Examples with ValidateAccess org.platformlayer.auth.model.ValidateAccess used on opensource projects
Example 1 with ValidateAccess
use of org.platformlayer.auth.model.ValidateAccess in project platformlayer by platformlayer.
the class KeychainResource method authorizeCertificateChain.
@POST
public ValidateTokenResponse authorizeCertificateChain(@QueryParam("project") String project, CertificateChainInfo chain) {
try {
requireSystemAccess();
} catch (AuthenticatorException e) {
log.warn("Error while checking system token", e);
throwInternalError();
}
UserEntity userEntity = null;
try {
boolean unlock = false;
userEntity = userAuthenticator.findUserFromKeychain(chain, unlock);
} catch (AuthenticatorException e) {
log.warn("Error while fetching user", e);
throwInternalError();
}
if (userEntity == null) {
throw404NotFound();
}
ValidateTokenResponse response = new ValidateTokenResponse();
response.access = new ValidateAccess();
response.access.user = Mapping.mapToUserValidation(userEntity);
// response.access.token = new Token();
// response.access.token.expires = checkTokenInfo.expiration;
// response.access.token.id = checkToken;
String checkProject = project;
if (checkProject != null) {
ProjectEntity projectEntity = null;
try {
projectEntity = userAuthenticator.findProject(checkProject);
} catch (AuthenticatorException e) {
log.warn("Error while fetching project", e);
throwInternalError();
}
if (projectEntity == null) {
throw404NotFound();
}
// Note that we do not unlock the user / project; we don't have any secret material
// TODO: We could return stuff encrypted with the user's public key
// projectEntity.unlockWithUser(userEntity);
//
// if (!projectEntity.isSecretValid()) {
// throw404NotFound();
// }
UserProjectEntity userProject = null;
try {
userProject = userAuthenticator.findUserProject(userEntity, projectEntity);
} catch (AuthenticatorException e) {
log.warn("Error while fetching project", e);
throwInternalError();
}
if (userProject == null) {
// Not a member of project
throw404NotFound();
}
response.access.project = Mapping.mapToProject(projectEntity);
response.access.project.roles = Mapping.mapToRoles(userProject.getRoles());
}
return response;
}
Also used :
ValidateTokenResponse(org.platformlayer.auth.model.ValidateTokenResponse)
ValidateAccess(org.platformlayer.auth.model.ValidateAccess)
UserProjectEntity(org.platformlayer.auth.UserProjectEntity)
ProjectEntity(org.platformlayer.auth.ProjectEntity)
AuthenticatorException(org.platformlayer.auth.AuthenticatorException)
UserProjectEntity(org.platformlayer.auth.UserProjectEntity)
UserEntity(org.platformlayer.auth.UserEntity)
POST(javax.ws.rs.POST)
Example 2 with ValidateAccess
use of org.platformlayer.auth.model.ValidateAccess in project platformlayer by platformlayer.
the class TokensResource method validateToken.
@GET
// @HEAD support is automatic from the @GET
@Path("{tokenId}")
public ValidateTokenResponse validateToken(@PathParam("tokenId") String checkToken, @QueryParam("project") String project) {
try {
requireSystemAccess();
} catch (AuthenticatorException e) {
log.warn("Error while checking system token", e);
throwInternalError();
}
TokenInfo checkTokenInfo = tokenService.decodeToken(checkToken);
if (checkTokenInfo == null || checkTokenInfo.hasExpired()) {
throw404NotFound();
}
UserEntity userEntity = null;
try {
userEntity = userAuthenticator.getUserFromToken(checkTokenInfo.userId, checkTokenInfo.tokenSecret);
} catch (AuthenticatorException e) {
log.warn("Error while fetching user", e);
throwInternalError();
}
ValidateTokenResponse response = new ValidateTokenResponse();
response.access = new ValidateAccess();
response.access.user = Mapping.mapToUserValidation(userEntity);
response.access.token = new Token();
response.access.token.expires = checkTokenInfo.expiration;
response.access.token.id = checkToken;
String checkProject = project;
if (checkProject != null) {
ProjectEntity projectEntity = null;
try {
projectEntity = userAuthenticator.findProject(checkProject);
} catch (AuthenticatorException e) {
log.warn("Error while fetching project", e);
throwInternalError();
}
if (projectEntity == null) {
throw404NotFound();
}
projectEntity.unlockWithUser(userEntity);
if (!projectEntity.isSecretValid()) {
throw404NotFound();
}
UserProjectEntity userProject = null;
try {
userProject = userAuthenticator.findUserProject(userEntity, projectEntity);
} catch (AuthenticatorException e) {
log.warn("Error while fetching project", e);
throwInternalError();
}
if (userProject == null) {
// Not a member of project
throw404NotFound();
}
response.access.project = Mapping.mapToProject(projectEntity);
response.access.project.roles = Mapping.mapToRoles(userProject.getRoles());
}
return response;
}
Also used :
ValidateTokenResponse(org.platformlayer.auth.model.ValidateTokenResponse)
ValidateAccess(org.platformlayer.auth.model.ValidateAccess)
UserProjectEntity(org.platformlayer.auth.UserProjectEntity)
ProjectEntity(org.platformlayer.auth.ProjectEntity)
AuthenticatorException(org.platformlayer.auth.AuthenticatorException)
Token(org.platformlayer.auth.model.Token)
UserProjectEntity(org.platformlayer.auth.UserProjectEntity)
TokenInfo(org.platformlayer.auth.services.TokenInfo)
UserEntity(org.platformlayer.auth.UserEntity)
Path(javax.ws.rs.Path)
GET(javax.ws.rs.GET)
Aggregations
AuthenticatorException (org.platformlayer.auth.AuthenticatorException)2
ProjectEntity (org.platformlayer.auth.ProjectEntity)2
UserEntity (org.platformlayer.auth.UserEntity)2
UserProjectEntity (org.platformlayer.auth.UserProjectEntity)2
ValidateAccess (org.platformlayer.auth.model.ValidateAccess)2
ValidateTokenResponse (org.platformlayer.auth.model.ValidateTokenResponse)2
GET (javax.ws.rs.GET)1
POST (javax.ws.rs.POST)1
Path (javax.ws.rs.Path)1
Token (org.platformlayer.auth.model.Token)1
TokenInfo (org.platformlayer.auth.services.TokenInfo)1
