use of org.olat.basesecurity.Authentication in project OpenOLAT by OpenOLAT.
the class RestSecurityBeanImpl method isTokenRegistrated.
@Override
public boolean isTokenRegistrated(String token, HttpSession session) {
if (!StringHelper.containsNonWhitespace(token))
return false;
boolean registrated = tokenToIdentity.containsKey(token);
if (!registrated) {
List<Authentication> auths = securityManager.findAuthenticationByToken(REST_AUTH_PROVIDER, token);
if (auths.size() == 1) {
Authentication auth = auths.get(0);
tokenToIdentity.put(token, auth.getIdentity().getKey());
bindTokenToSession(token, session);
registrated = true;
}
}
return registrated;
}
use of org.olat.basesecurity.Authentication in project OpenOLAT by OpenOLAT.
the class RestSecurityBeanImpl method removeTooOldRestToken.
@Override
public int removeTooOldRestToken() {
Calendar cal = Calendar.getInstance();
cal.setTime(new Date());
cal.add(Calendar.MONTH, -1);
Date limit = cal.getTime();
List<Authentication> authentications = securityManager.findOldAuthentication(REST_AUTH_PROVIDER, limit);
for (Authentication authentication : authentications) {
String token = authentication.getCredential();
if (tokenToIdentity.containsKey(token)) {
// don't delete authentication in use
continue;
}
securityManager.deleteAuthentication(authentication);
}
return authentications.size();
}
use of org.olat.basesecurity.Authentication in project OpenOLAT by OpenOLAT.
the class RestSecurityBeanImpl method generateToken.
@Override
public String generateToken(Identity identity, HttpSession session) {
String token = UUID.randomUUID().toString();
tokenToIdentity.put(token, identity.getKey());
bindTokenToSession(token, session);
Authentication auth = securityManager.findAuthentication(identity, REST_AUTH_PROVIDER);
if (auth == null) {
securityManager.createAndPersistAuthentication(identity, REST_AUTH_PROVIDER, identity.getName(), token, null);
} else {
authenticationDao.updateCredential(auth, token);
}
return token;
}
use of org.olat.basesecurity.Authentication in project OpenOLAT by OpenOLAT.
the class WebDAVPasswordController method toogleChangePassword.
private void toogleChangePassword(UserRequest ureq) {
boolean visible = newButton.isVisible();
newButton.setVisible(!visible);
passwordStaticEl.setVisible(!visible);
saveButton.setVisible(visible);
cancelButton.setVisible(visible);
passwordEl.setVisible(visible);
confirmPasswordEl.setVisible(visible);
Authentication auth = securityManager.findAuthentication(ureq.getIdentity(), WebDAVAuthManager.PROVIDER_WEBDAV);
String passwordPlaceholderKey = auth == null ? "pwdav.password.not_set" : "pwdav.password.set";
String passwordPlaceholder = getTranslator().translate(passwordPlaceholderKey);
passwordStaticEl.setValue(passwordPlaceholder);
String buttonPlaceholderKey = auth == null ? "pwdav.password.new" : "pwdav.password.change";
newButton.setI18nKey(buttonPlaceholderKey);
flc.setDirty(true);
}
use of org.olat.basesecurity.Authentication in project OpenOLAT by OpenOLAT.
the class UserAuthenticationWebService method delete.
/**
* Deletes an authentication from the system
* @response.representation.200.doc The authentication successfully deleted
* @response.representation.401.doc The roles of the authenticated user are not sufficient
* @response.representation.404.doc The identity or the authentication not found
* @param username The username of the user
* @param authKey The authentication key identifier
* @param request The HTTP request
* @return <code>Response</code> object. The operation status (success or
* fail)
*/
@DELETE
@Path("{authKey}")
public Response delete(@PathParam("username") String username, @PathParam("authKey") Long authKey, @Context HttpServletRequest request) {
if (!isUserManager(request)) {
return Response.serverError().status(Status.UNAUTHORIZED).build();
}
BaseSecurity baseSecurity = BaseSecurityManager.getInstance();
Identity identity = baseSecurity.findIdentityByName(username);
if (identity == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
}
List<Authentication> authentications = baseSecurity.getAuthentications(identity);
for (Authentication authentication : authentications) {
if (authKey.equals(authentication.getKey())) {
baseSecurity.deleteAuthentication(authentication);
return Response.ok().build();
}
}
return Response.serverError().status(Status.NOT_FOUND).build();
}
Aggregations