Search in sources :

Example 1 with User

use of org.eclipse.kapua.service.user.User in project kapua by eclipse.

the class KapuaAuthenticatingRealm method doGetAuthenticationInfo.

@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
    // 
    // Extract credentials
    UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
    String tokenUsername = token.getUsername();
    // char[] tokenPassword = token.getPassword();
    // 
    // Get Services
    KapuaLocator locator;
    UserService userService;
    AccountService accountService;
    CredentialService credentialService;
    try {
        locator = KapuaLocator.getInstance();
        userService = locator.getService(UserService.class);
        accountService = locator.getService(AccountService.class);
        credentialService = locator.getService(CredentialService.class);
    } catch (KapuaRuntimeException kre) {
        throw new ShiroException("Error while getting services!", kre);
    }
    // 
    // Get the associated user by name
    final User user;
    try {
        user = KapuaSecurityUtils.doPriviledge(new Callable<User>() {

            @Override
            public User call() throws Exception {
                return userService.findByName(tokenUsername);
            }
        });
    } catch (Exception e) {
        // to preserve the original exception message (if possible)
        if (e instanceof AuthenticationException) {
            throw (AuthenticationException) e;
        } else {
            throw new ShiroException("Error while find user!", e);
        }
    }
    // Check existence
    if (user == null) {
        throw new UnknownAccountException();
    }
    // Check disabled
    if (UserStatus.DISABLED.equals(user.getStatus())) {
        throw new DisabledAccountException();
    }
    // 
    // Find account
    final Account account;
    try {
        account = KapuaSecurityUtils.doPriviledge(new Callable<Account>() {

            @Override
            public Account call() throws Exception {
                return accountService.find(user.getScopeId());
            }
        });
    } catch (Exception e) {
        // to preserve the original exception message (if possible)
        if (e instanceof AuthenticationException) {
            throw (AuthenticationException) e;
        } else {
            throw new ShiroException("Error while find account!", e);
        }
    }
    // Check existence
    if (account == null) {
        throw new UnknownAccountException();
    }
    // 
    // Find credentials
    // FIXME: manage multiple credentials and multiple credentials type
    Credential credential = null;
    try {
        credential = KapuaSecurityUtils.doPriviledge(new Callable<Credential>() {

            @Override
            public Credential call() throws Exception {
                CredentialListResult credentialList = credentialService.findByUserId(user.getScopeId(), user.getId());
                // TODO may be better to filter by credential type?
                if (credentialList != null && !credentialList.isEmpty()) {
                    return credentialList.getItem(0);
                } else {
                    throw new UnknownAccountException();
                }
            }
        });
    } catch (Exception e) {
        if (e instanceof AuthenticationException) {
            throw (AuthenticationException) e;
        } else {
            throw new ShiroException("Error while find credentials!", e);
        }
    }
    // 
    // BuildAuthenticationInfo8
    KapuaSimpleAuthenticationInfo info = new KapuaSimpleAuthenticationInfo(user, credential, account, getName());
    return info;
}
Also used : DisabledAccountException(org.apache.shiro.authc.DisabledAccountException) KapuaLocator(org.eclipse.kapua.locator.KapuaLocator) Account(org.eclipse.kapua.service.account.Account) Credential(org.eclipse.kapua.service.authentication.credential.Credential) User(org.eclipse.kapua.service.user.User) UserService(org.eclipse.kapua.service.user.UserService) AuthenticationException(org.apache.shiro.authc.AuthenticationException) KapuaRuntimeException(org.eclipse.kapua.KapuaRuntimeException) UnknownAccountException(org.apache.shiro.authc.UnknownAccountException) Callable(java.util.concurrent.Callable) ShiroException(org.apache.shiro.ShiroException) DisabledAccountException(org.apache.shiro.authc.DisabledAccountException) KapuaRuntimeException(org.eclipse.kapua.KapuaRuntimeException) AuthenticationException(org.apache.shiro.authc.AuthenticationException) UnknownAccountException(org.apache.shiro.authc.UnknownAccountException) KapuaException(org.eclipse.kapua.KapuaException) UsernamePasswordToken(org.apache.shiro.authc.UsernamePasswordToken) ShiroException(org.apache.shiro.ShiroException) KapuaSimpleAuthenticationInfo(org.eclipse.kapua.service.authentication.shiro.credential.KapuaSimpleAuthenticationInfo) CredentialService(org.eclipse.kapua.service.authentication.credential.CredentialService) CredentialListResult(org.eclipse.kapua.service.authentication.credential.CredentialListResult) AccountService(org.eclipse.kapua.service.account.AccountService)

Example 2 with User

use of org.eclipse.kapua.service.user.User in project kapua by eclipse.

the class KapuaAuthorizingRealm method doGetAuthorizationInfo.

@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) throws AuthenticationException {
    // 
    // Extract principal
    String username = (String) principals.getPrimaryPrincipal();
    logger.debug("Getting authorization info for: {}", username);
    // 
    // Get Services
    KapuaLocator locator = KapuaLocator.getInstance();
    UserService userService = locator.getService(UserService.class);
    UserPermissionService userPermissionService = locator.getService(UserPermissionService.class);
    UserPermissionFactory userPermissionFactory = locator.getFactory(UserPermissionFactory.class);
    PermissionFactory permissionFactory = locator.getFactory(PermissionFactory.class);
    // 
    // Get the associated user by name
    final User user;
    try {
        user = KapuaSecurityUtils.doPriviledge(new Callable<User>() {

            @Override
            public User call() throws Exception {
                return userService.findByName(username);
            }
        });
    } catch (Exception e) {
        // to preserve the original exception message (if possible)
        if (e instanceof AuthenticationException) {
            throw (AuthenticationException) e;
        } else {
            throw new ShiroException("Error while find user!", e);
        }
    }
    // Check existence
    if (user == null) {
        throw new UnknownAccountException();
    }
    // 
    // Get user permissions set
    UserPermissionQuery query = userPermissionFactory.newQuery(user.getScopeId());
    KapuaPredicate predicate = new AttributePredicate<KapuaId>(UserPermissionPredicates.USER_ID, user.getId());
    query.setPredicate(predicate);
    final KapuaListResult<UserPermission> userPermissions;
    try {
        userPermissions = KapuaSecurityUtils.doPriviledge(new Callable<KapuaListResult<UserPermission>>() {

            @Override
            public KapuaListResult<UserPermission> call() throws Exception {
                return userPermissionService.query(query);
            }
        });
    } catch (Exception e) {
        // to preserve the original exception message (if possible)
        if (e instanceof AuthenticationException) {
            throw (AuthenticationException) e;
        } else {
            throw new ShiroException("Error while find permissions!", e);
        }
    }
    // 
    // Create SimpleAuthorizationInfo with principals permissions
    SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
    for (UserPermission userPermission : userPermissions.getItems()) {
        Permission p = permissionFactory.newPermission(userPermission.getPermission().getDomain(), userPermission.getPermission().getAction(), userPermission.getPermission().getTargetScopeId());
        logger.trace("Username: {} has permission: {}", username, p);
        info.addStringPermission(p.toString());
    }
    return info;
}
Also used : KapuaLocator(org.eclipse.kapua.locator.KapuaLocator) User(org.eclipse.kapua.service.user.User) SimpleAuthorizationInfo(org.apache.shiro.authz.SimpleAuthorizationInfo) UserService(org.eclipse.kapua.service.user.UserService) AuthenticationException(org.apache.shiro.authc.AuthenticationException) PermissionFactory(org.eclipse.kapua.service.authorization.permission.PermissionFactory) UserPermissionFactory(org.eclipse.kapua.service.authorization.user.permission.UserPermissionFactory) UnknownAccountException(org.apache.shiro.authc.UnknownAccountException) Callable(java.util.concurrent.Callable) ShiroException(org.apache.shiro.ShiroException) AuthenticationException(org.apache.shiro.authc.AuthenticationException) UnknownAccountException(org.apache.shiro.authc.UnknownAccountException) KapuaException(org.eclipse.kapua.KapuaException) AttributePredicate(org.eclipse.kapua.commons.model.query.predicate.AttributePredicate) ShiroException(org.apache.shiro.ShiroException) UserPermissionQuery(org.eclipse.kapua.service.authorization.user.permission.UserPermissionQuery) UserPermission(org.eclipse.kapua.service.authorization.user.permission.UserPermission) Permission(org.eclipse.kapua.service.authorization.permission.Permission) UserPermissionService(org.eclipse.kapua.service.authorization.user.permission.UserPermissionService) UserPermissionFactory(org.eclipse.kapua.service.authorization.user.permission.UserPermissionFactory) KapuaPredicate(org.eclipse.kapua.model.query.predicate.KapuaPredicate) UserPermission(org.eclipse.kapua.service.authorization.user.permission.UserPermission)

Example 3 with User

use of org.eclipse.kapua.service.user.User in project kapua by eclipse.

the class UserServiceTest method testCreate.

/**
 * We should ignore this test until we have build fixed.
 */
@Test
public void testCreate() throws Exception {
    // prepare the UserCreator
    long now = (new Date()).getTime();
    String username = MessageFormat.format("aaa_test_username_{0,number,#}", now);
    String userEmail = MessageFormat.format("testuser_{0,number,#}@organization.com", now);
    String displayName = MessageFormat.format("User Display Name {0}", now);
    // KapuaPeid accountPeid = KapuaEidGenerator.generate();//
    KapuaLocator locator = KapuaLocator.getInstance();
    IdGeneratorService idGeneratorService = locator.getService(IdGeneratorService.class);
    KapuaId scopeId = idGeneratorService.generate();
    KapuaLocator serviceLocator = KapuaLocator.getInstance();
    UserFactory kapuaEntityCreatorFactory = serviceLocator.getFactory(UserFactory.class);
    UserCreator userCreator = kapuaEntityCreatorFactory.newCreator(scopeId, username);
    userCreator.setDisplayName(displayName);
    userCreator.setEmail(userEmail);
    userCreator.setPhoneNumber("+1 555 123 4567");
    // create the User
    UserService userService = serviceLocator.getService(UserService.class);
    User user = userService.create(userCreator);
    user = userService.find(user.getScopeId(), user.getId());
    // 
    // User asserts
    assertNotNull(user.getId());
    assertNotNull(user.getId().getId());
    assertTrue(user.getOptlock() >= 0);
    assertEquals(scopeId, user.getScopeId());
    assertEquals(userCreator.getName(), user.getName());
    assertNotNull(user.getCreatedOn());
    assertNotNull(user.getCreatedBy());
    assertNotNull(user.getModifiedOn());
    assertNotNull(user.getModifiedBy());
    assertEquals(userCreator.getDisplayName(), user.getDisplayName());
    assertEquals(userCreator.getEmail(), user.getEmail());
    assertEquals(userCreator.getPhoneNumber(), user.getPhoneNumber());
    assertEquals(UserStatus.ENABLED, user.getStatus());
}
Also used : KapuaLocator(org.eclipse.kapua.locator.KapuaLocator) User(org.eclipse.kapua.service.user.User) UserService(org.eclipse.kapua.service.user.UserService) UserFactory(org.eclipse.kapua.service.user.UserFactory) KapuaId(org.eclipse.kapua.model.id.KapuaId) UserCreator(org.eclipse.kapua.service.user.UserCreator) IdGeneratorService(org.eclipse.kapua.service.generator.id.IdGeneratorService) Date(java.util.Date) Test(org.junit.Test)

Example 4 with User

use of org.eclipse.kapua.service.user.User in project kapua by eclipse.

the class AuthenticationServiceMock method login.

@Override
public AccessToken login(AuthenticationCredentials authenticationToken) throws KapuaException {
    if (!(authenticationToken instanceof UsernamePasswordTokenMock))
        throw KapuaException.internalError("Unmanaged credentials type");
    UsernamePasswordTokenMock usrPwdTokenMock = (UsernamePasswordTokenMock) authenticationToken;
    KapuaLocator serviceLocator = KapuaLocator.getInstance();
    UserService userService = serviceLocator.getService(UserService.class);
    User user = userService.findByName(usrPwdTokenMock.getUsername());
    KapuaSession kapuaSession = new KapuaSession(null, null, user.getScopeId(), user.getId(), user.getName());
    KapuaSecurityUtils.setSession(kapuaSession);
    // TODO Auto-generated method stub
    return null;
}
Also used : KapuaLocator(org.eclipse.kapua.locator.KapuaLocator) User(org.eclipse.kapua.service.user.User) UserService(org.eclipse.kapua.service.user.UserService) KapuaSession(org.eclipse.kapua.commons.security.KapuaSession)

Example 5 with User

use of org.eclipse.kapua.service.user.User in project kapua by eclipse.

the class UserServiceImpl method find.

@Override
public User find(KapuaId accountId, KapuaId userId) throws KapuaException {
    // Validation of the fields
    ArgumentValidator.notNull(accountId.getId(), "accountId");
    ArgumentValidator.notNull(userId.getId(), "id");
    // 
    // Check Access
    AuthorizationService authorizationService = locator.getService(AuthorizationService.class);
    PermissionFactory permissionFactory = locator.getFactory(PermissionFactory.class);
    authorizationService.checkPermission(permissionFactory.newPermission(UserDomain.USER, Actions.read, accountId));
    // Do the find
    User user = null;
    EntityManager em = UserEntityManagerFactory.getInstance().createEntityManager();
    ;
    try {
        user = UserDAO.find(em, userId);
    } catch (Exception pe) {
        throw KapuaExceptionUtils.convertPersistenceException(pe);
    } finally {
        em.close();
    }
    return user;
}
Also used : EntityManager(org.eclipse.kapua.commons.jpa.EntityManager) User(org.eclipse.kapua.service.user.User) AuthorizationService(org.eclipse.kapua.service.authorization.AuthorizationService) PermissionFactory(org.eclipse.kapua.service.authorization.permission.PermissionFactory) KapuaEntityNotFoundException(org.eclipse.kapua.KapuaEntityNotFoundException) KapuaIllegalArgumentException(org.eclipse.kapua.KapuaIllegalArgumentException) KapuaException(org.eclipse.kapua.KapuaException)

Aggregations

User (org.eclipse.kapua.service.user.User)19 KapuaLocator (org.eclipse.kapua.locator.KapuaLocator)11 UserService (org.eclipse.kapua.service.user.UserService)11 PermissionFactory (org.eclipse.kapua.service.authorization.permission.PermissionFactory)9 KapuaException (org.eclipse.kapua.KapuaException)7 GwtUser (org.eclipse.kapua.app.console.shared.model.GwtUser)7 KapuaId (org.eclipse.kapua.model.id.KapuaId)7 AuthorizationService (org.eclipse.kapua.service.authorization.AuthorizationService)6 KapuaEntityNotFoundException (org.eclipse.kapua.KapuaEntityNotFoundException)5 KapuaIllegalArgumentException (org.eclipse.kapua.KapuaIllegalArgumentException)5 GwtUserService (org.eclipse.kapua.app.console.shared.service.GwtUserService)5 EntityManager (org.eclipse.kapua.commons.jpa.EntityManager)5 Produces (javax.ws.rs.Produces)3 KapuaSession (org.eclipse.kapua.commons.security.KapuaSession)3 CredentialService (org.eclipse.kapua.service.authentication.credential.CredentialService)3 Permission (org.eclipse.kapua.service.authorization.permission.Permission)3 UserPermissionFactory (org.eclipse.kapua.service.authorization.user.permission.UserPermissionFactory)3 UserPermissionService (org.eclipse.kapua.service.authorization.user.permission.UserPermissionService)3 UserFactory (org.eclipse.kapua.service.user.UserFactory)3 HashSet (java.util.HashSet)2