Search in sources :

Example 1 with Authorities

use of org.eclipse.hono.auth.Authorities in project hono by eclipse.

the class FileBasedAuthenticationService method parseRoles.

private void parseRoles(final JsonObject rolesObject) {
    rolesObject.stream().filter(entry -> entry.getValue() instanceof JsonArray).forEach(entry -> {
        final String roleName = entry.getKey();
        final JsonArray authSpecs = (JsonArray) entry.getValue();
        log.debug("adding role [{}] with {} authorities", roleName, authSpecs.size());
        roles.put(roleName, toAuthorities(authSpecs));
    });
}
Also used : AuthTokenHelper(org.eclipse.hono.service.auth.AuthTokenHelper) AuthoritiesImpl(org.eclipse.hono.auth.AuthoritiesImpl) Autowired(org.springframework.beans.factory.annotation.Autowired) HashMap(java.util.HashMap) HonoUser(org.eclipse.hono.auth.HonoUser) ArrayList(java.util.ArrayList) AuthenticationConstants(org.eclipse.hono.service.auth.AuthenticationConstants) Service(org.springframework.stereotype.Service) Map(java.util.Map) Qualifier(org.springframework.beans.factory.annotation.Qualifier) JsonObject(io.vertx.core.json.JsonObject) AsyncResult(io.vertx.core.AsyncResult) Resource(org.springframework.core.io.Resource) UTF_8(java.nio.charset.StandardCharsets.UTF_8) IOException(java.io.IOException) Reader(java.io.Reader) Instant(java.time.Instant) Activity(org.eclipse.hono.auth.Activity) InputStreamReader(java.io.InputStreamReader) Profile(org.springframework.context.annotation.Profile) Future(io.vertx.core.Future) FileNotFoundException(java.io.FileNotFoundException) Objects(java.util.Objects) JsonArray(io.vertx.core.json.JsonArray) List(java.util.List) AbstractHonoAuthenticationService(org.eclipse.hono.service.auth.AbstractHonoAuthenticationService) Handler(io.vertx.core.Handler) Authorities(org.eclipse.hono.auth.Authorities) JsonArray(io.vertx.core.json.JsonArray)

Example 2 with Authorities

use of org.eclipse.hono.auth.Authorities in project hono by eclipse.

the class FileBasedAuthenticationService method parseRoles.

private void parseRoles(final JsonObject rolesObject) {
    rolesObject.stream().filter(entry -> entry.getValue() instanceof JsonArray).forEach(entry -> {
        final String roleName = entry.getKey();
        final JsonArray authSpecs = (JsonArray) entry.getValue();
        log.debug("adding role [{}] with {} authorities", roleName, authSpecs.size());
        roles.put(roleName, toAuthorities(authSpecs));
    });
}
Also used : HttpURLConnection(java.net.HttpURLConnection) AuthTokenHelper(org.eclipse.hono.service.auth.AuthTokenHelper) AuthoritiesImpl(org.eclipse.hono.auth.AuthoritiesImpl) Promise(io.vertx.core.Promise) HashMap(java.util.HashMap) ClientErrorException(org.eclipse.hono.client.ClientErrorException) Instant(java.time.Instant) Activity(org.eclipse.hono.auth.Activity) HonoUser(org.eclipse.hono.auth.HonoUser) Collectors(java.util.stream.Collectors) Future(io.vertx.core.Future) FileNotFoundException(java.io.FileNotFoundException) AuthenticationConstants(org.eclipse.hono.util.AuthenticationConstants) Objects(java.util.Objects) JsonArray(io.vertx.core.json.JsonArray) List(java.util.List) AbstractHonoAuthenticationService(org.eclipse.hono.service.auth.AbstractHonoAuthenticationService) Buffer(io.vertx.core.buffer.Buffer) Map(java.util.Map) Optional(java.util.Optional) JsonObject(io.vertx.core.json.JsonObject) AsyncResult(io.vertx.core.AsyncResult) Handler(io.vertx.core.Handler) Authorities(org.eclipse.hono.auth.Authorities) JsonArray(io.vertx.core.json.JsonArray)

Example 3 with Authorities

use of org.eclipse.hono.auth.Authorities in project hono by eclipse.

the class FileBasedAuthenticationService method getAuthorities.

private Authorities getAuthorities(final JsonObject user) {
    AuthoritiesImpl result = new AuthoritiesImpl();
    user.getJsonArray(FIELD_AUTHORITIES).forEach(obj -> {
        final String authority = (String) obj;
        Authorities roleAuthorities = roles.get(authority);
        if (roleAuthorities != null) {
            result.addAll(roleAuthorities);
        }
    });
    return result;
}
Also used : AuthoritiesImpl(org.eclipse.hono.auth.AuthoritiesImpl) Authorities(org.eclipse.hono.auth.Authorities)

Example 4 with Authorities

use of org.eclipse.hono.auth.Authorities in project hono by eclipse.

the class FileBasedAuthenticationService method toAuthorities.

private Authorities toAuthorities(final JsonArray authorities) {
    AuthoritiesImpl result = new AuthoritiesImpl();
    Objects.requireNonNull(authorities).stream().filter(obj -> obj instanceof JsonObject).forEach(obj -> {
        final JsonObject authSpec = (JsonObject) obj;
        final JsonArray activities = authSpec.getJsonArray(FIELD_ACTIVITIES, new JsonArray());
        final String resource = authSpec.getString(FIELD_RESOURCE);
        final String operation = authSpec.getString(FIELD_OPERATION);
        if (resource != null) {
            List<Activity> activityList = new ArrayList<>();
            activities.forEach(s -> {
                Activity act = Activity.valueOf((String) s);
                if (act != null) {
                    activityList.add(act);
                }
            });
            result.addResource(resource, activityList.toArray(new Activity[activityList.size()]));
        } else if (operation != null) {
            String[] parts = operation.split(":", 2);
            if (parts.length == 2) {
                result.addOperation(parts[0], parts[1]);
            } else {
                log.debug("ignoring malformed operation spec [{}], operation name missing", operation);
            }
        } else {
            throw new IllegalArgumentException("malformed authorities");
        }
    });
    return result;
}
Also used : AuthTokenHelper(org.eclipse.hono.service.auth.AuthTokenHelper) AuthoritiesImpl(org.eclipse.hono.auth.AuthoritiesImpl) Autowired(org.springframework.beans.factory.annotation.Autowired) HashMap(java.util.HashMap) HonoUser(org.eclipse.hono.auth.HonoUser) ArrayList(java.util.ArrayList) AuthenticationConstants(org.eclipse.hono.service.auth.AuthenticationConstants) Service(org.springframework.stereotype.Service) Map(java.util.Map) Qualifier(org.springframework.beans.factory.annotation.Qualifier) JsonObject(io.vertx.core.json.JsonObject) AsyncResult(io.vertx.core.AsyncResult) Resource(org.springframework.core.io.Resource) UTF_8(java.nio.charset.StandardCharsets.UTF_8) IOException(java.io.IOException) Reader(java.io.Reader) Instant(java.time.Instant) Activity(org.eclipse.hono.auth.Activity) InputStreamReader(java.io.InputStreamReader) Profile(org.springframework.context.annotation.Profile) Future(io.vertx.core.Future) FileNotFoundException(java.io.FileNotFoundException) Objects(java.util.Objects) JsonArray(io.vertx.core.json.JsonArray) List(java.util.List) AbstractHonoAuthenticationService(org.eclipse.hono.service.auth.AbstractHonoAuthenticationService) Handler(io.vertx.core.Handler) Authorities(org.eclipse.hono.auth.Authorities) JsonArray(io.vertx.core.json.JsonArray) AuthoritiesImpl(org.eclipse.hono.auth.AuthoritiesImpl) ArrayList(java.util.ArrayList) JsonObject(io.vertx.core.json.JsonObject) Activity(org.eclipse.hono.auth.Activity)

Example 5 with Authorities

use of org.eclipse.hono.auth.Authorities in project hono by eclipse.

the class FileBasedAuthenticationService method verify.

private void verify(final String authenticationId, final JsonObject user, final String authorizationId, final Handler<AsyncResult<HonoUser>> authenticationResultHandler) {
    JsonObject effectiveUser = user;
    String effectiveAuthorizationId = authenticationId;
    if (authorizationId != null && !authorizationId.isEmpty() && isAuthorizedToImpersonate(user)) {
        JsonObject impersonatedUser = users.get(authorizationId);
        if (impersonatedUser != null) {
            effectiveUser = impersonatedUser;
            effectiveAuthorizationId = authorizationId;
            log.debug("granting authorization id specified by client");
        } else {
            log.debug("no user found for authorization id provided by client, granting authentication id instead");
        }
    }
    final Authorities grantedAuthorities = getAuthorities(effectiveUser);
    final String grantedAuthorizationId = effectiveAuthorizationId;
    final Instant tokenExpirationTime = Instant.now().plus(tokenFactory.getTokenLifetime());
    final String token = tokenFactory.createToken(grantedAuthorizationId, grantedAuthorities);
    HonoUser honoUser = new HonoUser() {

        @Override
        public String getName() {
            return grantedAuthorizationId;
        }

        @Override
        public String getToken() {
            return token;
        }

        @Override
        public Authorities getAuthorities() {
            return grantedAuthorities;
        }

        @Override
        public boolean isExpired() {
            return !Instant.now().isBefore(tokenExpirationTime);
        }

        @Override
        public Instant getExpirationTime() {
            return tokenExpirationTime;
        }
    };
    authenticationResultHandler.handle(Future.succeededFuture(honoUser));
}
Also used : HonoUser(org.eclipse.hono.auth.HonoUser) Instant(java.time.Instant) JsonObject(io.vertx.core.json.JsonObject) Authorities(org.eclipse.hono.auth.Authorities)

Aggregations

Authorities (org.eclipse.hono.auth.Authorities)9 AuthoritiesImpl (org.eclipse.hono.auth.AuthoritiesImpl)7 Instant (java.time.Instant)6 HonoUser (org.eclipse.hono.auth.HonoUser)6 JsonObject (io.vertx.core.json.JsonObject)5 HashMap (java.util.HashMap)4 Map (java.util.Map)4 Objects (java.util.Objects)4 AsyncResult (io.vertx.core.AsyncResult)3 Future (io.vertx.core.Future)3 Handler (io.vertx.core.Handler)3 JsonArray (io.vertx.core.json.JsonArray)3 FileNotFoundException (java.io.FileNotFoundException)3 List (java.util.List)3 Activity (org.eclipse.hono.auth.Activity)3 AbstractHonoAuthenticationService (org.eclipse.hono.service.auth.AbstractHonoAuthenticationService)3 AuthTokenHelper (org.eclipse.hono.service.auth.AuthTokenHelper)3 IOException (java.io.IOException)2 InputStreamReader (java.io.InputStreamReader)2 Reader (java.io.Reader)2