use of org.eclipse.kapua.service.authentication.credential.CredentialListResult in project kapua by eclipse.
the class KapuaAuthenticatingRealm method doGetAuthenticationInfo.
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
//
// Extract credentials
UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
String tokenUsername = token.getUsername();
// char[] tokenPassword = token.getPassword();
//
// Get Services
KapuaLocator locator;
UserService userService;
AccountService accountService;
CredentialService credentialService;
try {
locator = KapuaLocator.getInstance();
userService = locator.getService(UserService.class);
accountService = locator.getService(AccountService.class);
credentialService = locator.getService(CredentialService.class);
} catch (KapuaRuntimeException kre) {
throw new ShiroException("Error while getting services!", kre);
}
//
// Get the associated user by name
final User user;
try {
user = KapuaSecurityUtils.doPriviledge(new Callable<User>() {
@Override
public User call() throws Exception {
return userService.findByName(tokenUsername);
}
});
} catch (Exception e) {
// to preserve the original exception message (if possible)
if (e instanceof AuthenticationException) {
throw (AuthenticationException) e;
} else {
throw new ShiroException("Error while find user!", e);
}
}
// Check existence
if (user == null) {
throw new UnknownAccountException();
}
// Check disabled
if (UserStatus.DISABLED.equals(user.getStatus())) {
throw new DisabledAccountException();
}
//
// Find account
final Account account;
try {
account = KapuaSecurityUtils.doPriviledge(new Callable<Account>() {
@Override
public Account call() throws Exception {
return accountService.find(user.getScopeId());
}
});
} catch (Exception e) {
// to preserve the original exception message (if possible)
if (e instanceof AuthenticationException) {
throw (AuthenticationException) e;
} else {
throw new ShiroException("Error while find account!", e);
}
}
// Check existence
if (account == null) {
throw new UnknownAccountException();
}
//
// Find credentials
// FIXME: manage multiple credentials and multiple credentials type
Credential credential = null;
try {
credential = KapuaSecurityUtils.doPriviledge(new Callable<Credential>() {
@Override
public Credential call() throws Exception {
CredentialListResult credentialList = credentialService.findByUserId(user.getScopeId(), user.getId());
// TODO may be better to filter by credential type?
if (credentialList != null && !credentialList.isEmpty()) {
return credentialList.getItem(0);
} else {
throw new UnknownAccountException();
}
}
});
} catch (Exception e) {
if (e instanceof AuthenticationException) {
throw (AuthenticationException) e;
} else {
throw new ShiroException("Error while find credentials!", e);
}
}
//
// BuildAuthenticationInfo8
KapuaSimpleAuthenticationInfo info = new KapuaSimpleAuthenticationInfo(user, credential, account, getName());
return info;
}
use of org.eclipse.kapua.service.authentication.credential.CredentialListResult in project kapua by eclipse.
the class CredentialServiceImpl method query.
@Override
public CredentialListResult query(KapuaQuery<Credential> query) throws KapuaException {
//
// Argument Validation
ArgumentValidator.notNull(query, "query");
ArgumentValidator.notNull(query.getScopeId(), "query.scopeId");
//
// Check Access
KapuaLocator locator = KapuaLocator.getInstance();
AuthorizationService authorizationService = locator.getService(AuthorizationService.class);
PermissionFactory permissionFactory = locator.getFactory(PermissionFactory.class);
authorizationService.checkPermission(permissionFactory.newPermission(CredentialDomain.CREDENTIAL, Actions.read, query.getScopeId()));
//
// Do count
CredentialListResult result = null;
EntityManager em = AuthenticationEntityManagerFactory.getEntityManager();
try {
result = CredentialDAO.query(em, query);
} catch (Exception e) {
throw KapuaExceptionUtils.convertPersistenceException(e);
} finally {
em.close();
}
return result;
}
use of org.eclipse.kapua.service.authentication.credential.CredentialListResult in project kapua by eclipse.
the class GwtUserServiceImpl method update.
public GwtUser update(GwtXSRFToken xsrfToken, GwtUser gwtUser) throws GwtKapuaException {
checkXSRFToken(xsrfToken);
GwtUser gwtUserUpdated = null;
try {
KapuaLocator locator = KapuaLocator.getInstance();
UserService userService = locator.getService(UserService.class);
KapuaId scopeId = KapuaEid.parseShortId(gwtUser.getScopeId());
KapuaId userId = KapuaEid.parseShortId(gwtUser.getId());
User user = userService.find(scopeId, userId);
if (user != null) {
//
// Update user
user.setName(gwtUser.getUnescapedUsername());
user.setDisplayName(gwtUser.getUnescapedDisplayName());
user.setEmail(gwtUser.getUnescapedEmail());
user.setPhoneNumber(gwtUser.getUnescapedPhoneNumber());
// status
user.setStatus(UserStatus.valueOf(gwtUser.getStatus()));
//
// Update permissions
Set<String> newPermissions = new HashSet<String>();
if (gwtUser.getPermissions() != null) {
// build the set of permissions
newPermissions.addAll(Arrays.asList(gwtUser.getPermissions().split(",")));
}
UserPermissionService userPermissionService = locator.getService(UserPermissionService.class);
UserPermissionFactory userPermissionFactory = locator.getFactory(UserPermissionFactory.class);
PermissionFactory permissionFactory = locator.getFactory(PermissionFactory.class);
Set<UserPermissionCreator> newUserPermissions = new HashSet<UserPermissionCreator>();
for (String p : newPermissions) {
UserPermissionCreator userPermissionCreator = userPermissionFactory.newCreator(user.getScopeId());
userPermissionCreator.setUserId(scopeId);
String[] tokens = p.split(":");
String domain = null;
Actions action = null;
KapuaId targetScopeId = null;
if (tokens.length > 0) {
domain = tokens[0];
}
if (tokens.length > 1) {
action = Actions.valueOf(tokens[1]);
}
if (tokens.length > 2) {
targetScopeId = KapuaEid.parseShortId(tokens[2]);
}
Permission permission = permissionFactory.newPermission(domain, action, targetScopeId);
userPermissionCreator.setPermission(permission);
userPermissionService.create(userPermissionCreator);
}
userPermissionService.merge(newUserPermissions);
// Update credentials
if (gwtUser.getPassword() != null) {
CredentialService credentialService = locator.getService(CredentialService.class);
CredentialFactory credentialFactory = locator.getFactory(CredentialFactory.class);
CredentialListResult credentials = credentialService.findByUserId(scopeId, userId);
if (!credentials.isEmpty()) {
//
// Delete old PASSWORD credential
Credential oldCredential = null;
for (Credential c : credentials.getItems()) {
if (CredentialType.PASSWORD.equals(c.getCredentialType())) {
oldCredential = c;
break;
}
}
credentialService.delete(oldCredential.getScopeId(), oldCredential.getId());
//
// Create new PASSWORD credential
CredentialCreator credentialCreator = credentialFactory.newCreator(scopeId, user.getId(), CredentialType.PASSWORD, gwtUser.getPassword());
credentialService.create(credentialCreator);
}
}
// optlock
user.setOptlock(gwtUser.getOptlock());
// update the user
userService.update(user);
//
// convert to GwtAccount and return
// reload the user as we want to load all its permissions
gwtUserUpdated = KapuaGwtConverter.convert(userService.find(user.getScopeId(), user.getId()));
}
} catch (Throwable t) {
KapuaExceptionHandler.handle(t);
}
return gwtUserUpdated;
}
Aggregations