Example 1 with RestApiBasicAuthenticationException
use of org.wso2.carbon.bpmn.rest.common.exception.RestApiBasicAuthenticationException in project carbon-business-process by wso2.
the class AuthenticationHandler method authenticate.
/**
* Checks whether a given userName:password combination authenticates correctly against carbon userStore
* Upon successful authentication returns true, false otherwise
*
* @param userName
* @param password
* @return
* @throws RestApiBasicAuthenticationException wraps and throws exceptions occur when trying to authenticate
* the user
*/
private boolean authenticate(String userName, String password) throws RestApiBasicAuthenticationException {
boolean authStatus;
try {
IdentityService identityService = BPMNOSGIService.getIdentityService();
authStatus = identityService.checkPassword(userName, password);
if (!authStatus) {
return false;
}
} catch (BPMNAuthenticationException e) {
throw new RestApiBasicAuthenticationException(e.getMessage(), e);
}
String tenantDomain = MultitenantUtils.getTenantDomain(userName);
String tenantAwareUserName = MultitenantUtils.getTenantAwareUsername(userName);
String userNameWithTenantDomain = tenantAwareUserName + "@" + tenantDomain;
RealmService realmService = RegistryContext.getBaseInstance().getRealmService();
TenantManager mgr = realmService.getTenantManager();
int tenantId = 0;
try {
tenantId = mgr.getTenantId(tenantDomain);
// tenantId == -1, means an invalid tenant.
if (tenantId == -1) {
if (log.isDebugEnabled()) {
log.debug("Basic authentication request with an invalid tenant : " + userNameWithTenantDomain);
}
return false;
}
} catch (UserStoreException e) {
throw new RestApiBasicAuthenticationException("Identity exception thrown while getting tenant ID for user : " + userNameWithTenantDomain, e);
}
/* Upon successful authentication existing thread local carbon context
* is updated to mimic the authenticated user */
PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
carbonContext.setUsername(tenantAwareUserName);
carbonContext.setTenantId(tenantId);
carbonContext.setTenantDomain(tenantDomain);
return true;
}
Also used :
IdentityService(org.activiti.engine.IdentityService)
RestApiBasicAuthenticationException(org.wso2.carbon.bpmn.rest.common.exception.RestApiBasicAuthenticationException)
RealmService(org.wso2.carbon.user.core.service.RealmService)
UserStoreException(org.wso2.carbon.user.api.UserStoreException)
PrivilegedCarbonContext(org.wso2.carbon.context.PrivilegedCarbonContext)
BPMNAuthenticationException(org.wso2.carbon.bpmn.core.exception.BPMNAuthenticationException)
TenantManager(org.wso2.carbon.user.core.tenant.TenantManager)
Example 2 with RestApiBasicAuthenticationException
use of org.wso2.carbon.bpmn.rest.common.exception.RestApiBasicAuthenticationException in project carbon-business-process by wso2.
the class ProcessInstanceService method startInstance.
@POST
@Path("/")
@Consumes({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
@Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
public Response startInstance(ProcessInstanceCreateRequest processInstanceCreateRequest) {
if (log.isDebugEnabled()) {
log.debug("ProcessInstanceCreateRequest:" + processInstanceCreateRequest.getProcessDefinitionId());
log.debug(" processInstanceCreateRequest.getVariables().size():" + processInstanceCreateRequest.getVariables().size());
}
if (processInstanceCreateRequest.getProcessDefinitionId() == null && processInstanceCreateRequest.getProcessDefinitionKey() == null && processInstanceCreateRequest.getMessage() == null) {
throw new ActivitiIllegalArgumentException("Either processDefinitionId, processDefinitionKey or message is required.");
}
int paramsSet = ((processInstanceCreateRequest.getProcessDefinitionId() != null) ? 1 : 0) + ((processInstanceCreateRequest.getProcessDefinitionKey() != null) ? 1 : 0) + ((processInstanceCreateRequest.getMessage() != null) ? 1 : 0);
if (paramsSet > 1) {
throw new ActivitiIllegalArgumentException("Only one of processDefinitionId, processDefinitionKey or message should be set.");
}
if (processInstanceCreateRequest.isCustomTenantSet()) {
// Tenant-id can only be used with either key or message
if (processInstanceCreateRequest.getProcessDefinitionId() != null) {
throw new ActivitiIllegalArgumentException("TenantId can only be used with either processDefinitionKey or message.");
}
} else {
// if no tenantId, it must be from definitionId
if (processInstanceCreateRequest.getProcessDefinitionId() == null) {
throw new ActivitiIllegalArgumentException("TenantId should be specified to be used with either " + "processDefinitionKey or message.");
}
}
// Have to add the validation part here
if (!isValidUserToStartProcess(processInstanceCreateRequest)) {
throw new RestApiBasicAuthenticationException("User doesn't have the necessary permission to start the process");
}
if (processInstanceCreateRequest.getSkipInstanceCreation() || processInstanceCreateRequest.getSkipInstanceCreationIfExist()) {
ProcessInstanceQueryRequest processInstanceQueryRequest = processInstanceCreateRequest.cloneInstanceCreationRequest();
Map<String, String> allRequestParams = allRequestParams(uriInfo);
DataResponse dataResponse = getQueryResponse(processInstanceQueryRequest, allRequestParams, uriInfo);
if (log.isDebugEnabled()) {
log.debug("ProcessInstanceCreation check:" + dataResponse.getSize());
}
int dataResponseSize = dataResponse.getSize();
if (dataResponseSize > 0) {
if (processInstanceCreateRequest.getCorrelate()) {
if (dataResponseSize != 1) {
String responseMessage = "Correlation matching failed as there are more than one matching instance with " + "given variables state";
throw new NotFoundException(Response.ok().entity(responseMessage).status(Response.Status.NOT_FOUND).build());
}
if (processInstanceCreateRequest.getMessageName() == null) {
String responseMessage = "Correlation matching failed as messageName property is not specified";
throw new ActivitiIllegalArgumentException(responseMessage);
}
return performCorrelation(processInstanceCreateRequest);
} else {
dataResponse.setMessage("Instance information corresponding to the request");
return Response.ok().entity(dataResponse).build();
}
}
}
RestResponseFactory restResponseFactory = new RestResponseFactory();
Map<String, Object> startVariables = null;
if (processInstanceCreateRequest.getVariables() != null) {
startVariables = new HashMap<>();
for (RestVariable variable : processInstanceCreateRequest.getVariables()) {
if (variable.getName() == null) {
throw new ActivitiIllegalArgumentException("Variable name is required.");
}
startVariables.put(variable.getName(), restResponseFactory.getVariableValue(variable));
}
}
// updated the additional variables
if (processInstanceCreateRequest.getAdditionalVariables() != null) {
if (startVariables == null) {
startVariables = new HashMap<>();
}
for (RestVariable variable : processInstanceCreateRequest.getAdditionalVariables()) {
if (variable.getName() == null) {
throw new ActivitiIllegalArgumentException("Additional Variable name is required.");
}
startVariables.put(variable.getName(), restResponseFactory.getVariableValue(variable));
}
}
RuntimeService runtimeService = BPMNOSGIService.getRuntimeService();
IdentityService identityService = BPMNOSGIService.getIdentityService();
PrivilegedCarbonContext carbonContext = PrivilegedCarbonContext.getThreadLocalCarbonContext();
String userName = carbonContext.getUsername();
ProcessInstanceResponse processInstanceResponse;
// Actually start the instance based on key or id
try {
ProcessInstance instance;
identityService.setAuthenticatedUserId(userName);
if (processInstanceCreateRequest.getProcessDefinitionId() != null) {
instance = runtimeService.startProcessInstanceById(processInstanceCreateRequest.getProcessDefinitionId(), processInstanceCreateRequest.getBusinessKey(), startVariables);
} else if (processInstanceCreateRequest.getProcessDefinitionKey() != null) {
if (processInstanceCreateRequest.isCustomTenantSet()) {
instance = runtimeService.startProcessInstanceByKeyAndTenantId(processInstanceCreateRequest.getProcessDefinitionKey(), processInstanceCreateRequest.getBusinessKey(), startVariables, processInstanceCreateRequest.getTenantId());
} else {
instance = runtimeService.startProcessInstanceByKey(processInstanceCreateRequest.getProcessDefinitionKey(), processInstanceCreateRequest.getBusinessKey(), startVariables);
}
} else {
if (processInstanceCreateRequest.isCustomTenantSet()) {
instance = runtimeService.startProcessInstanceByMessageAndTenantId(processInstanceCreateRequest.getMessage(), processInstanceCreateRequest.getBusinessKey(), startVariables, processInstanceCreateRequest.getTenantId());
} else {
instance = runtimeService.startProcessInstanceByMessage(processInstanceCreateRequest.getMessage(), processInstanceCreateRequest.getBusinessKey(), startVariables);
}
}
HistoryService historyService = BPMNOSGIService.getHistoryService();
if (processInstanceCreateRequest.getReturnVariables()) {
Map<String, Object> runtimeVariableMap = null;
List<HistoricVariableInstance> historicVariableList = null;
if (instance.isEnded()) {
historicVariableList = historyService.createHistoricVariableInstanceQuery().processInstanceId(instance.getId()).list();
} else {
runtimeVariableMap = runtimeService.getVariables(instance.getId());
}
processInstanceResponse = restResponseFactory.createProcessInstanceResponse(instance, true, runtimeVariableMap, historicVariableList, uriInfo.getBaseUri().toString());
} else {
processInstanceResponse = restResponseFactory.createProcessInstanceResponse(instance, uriInfo.getBaseUri().toString());
}
} catch (ActivitiObjectNotFoundException aonfe) {
throw new ActivitiIllegalArgumentException(aonfe.getMessage(), aonfe);
} finally {
identityService.setAuthenticatedUserId(null);
}
return Response.ok().status(Response.Status.CREATED).entity(processInstanceResponse).build();
}
Also used :
RestResponseFactory(org.wso2.carbon.bpmn.rest.common.RestResponseFactory)
RuntimeService(org.activiti.engine.RuntimeService)
NotFoundException(javax.ws.rs.NotFoundException)
ActivitiObjectNotFoundException(org.activiti.engine.ActivitiObjectNotFoundException)
HistoryService(org.activiti.engine.HistoryService)
PrivilegedCarbonContext(org.wso2.carbon.context.PrivilegedCarbonContext)
ActivitiObjectNotFoundException(org.activiti.engine.ActivitiObjectNotFoundException)
ProcessInstanceQueryRequest(org.wso2.carbon.bpmn.rest.model.runtime.ProcessInstanceQueryRequest)
RestVariable(org.wso2.carbon.bpmn.rest.engine.variable.RestVariable)
IdentityService(org.activiti.engine.IdentityService)
RestApiBasicAuthenticationException(org.wso2.carbon.bpmn.rest.common.exception.RestApiBasicAuthenticationException)
DataResponse(org.wso2.carbon.bpmn.rest.model.common.DataResponse)
ActivitiIllegalArgumentException(org.activiti.engine.ActivitiIllegalArgumentException)
ProcessInstanceResponse(org.wso2.carbon.bpmn.rest.model.runtime.ProcessInstanceResponse)
ProcessInstance(org.activiti.engine.runtime.ProcessInstance)
HistoricVariableInstance(org.activiti.engine.history.HistoricVariableInstance)
Path(javax.ws.rs.Path)
POST(javax.ws.rs.POST)
Consumes(javax.ws.rs.Consumes)
Produces(javax.ws.rs.Produces)
Aggregations
IdentityService (org.activiti.engine.IdentityService)2
RestApiBasicAuthenticationException (org.wso2.carbon.bpmn.rest.common.exception.RestApiBasicAuthenticationException)2
PrivilegedCarbonContext (org.wso2.carbon.context.PrivilegedCarbonContext)2
Consumes (javax.ws.rs.Consumes)1
NotFoundException (javax.ws.rs.NotFoundException)1
POST (javax.ws.rs.POST)1
Path (javax.ws.rs.Path)1
Produces (javax.ws.rs.Produces)1
ActivitiIllegalArgumentException (org.activiti.engine.ActivitiIllegalArgumentException)1
ActivitiObjectNotFoundException (org.activiti.engine.ActivitiObjectNotFoundException)1
HistoryService (org.activiti.engine.HistoryService)1
RuntimeService (org.activiti.engine.RuntimeService)1
HistoricVariableInstance (org.activiti.engine.history.HistoricVariableInstance)1
ProcessInstance (org.activiti.engine.runtime.ProcessInstance)1
BPMNAuthenticationException (org.wso2.carbon.bpmn.core.exception.BPMNAuthenticationException)1
RestResponseFactory (org.wso2.carbon.bpmn.rest.common.RestResponseFactory)1
RestVariable (org.wso2.carbon.bpmn.rest.engine.variable.RestVariable)1
DataResponse (org.wso2.carbon.bpmn.rest.model.common.DataResponse)1
ProcessInstanceQueryRequest (org.wso2.carbon.bpmn.rest.model.runtime.ProcessInstanceQueryRequest)1
ProcessInstanceResponse (org.wso2.carbon.bpmn.rest.model.runtime.ProcessInstanceResponse)1
