Example 1 with AccessKey
use of org.jbei.ice.lib.dto.access.AccessKey in project ice by JBEI.
the class UserApiKeys method getKeys.
/**
* Retrieves either list of available keys for current user or all keys.
* If requesting all keys then user must be an administrator
*
* @param limit maximum number of keys to retrieve
* @param offset paging parameter start
* @param sortField field to sort on
* @param asc whether the retrieve order is in ascending order
* @param getAvailable whether to retrieve all available keys or restrict by current user
* @return wrapper around list of retrieved keys including number available
* @throws PermissionException if <code>getAvailable</code> is true but user making the request does not have
* administrative privileges
*/
public Results<AccessKey> getKeys(int limit, int offset, String sortField, boolean asc, boolean getAvailable) {
Results<AccessKey> accessKeyResults = new Results<>();
List<ApiKey> results;
AccountController accountController = new AccountController();
boolean isAdmin = accountController.isAdministrator(this.userId);
if (getAvailable) {
if (!isAdmin)
throw new PermissionException("Cannot retrieve all api keys without admin privileges");
results = apiKeyDAO.getAllApiKeys(sortField, limit, offset, asc);
} else {
results = apiKeyDAO.getApiKeysForUser(userId, sortField, limit, offset, asc);
}
for (ApiKey key : results) {
AccessKey accessKey = key.toDataTransferObject();
Account account = accountController.getByEmail(key.getOwnerEmail());
accessKey.setAccount(account.toDataTransferObject());
accessKeyResults.getData().add(accessKey);
}
// get count
String user = getAvailable ? null : this.userId;
long count = apiKeyDAO.getApiKeysCount(user);
accessKeyResults.setResultCount(count);
return accessKeyResults;
}
Also used :
PermissionException(org.jbei.ice.lib.access.PermissionException)
Account(org.jbei.ice.storage.model.Account)
ApiKey(org.jbei.ice.storage.model.ApiKey)
Results(org.jbei.ice.lib.dto.common.Results)
AccessKey(org.jbei.ice.lib.dto.access.AccessKey)
Example 2 with AccessKey
use of org.jbei.ice.lib.dto.access.AccessKey in project ice by JBEI.
the class ApiKey method toDataTransferObject.
@Override
public AccessKey toDataTransferObject() {
AccessKey accessKey = new AccessKey();
accessKey.setId(this.id);
accessKey.setSecret(this.secret);
accessKey.setClientId(this.clientId);
accessKey.setCreationTime(this.creationTime.getTime());
AccountTransfer accountTransfer = new AccountTransfer();
accountTransfer.setEmail(this.ownerEmail);
accessKey.setAccount(accountTransfer);
return accessKey;
}
Also used :
AccessKey(org.jbei.ice.lib.dto.access.AccessKey)
AccountTransfer(org.jbei.ice.lib.account.AccountTransfer)
Example 3 with AccessKey
use of org.jbei.ice.lib.dto.access.AccessKey in project ice by JBEI.
the class UserApiKeysTest method testRequestKey.
@Test
public void testRequestKey() throws Exception {
Account account = AccountCreator.createTestAccount("UserApiKeysTest.testRequestKey", false);
UserApiKeys apiKeys = new UserApiKeys(account.getEmail());
AccessKey accessKey = apiKeys.requestKey("app.test");
Assert.assertNotNull(accessKey);
Assert.assertNotNull(accessKey.getToken());
AccessKey accessKey2 = apiKeys.requestKey("app.test2");
Assert.assertNotNull(accessKey2);
Assert.assertNotNull(accessKey2.getToken());
Assert.assertNotEquals(accessKey.getToken(), accessKey2.getToken());
}Example 4 with AccessKey
use of org.jbei.ice.lib.dto.access.AccessKey in project ice by JBEI.
the class UserApiKeysTest method testDeleteKey.
@Test
public void testDeleteKey() throws Exception {
Account account = AccountCreator.createTestAccount("UserApiKeysTest.testDeleteKey", false);
UserApiKeys apiKeys = new UserApiKeys(account.getEmail());
AccessKey accessKey = apiKeys.requestKey("app.test.6");
Assert.assertNotNull(accessKey);
Assert.assertNotNull(accessKey.getToken());
Assert.assertFalse(apiKeys.deleteKey(accessKey.getId(), "secret"));
Assert.assertTrue(apiKeys.deleteKey(accessKey.getId(), accessKey.getSecret()));
Results<AccessKey> keys = apiKeys.getKeys(15, 0, "creationTime", true, false);
Assert.assertEquals(0, keys.getResultCount());
}Example 5 with AccessKey
use of org.jbei.ice.lib.dto.access.AccessKey in project ice by JBEI.
the class UserApiKeys method requestKey.
/**
* Generates an access key using the client identifier
*
* @param clientId unique client identifier.
* @return wrapper around created token, client_id and secret.
* <p>The api token that is generated and returned to the user is not stored and therefore cannot be retrieved.
* If lost, the api key record can be deleted by the user who created it (or an admin) and a new one created.</p>
*/
public AccessKey requestKey(String clientId) {
try {
Optional<ApiKey> optional = apiKeyDAO.getByClientId(clientId);
if (optional.isPresent())
throw new IllegalArgumentException("Attempting to create duplicate key for client id " + clientId);
} catch (DAOException e) {
Logger.error(e);
return null;
}
TokenHash hash = new TokenHash();
String token = hash.generateRandomToken(32);
String salt = hash.generateSalt();
String hash_token = hash.encrypt(token, clientId + salt + clientId);
ApiKey apiKey = new ApiKey();
apiKey.setCreationTime(new Date());
apiKey.setOwnerEmail(userId);
apiKey.setClientId(clientId);
apiKey.setSecret(salt);
apiKey.setStatus(AccessStatus.OK);
apiKey.setHashedToken(hash_token);
apiKey = apiKeyDAO.create(apiKey);
AccessKey key = apiKey.toDataTransferObject();
key.setToken(token);
return key;
}
Also used :
DAOException(org.jbei.ice.storage.DAOException)
ApiKey(org.jbei.ice.storage.model.ApiKey)
AccessKey(org.jbei.ice.lib.dto.access.AccessKey)
Date(java.util.Date)
Aggregations
AccessKey (org.jbei.ice.lib.dto.access.AccessKey)8
Account (org.jbei.ice.storage.model.Account)5
Test (org.junit.Test)3
UserApiKeys (org.jbei.ice.lib.account.UserApiKeys)2
ApiKey (org.jbei.ice.storage.model.ApiKey)2
Date (java.util.Date)1
PermissionException (org.jbei.ice.lib.access.PermissionException)1
AccountTransfer (org.jbei.ice.lib.account.AccountTransfer)1
Results (org.jbei.ice.lib.dto.common.Results)1
DAOException (org.jbei.ice.storage.DAOException)1
