Example 6 with ApiScope
use of io.hops.hopsworks.persistence.entity.user.security.apiKey.ApiScope in project hopsworks by logicalclocks.
the class ApiKeyResource method create.
@POST
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Create an api key.", response = ApiKeyDTO.class)
@JWTRequired(acceptedTokens = { Audience.API }, allowedUserRoles = { "HOPS_ADMIN", "HOPS_USER", "AGENT" })
public Response create(@QueryParam("name") String name, @QueryParam("scope") Set<ApiScope> scopes, @Context UriInfo uriInfo, @Context SecurityContext sc, @Context HttpServletRequest req) throws ApiKeyException, UserException {
Users user = jwtHelper.getUserPrincipal(sc);
Set<ApiScope> validatedScopes = validateScopes(user, scopes);
String apiKey = apikeyController.createNewKey(user, name, validatedScopes, false);
ResourceRequest resourceRequest = new ResourceRequest(ResourceRequest.Name.APIKEY);
ApiKeyDTO dto = apikeyBuilder.build(uriInfo, resourceRequest, user, name);
dto.setKey(apiKey);
return Response.created(dto.getHref()).entity(dto).build();
}
Also used :
ApiScope(io.hops.hopsworks.persistence.entity.user.security.apiKey.ApiScope)
Users(io.hops.hopsworks.persistence.entity.user.Users)
ResourceRequest(io.hops.hopsworks.common.api.ResourceRequest)
POST(javax.ws.rs.POST)
Produces(javax.ws.rs.Produces)
JWTRequired(io.hops.hopsworks.jwt.annotation.JWTRequired)
ApiOperation(io.swagger.annotations.ApiOperation)
Example 7 with ApiScope
use of io.hops.hopsworks.persistence.entity.user.security.apiKey.ApiScope in project hopsworks by logicalclocks.
the class ApiKeyResource method update.
@PUT
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Update an api key.", response = ApiKeyDTO.class)
@JWTRequired(acceptedTokens = { Audience.API }, allowedUserRoles = { "HOPS_ADMIN", "HOPS_USER" })
public Response update(@QueryParam("name") String name, @QueryParam("action") ApiKeyUpdateAction action, @QueryParam("scope") Set<ApiScope> scopes, @Context UriInfo uriInfo, @Context HttpServletRequest req, @Context SecurityContext sc) throws ApiKeyException {
Users user = jwtHelper.getUserPrincipal(sc);
Set<ApiScope> validatedScopes = validateScopes(user, scopes);
ApiKey apikey;
switch(action == null ? ApiKeyUpdateAction.ADD : action) {
case ADD:
apikey = apikeyController.addScope(user, name, validatedScopes);
break;
case DELETE:
apikey = apikeyController.removeScope(user, name, validatedScopes);
break;
case UPDATE:
apikey = apikeyController.update(user, name, validatedScopes);
break;
default:
throw new WebApplicationException("Action need to set a valid action, but found: " + action, Response.Status.NOT_FOUND);
}
ResourceRequest resourceRequest = new ResourceRequest(ResourceRequest.Name.APIKEY);
ApiKeyDTO dto = apikeyBuilder.build(uriInfo, resourceRequest, apikey);
return Response.ok().entity(dto).build();
}
Also used :
ApiKey(io.hops.hopsworks.persistence.entity.user.security.apiKey.ApiKey)
WebApplicationException(javax.ws.rs.WebApplicationException)
ApiScope(io.hops.hopsworks.persistence.entity.user.security.apiKey.ApiScope)
Users(io.hops.hopsworks.persistence.entity.user.Users)
ResourceRequest(io.hops.hopsworks.common.api.ResourceRequest)
Produces(javax.ws.rs.Produces)
JWTRequired(io.hops.hopsworks.jwt.annotation.JWTRequired)
ApiOperation(io.swagger.annotations.ApiOperation)
PUT(javax.ws.rs.PUT)
Example 8 with ApiScope
use of io.hops.hopsworks.persistence.entity.user.security.apiKey.ApiScope in project hopsworks by logicalclocks.
the class ApiKeyResource method getScopes.
@GET
@Path("scopes")
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Get all api key scopes.")
@JWTRequired(acceptedTokens = { Audience.API }, allowedUserRoles = { "HOPS_ADMIN", "HOPS_USER" })
public Response getScopes(@Context SecurityContext sc) throws UserException {
Users user = jwtHelper.getUserPrincipal(sc);
if (user == null) {
throw new UserException(RESTCodes.UserErrorCode.USER_WAS_NOT_FOUND, Level.FINE);
}
Set<ApiScope> scopes = getScopesForUser(user);
GenericEntity<Set<ApiScope>> scopeEntity = new GenericEntity<Set<ApiScope>>(scopes) {
};
return Response.ok().entity(scopeEntity).build();
}
Also used :
HashSet(java.util.HashSet)
Set(java.util.Set)
GenericEntity(javax.ws.rs.core.GenericEntity)
ApiScope(io.hops.hopsworks.persistence.entity.user.security.apiKey.ApiScope)
Users(io.hops.hopsworks.persistence.entity.user.Users)
UserException(io.hops.hopsworks.exceptions.UserException)
Path(javax.ws.rs.Path)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
JWTRequired(io.hops.hopsworks.jwt.annotation.JWTRequired)
ApiOperation(io.swagger.annotations.ApiOperation)
Aggregations
ApiScope (io.hops.hopsworks.persistence.entity.user.security.apiKey.ApiScope)8
ApiKey (io.hops.hopsworks.persistence.entity.user.security.apiKey.ApiKey)5
Users (io.hops.hopsworks.persistence.entity.user.Users)4
ApiKeyException (io.hops.hopsworks.exceptions.ApiKeyException)3
JWTRequired (io.hops.hopsworks.jwt.annotation.JWTRequired)3
ApiKeyScope (io.hops.hopsworks.persistence.entity.user.security.apiKey.ApiKeyScope)3
ApiOperation (io.swagger.annotations.ApiOperation)3
Date (java.util.Date)3
Produces (javax.ws.rs.Produces)3
ResourceRequest (io.hops.hopsworks.common.api.ResourceRequest)2
ArrayList (java.util.ArrayList)2
HashSet (java.util.HashSet)2
WebApplicationException (javax.ws.rs.WebApplicationException)2
HopsworksSecurityContext (io.hops.hopsworks.api.filter.util.HopsworksSecurityContext)1
Subject (io.hops.hopsworks.api.filter.util.Subject)1
RESTApiJsonResponse (io.hops.hopsworks.api.util.RESTApiJsonResponse)1
UserException (io.hops.hopsworks.exceptions.UserException)1
JsonResponse (io.hops.hopsworks.restutils.JsonResponse)1
Set (java.util.Set)1
GET (javax.ws.rs.GET)1
