Examples with SecurityUser org.thingsboard.server.service.security.model.SecurityUser used on opensource projects

Search in sources :

Example 6 with SecurityUser

use of org.thingsboard.server.service.security.model.SecurityUser in project thingsboard by thingsboard.

the class RestAwareAuthenticationSuccessHandler method onAuthenticationSuccess.

@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
    SecurityUser securityUser = (SecurityUser) authentication.getPrincipal();
    JwtToken accessToken = tokenFactory.createAccessJwtToken(securityUser);
    JwtToken refreshToken = refreshTokenRepository.requestRefreshToken(securityUser);
    Map<String, String> tokenMap = new HashMap<String, String>();
    tokenMap.put("token", accessToken.getToken());
    tokenMap.put("refreshToken", refreshToken.getToken());
    response.setStatus(HttpStatus.OK.value());
    response.setContentType(MediaType.APPLICATION_JSON_VALUE);
    mapper.writeValue(response.getWriter(), tokenMap);
    clearAuthenticationAttributes(request);
}
Also used : JwtToken(org.thingsboard.server.service.security.model.token.JwtToken) SecurityUser(org.thingsboard.server.service.security.model.SecurityUser) HashMap(java.util.HashMap)

Example 7 with SecurityUser

use of org.thingsboard.server.service.security.model.SecurityUser in project thingsboard by thingsboard.

the class AssetController method getAssetTypes.

@PreAuthorize("hasAnyAuthority('TENANT_ADMIN', 'CUSTOMER_USER')")
@RequestMapping(value = "/asset/types", method = RequestMethod.GET)
@ResponseBody
public List<EntitySubtype> getAssetTypes() throws ThingsboardException {
    try {
        SecurityUser user = getCurrentUser();
        TenantId tenantId = user.getTenantId();
        ListenableFuture<List<EntitySubtype>> assetTypes = assetService.findAssetTypesByTenantId(tenantId);
        return checkNotNull(assetTypes.get());
    } catch (Exception e) {
        throw handleException(e);
    }
}
Also used : TenantId(org.thingsboard.server.common.data.id.TenantId) SecurityUser(org.thingsboard.server.service.security.model.SecurityUser) ArrayList(java.util.ArrayList) List(java.util.List) ThingsboardException(org.thingsboard.server.exception.ThingsboardException) IncorrectParameterException(org.thingsboard.server.dao.exception.IncorrectParameterException) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)

Example 8 with SecurityUser

use of org.thingsboard.server.service.security.model.SecurityUser in project thingsboard by thingsboard.

the class AuthController method activateUser.

@RequestMapping(value = "/noauth/activate", method = RequestMethod.POST)
@ResponseStatus(value = HttpStatus.OK)
@ResponseBody
public JsonNode activateUser(@RequestBody JsonNode activateRequest, HttpServletRequest request) throws ThingsboardException {
    try {
        String activateToken = activateRequest.get("activateToken").asText();
        String password = activateRequest.get("password").asText();
        String encodedPassword = passwordEncoder.encode(password);
        UserCredentials credentials = userService.activateUserCredentials(activateToken, encodedPassword);
        User user = userService.findUserById(credentials.getUserId());
        UserPrincipal principal = new UserPrincipal(UserPrincipal.Type.USER_NAME, user.getEmail());
        SecurityUser securityUser = new SecurityUser(user, credentials.isEnabled(), principal);
        String baseUrl = constructBaseUrl(request);
        String loginUrl = String.format("%s/login", baseUrl);
        String email = user.getEmail();
        try {
            mailService.sendAccountActivatedEmail(loginUrl, email);
        } catch (Exception e) {
            log.info("Unable to send account activation email [{}]", e.getMessage());
        }
        JwtToken accessToken = tokenFactory.createAccessJwtToken(securityUser);
        JwtToken refreshToken = refreshTokenRepository.requestRefreshToken(securityUser);
        ObjectMapper objectMapper = new ObjectMapper();
        ObjectNode tokenObject = objectMapper.createObjectNode();
        tokenObject.put("token", accessToken.getToken());
        tokenObject.put("refreshToken", refreshToken.getToken());
        return tokenObject;
    } catch (Exception e) {
        throw handleException(e);
    }
}
Also used : JwtToken(org.thingsboard.server.service.security.model.token.JwtToken) SecurityUser(org.thingsboard.server.service.security.model.SecurityUser) User(org.thingsboard.server.common.data.User) SecurityUser(org.thingsboard.server.service.security.model.SecurityUser) ObjectNode(com.fasterxml.jackson.databind.node.ObjectNode) UserCredentials(org.thingsboard.server.common.data.security.UserCredentials) UserPrincipal(org.thingsboard.server.service.security.model.UserPrincipal) ThingsboardException(org.thingsboard.server.exception.ThingsboardException) URISyntaxException(java.net.URISyntaxException) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)

Example 9 with SecurityUser

use of org.thingsboard.server.service.security.model.SecurityUser in project thingsboard by thingsboard.

the class AuthController method changePassword.

@PreAuthorize("isAuthenticated()")
@RequestMapping(value = "/auth/changePassword", method = RequestMethod.POST)
@ResponseStatus(value = HttpStatus.OK)
public void changePassword(@RequestBody JsonNode changePasswordRequest) throws ThingsboardException {
    try {
        String currentPassword = changePasswordRequest.get("currentPassword").asText();
        String newPassword = changePasswordRequest.get("newPassword").asText();
        SecurityUser securityUser = getCurrentUser();
        UserCredentials userCredentials = userService.findUserCredentialsByUserId(securityUser.getId());
        if (!passwordEncoder.matches(currentPassword, userCredentials.getPassword())) {
            throw new ThingsboardException("Current password doesn't match!", ThingsboardErrorCode.BAD_REQUEST_PARAMS);
        }
        userCredentials.setPassword(passwordEncoder.encode(newPassword));
        userService.saveUserCredentials(userCredentials);
    } catch (Exception e) {
        throw handleException(e);
    }
}
Also used : SecurityUser(org.thingsboard.server.service.security.model.SecurityUser) ThingsboardException(org.thingsboard.server.exception.ThingsboardException) UserCredentials(org.thingsboard.server.common.data.security.UserCredentials) ThingsboardException(org.thingsboard.server.exception.ThingsboardException) URISyntaxException(java.net.URISyntaxException) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)

Example 10 with SecurityUser

use of org.thingsboard.server.service.security.model.SecurityUser in project thingsboard by thingsboard.

the class AuthController method resetPassword.

@RequestMapping(value = "/noauth/resetPassword", method = RequestMethod.POST)
@ResponseStatus(value = HttpStatus.OK)
@ResponseBody
public JsonNode resetPassword(@RequestBody JsonNode resetPasswordRequest, HttpServletRequest request) throws ThingsboardException {
    try {
        String resetToken = resetPasswordRequest.get("resetToken").asText();
        String password = resetPasswordRequest.get("password").asText();
        UserCredentials userCredentials = userService.findUserCredentialsByResetToken(resetToken);
        if (userCredentials != null) {
            String encodedPassword = passwordEncoder.encode(password);
            userCredentials.setPassword(encodedPassword);
            userCredentials.setResetToken(null);
            userCredentials = userService.saveUserCredentials(userCredentials);
            User user = userService.findUserById(userCredentials.getUserId());
            UserPrincipal principal = new UserPrincipal(UserPrincipal.Type.USER_NAME, user.getEmail());
            SecurityUser securityUser = new SecurityUser(user, userCredentials.isEnabled(), principal);
            String baseUrl = constructBaseUrl(request);
            String loginUrl = String.format("%s/login", baseUrl);
            String email = user.getEmail();
            mailService.sendPasswordWasResetEmail(loginUrl, email);
            JwtToken accessToken = tokenFactory.createAccessJwtToken(securityUser);
            JwtToken refreshToken = refreshTokenRepository.requestRefreshToken(securityUser);
            ObjectMapper objectMapper = new ObjectMapper();
            ObjectNode tokenObject = objectMapper.createObjectNode();
            tokenObject.put("token", accessToken.getToken());
            tokenObject.put("refreshToken", refreshToken.getToken());
            return tokenObject;
        } else {
            throw new ThingsboardException("Invalid reset token!", ThingsboardErrorCode.BAD_REQUEST_PARAMS);
        }
    } catch (Exception e) {
        throw handleException(e);
    }
}
Also used : JwtToken(org.thingsboard.server.service.security.model.token.JwtToken) SecurityUser(org.thingsboard.server.service.security.model.SecurityUser) User(org.thingsboard.server.common.data.User) SecurityUser(org.thingsboard.server.service.security.model.SecurityUser) ObjectNode(com.fasterxml.jackson.databind.node.ObjectNode) ThingsboardException(org.thingsboard.server.exception.ThingsboardException) UserCredentials(org.thingsboard.server.common.data.security.UserCredentials) UserPrincipal(org.thingsboard.server.service.security.model.UserPrincipal) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) ThingsboardException(org.thingsboard.server.exception.ThingsboardException) URISyntaxException(java.net.URISyntaxException)

Aggregations

SecurityUser (org.thingsboard.server.service.security.model.SecurityUser)25 ThingsboardException (org.thingsboard.server.exception.ThingsboardException)15 PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)8 User (org.thingsboard.server.common.data.User)8 UserId (org.thingsboard.server.common.data.id.UserId)7 UserCredentials (org.thingsboard.server.common.data.security.UserCredentials)7 UserPrincipal (org.thingsboard.server.service.security.model.UserPrincipal)7 CustomerId (org.thingsboard.server.common.data.id.CustomerId)6 TenantId (org.thingsboard.server.common.data.id.TenantId)6 IncorrectParameterException (org.thingsboard.server.dao.exception.IncorrectParameterException)5 ArrayList (java.util.ArrayList)4 List (java.util.List)4 UsernameNotFoundException (org.springframework.security.core.userdetails.UsernameNotFoundException)4 URISyntaxException (java.net.URISyntaxException)3 JwtToken (org.thingsboard.server.service.security.model.token.JwtToken)3 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)2 ObjectNode (com.fasterxml.jackson.databind.node.ObjectNode)2 Claims (io.jsonwebtoken.Claims)2 AuthenticationException (org.springframework.security.core.AuthenticationException)2 Customer (org.thingsboard.server.common.data.Customer)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial