Examples with TokenHash org.jbei.ice.lib.account.TokenHash used on opensource projects

Example 1 with TokenHash

use of org.jbei.ice.lib.account.TokenHash in project ice by JBEI.

the class EntryController method getRequestedEntry.

public PartData getRequestedEntry(String remoteUserId, String token, String entryId, long folderId, RegistryPartner requestingPartner) {
    Entry entry = getEntry(entryId);
    if (entry == null)
        return null;
    // see folderContents.getRemoteSharedContents
    // folder that the entry is contained in
    Folder folder = DAOFactory.getFolderDAO().get(folderId);
    if (folder == null) {
        // must be a public entry (todo : move to separate method
        if (!permissionsController.isPubliclyVisible(entry))
            throw new PermissionException("Not a public entry");
        return retrieveEntryDetails(null, entry);
    }
    RemotePartner remotePartner = DAOFactory.getRemotePartnerDAO().getByUrl(requestingPartner.getUrl());
    // check that the remote user has the right token
    RemoteShareModel shareModel = DAOFactory.getRemoteShareModelDAO().get(remoteUserId, remotePartner, folder);
    if (shareModel == null) {
        Logger.error("Could not retrieve share model");
        return null;
    }
    // validate access token
    TokenHash tokenHash = new TokenHash();
    String secret = tokenHash.encrypt(folderId + remotePartner.getUrl() + remoteUserId, token);
    if (!secret.equals(shareModel.getSecret())) {
        throw new PermissionException("Secret does not match");
    }
    // check that entry id is contained in folder
    return retrieveEntryDetails(null, entry);
}

Example 2 with TokenHash

use of org.jbei.ice.lib.account.TokenHash in project ice by JBEI.

the class FolderContents method remotelyAddEntrySelection.

// adds a specified entry to a folder. The entry was transferred earlier so already exists
public boolean remotelyAddEntrySelection(String remoteUserId, long folderId, String remoteUserToken, EntrySelection selection, RegistryPartner requestingPartner) {
    // folder that the entry is contained in
    Folder folder = folderDAO.get(folderId);
    if (folder == null)
        return false;
    RemotePartner remotePartner = DAOFactory.getRemotePartnerDAO().getByUrl(requestingPartner.getUrl());
    // check that the remote user has the right token
    RemoteShareModel shareModel = DAOFactory.getRemoteShareModelDAO().get(remoteUserId, remotePartner, folder);
    if (shareModel == null) {
        Logger.error("Could not retrieve share model");
        return false;
    }
    // folder must match
    Permission permission = shareModel.getPermission();
    if (permission.getFolder().getId() != folderId || !permission.isCanWrite()) {
        throw new PermissionException("permission could not be verified");
    }
    // validate access token
    TokenHash tokenHash = new TokenHash();
    String secret = tokenHash.encrypt(remotePartner.getUrl() + remoteUserId, remoteUserToken);
    if (!secret.equals(shareModel.getSecret())) {
        throw new PermissionException("Secret does not match");
    }
    List<Long> entries = selection.getEntries();
    DAOFactory.getEntryDAO().setEntryVisibility(entries, Visibility.OK);
    // good to go?
    FolderDetails details = addEntriesToTransferredFolder(entries, folder);
    return details != null;
}

Example 3 with TokenHash

use of org.jbei.ice.lib.account.TokenHash in project ice by JBEI.

the class FolderContents method getRemotelySharedContents.

// remote request for shared contents
public FolderDetails getRemotelySharedContents(String remoteUserId, String token, RegistryPartner partner, long folderId, PageParameters pageParameters) {
    RemotePartner remotePartner = DAOFactory.getRemotePartnerDAO().getByUrl(partner.getUrl());
    if (remotePartner == null) {
        Logger.error("Cannot retrieve remote partner " + partner.getUrl());
        return null;
    }
    Folder folder = folderDAO.get(folderId);
    if (folder == null) {
        Logger.error("Cannot retrieve folder with id " + folderId);
        return null;
    }
    RemoteShareModelDAO shareModelDAO = DAOFactory.getRemoteShareModelDAO();
    RemoteShareModel shareModel = shareModelDAO.get(remoteUserId, remotePartner, folder);
    if (shareModel == null) {
        Logger.error("Could not retrieve share model");
        return null;
    }
    //verify access
    TokenHash tokenHash = new TokenHash();
    String secret = tokenHash.encrypt(folderId + remotePartner.getUrl() + remoteUserId, token);
    if (!secret.equals(shareModel.getSecret())) {
        Logger.error("Authorization failed for remote folder retrieve");
        return null;
    }
    boolean canEdit = shareModel.getPermission().isCanWrite();
    // todo : move everything above to folder permissions and folder authorization
    FolderDetails details = folder.toDataTransferObject();
    details.setCanEdit(canEdit);
    long folderSize = folderDAO.getFolderSize(folderId, pageParameters.getFilter(), true);
    details.setCount(folderSize);
    // retrieve folder contents
    List<Entry> results = folderDAO.retrieveFolderContents(folderId, pageParameters, true);
    for (Entry entry : results) {
        PartData info = ModelToInfoFactory.createTableViewData(null, entry, false);
        info.setCanEdit(canEdit);
        details.getEntries().add(info);
    }
    return details;
}

Example 4 with TokenHash

use of org.jbei.ice.lib.account.TokenHash in project ice by JBEI.

the class TokenVerificationTest method testVerifyPartnerToken.

@Test
public void testVerifyPartnerToken() throws Exception {
    RemotePartner remotePartner = new RemotePartner();
    remotePartner.setName("jbei-test");
    remotePartner.setUrl("test.jbei.org");
    remotePartner.setPartnerStatus(RemotePartnerStatus.APPROVED);
    TokenHash tokenHash = new TokenHash();
    remotePartner.setSalt(tokenHash.generateSalt());
    String token = tokenHash.generateRandomToken();
    String hash = tokenHash.encrypt(token + remotePartner.getUrl(), remotePartner.getSalt());
    remotePartner.setAuthenticationToken(hash);
    remotePartner.setApiKey("foo");
    remotePartner.setAdded(new Date());
    Assert.assertNotNull(DAOFactory.getRemotePartnerDAO().create(remotePartner));
    Assert.assertNotNull(verification.verifyPartnerToken(remotePartner.getUrl(), token));
}

Example 5 with TokenHash

use of org.jbei.ice.lib.account.TokenHash in project ice by JBEI.

the class SequenceController method getRequestedSequence.

// responds to remote requested entry sequence
public FeaturedDNASequence getRequestedSequence(RegistryPartner requestingPartner, String remoteUserId, String token, String entryId, long folderId) {
    Entry entry = getEntry(entryId);
    if (entry == null)
        return null;
    // see folderContents.getRemoteSharedContents
    // folder that the entry is contained in
    Folder folder = DAOFactory.getFolderDAO().get(folderId);
    RemotePartner remotePartner = DAOFactory.getRemotePartnerDAO().getByUrl(requestingPartner.getUrl());
    // check that the remote user has the right token
    RemoteShareModel shareModel = DAOFactory.getRemoteShareModelDAO().get(remoteUserId, remotePartner, folder);
    if (shareModel == null) {
        Logger.error("Could not retrieve share model");
        return null;
    }
    // folder must match
    Permission permission = shareModel.getPermission();
    if (permission.getFolder().getId() != folderId) {
        String msg = "Shared folder does not match folder being requested";
        Logger.error(msg);
        throw new PermissionException(msg);
    }
    // validate access token
    TokenHash tokenHash = new TokenHash();
    String secret = tokenHash.encrypt(folderId + remotePartner.getUrl() + remoteUserId, token);
    if (!secret.equals(shareModel.getSecret())) {
        throw new PermissionException("Secret does not match");
    }
    // check that entry id is contained in folder
    return getFeaturedSequence(entry, permission.isCanWrite());
}