthClient (io.hops.hopsworks.persistence.entity.remote.oauth.OauthClient)2 ApiOperation (io.swagger.annotations.ApiOperation)2 ArrayList (java.util.ArrayList)2 LoginException (javax.security.auth.login.LoginException)2 Response (javax.ws.rs.core.Response)2 DecodedJWT (com.auth0.jwt.interfaces.DecodedJWT)1 NoCacheResponse (io.hops.hopsworks.api.filter.NoCacheResponse)1 DatasetPath (io.hops.hopsworks.common.dataset.util.DatasetPath)1 Maintenance (io.hops.hopsworks.common.maintenance.Maintenance)1 QrCode (io.hops.hopsworks.common.user.QrCode)1 DatasetException (io.hops.hopsworks.exceptions.DatasetException)1 GenericException (io.hops.hopsworks.exceptions.GenericException)1