Example 11 with DatabaseSession
use of org.bimserver.database.DatabaseSession in project BIMserver by opensourceBIM.
the class OAuthAccessTokenServlet method service.
@Override
public void service(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
OAuthTokenRequest oauthRequest = null;
OAuthIssuer oauthIssuerImpl = new OAuthIssuerImpl(new MD5Generator());
if (!request.getContentType().equals("application/x-www-form-urlencoded")) {
response.setStatus(405);
PrintWriter pw = response.getWriter();
pw.print("ContentType must be application/x-www-form-urlencoded");
pw.flush();
pw.close();
return;
}
try {
oauthRequest = new OAuthTokenRequest(request);
OAuthAuthorizationCode code = null;
try (DatabaseSession session = getBimServer().getDatabase().createSession()) {
String codeAsString = oauthRequest.getCode();
code = session.querySingle(StorePackage.eINSTANCE.getOAuthAuthorizationCode_Code(), codeAsString);
validateClient(oauthRequest);
String resourceUrl = "";
Authorization auth = code.getAuthorization();
org.bimserver.webservices.authorization.Authorization authorization = null;
if (auth instanceof SingleProjectAuthorization) {
SingleProjectAuthorization singleProjectAuthorization = (SingleProjectAuthorization) auth;
authorization = new org.bimserver.webservices.authorization.SingleProjectAuthorization(getBimServer(), code.getUser().getOid(), singleProjectAuthorization.getProject().getOid());
} else if (auth instanceof RunServiceAuthorization) {
RunServiceAuthorization runServiceAuthorization = (RunServiceAuthorization) auth;
authorization = new org.bimserver.webservices.authorization.RunServiceAuthorization(getBimServer(), code.getUser().getOid(), runServiceAuthorization.getService().getOid());
resourceUrl = getBimServer().getServerSettingsCache().getServerSettings().getSiteAddress() + "/services/" + runServiceAuthorization.getService().getOid();
} else {
throw new Exception("Unknown auth");
}
String accessToken = authorization.asHexToken(getBimServer().getEncryptionKey());
String refreshToken = oauthIssuerImpl.refreshToken();
OAuthTokenResponseBuilder builder = OAuthASResponse.tokenResponse(HttpServletResponse.SC_OK).setAccessToken(accessToken).setExpiresIn("3600").setRefreshToken(refreshToken);
builder.setParam("resource_url", resourceUrl);
if (auth instanceof SingleProjectAuthorization) {
builder.setParam("poid", "" + ((SingleProjectAuthorization) code.getAuthorization()).getProject().getOid());
} else if (auth instanceof RunServiceAuthorization) {
builder.setParam("soid", "" + ((RunServiceAuthorization) code.getAuthorization()).getService().getOid());
}
OAuthResponse r = builder.buildJSONMessage();
response.setStatus(r.getResponseStatus());
response.setContentType("application/json");
PrintWriter pw = response.getWriter();
pw.print(r.getBody());
pw.flush();
pw.close();
} catch (BimserverDatabaseException e) {
LOGGER.error("", e);
}
} catch (OAuthProblemException ex) {
LOGGER.error("", ex);
try {
OAuthResponse r = OAuthResponse.errorResponse(401).error(ex).buildJSONMessage();
response.setStatus(r.getResponseStatus());
PrintWriter pw = response.getWriter();
pw.print(r.getBody());
pw.flush();
pw.close();
} catch (OAuthSystemException e) {
LOGGER.error("", ex);
}
} catch (Exception e) {
LOGGER.error("", e);
}
}
Also used :
DatabaseSession(org.bimserver.database.DatabaseSession)
OAuthSystemException(org.apache.oltu.oauth2.common.exception.OAuthSystemException)
OAuthTokenRequest(org.apache.oltu.oauth2.as.request.OAuthTokenRequest)
SingleProjectAuthorization(org.bimserver.models.store.SingleProjectAuthorization)
RunServiceAuthorization(org.bimserver.models.store.RunServiceAuthorization)
OAuthResponse(org.apache.oltu.oauth2.common.message.OAuthResponse)
OAuthProblemException(org.apache.oltu.oauth2.common.exception.OAuthProblemException)
ServletException(javax.servlet.ServletException)
IOException(java.io.IOException)
OAuthSystemException(org.apache.oltu.oauth2.common.exception.OAuthSystemException)
BimserverDatabaseException(org.bimserver.BimserverDatabaseException)
Authorization(org.bimserver.models.store.Authorization)
RunServiceAuthorization(org.bimserver.models.store.RunServiceAuthorization)
SingleProjectAuthorization(org.bimserver.models.store.SingleProjectAuthorization)
OAuthProblemException(org.apache.oltu.oauth2.common.exception.OAuthProblemException)
OAuthIssuerImpl(org.apache.oltu.oauth2.as.issuer.OAuthIssuerImpl)
BimserverDatabaseException(org.bimserver.BimserverDatabaseException)
OAuthTokenResponseBuilder(org.apache.oltu.oauth2.as.response.OAuthASResponse.OAuthTokenResponseBuilder)
MD5Generator(org.apache.oltu.oauth2.as.issuer.MD5Generator)
OAuthIssuer(org.apache.oltu.oauth2.as.issuer.OAuthIssuer)
OAuthAuthorizationCode(org.bimserver.models.store.OAuthAuthorizationCode)
PrintWriter(java.io.PrintWriter)
Example 12 with DatabaseSession
use of org.bimserver.database.DatabaseSession in project BIMserver by opensourceBIM.
the class OAuthAuthorizationServlet method service.
@Override
public void service(HttpServletRequest request, HttpServletResponse httpServletResponse) throws ServletException, IOException {
OAuthAuthzRequest oauthRequest = null;
String authType = request.getParameter("auth_type");
if (request.getParameter("token") == null) {
String location = "/apps/bimviews/?page=OAuth&auth_type=" + authType + "&client_id=" + request.getParameter("client_id") + "&response_type=" + request.getParameter("response_type") + "&redirect_uri=" + request.getParameter("redirect_uri");
if (request.getParameter("state") != null) {
String state = request.getParameter("state");
LOGGER.info("Incoming state: " + state);
String encodedState = UrlEscapers.urlFragmentEscaper().escape(state);
LOGGER.info("Encoded state: " + encodedState);
location += "&state=" + encodedState;
}
LOGGER.info("Redirecting to " + location);
httpServletResponse.sendRedirect(location);
return;
}
OAuthAuthorizationCode oauthCode = null;
String token = request.getParameter("token");
try (DatabaseSession session = getBimServer().getDatabase().createSession()) {
OAuthServer oAuthServer = session.querySingle(StorePackage.eINSTANCE.getOAuthServer_ClientId(), request.getParameter("client_id"));
org.bimserver.webservices.authorization.Authorization realAuth = org.bimserver.webservices.authorization.Authorization.fromToken(getBimServer().getEncryptionKey(), token);
long uoid = realAuth.getUoid();
User user = session.get(uoid, OldQuery.getDefault());
for (OAuthAuthorizationCode oAuthAuthorizationCode : user.getOAuthIssuedAuthorizationCodes()) {
if (oAuthAuthorizationCode.getOauthServer() == oAuthServer) {
if (oAuthAuthorizationCode.getAuthorization() != null) {
oauthCode = oAuthAuthorizationCode;
}
}
}
try {
if (oauthCode == null) {
throw new ServletException("No auth found for token " + token);
}
oauthRequest = new OAuthAuthzRequest(request);
String responseType = oauthRequest.getParam(OAuth.OAUTH_RESPONSE_TYPE);
OAuthASResponse.OAuthAuthorizationResponseBuilder builder = OAuthASResponse.authorizationResponse(request, HttpServletResponse.SC_FOUND);
if (responseType.equals(ResponseType.CODE.toString())) {
builder.setCode(oauthCode.getCode());
// } else if (responseType.equals(ResponseType.TOKEN))) {
// builder.setAccessToken(oauthCode.get)
}
// if (responseType.equals(ResponseType.TOKEN.toString())) {
// builder.setAccessToken(oauthIssuerImpl.accessToken());
// // builder.setTokenType(OAuth.DEFAULT_TOKEN_TYPE.toString());
// builder.setExpiresIn(3600l);
// }
String redirectURI = oauthRequest.getParam(OAuth.OAUTH_REDIRECT_URI);
if (redirectURI != null && !redirectURI.equals("")) {
URI uri = makeUrl(redirectURI, oauthCode, builder);
LOGGER.info("Redirecting to " + uri);
httpServletResponse.sendRedirect(uri.toString());
} else {
URI uri = makeUrl("http://fakeaddress", oauthCode, builder);
httpServletResponse.getWriter().println("No redirectURI provided");
httpServletResponse.getWriter().println("Would have redirected to: " + uri);
}
} catch (OAuthProblemException e) {
final Response.ResponseBuilder responseBuilder = Response.status(HttpServletResponse.SC_FOUND);
String redirectUri = e.getRedirectUri();
if (OAuthUtils.isEmpty(redirectUri)) {
throw new WebApplicationException(responseBuilder.entity("OAuth callback url needs to be provided by client!!!").build());
}
try {
OAuthResponse response = OAuthASResponse.errorResponse(HttpServletResponse.SC_FOUND).error(e).location(redirectUri).buildQueryMessage();
// final URI location = new URI(response.getLocationUri());
httpServletResponse.sendRedirect(response.getLocationUri());
} catch (OAuthSystemException e1) {
e1.printStackTrace();
}
}
} catch (OAuthSystemException e) {
e.printStackTrace();
} catch (URISyntaxException e) {
e.printStackTrace();
} catch (BimserverLockConflictException e2) {
e2.printStackTrace();
} catch (BimserverDatabaseException e2) {
e2.printStackTrace();
} catch (AuthenticationException e2) {
e2.printStackTrace();
}
}
Also used :
User(org.bimserver.models.store.User)
WebApplicationException(javax.ws.rs.WebApplicationException)
DatabaseSession(org.bimserver.database.DatabaseSession)
AuthenticationException(org.bimserver.webservices.authorization.AuthenticationException)
OAuthSystemException(org.apache.oltu.oauth2.common.exception.OAuthSystemException)
URISyntaxException(java.net.URISyntaxException)
OAuthServer(org.bimserver.models.store.OAuthServer)
OAuthAuthorizationResponseBuilder(org.apache.oltu.oauth2.as.response.OAuthASResponse.OAuthAuthorizationResponseBuilder)
URI(java.net.URI)
OAuthResponse(org.apache.oltu.oauth2.common.message.OAuthResponse)
ServletException(javax.servlet.ServletException)
OAuthProblemException(org.apache.oltu.oauth2.common.exception.OAuthProblemException)
BimserverDatabaseException(org.bimserver.BimserverDatabaseException)
OAuthAuthzRequest(org.apache.oltu.oauth2.as.request.OAuthAuthzRequest)
OAuthASResponse(org.apache.oltu.oauth2.as.response.OAuthASResponse)
OAuthAuthorizationResponseBuilder(org.apache.oltu.oauth2.as.response.OAuthASResponse.OAuthAuthorizationResponseBuilder)
BimserverLockConflictException(org.bimserver.database.BimserverLockConflictException)
OAuthAuthorizationCode(org.bimserver.models.store.OAuthAuthorizationCode)
Example 13 with DatabaseSession
use of org.bimserver.database.DatabaseSession in project BIMserver by opensourceBIM.
the class OAuthRegistrationServlet method service.
@Override
public void service(HttpServletRequest request, HttpServletResponse httpResponse) throws ServletException, IOException {
OAuthServerRegistrationRequest oauthRequest = null;
try {
oauthRequest = new OAuthServerRegistrationRequest(new JSONHttpServletRequestWrapper(request));
oauthRequest.discover();
oauthRequest.getClientUrl();
oauthRequest.getClientDescription();
oauthRequest.getRedirectURI();
try (DatabaseSession session = getBimServer().getDatabase().createSession()) {
OAuthServer oAuthServer = session.querySingle(StorePackage.eINSTANCE.getOAuthServer_RedirectUrl(), oauthRequest.getRedirectURI());
GregorianCalendar now = new GregorianCalendar();
if (oAuthServer == null) {
oAuthServer = session.create(OAuthServer.class);
oAuthServer.setClientName(oauthRequest.getClientName());
oAuthServer.setClientUrl(oauthRequest.getClientUrl());
oAuthServer.setClientDescription(oauthRequest.getClientDescription());
if (oauthRequest.getClientIcon() != null) {
try {
byte[] icon = NetUtils.getContentAsBytes(new URL(oauthRequest.getClientIcon()), 5000);
oAuthServer.setClientIcon(icon);
} catch (Exception e) {
//
}
}
oAuthServer.setRedirectUrl(oauthRequest.getRedirectURI());
// DateFormat dateFormat = new SimpleDateFormat("dd-MM-yyyy hh:mm:ss");
GregorianCalendar expires = new GregorianCalendar();
expires.add(Calendar.YEAR, 1);
String secret = new MD5Generator().generateValue();
oAuthServer.setIssuedAt(now.getTime());
oAuthServer.setExpiresAt(expires.getTime());
oAuthServer.setClientSecret(secret);
oAuthServer.setClientId(oauthRequest.getClientName().replace(" ", "").toLowerCase());
oAuthServer.setIncoming(true);
session.commit();
}
OAuthResponse response = OAuthServerRegistrationResponse.status(HttpServletResponse.SC_OK).setClientId(oAuthServer.getClientId()).setClientSecret(oAuthServer.getClientSecret()).setIssuedAt("" + oAuthServer.getIssuedAt().getTime()).setExpiresIn(oAuthServer.getExpiresAt().getTime() - now.getTimeInMillis()).setParam("message", "OK").buildJSONMessage();
httpResponse.setStatus(response.getResponseStatus());
httpResponse.setContentType(response.getHeaders().get("Content-Type"));
httpResponse.getWriter().write(response.getBody());
} catch (BimserverDatabaseException e) {
e.printStackTrace();
} catch (ServiceException e) {
e.printStackTrace();
}
} catch (OAuthProblemException e) {
OAuthResponse response;
try {
response = OAuthServerRegistrationResponse.errorResponse(HttpServletResponse.SC_BAD_REQUEST).error(e).buildJSONMessage();
httpResponse.setStatus(response.getResponseStatus());
httpResponse.getWriter().write(response.getBody());
} catch (OAuthSystemException e1) {
e1.printStackTrace();
}
} catch (OAuthSystemException e) {
e.printStackTrace();
}
}
Also used :
DatabaseSession(org.bimserver.database.DatabaseSession)
OAuthSystemException(org.apache.oltu.oauth2.common.exception.OAuthSystemException)
GregorianCalendar(java.util.GregorianCalendar)
OAuthServer(org.bimserver.models.store.OAuthServer)
OAuthResponse(org.apache.oltu.oauth2.common.message.OAuthResponse)
URL(java.net.URL)
OAuthProblemException(org.apache.oltu.oauth2.common.exception.OAuthProblemException)
ServletException(javax.servlet.ServletException)
ServiceException(org.bimserver.shared.exceptions.ServiceException)
IOException(java.io.IOException)
OAuthSystemException(org.apache.oltu.oauth2.common.exception.OAuthSystemException)
BimserverDatabaseException(org.bimserver.BimserverDatabaseException)
OAuthProblemException(org.apache.oltu.oauth2.common.exception.OAuthProblemException)
BimserverDatabaseException(org.bimserver.BimserverDatabaseException)
JSONHttpServletRequestWrapper(org.apache.oltu.oauth2.ext.dynamicreg.server.request.JSONHttpServletRequestWrapper)
ServiceException(org.bimserver.shared.exceptions.ServiceException)
OAuthServerRegistrationRequest(org.apache.oltu.oauth2.ext.dynamicreg.server.request.OAuthServerRegistrationRequest)
MD5Generator(org.apache.oltu.oauth2.as.issuer.MD5Generator)
Example 14 with DatabaseSession
use of org.bimserver.database.DatabaseSession in project BIMserver by opensourceBIM.
the class PublicInterfaceFactory method get.
public synchronized ServiceMap get(String token, AccessMethod accessMethod) throws UserException {
try {
Authorization authorization = Authorization.fromToken(bimServer.getEncryptionKey(), token);
DatabaseSession session = bimServer.getDatabase().createSession();
try {
User user = session.get(authorization.getUoid(), OldQuery.getDefault());
if (user == null) {
throw new UserException("No user found with uoid " + authorization.getUoid());
}
if (user.getState() == ObjectState.DELETED) {
throw new UserException("User has been deleted");
}
} finally {
session.close();
}
return get(authorization, accessMethod);
} catch (Exception e) {
if (e instanceof UserException) {
throw (UserException) e;
} else {
throw new UserException(e);
}
}
}
Also used :
Authorization(org.bimserver.webservices.authorization.Authorization)
AnonymousAuthorization(org.bimserver.webservices.authorization.AnonymousAuthorization)
User(org.bimserver.models.store.User)
DatabaseSession(org.bimserver.database.DatabaseSession)
UserException(org.bimserver.shared.exceptions.UserException)
UserException(org.bimserver.shared.exceptions.UserException)
Example 15 with DatabaseSession
use of org.bimserver.database.DatabaseSession in project BIMserver by opensourceBIM.
the class AdminServiceImpl method getLogs.
@Override
public List<SLogAction> getLogs() throws ServerException, UserException {
requireRealUserAuthentication();
DatabaseSession session = getBimServer().getDatabase().createSession();
try {
BimDatabaseAction<List<LogAction>> action = new GetLogsDatabaseAction(session, getInternalAccessMethod(), getAuthorization());
List<LogAction> logs = session.executeAndCommitAction(action);
List<SLogAction> convertToSListLogAction = getBimServer().getSConverter().convertToSListLogAction(logs);
Collections.sort(convertToSListLogAction, new SLogComparator(true));
return convertToSListLogAction;
} catch (Exception e) {
return handleException(e);
} finally {
session.close();
}
}
Also used :
SLogAction(org.bimserver.interfaces.objects.SLogAction)
LogAction(org.bimserver.models.log.LogAction)
DatabaseSession(org.bimserver.database.DatabaseSession)
GetLogsDatabaseAction(org.bimserver.database.actions.GetLogsDatabaseAction)
SLogComparator(org.bimserver.webservices.SLogComparator)
List(java.util.List)
ArrayList(java.util.ArrayList)
SLogAction(org.bimserver.interfaces.objects.SLogAction)
UserException(org.bimserver.shared.exceptions.UserException)
BimBotsException(org.bimserver.bimbots.BimBotsException)
IOException(java.io.IOException)
ServerException(org.bimserver.shared.exceptions.ServerException)
BimserverDatabaseException(org.bimserver.BimserverDatabaseException)
Aggregations
DatabaseSession (org.bimserver.database.DatabaseSession)279
BimserverDatabaseException (org.bimserver.BimserverDatabaseException)258
UserException (org.bimserver.shared.exceptions.UserException)228
ServerException (org.bimserver.shared.exceptions.ServerException)217
IOException (java.io.IOException)194
DeserializeException (org.bimserver.plugins.deserializers.DeserializeException)105
SerializerException (org.bimserver.plugins.serializers.SerializerException)105
UnsupportedEncodingException (java.io.UnsupportedEncodingException)103
MalformedURLException (java.net.MalformedURLException)103
MessagingException (javax.mail.MessagingException)103
AddressException (javax.mail.internet.AddressException)103
CannotBeScheduledException (org.bimserver.longaction.CannotBeScheduledException)103
BcfException (org.opensourcebim.bcf.BcfException)103
User (org.bimserver.models.store.User)34
ArrayList (java.util.ArrayList)29
UserSettings (org.bimserver.models.store.UserSettings)29
Project (org.bimserver.models.store.Project)25
ServerSettings (org.bimserver.models.store.ServerSettings)21
ServerSettingsSetter (org.bimserver.database.actions.ServerSettingsSetter)18
SetServerSettingDatabaseAction (org.bimserver.database.actions.SetServerSettingDatabaseAction)18
