Search in sources :

Example 1 with ValidateAccess

use of org.platformlayer.auth.v1.ValidateAccess in project platformlayer by platformlayer.

the class PlatformLayerAuthAdminClient method validateToken.

@Override
public ProjectAuthorization validateToken(AuthenticationToken authToken, String projectId) {
    // v2.0/tokens/{userToken}[?project={tenant}]
    String tokenId = ((PlatformlayerAuthenticationToken) authToken).getAuthTokenValue();
    tokenId = tokenId.trim();
    String url = "v2.0/tokens/" + tokenId;
    url += "?project=" + UrlUtils.urlEncode(projectId);
    try {
        ValidateTokenResponse response = doSimpleXmlRequest(HttpMethod.GET, url, null, ValidateTokenResponse.class);
        ValidateAccess access = response.getAccess();
        if (access == null) {
            return null;
        }
        // ProjectValidation project = access.getProject();
        // if (project == null || !Objects.equal(projectId, project.getId())) {
        // return null;
        // }
        UserValidation userInfo = access.getUser();
        if (userInfo == null) {
            return null;
        }
        ProjectValidation projectInfo = access.getProject();
        if (projectInfo == null) {
            return null;
        }
        // List<String> roles = Lists.newArrayList();
        // UserValidation userInfo = access.getUser();
        // for (Role role : userInfo.getRoles()) {
        // if (!role.getTenantId().equals(projectId)) {
        // throw new IllegalStateException("Tenant mismatch: " + role.getTenantId() + " vs " + projectId);
        // }
        // roles.add(role.getName());
        // }
        // byte[] userSecret = userInfo.getSecret();
        String userKey = userInfo.getName();
        PlatformlayerUserAuthentication user = new PlatformlayerUserAuthentication(authToken, userKey);
        PlatformlayerProjectAuthorization project = buildPlatformlayerProjectAuthorization(user, projectInfo);
        return project;
    } catch (RestClientException e) {
        if (e.getHttpResponseCode() != null && e.getHttpResponseCode() == 404) {
            // Not found => invalid token
            return null;
        }
        log.warn("Error while validating token", e);
        throw new IllegalArgumentException("Error while validating token", e);
    }
}
Also used : ValidateTokenResponse(org.platformlayer.auth.v1.ValidateTokenResponse) UserValidation(org.platformlayer.auth.v1.UserValidation) ProjectValidation(org.platformlayer.auth.v1.ProjectValidation) ValidateAccess(org.platformlayer.auth.v1.ValidateAccess) PlatformlayerAuthenticationToken(org.platformlayer.auth.PlatformlayerAuthenticationToken) RestClientException(org.platformlayer.rest.RestClientException)

Example 2 with ValidateAccess

use of org.platformlayer.auth.v1.ValidateAccess in project platformlayer by platformlayer.

the class PlatformLayerAuthAdminClient method validateChain.

@Override
public ProjectAuthorization validateChain(X509Certificate[] chain, String projectKey) {
    // v2.0/keychain[?project={projectKey}]
    String url = "v2.0/keychain";
    url += "?project=" + UrlUtils.urlEncode(projectKey);
    CertificateChainInfo chainInfo = CertificateChains.toModel(chain);
    try {
        ValidateTokenResponse response = doSimpleXmlRequest(HttpMethod.POST, url, chainInfo, ValidateTokenResponse.class);
        ValidateAccess access = response.getAccess();
        if (access == null) {
            return null;
        }
        UserValidation userInfo = access.getUser();
        if (userInfo == null) {
            return null;
        }
        ProjectValidation projectInfo = access.getProject();
        if (projectInfo == null) {
            return null;
        }
        String userKey = userInfo.getName();
        PlatformlayerUserAuthentication user = new PlatformlayerUserAuthentication(null, userKey);
        PlatformlayerProjectAuthorization project = buildPlatformlayerProjectAuthorization(user, projectInfo);
        return project;
    } catch (RestClientException e) {
        if (e.getHttpResponseCode() != null && e.getHttpResponseCode() == 404) {
            // Not found => invalid token
            return null;
        }
        log.warn("Error while validating credentials", e);
        throw new IllegalArgumentException("Error while validating credentials", e);
    }
}
Also used : ValidateTokenResponse(org.platformlayer.auth.v1.ValidateTokenResponse) UserValidation(org.platformlayer.auth.v1.UserValidation) ProjectValidation(org.platformlayer.auth.v1.ProjectValidation) ValidateAccess(org.platformlayer.auth.v1.ValidateAccess) CertificateChainInfo(org.platformlayer.auth.v1.CertificateChainInfo) RestClientException(org.platformlayer.rest.RestClientException)

Aggregations

ProjectValidation (org.platformlayer.auth.v1.ProjectValidation)2 UserValidation (org.platformlayer.auth.v1.UserValidation)2 ValidateAccess (org.platformlayer.auth.v1.ValidateAccess)2 ValidateTokenResponse (org.platformlayer.auth.v1.ValidateTokenResponse)2 RestClientException (org.platformlayer.rest.RestClientException)2 PlatformlayerAuthenticationToken (org.platformlayer.auth.PlatformlayerAuthenticationToken)1 CertificateChainInfo (org.platformlayer.auth.v1.CertificateChainInfo)1