Example 11 with Authentication
use of org.olat.basesecurity.Authentication in project OpenOLAT by OpenOLAT.
the class RestSecurityBeanImpl method isTokenRegistrated.
@Override
public boolean isTokenRegistrated(String token, HttpSession session) {
if (!StringHelper.containsNonWhitespace(token))
return false;
boolean registrated = tokenToIdentity.containsKey(token);
if (!registrated) {
List<Authentication> auths = securityManager.findAuthenticationByToken(REST_AUTH_PROVIDER, token);
if (auths.size() == 1) {
Authentication auth = auths.get(0);
tokenToIdentity.put(token, auth.getIdentity().getKey());
bindTokenToSession(token, session);
registrated = true;
}
}
return registrated;
}
Also used :
Authentication(org.olat.basesecurity.Authentication)
Example 12 with Authentication
use of org.olat.basesecurity.Authentication in project OpenOLAT by OpenOLAT.
the class RestSecurityBeanImpl method removeTooOldRestToken.
@Override
public int removeTooOldRestToken() {
Calendar cal = Calendar.getInstance();
cal.setTime(new Date());
cal.add(Calendar.MONTH, -1);
Date limit = cal.getTime();
List<Authentication> authentications = securityManager.findOldAuthentication(REST_AUTH_PROVIDER, limit);
for (Authentication authentication : authentications) {
String token = authentication.getCredential();
if (tokenToIdentity.containsKey(token)) {
// don't delete authentication in use
continue;
}
securityManager.deleteAuthentication(authentication);
}
return authentications.size();
}
Also used :
Authentication(org.olat.basesecurity.Authentication)
Calendar(java.util.Calendar)
Date(java.util.Date)
Example 13 with Authentication
use of org.olat.basesecurity.Authentication in project OpenOLAT by OpenOLAT.
the class RestSecurityBeanImpl method generateToken.
@Override
public String generateToken(Identity identity, HttpSession session) {
String token = UUID.randomUUID().toString();
tokenToIdentity.put(token, identity.getKey());
bindTokenToSession(token, session);
Authentication auth = securityManager.findAuthentication(identity, REST_AUTH_PROVIDER);
if (auth == null) {
securityManager.createAndPersistAuthentication(identity, REST_AUTH_PROVIDER, identity.getName(), token, null);
} else {
authenticationDao.updateCredential(auth, token);
}
return token;
}
Also used :
Authentication(org.olat.basesecurity.Authentication)
Example 14 with Authentication
use of org.olat.basesecurity.Authentication in project OpenOLAT by OpenOLAT.
the class WebDAVPasswordController method toogleChangePassword.
private void toogleChangePassword(UserRequest ureq) {
boolean visible = newButton.isVisible();
newButton.setVisible(!visible);
passwordStaticEl.setVisible(!visible);
saveButton.setVisible(visible);
cancelButton.setVisible(visible);
passwordEl.setVisible(visible);
confirmPasswordEl.setVisible(visible);
Authentication auth = securityManager.findAuthentication(ureq.getIdentity(), WebDAVAuthManager.PROVIDER_WEBDAV);
String passwordPlaceholderKey = auth == null ? "pwdav.password.not_set" : "pwdav.password.set";
String passwordPlaceholder = getTranslator().translate(passwordPlaceholderKey);
passwordStaticEl.setValue(passwordPlaceholder);
String buttonPlaceholderKey = auth == null ? "pwdav.password.new" : "pwdav.password.change";
newButton.setI18nKey(buttonPlaceholderKey);
flc.setDirty(true);
}
Also used :
Authentication(org.olat.basesecurity.Authentication)
Example 15 with Authentication
use of org.olat.basesecurity.Authentication in project OpenOLAT by OpenOLAT.
the class UserAuthenticationWebService method delete.
/**
* Deletes an authentication from the system
* @response.representation.200.doc The authentication successfully deleted
* @response.representation.401.doc The roles of the authenticated user are not sufficient
* @response.representation.404.doc The identity or the authentication not found
* @param username The username of the user
* @param authKey The authentication key identifier
* @param request The HTTP request
* @return <code>Response</code> object. The operation status (success or
* fail)
*/
@DELETE
@Path("{authKey}")
public Response delete(@PathParam("username") String username, @PathParam("authKey") Long authKey, @Context HttpServletRequest request) {
if (!isUserManager(request)) {
return Response.serverError().status(Status.UNAUTHORIZED).build();
}
BaseSecurity baseSecurity = BaseSecurityManager.getInstance();
Identity identity = baseSecurity.findIdentityByName(username);
if (identity == null) {
return Response.serverError().status(Status.NOT_FOUND).build();
}
List<Authentication> authentications = baseSecurity.getAuthentications(identity);
for (Authentication authentication : authentications) {
if (authKey.equals(authentication.getKey())) {
baseSecurity.deleteAuthentication(authentication);
return Response.ok().build();
}
}
return Response.serverError().status(Status.NOT_FOUND).build();
}
Also used :
Authentication(org.olat.basesecurity.Authentication)
RestSecurityHelper.getIdentity(org.olat.restapi.security.RestSecurityHelper.getIdentity)
Identity(org.olat.core.id.Identity)
BaseSecurity(org.olat.basesecurity.BaseSecurity)
Path(javax.ws.rs.Path)
DELETE(javax.ws.rs.DELETE)
Aggregations
Authentication (org.olat.basesecurity.Authentication)82
Identity (org.olat.core.id.Identity)46
BaseSecurity (org.olat.basesecurity.BaseSecurity)16
Test (org.junit.Test)10
RestSecurityHelper.getIdentity (org.olat.restapi.security.RestSecurityHelper.getIdentity)8
AuthenticationVO (org.olat.restapi.support.vo.AuthenticationVO)8
URI (java.net.URI)6
ArrayList (java.util.ArrayList)6
Produces (javax.ws.rs.Produces)6
HttpResponse (org.apache.http.HttpResponse)6
SecurityGroup (org.olat.basesecurity.SecurityGroup)6
Locale (java.util.Locale)4
GET (javax.ws.rs.GET)4
HttpPut (org.apache.http.client.methods.HttpPut)4
AssertException (org.olat.core.logging.AssertException)4
DBRuntimeException (org.olat.core.logging.DBRuntimeException)4
Algorithm (org.olat.core.util.Encoder.Algorithm)4
TemporaryKey (org.olat.registration.TemporaryKey)4
ErrorVO (org.olat.restapi.support.vo.ErrorVO)4
UserPropertyHandler (org.olat.user.propertyhandlers.UserPropertyHandler)4
