Search in sources :

Example 1 with WebServiceUsage

use of password.pwm.config.option.WebServiceUsage in project pwm by pwm-project.

the class RestAuthenticationProcessor method readRestAuthentication.

public RestAuthentication readRestAuthentication() throws PwmUnrecoverableException {
    {
        // named secret auth
        final String namedSecretName = readNamedSecretName();
        if (namedSecretName != null) {
            LOGGER.trace(sessionLabel, "authenticating with named secret '" + namedSecretName + "'");
            final Set<WebServiceUsage> usages = new HashSet<>(JavaHelper.readEnumListFromStringCollection(WebServiceUsage.class, pwmApplication.getConfig().readSettingAsNamedPasswords(PwmSetting.WEBSERVICES_EXTERNAL_SECRET).get(namedSecretName).getUsage()));
            return new RestAuthentication(RestAuthenticationType.NAMED_SECRET, namedSecretName, null, Collections.unmodifiableSet(usages), true, null);
        }
    }
    {
        // ldap auth
        final UserIdentity userIdentity = readLdapUserIdentity();
        if (userIdentity != null) {
            {
                final List<UserPermission> userPermission = pwmApplication.getConfig().readSettingAsUserPermission(PwmSetting.WEBSERVICES_QUERY_MATCH);
                final boolean result = LdapPermissionTester.testUserPermissions(pwmApplication, sessionLabel, userIdentity, userPermission);
                if (!result) {
                    final String errorMsg = "user does not have webservice permission due to setting " + PwmSetting.WEBSERVICES_QUERY_MATCH.toMenuLocationDebug(null, httpServletRequest.getLocale());
                    throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_UNAUTHORIZED, errorMsg));
                }
            }
            final boolean thirdParty;
            {
                final List<UserPermission> userPermission = pwmApplication.getConfig().readSettingAsUserPermission(PwmSetting.WEBSERVICES_THIRDPARTY_QUERY_MATCH);
                thirdParty = LdapPermissionTester.testUserPermissions(pwmApplication, sessionLabel, userIdentity, userPermission);
            }
            final ChaiProvider chaiProvider = authenticateUser(userIdentity);
            verifyAuthUserIsNotSystemUser(userIdentity);
            return new RestAuthentication(RestAuthenticationType.LDAP, null, userIdentity, Collections.unmodifiableSet(new HashSet<>(Arrays.asList(WebServiceUsage.values()))), thirdParty, chaiProvider);
        }
    }
    final Set<WebServiceUsage> publicUsages;
    if (pwmApplication.getConfig().readSettingAsBoolean(PwmSetting.PUBLIC_HEALTH_STATS_WEBSERVICES)) {
        final WebServiceUsage[] usages = { WebServiceUsage.Health, WebServiceUsage.Statistics };
        publicUsages = Collections.unmodifiableSet(new HashSet<>(Arrays.asList(usages)));
    } else {
        publicUsages = Collections.emptySet();
    }
    return new RestAuthentication(RestAuthenticationType.PUBLIC, null, null, publicUsages, false, null);
}
Also used : HashSet(java.util.HashSet) Set(java.util.Set) UserIdentity(password.pwm.bean.UserIdentity) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) WebServiceUsage(password.pwm.config.option.WebServiceUsage) ErrorInformation(password.pwm.error.ErrorInformation) ChaiProvider(com.novell.ldapchai.provider.ChaiProvider) UserPermission(password.pwm.config.value.data.UserPermission) HashSet(java.util.HashSet)

Aggregations

ChaiProvider (com.novell.ldapchai.provider.ChaiProvider)1 HashSet (java.util.HashSet)1 Set (java.util.Set)1 UserIdentity (password.pwm.bean.UserIdentity)1 WebServiceUsage (password.pwm.config.option.WebServiceUsage)1 UserPermission (password.pwm.config.value.data.UserPermission)1 ErrorInformation (password.pwm.error.ErrorInformation)1 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)1