Example 11 with SignIn
use of org.sagebionetworks.bridge.models.accounts.SignIn in project BridgeServer2 by Sage-Bionetworks.
the class CRCController method httpBasicAuthentication.
/**
* This is bound to specific “machine” accounts that are enumerated in the controller. Authentication is
* session-less. The account itself has no administrative roles, so it can only execute these endpoints that
* specifically allows it, in the app to which it is bound.
*/
App httpBasicAuthentication() {
String value = request().getHeader(AUTHORIZATION);
if (value == null || value.length() < 5) {
throw new NotAuthenticatedException();
}
// Remove "Basic ";
value = value.substring(5).trim();
// Decode the credentials from base 64
value = new String(Base64.getDecoder().decode(value), Charset.defaultCharset());
// Split to username and password
String[] credentials = value.split(":");
if (credentials.length != 2) {
throw new NotAuthenticatedException();
}
String appId = ACCOUNTS.get(credentials[0]);
if (appId == null) {
throw new NotAuthenticatedException();
}
SignIn.Builder signInBuilder = new SignIn.Builder().withAppId(appId).withPassword(credentials[1]);
if (credentials[0].contains("@sagebase.org")) {
signInBuilder.withEmail(credentials[0]);
} else {
signInBuilder.withExternalId(credentials[0]);
}
App app = appService.getApp(appId);
// Verify the password
SignIn signIn = signInBuilder.build();
Account account = accountService.authenticate(app, signIn);
// This method of verification sidesteps RequestContext initialization
// through a session. Set up what is needed in the controller.
Set<String> studies = BridgeUtils.collectStudyIds(account);
RequestContext.Builder builder = new RequestContext.Builder().withCallerAppId(appId).withCallerRoles(account.getRoles()).withCallerUserId(account.getId()).withOrgSponsoredStudies(studies).withCallerOrgMembership(account.getOrgMembership());
RequestContext.set(builder.build());
return app;
}
Also used :
App(org.sagebionetworks.bridge.models.apps.App)
Account(org.sagebionetworks.bridge.models.accounts.Account)
NotAuthenticatedException(org.sagebionetworks.bridge.exceptions.NotAuthenticatedException)
SignIn(org.sagebionetworks.bridge.models.accounts.SignIn)
RequestContext(org.sagebionetworks.bridge.RequestContext)
Example 12 with SignIn
use of org.sagebionetworks.bridge.models.accounts.SignIn in project BridgeServer2 by Sage-Bionetworks.
the class AuthenticationController method requestResetPassword.
@PostMapping({ "/v3/auth/requestResetPassword", "/api/v1/auth/requestResetPassword" })
@ResponseStatus(HttpStatus.ACCEPTED)
public StatusMessage requestResetPassword() {
SignIn signIn = parseJson(SignIn.class);
App app = appService.getApp(signIn.getAppId());
verifySupportedVersionOrThrowException(app);
authenticationService.requestResetPassword(app, false, signIn);
// Email is chosen over phone number, so if email was provided, respond as if we used it.
if (signIn.getEmail() != null) {
return new StatusMessage(EMAIL_RESET_PWD_MSG);
}
return new StatusMessage(PHONE_RESET_PWD_MSG);
}
Also used :
App(org.sagebionetworks.bridge.models.apps.App)
SignIn(org.sagebionetworks.bridge.models.accounts.SignIn)
StatusMessage(org.sagebionetworks.bridge.models.StatusMessage)
PostMapping(org.springframework.web.bind.annotation.PostMapping)
ResponseStatus(org.springframework.web.bind.annotation.ResponseStatus)
Example 13 with SignIn
use of org.sagebionetworks.bridge.models.accounts.SignIn in project BridgeServer2 by Sage-Bionetworks.
the class AuthenticationServiceTest method requestResetInvalid.
@Test(expectedExceptions = InvalidEntityException.class)
public void requestResetInvalid() {
SignIn signIn = new SignIn.Builder().withAppId(TEST_APP_ID).withPhone(TestConstants.PHONE).withEmail(RECIPIENT_EMAIL).build();
service.requestResetPassword(app, false, signIn);
}Example 14 with SignIn
use of org.sagebionetworks.bridge.models.accounts.SignIn in project BridgeServer2 by Sage-Bionetworks.
the class AuthenticationServiceTest method requestResetPassword.
@Test
public void requestResetPassword() {
SignIn signIn = new SignIn.Builder().withAppId(TEST_APP_ID).withEmail(RECIPIENT_EMAIL).build();
service.requestResetPassword(app, false, signIn);
verify(accountWorkflowService).requestResetPassword(app, false, signIn.getAccountId());
}Example 15 with SignIn
use of org.sagebionetworks.bridge.models.accounts.SignIn in project BridgeServer2 by Sage-Bionetworks.
the class AccountWorkflowService method sendPasswordResetRelatedEmail.
private void sendPasswordResetRelatedEmail(App app, String email, boolean includeEmailSignIn, TemplateRevision revision) {
String sptoken = getNextToken();
CacheKey cacheKey = CacheKey.passwordResetForEmail(sptoken, app.getIdentifier());
cacheProvider.setObject(cacheKey, email, VERIFY_OR_RESET_EXPIRE_IN_SECONDS);
String url = getResetPasswordURL(app, sptoken);
String shortUrl = getShortResetPasswordURL(app, sptoken);
BasicEmailProvider.Builder builder = new BasicEmailProvider.Builder().withApp(app).withTemplateRevision(revision).withRecipientEmail(email).withToken(SPTOKEN_KEY, sptoken).withToken(OLD_URL_KEY, url).withToken(OLD_SHORT_URL_KEY, shortUrl).withToken(OLD_EXP_WINDOW_TOKEN, Integer.toString(VERIFY_OR_RESET_EXPIRE_IN_SECONDS / 60 / 60)).withExpirationPeriod(OLD_EXPIRATION_PERIOD, VERIFY_OR_RESET_EXPIRE_IN_SECONDS).withToken(RESET_PASSWORD_URL_KEY, shortUrl).withExpirationPeriod(RESET_PASSWORD_EXPIRATION_PERIOD, VERIFY_OR_RESET_EXPIRE_IN_SECONDS).withType(EmailType.RESET_PASSWORD);
if (includeEmailSignIn && app.isEmailSignInEnabled()) {
SignIn signIn = new SignIn.Builder().withEmail(email).withAppId(app.getIdentifier()).build();
requestChannelSignIn(EMAIL, EMAIL_SIGNIN_REQUEST, emailSignInRequestInMillis, signIn, false, this::getNextToken, (theApp, account, token) -> {
// get and add the sign in URLs.
String emailShortUrl = getShortEmailSignInURL(signIn.getEmail(), theApp.getIdentifier(), token);
// Put the components in separately, in case we want to alter the URL in a specific template.
builder.withToken(EMAIL_KEY, BridgeUtils.encodeURIComponent(signIn.getEmail()));
builder.withToken(TOKEN_KEY, token);
builder.withToken(OLD_SHORT_URL_KEY, emailShortUrl);
builder.withToken(EMAIL_SIGNIN_URL_KEY, emailShortUrl);
builder.withExpirationPeriod(EMAIL_SIGNIN_EXPIRATION_PERIOD, SIGNIN_EXPIRE_IN_SECONDS);
});
}
sendMailService.sendEmail(builder.build());
}
Also used :
BasicEmailProvider(org.sagebionetworks.bridge.services.email.BasicEmailProvider)
SignIn(org.sagebionetworks.bridge.models.accounts.SignIn)
CacheKey(org.sagebionetworks.bridge.cache.CacheKey)
Aggregations
SignIn (org.sagebionetworks.bridge.models.accounts.SignIn)79
Test (org.testng.annotations.Test)61
App (org.sagebionetworks.bridge.models.apps.App)15
IdentifierUpdate (org.sagebionetworks.bridge.models.accounts.IdentifierUpdate)14
CriteriaContext (org.sagebionetworks.bridge.models.CriteriaContext)13
StatusMessage (org.sagebionetworks.bridge.models.StatusMessage)12
Account (org.sagebionetworks.bridge.models.accounts.Account)10
PostMapping (org.springframework.web.bind.annotation.PostMapping)9
Phone (org.sagebionetworks.bridge.models.accounts.Phone)7
UserSession (org.sagebionetworks.bridge.models.accounts.UserSession)7
JsonNode (com.fasterxml.jackson.databind.JsonNode)5
DateRangeResourceList (org.sagebionetworks.bridge.models.DateRangeResourceList)5
StudyParticipant (org.sagebionetworks.bridge.models.accounts.StudyParticipant)5
HealthDataSubmission (org.sagebionetworks.bridge.models.healthdata.HealthDataSubmission)5
ReportData (org.sagebionetworks.bridge.models.reports.ReportData)5
RequestContext (org.sagebionetworks.bridge.RequestContext)4
BadRequestException (org.sagebionetworks.bridge.exceptions.BadRequestException)4
ConsentRequiredException (org.sagebionetworks.bridge.exceptions.ConsentRequiredException)4
UnauthorizedException (org.sagebionetworks.bridge.exceptions.UnauthorizedException)3
ResponseStatus (org.springframework.web.bind.annotation.ResponseStatus)3
