Example 1 with CredentialListResult
use of org.eclipse.kapua.service.authentication.credential.CredentialListResult in project kapua by eclipse.
the class KapuaAuthenticatingRealm method doGetAuthenticationInfo.
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
//
// Extract credentials
UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
String tokenUsername = token.getUsername();
// char[] tokenPassword = token.getPassword();
//
// Get Services
KapuaLocator locator;
UserService userService;
AccountService accountService;
CredentialService credentialService;
try {
locator = KapuaLocator.getInstance();
userService = locator.getService(UserService.class);
accountService = locator.getService(AccountService.class);
credentialService = locator.getService(CredentialService.class);
} catch (KapuaRuntimeException kre) {
throw new ShiroException("Error while getting services!", kre);
}
//
// Get the associated user by name
final User user;
try {
user = KapuaSecurityUtils.doPriviledge(new Callable<User>() {
@Override
public User call() throws Exception {
return userService.findByName(tokenUsername);
}
});
} catch (Exception e) {
// to preserve the original exception message (if possible)
if (e instanceof AuthenticationException) {
throw (AuthenticationException) e;
} else {
throw new ShiroException("Error while find user!", e);
}
}
// Check existence
if (user == null) {
throw new UnknownAccountException();
}
// Check disabled
if (UserStatus.DISABLED.equals(user.getStatus())) {
throw new DisabledAccountException();
}
//
// Find account
final Account account;
try {
account = KapuaSecurityUtils.doPriviledge(new Callable<Account>() {
@Override
public Account call() throws Exception {
return accountService.find(user.getScopeId());
}
});
} catch (Exception e) {
// to preserve the original exception message (if possible)
if (e instanceof AuthenticationException) {
throw (AuthenticationException) e;
} else {
throw new ShiroException("Error while find account!", e);
}
}
// Check existence
if (account == null) {
throw new UnknownAccountException();
}
//
// Find credentials
// FIXME: manage multiple credentials and multiple credentials type
Credential credential = null;
try {
credential = KapuaSecurityUtils.doPriviledge(new Callable<Credential>() {
@Override
public Credential call() throws Exception {
CredentialListResult credentialList = credentialService.findByUserId(user.getScopeId(), user.getId());
// TODO may be better to filter by credential type?
if (credentialList != null && !credentialList.isEmpty()) {
return credentialList.getItem(0);
} else {
throw new UnknownAccountException();
}
}
});
} catch (Exception e) {
if (e instanceof AuthenticationException) {
throw (AuthenticationException) e;
} else {
throw new ShiroException("Error while find credentials!", e);
}
}
//
// BuildAuthenticationInfo8
KapuaSimpleAuthenticationInfo info = new KapuaSimpleAuthenticationInfo(user, credential, account, getName());
return info;
}
Also used :
DisabledAccountException(org.apache.shiro.authc.DisabledAccountException)
KapuaLocator(org.eclipse.kapua.locator.KapuaLocator)
Account(org.eclipse.kapua.service.account.Account)
Credential(org.eclipse.kapua.service.authentication.credential.Credential)
User(org.eclipse.kapua.service.user.User)
UserService(org.eclipse.kapua.service.user.UserService)
AuthenticationException(org.apache.shiro.authc.AuthenticationException)
KapuaRuntimeException(org.eclipse.kapua.KapuaRuntimeException)
UnknownAccountException(org.apache.shiro.authc.UnknownAccountException)
Callable(java.util.concurrent.Callable)
ShiroException(org.apache.shiro.ShiroException)
DisabledAccountException(org.apache.shiro.authc.DisabledAccountException)
KapuaRuntimeException(org.eclipse.kapua.KapuaRuntimeException)
AuthenticationException(org.apache.shiro.authc.AuthenticationException)
UnknownAccountException(org.apache.shiro.authc.UnknownAccountException)
KapuaException(org.eclipse.kapua.KapuaException)
UsernamePasswordToken(org.apache.shiro.authc.UsernamePasswordToken)
ShiroException(org.apache.shiro.ShiroException)
KapuaSimpleAuthenticationInfo(org.eclipse.kapua.service.authentication.shiro.credential.KapuaSimpleAuthenticationInfo)
CredentialService(org.eclipse.kapua.service.authentication.credential.CredentialService)
CredentialListResult(org.eclipse.kapua.service.authentication.credential.CredentialListResult)
AccountService(org.eclipse.kapua.service.account.AccountService)
Example 2 with CredentialListResult
use of org.eclipse.kapua.service.authentication.credential.CredentialListResult in project kapua by eclipse.
the class CredentialServiceImpl method query.
@Override
public CredentialListResult query(KapuaQuery<Credential> query) throws KapuaException {
//
// Argument Validation
ArgumentValidator.notNull(query, "query");
ArgumentValidator.notNull(query.getScopeId(), "query.scopeId");
//
// Check Access
KapuaLocator locator = KapuaLocator.getInstance();
AuthorizationService authorizationService = locator.getService(AuthorizationService.class);
PermissionFactory permissionFactory = locator.getFactory(PermissionFactory.class);
authorizationService.checkPermission(permissionFactory.newPermission(CredentialDomain.CREDENTIAL, Actions.read, query.getScopeId()));
//
// Do count
CredentialListResult result = null;
EntityManager em = AuthenticationEntityManagerFactory.getEntityManager();
try {
result = CredentialDAO.query(em, query);
} catch (Exception e) {
throw KapuaExceptionUtils.convertPersistenceException(e);
} finally {
em.close();
}
return result;
}
Also used :
KapuaLocator(org.eclipse.kapua.locator.KapuaLocator)
EntityManager(org.eclipse.kapua.commons.jpa.EntityManager)
AuthorizationService(org.eclipse.kapua.service.authorization.AuthorizationService)
PermissionFactory(org.eclipse.kapua.service.authorization.permission.PermissionFactory)
CredentialListResult(org.eclipse.kapua.service.authentication.credential.CredentialListResult)
KapuaEntityNotFoundException(org.eclipse.kapua.KapuaEntityNotFoundException)
KapuaException(org.eclipse.kapua.KapuaException)
Example 3 with CredentialListResult
use of org.eclipse.kapua.service.authentication.credential.CredentialListResult in project kapua by eclipse.
the class GwtUserServiceImpl method update.
public GwtUser update(GwtXSRFToken xsrfToken, GwtUser gwtUser) throws GwtKapuaException {
checkXSRFToken(xsrfToken);
GwtUser gwtUserUpdated = null;
try {
KapuaLocator locator = KapuaLocator.getInstance();
UserService userService = locator.getService(UserService.class);
KapuaId scopeId = KapuaEid.parseShortId(gwtUser.getScopeId());
KapuaId userId = KapuaEid.parseShortId(gwtUser.getId());
User user = userService.find(scopeId, userId);
if (user != null) {
//
// Update user
user.setName(gwtUser.getUnescapedUsername());
user.setDisplayName(gwtUser.getUnescapedDisplayName());
user.setEmail(gwtUser.getUnescapedEmail());
user.setPhoneNumber(gwtUser.getUnescapedPhoneNumber());
// status
user.setStatus(UserStatus.valueOf(gwtUser.getStatus()));
//
// Update permissions
Set<String> newPermissions = new HashSet<String>();
if (gwtUser.getPermissions() != null) {
// build the set of permissions
newPermissions.addAll(Arrays.asList(gwtUser.getPermissions().split(",")));
}
UserPermissionService userPermissionService = locator.getService(UserPermissionService.class);
UserPermissionFactory userPermissionFactory = locator.getFactory(UserPermissionFactory.class);
PermissionFactory permissionFactory = locator.getFactory(PermissionFactory.class);
Set<UserPermissionCreator> newUserPermissions = new HashSet<UserPermissionCreator>();
for (String p : newPermissions) {
UserPermissionCreator userPermissionCreator = userPermissionFactory.newCreator(user.getScopeId());
userPermissionCreator.setUserId(scopeId);
String[] tokens = p.split(":");
String domain = null;
Actions action = null;
KapuaId targetScopeId = null;
if (tokens.length > 0) {
domain = tokens[0];
}
if (tokens.length > 1) {
action = Actions.valueOf(tokens[1]);
}
if (tokens.length > 2) {
targetScopeId = KapuaEid.parseShortId(tokens[2]);
}
Permission permission = permissionFactory.newPermission(domain, action, targetScopeId);
userPermissionCreator.setPermission(permission);
userPermissionService.create(userPermissionCreator);
}
userPermissionService.merge(newUserPermissions);
// Update credentials
if (gwtUser.getPassword() != null) {
CredentialService credentialService = locator.getService(CredentialService.class);
CredentialFactory credentialFactory = locator.getFactory(CredentialFactory.class);
CredentialListResult credentials = credentialService.findByUserId(scopeId, userId);
if (!credentials.isEmpty()) {
//
// Delete old PASSWORD credential
Credential oldCredential = null;
for (Credential c : credentials.getItems()) {
if (CredentialType.PASSWORD.equals(c.getCredentialType())) {
oldCredential = c;
break;
}
}
credentialService.delete(oldCredential.getScopeId(), oldCredential.getId());
//
// Create new PASSWORD credential
CredentialCreator credentialCreator = credentialFactory.newCreator(scopeId, user.getId(), CredentialType.PASSWORD, gwtUser.getPassword());
credentialService.create(credentialCreator);
}
}
// optlock
user.setOptlock(gwtUser.getOptlock());
// update the user
userService.update(user);
//
// convert to GwtAccount and return
// reload the user as we want to load all its permissions
gwtUserUpdated = KapuaGwtConverter.convert(userService.find(user.getScopeId(), user.getId()));
}
} catch (Throwable t) {
KapuaExceptionHandler.handle(t);
}
return gwtUserUpdated;
}
Also used :
KapuaLocator(org.eclipse.kapua.locator.KapuaLocator)
Credential(org.eclipse.kapua.service.authentication.credential.Credential)
GwtUser(org.eclipse.kapua.app.console.shared.model.GwtUser)
User(org.eclipse.kapua.service.user.User)
GwtUserService(org.eclipse.kapua.app.console.shared.service.GwtUserService)
UserService(org.eclipse.kapua.service.user.UserService)
Actions(org.eclipse.kapua.service.authorization.permission.Actions)
PermissionFactory(org.eclipse.kapua.service.authorization.permission.PermissionFactory)
UserPermissionFactory(org.eclipse.kapua.service.authorization.user.permission.UserPermissionFactory)
CredentialFactory(org.eclipse.kapua.service.authentication.credential.CredentialFactory)
CredentialCreator(org.eclipse.kapua.service.authentication.credential.CredentialCreator)
CredentialService(org.eclipse.kapua.service.authentication.credential.CredentialService)
Permission(org.eclipse.kapua.service.authorization.permission.Permission)
GwtUser(org.eclipse.kapua.app.console.shared.model.GwtUser)
UserPermissionService(org.eclipse.kapua.service.authorization.user.permission.UserPermissionService)
UserPermissionFactory(org.eclipse.kapua.service.authorization.user.permission.UserPermissionFactory)
CredentialListResult(org.eclipse.kapua.service.authentication.credential.CredentialListResult)
KapuaId(org.eclipse.kapua.model.id.KapuaId)
HashSet(java.util.HashSet)
UserPermissionCreator(org.eclipse.kapua.service.authorization.user.permission.UserPermissionCreator)
Aggregations
KapuaLocator (org.eclipse.kapua.locator.KapuaLocator)3
CredentialListResult (org.eclipse.kapua.service.authentication.credential.CredentialListResult)3
KapuaException (org.eclipse.kapua.KapuaException)2
Credential (org.eclipse.kapua.service.authentication.credential.Credential)2
CredentialService (org.eclipse.kapua.service.authentication.credential.CredentialService)2
PermissionFactory (org.eclipse.kapua.service.authorization.permission.PermissionFactory)2
User (org.eclipse.kapua.service.user.User)2
UserService (org.eclipse.kapua.service.user.UserService)2
HashSet (java.util.HashSet)1
Callable (java.util.concurrent.Callable)1
ShiroException (org.apache.shiro.ShiroException)1
AuthenticationException (org.apache.shiro.authc.AuthenticationException)1
DisabledAccountException (org.apache.shiro.authc.DisabledAccountException)1
UnknownAccountException (org.apache.shiro.authc.UnknownAccountException)1
UsernamePasswordToken (org.apache.shiro.authc.UsernamePasswordToken)1
KapuaEntityNotFoundException (org.eclipse.kapua.KapuaEntityNotFoundException)1
KapuaRuntimeException (org.eclipse.kapua.KapuaRuntimeException)1
GwtUser (org.eclipse.kapua.app.console.shared.model.GwtUser)1
GwtUserService (org.eclipse.kapua.app.console.shared.service.GwtUserService)1
EntityManager (org.eclipse.kapua.commons.jpa.EntityManager)1
