use of org.jbei.ice.lib.dto.web.RegistryPartner in project ice by JBEI.
the class WebPartners method getThisInstanceWithNewApiKey.
/**
* Generates a new partner object representing this ICE instance
* with a new API key
*
* @return null if the URL for this partner is invalid (e.g. localhost)
* RegistryPartner object otherwise
*/
protected RegistryPartner getThisInstanceWithNewApiKey() {
String myURL = getThisUri();
if (!isValidUrl(myURL))
return null;
RegistryPartner thisPartner = new RegistryPartner();
String myName = Utils.getConfigValue(ConfigurationKey.PROJECT_NAME);
thisPartner.setName(myName);
thisPartner.setUrl(myURL);
thisPartner.setApiKey(tokenHash.generateRandomToken());
return thisPartner;
}
use of org.jbei.ice.lib.dto.web.RegistryPartner in project ice by JBEI.
the class WebPartners method handleRemoteAddRequest.
/**
* Handles requests from remote ice instances that will like to be in a WoR config with this instance
* Serves the dual purpose of:
* <ul>
* <li>please add me as a partner to your list with token</li>
* <li>add accepted; use this as the authorization token</li>
* </ul>
* <p>
* Note that the request is rejected if this ICE instance has not opted to be a member of web of
* registries
*
* @param request partner request object containing all information needed with a validated url
* @return information about this instance to be sent to the remote
*/
protected RegistryPartner handleRemoteAddRequest(RegistryPartner request) {
if (request == null || StringUtils.isEmpty(request.getApiKey())) {
Logger.error("Received invalid partner add request");
return null;
}
Logger.info("Processing request to connect by " + request.getUrl());
String myURL = getThisUri();
if (request.getUrl().equalsIgnoreCase(myURL))
return null;
boolean apiKeyValidates = remoteContact.apiKeyValidates(myURL, request);
if (!apiKeyValidates) {
Logger.error("Received api token could not be validated");
return null;
}
// request should contain api key for use to contact third party
RemotePartner partner = dao.getByUrl(request.getUrl());
RegistryPartner thisInstance = getThisInstanceWithNewApiKey();
// create new partner object or update existing with new token hash
if (partner != null) {
Logger.info("Updating authentication for existing");
// validated. update the authorization token
partner.setApiKey(request.getApiKey());
partner.setSalt(tokenHash.generateSalt());
partner.setAuthenticationToken(tokenHash.encrypt(thisInstance.getApiKey() + request.getUrl(), partner.getSalt()));
dao.update(partner);
} else {
// save in db
request.setStatus(RemotePartnerStatus.APPROVED);
createRemotePartnerObject(request, thisInstance.getApiKey());
}
Logger.info("Successfully added remote partner " + request.getUrl());
// send information about this instance (with token) as response
return thisInstance;
}
use of org.jbei.ice.lib.dto.web.RegistryPartner in project ice by JBEI.
the class PartnerResource method addNewPartner.
/**
* Adds a remote instance as a registry partner. There are two entry points for this call within ICE.
* One is from the web of registries task. This does not contain any authentication information
* and therefore requires verification of the token.<p>
* The second is from the admin ui where a partner is manually added to this ice instance.
*
* @param partner details about the partner to add
*/
@POST
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
public Response addNewPartner(RegistryPartner partner) {
WebPartners webPartners = new WebPartners();
RegistryPartner result;
String userId = getUserId();
// or contains token?) then this is a request coming remotely
if (StringUtils.isEmpty(userId) && !StringUtils.isEmpty(partner.getApiKey())) {
Logger.info("Received remote partner add request from " + partner.getUrl());
result = webPartners.processRemoteWebPartnerAdd(partner);
} else {
// local request
result = webPartners.addNewPartner(userId, partner);
}
return super.respond(result);
}
use of org.jbei.ice.lib.dto.web.RegistryPartner in project ice by JBEI.
the class PartnerResource method getWebPartner.
@GET
@Path("{id}")
public Response getWebPartner(@PathParam("id") final long partnerId) {
requireUserId();
WebPartners webPartners = new WebPartners();
final RegistryPartner partner = webPartners.get(partnerId);
return super.respond(Response.Status.OK, partner);
}
use of org.jbei.ice.lib.dto.web.RegistryPartner in project ice by JBEI.
the class FolderPermissions method createRemotePermission.
/**
* Creates an access folder permission for a remote user
*
* @param accessPermission access details
* @return wrapper around the unique identifier for the remote permission created
* @throws IllegalArgumentException if the partner record cannot be retrieved
*/
public AccessPermission createRemotePermission(AccessPermission accessPermission) {
RegistryPartner partner = accessPermission.getPartner();
RemotePartner remotePartner = remotePartnerDAO.get(partner.getId());
if (remotePartner == null) {
String errorMessage = "Could not find remote partner for remote permission";
Logger.error(errorMessage);
throw new IllegalArgumentException(errorMessage);
}
// todo : must be owner?
authorization.expectWrite(userId, folder);
String remoteUserId = accessPermission.getUserId();
String token = tokenHash.generateSalt();
// send token and also verify user Id
accessPermission.setSecret(token);
AccountTransfer accountTransfer = new AccountTransfer();
accountTransfer.setEmail(userId);
accessPermission.setAccount(accountTransfer);
accessPermission.setDisplay(folder.getName());
accessPermission.setTypeId(folder.getId());
if (!sendToken(accessPermission, remotePartner))
// something happened with the send; likely user id is invalid
return null;
// create local client record mapping to remote
RemoteClientModel remoteClientModel = getOrCreateRemoteClient(remoteUserId, remotePartner);
// create remote share record storing the secret
// todo : use folder uuid instead of folder id ?
String secret = tokenHash.encrypt(folder.getId() + remotePartner.getUrl() + remoteUserId, token);
RemoteShareModel remoteShare = new RemoteShareModel();
remoteShare.setClient(remoteClientModel);
remoteShare.setSecret(secret);
Account account = accountDAO.getByEmail(userId);
remoteShare.setSharer(account);
remoteShare = remoteShareModelDAO.create(remoteShare);
// create permission object
Permission permission = createPermissionModel(accessPermission, remoteShare);
accessPermission.setId(remoteShare.getId());
accessPermission.setArticleId(permission.getId());
accessPermission.setArticle(AccessPermission.Article.REMOTE);
RemoteShareModel remoteShareModel = permission.getRemoteShare();
accessPermission.setPartner(remoteShareModel.getClient().getRemotePartner().toDataTransferObject());
accessPermission.setDisplay(remoteShareModel.getClient().getEmail());
return accessPermission;
}
Aggregations