Examples with AccessToken net.petafuel.styx.core.persistence.models.AccessToken used on opensource projects

Search in sources :

Example 1 with AccessToken

use of net.petafuel.styx.core.persistence.models.AccessToken in project styx by petafuel.

the class AccessTokenFilter method checkToken.

@Override
public boolean checkToken(String tokenHash) {
    AccessToken accessToken;
    try {
        accessToken = PersistentAccessToken.get(tokenHash);
    } catch (PersistenceEmptyResultSetException persistenceEmptyResultSetException) {
        // if there was no matching token found in the database, always return unauthorized
        ResponseEntity responseEntity = new ResponseEntity(ResponseConstant.UNAUTHORIZED, ResponseCategory.ERROR, ResponseOrigin.CLIENT);
        throw new StyxException(responseEntity);
    }
    if (accessToken.getLastUsedOn() == null && (TimeUnit.MILLISECONDS.toSeconds(new Date().getTime() - accessToken.getCreatedAt().getTime())) > accessToken.getExpiresIn()) {
        MasterToken masterToken = PersistentClientApp.get(accessToken.getClientMasterToken());
        LOG.warn("Access token expired before first usage, invalidated. master={}, access_token_created={}, serviceBinding={}", masterToken.getName(), accessToken.getCreatedAt(), accessToken.getServiceType());
        PersistentAccessToken.setValid(tokenHash, false);
        return false;
    }
    // get master token and check restrictions
    MasterToken masterToken = PersistentClientApp.get(accessToken.getClientMasterToken());
    checkRestrictions(masterToken, accessToken.getServiceType());
    // check if maxUsages is reached
    checkMaxUsages(masterToken, accessToken);
    // log necessary token information
    LOG.info("Request sent with following token information: accessToken={} valid={} serviceType={} usages={} clientReference={} createdAt={} masterTokenName={} masterTokenEnabled={}", accessToken.getId(), accessToken.isValid(), accessToken.getServiceType(), accessToken.getUsages(), accessToken.getClientReference(), accessToken.getCreatedAt(), masterToken.getName(), masterToken.isEnabled());
    // get service requirements from Target-Resource class or method
    List<XS2ATokenType> serviceRequirements = null;
    if (ri.getResourceMethod().getAnnotation(CheckAccessToken.class) != null) {
        serviceRequirements = Arrays.asList(ri.getResourceMethod().getAnnotation(CheckAccessToken.class).allowedServices());
    } else if (ri.getResourceClass().getAnnotation(CheckAccessToken.class) != null) {
        serviceRequirements = Arrays.asList(ri.getResourceClass().getAnnotation(CheckAccessToken.class).allowedServices());
    }
    // Get all TokenTypeMapperSPI implementations
    List<TokenTypeMapperSPI> tokenTypeMapperImpls = new TokenTypeMapperService().providers();
    TokenTypeMapperSPI concreteTokenTypeMapper = tokenTypeMapperImpls.stream().filter(tokenTypeMapperSPI -> tokenTypeMapperSPI.getMapping(accessToken.getServiceType()) != null).findFirst().orElse(null);
    if (concreteTokenTypeMapper == null || (serviceRequirements != null && !serviceRequirements.contains(concreteTokenTypeMapper.getMapping(accessToken.getServiceType())))) {
        if (concreteTokenTypeMapper == null) {
            LOG.error("There was not TokenTypeMapperSPI implementation found within the classpath, tokens cannot be validated against access controll");
        }
        ResponseEntity responseEntity = new ResponseEntity(ResponseConstant.STYX_TOKEN_ACCESS_VIOLATION, ResponseCategory.ERROR, ResponseOrigin.CLIENT);
        throw new StyxException(responseEntity);
    }
    // update lastUsedOn and increase usages of accessToken
    if (ri.getResourceClass().isAnnotationPresent(CheckAccessToken.class) && ri.getResourceClass().getAnnotation(CheckAccessToken.class).incrementUsage()) {
        PersistentAccessToken.updateLastUsedOn(tokenHash);
    }
    return accessToken.isValid() && masterToken.isEnabled();
}
Also used : ResponseEntity(net.petafuel.styx.api.exception.ResponseEntity) MasterToken(net.petafuel.styx.core.persistence.models.MasterToken) CheckAccessToken(net.petafuel.styx.api.filter.authentication.boundary.CheckAccessToken) TokenTypeMapperSPI(net.petafuel.styx.spi.tokentypemapper.spi.TokenTypeMapperSPI) AccessToken(net.petafuel.styx.core.persistence.models.AccessToken) CheckAccessToken(net.petafuel.styx.api.filter.authentication.boundary.CheckAccessToken) PersistentAccessToken(net.petafuel.styx.core.persistence.layers.PersistentAccessToken) PersistenceEmptyResultSetException(net.petafuel.styx.core.persistence.PersistenceEmptyResultSetException) TokenTypeMapperService(net.petafuel.styx.spi.tokentypemapper.TokenTypeMapperService) XS2ATokenType(net.petafuel.styx.spi.tokentypemapper.api.XS2ATokenType) StyxException(net.petafuel.styx.api.exception.StyxException) Date(java.util.Date)

Example 2 with AccessToken

use of net.petafuel.styx.core.persistence.models.AccessToken in project styx by petafuel.

the class PersistentPayment method getByPaymentId.

public static PaymentEntry getByPaymentId(String paymentId) {
    Connection connection = Persistence.getInstance().getConnection();
    PaymentEntry paymentEntry = null;
    try (PreparedStatement query = connection.prepareStatement("SELECT * FROM get_payment_by_payment_id(?)")) {
        query.setString(1, paymentId);
        try (ResultSet resultSet = query.executeQuery()) {
            if (resultSet.next()) {
                paymentEntry = StyxifySQL.fetchModel(PaymentEntry.class, resultSet);
                if (resultSet.getString(COLUMN_CLIENT_TOKEN) != null) {
                    AccessToken accessToken = PersistentAccessToken.get(resultSet.getString(COLUMN_CLIENT_TOKEN));
                    paymentEntry.setClientToken(accessToken);
                }
                if (resultSet.getString(COLUMN_STATUS) != null) {
                    paymentEntry.setStatus(TransactionStatus.valueOf(resultSet.getString(COLUMN_STATUS)));
                }
                paymentEntry.setPaymentService(PaymentService.valueOf(resultSet.getString(COLUMN_SERVICE)));
                paymentEntry.setPaymentProduct(PaymentProduct.valueOf(resultSet.getString(COLUMN_PRODUCT)));
            }
        }
    } catch (InstantiationException | NoSuchMethodException | IllegalAccessException | InvocationTargetException | IntrospectionException e) {
        LOG.error(ERROR_MODEL_MAPPING, e.getMessage());
        throw new PersistenceException(e.getMessage(), e);
    } catch (SQLException e) {
        LOG.error("Error executing get_payment_by_payment_id() for payment_id={} state={} message={}", paymentId, e.getSQLState(), e.getMessage());
        throw new PersistenceException(e.getMessage(), e);
    }
    return paymentEntry;
}
Also used : SQLException(java.sql.SQLException) Connection(java.sql.Connection) IntrospectionException(java.beans.IntrospectionException) PreparedStatement(java.sql.PreparedStatement) InvocationTargetException(java.lang.reflect.InvocationTargetException) AccessToken(net.petafuel.styx.core.persistence.models.AccessToken) PaymentEntry(net.petafuel.styx.core.persistence.models.PaymentEntry) ResultSet(java.sql.ResultSet) PersistenceException(net.petafuel.styx.core.persistence.PersistenceException)

Example 3 with AccessToken

use of net.petafuel.styx.core.persistence.models.AccessToken in project styx by petafuel.

the class PersistentPayment method updateStatusByPaymentId.

public static PaymentEntry updateStatusByPaymentId(String paymentId, TransactionStatus transactionStatus) {
    Connection connection = Persistence.getInstance().getConnection();
    PaymentEntry paymentEntry = null;
    try (PreparedStatement query = connection.prepareStatement("SELECT * FROM update_payment_status_by_payment_id(?, ?)")) {
        query.setString(1, paymentId);
        query.setString(2, transactionStatus.name());
        try (ResultSet resultSet = query.executeQuery()) {
            if (resultSet.next()) {
                paymentEntry = StyxifySQL.fetchModel(PaymentEntry.class, resultSet);
                AccessToken accessToken = PersistentAccessToken.get(resultSet.getString(COLUMN_CLIENT_TOKEN));
                paymentEntry.setClientToken(accessToken);
                paymentEntry.setStatus(TransactionStatus.valueOf(resultSet.getString(COLUMN_STATUS)));
                paymentEntry.setPaymentService(PaymentService.valueOf(resultSet.getString(COLUMN_SERVICE)));
                paymentEntry.setPaymentProduct(PaymentProduct.valueOf(resultSet.getString(COLUMN_PRODUCT)));
            }
        }
    } catch (InstantiationException | NoSuchMethodException | IllegalAccessException | InvocationTargetException | IntrospectionException e) {
        LOG.error(ERROR_MODEL_MAPPING, e.getMessage());
        throw new PersistenceException(e.getMessage(), e);
    } catch (SQLException e) {
        LOG.error("Error executing update_payment_status_by_payment_id() for paymentId={} state={} message={}", paymentId, e.getSQLState(), e.getMessage());
        throw new PersistenceException(e.getMessage(), e);
    }
    return paymentEntry;
}
Also used : SQLException(java.sql.SQLException) Connection(java.sql.Connection) IntrospectionException(java.beans.IntrospectionException) PreparedStatement(java.sql.PreparedStatement) InvocationTargetException(java.lang.reflect.InvocationTargetException) AccessToken(net.petafuel.styx.core.persistence.models.AccessToken) PaymentEntry(net.petafuel.styx.core.persistence.models.PaymentEntry) ResultSet(java.sql.ResultSet) PersistenceException(net.petafuel.styx.core.persistence.PersistenceException)

Example 4 with AccessToken

use of net.petafuel.styx.core.persistence.models.AccessToken in project styx by petafuel.

the class PersistentPayment method deleteByPaymentId.

public static PaymentEntry deleteByPaymentId(String paymentId) {
    Connection connection = Persistence.getInstance().getConnection();
    PaymentEntry paymentEntry = null;
    try (PreparedStatement query = connection.prepareStatement("SELECT * FROM delete_payment_by_payment_id(?)")) {
        query.setString(1, paymentId);
        try (ResultSet resultSet = query.executeQuery()) {
            if (resultSet.next()) {
                paymentEntry = StyxifySQL.fetchModel(PaymentEntry.class, resultSet);
                AccessToken accessToken = PersistentAccessToken.get(resultSet.getString(COLUMN_CLIENT_TOKEN));
                paymentEntry.setClientToken(accessToken);
                paymentEntry.setStatus(TransactionStatus.valueOf(resultSet.getString(COLUMN_STATUS)));
                paymentEntry.setPaymentService(PaymentService.valueOf(resultSet.getString(COLUMN_SERVICE)));
                paymentEntry.setPaymentProduct(PaymentProduct.valueOf(resultSet.getString(COLUMN_PRODUCT)));
            }
        }
    } catch (InstantiationException | NoSuchMethodException | IllegalAccessException | InvocationTargetException | IntrospectionException e) {
        LOG.error(ERROR_MODEL_MAPPING, e.getMessage());
        throw new PersistenceException(e.getMessage(), e);
    } catch (SQLException e) {
        LOG.error("Error executing delete_payment_by_payment_id() for paymentId={} state={} message={}", paymentId, e.getSQLState(), e.getMessage());
        throw new PersistenceException(e.getMessage(), e);
    }
    return paymentEntry;
}
Also used : SQLException(java.sql.SQLException) Connection(java.sql.Connection) IntrospectionException(java.beans.IntrospectionException) PreparedStatement(java.sql.PreparedStatement) InvocationTargetException(java.lang.reflect.InvocationTargetException) AccessToken(net.petafuel.styx.core.persistence.models.AccessToken) PaymentEntry(net.petafuel.styx.core.persistence.models.PaymentEntry) ResultSet(java.sql.ResultSet) PersistenceException(net.petafuel.styx.core.persistence.PersistenceException)

Example 5 with AccessToken

use of net.petafuel.styx.core.persistence.models.AccessToken in project styx by petafuel.

the class PersistentPayment method updateById.

public static PaymentEntry updateById(String id, String clientToken, String bic, TransactionStatus transactionStatus) {
    Connection connection = Persistence.getInstance().getConnection();
    PaymentEntry paymentEntry = null;
    try (PreparedStatement query = connection.prepareStatement("SELECT * FROM update_payment_by_id(?, ?, ?, ?)")) {
        query.setString(1, id);
        query.setString(2, clientToken);
        query.setString(3, bic);
        query.setString(4, transactionStatus.name());
        try (ResultSet resultSet = query.executeQuery()) {
            if (resultSet.next()) {
                paymentEntry = StyxifySQL.fetchModel(PaymentEntry.class, resultSet);
                AccessToken accessToken = PersistentAccessToken.get(resultSet.getString(COLUMN_CLIENT_TOKEN));
                paymentEntry.setClientToken(accessToken);
                paymentEntry.setStatus(TransactionStatus.valueOf(resultSet.getString(COLUMN_STATUS)));
                paymentEntry.setPaymentService(PaymentService.valueOf(resultSet.getString(COLUMN_SERVICE)));
                paymentEntry.setPaymentProduct(PaymentProduct.valueOf(resultSet.getString(COLUMN_PRODUCT)));
            }
        }
    } catch (InstantiationException | NoSuchMethodException | IllegalAccessException | InvocationTargetException | IntrospectionException e) {
        LOG.error(ERROR_MODEL_MAPPING, e.getMessage());
        throw new PersistenceException(e.getMessage(), e);
    } catch (SQLException e) {
        LOG.error("Error executing update_payment_by_id() for id={} bic={} state={} message={}", id, bic, e.getSQLState(), e.getMessage());
        throw new PersistenceException(e.getMessage(), e);
    }
    return paymentEntry;
}
Also used : SQLException(java.sql.SQLException) Connection(java.sql.Connection) IntrospectionException(java.beans.IntrospectionException) PreparedStatement(java.sql.PreparedStatement) InvocationTargetException(java.lang.reflect.InvocationTargetException) AccessToken(net.petafuel.styx.core.persistence.models.AccessToken) PaymentEntry(net.petafuel.styx.core.persistence.models.PaymentEntry) ResultSet(java.sql.ResultSet) PersistenceException(net.petafuel.styx.core.persistence.PersistenceException)

Aggregations

AccessToken (net.petafuel.styx.core.persistence.models.AccessToken)18 Connection (java.sql.Connection)12 PreparedStatement (java.sql.PreparedStatement)12 ResultSet (java.sql.ResultSet)12 SQLException (java.sql.SQLException)12 IntrospectionException (java.beans.IntrospectionException)9 InvocationTargetException (java.lang.reflect.InvocationTargetException)9 PersistenceException (net.petafuel.styx.core.persistence.PersistenceException)9 PaymentEntry (net.petafuel.styx.core.persistence.models.PaymentEntry)9 MasterToken (net.petafuel.styx.core.persistence.models.MasterToken)4 Test (org.junit.jupiter.api.Test)4 ResponseEntity (net.petafuel.styx.api.exception.ResponseEntity)3 StyxException (net.petafuel.styx.api.exception.StyxException)3 PersistenceEmptyResultSetException (net.petafuel.styx.core.persistence.PersistenceEmptyResultSetException)2 PersistentAccessToken (net.petafuel.styx.core.persistence.layers.PersistentAccessToken)2 Date (java.util.Date)1 JsonObject (javax.json.JsonObject)1 CheckAccessToken (net.petafuel.styx.api.filter.authentication.boundary.CheckAccessToken)1 TokenTypeMapperService (net.petafuel.styx.spi.tokentypemapper.TokenTypeMapperService)1 XS2ATokenType (net.petafuel.styx.spi.tokentypemapper.api.XS2ATokenType)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial