Example 1 with KeystoreEnabledUserDetails
use of won.owner.service.impl.KeystoreEnabledUserDetails in project webofneeds by researchstudio-sat.
the class RestUserController method isSignedIn.
/**
* Method only accessible if the user's still signed in / the session's still
* valid {@literal ->} Use it to check the session cookie.
*/
// * @param user user object
// * @param request
// * @param response
// * @return
//
@ResponseBody
@RequestMapping(value = "/isSignedIn", produces = MediaType.APPLICATION_JSON_VALUE, method = RequestMethod.GET)
@Transactional(propagation = Propagation.REQUIRED)
public // TODO: move transactionality annotation into the service layer
ResponseEntity isSignedIn(HttpServletRequest request, HttpServletResponse response) {
logger.debug("processing request to /isSignedIn");
// Execution will only get here, if the session is still valid, so sending OK
// here is enough. Spring sends an error
// code by itself if the session isn't valid any more
SecurityContext context = SecurityContextHolder.getContext();
Authentication authentication = null;
if (context != null) {
authentication = context.getAuthentication();
}
if (authentication == null) {
authentication = rememberMeServices.autoLogin(request, response);
} else if (authentication instanceof AnonymousAuthenticationToken) {
// if we're anonymous, try to see if we can reactivate a remember-me session
Authentication anonAuth = authentication;
authentication = rememberMeServices.autoLogin(request, response);
if (authentication == null) {
authentication = anonAuth;
}
}
if (authentication == null || "anonymousUser".equals(authentication.getPrincipal())) {
return generateStatusResponse(RestStatusResponse.USER_NOT_SIGNED_IN);
} else {
SecurityContextHolder.getContext().setAuthentication(authentication);
User authUser = ((KeystoreEnabledUserDetails) authentication.getPrincipal()).getUser();
return generateUserResponse(userService.getByUsername(authUser.getUsername()));
}
}
Also used :
User(won.owner.model.User)
Authentication(org.springframework.security.core.Authentication)
SecurityContext(org.springframework.security.core.context.SecurityContext)
KeystoreEnabledUserDetails(won.owner.service.impl.KeystoreEnabledUserDetails)
AnonymousAuthenticationToken(org.springframework.security.authentication.AnonymousAuthenticationToken)
ResponseBody(org.springframework.web.bind.annotation.ResponseBody)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 2 with KeystoreEnabledUserDetails
use of won.owner.service.impl.KeystoreEnabledUserDetails in project webofneeds by researchstudio-sat.
the class RestUserController method exportAccount.
@ResponseBody
@RequestMapping(value = "/exportAccount", method = RequestMethod.POST)
public ResponseEntity exportAccount(@RequestParam(name = "keyStorePassword", required = false) String keyStorePassword) {
logger.debug("processing request to /exportAccount");
SecurityContext securityContext = SecurityContextHolder.getContext();
User authUser = ((KeystoreEnabledUserDetails) securityContext.getAuthentication().getPrincipal()).getUser();
User user = userService.getByUsername(authUser.getUsername());
String responseEmail = null;
if (user.isEmailVerified()) {
responseEmail = user.getEmail();
} else {
return generateStatusResponse(RestStatusResponse.EXPORT_NOT_VERIFIED);
}
eventPublisher.publishEvent(new OnExportUserEvent(securityContext.getAuthentication(), keyStorePassword, responseEmail));
return generateStatusResponse(RestStatusResponse.EXPORT_SUCCESS);
}
Also used :
OnExportUserEvent(won.owner.web.events.OnExportUserEvent)
User(won.owner.model.User)
SecurityContext(org.springframework.security.core.context.SecurityContext)
KeystoreEnabledUserDetails(won.owner.service.impl.KeystoreEnabledUserDetails)
ResponseBody(org.springframework.web.bind.annotation.ResponseBody)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 3 with KeystoreEnabledUserDetails
use of won.owner.service.impl.KeystoreEnabledUserDetails in project webofneeds by researchstudio-sat.
the class ExportListener method onApplicationEvent.
@Override
public void onApplicationEvent(OnExportUserEvent onExportUserEvent) {
Authentication authentication = onExportUserEvent.getAuthentication();
KeystoreEnabledUserDetails userDetails = ((KeystoreEnabledUserDetails) authentication.getPrincipal());
String password = onExportUserEvent.getKeyStorePassword();
User user = userService.getByUsername(userDetails.getUsername());
String responseMail = onExportUserEvent.getResponseEmail();
File tmpFile = null;
try {
tmpFile = File.createTempFile("won", null);
tmpFile.deleteOnExit();
ZipOutputStream zip = new ZipOutputStream(new FileOutputStream(tmpFile), Charset.forName("UTF-8"));
ZipEntry atomsEntry = new ZipEntry("export.nq");
zip.putNextEntry(atomsEntry);
user.getUserAtoms().stream().parallel().map(userAtom -> fetchAtomData(authentication, userAtom.getUri())).forEach(dataset -> {
RDFDataMgr.write(zip, dataset, RDFFormat.NQUADS_UTF8);
});
zip.closeEntry();
ZipEntry keystoreEntry = new ZipEntry("keystore.jks");
zip.putNextEntry(keystoreEntry);
if (password != null && !password.isEmpty()) {
ByteArrayOutputStream tmpStream = new ByteArrayOutputStream();
userDetails.getKeyStore().store(tmpStream, password.toCharArray());
tmpStream.writeTo(zip);
} else {
zip.write("You need to supply a keyStorePassword to get your keystore for security reasons".getBytes());
}
zip.closeEntry();
zip.close();
emailSender.sendExportMessage(onExportUserEvent.getResponseEmail(), tmpFile);
} catch (LinkedDataFetchingException e) {
logger.warn(e.getMessage());
emailSender.sendExportFailedMessage(responseMail);
} catch (KeyStoreException | NoSuchAlgorithmException | CertificateException | IOException e) {
emailSender.sendExportFailedMessage(responseMail);
throw new RuntimeException(e);
} catch (Exception e) {
emailSender.sendExportFailedMessage(responseMail);
throw e;
} finally {
if (tmpFile != null) {
tmpFile.delete();
}
}
}
Also used :
ZipOutputStream(java.util.zip.ZipOutputStream)
Arrays(java.util.Arrays)
LinkedDataSource(won.protocol.util.linkeddata.LinkedDataSource)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
AuthenticationThreadLocal(won.protocol.util.AuthenticationThreadLocal)
LoggerFactory(org.slf4j.LoggerFactory)
Autowired(org.springframework.beans.factory.annotation.Autowired)
CachingLinkedDataSource(won.protocol.util.linkeddata.CachingLinkedDataSource)
KeyStoreException(java.security.KeyStoreException)
HashSet(java.util.HashSet)
OnExportUserEvent(won.owner.web.events.OnExportUserEvent)
Charset(java.nio.charset.Charset)
URI(java.net.URI)
ZipEntry(java.util.zip.ZipEntry)
Dataset(org.apache.jena.query.Dataset)
Logger(org.slf4j.Logger)
WonLinkedDataUtils(won.protocol.util.linkeddata.WonLinkedDataUtils)
MethodHandles(java.lang.invoke.MethodHandles)
WonOwnerMailSender(won.owner.web.WonOwnerMailSender)
FileOutputStream(java.io.FileOutputStream)
Set(java.util.Set)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
ApplicationListener(org.springframework.context.ApplicationListener)
LinkedDataFetchingException(won.protocol.rest.LinkedDataFetchingException)
File(java.io.File)
Component(org.springframework.stereotype.Component)
KeystoreEnabledUserDetails(won.owner.service.impl.KeystoreEnabledUserDetails)
User(won.owner.model.User)
RDFDataMgr(org.apache.jena.riot.RDFDataMgr)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
RDFFormat(org.apache.jena.riot.RDFFormat)
Authentication(org.springframework.security.core.Authentication)
UserService(won.owner.service.impl.UserService)
User(won.owner.model.User)
ZipEntry(java.util.zip.ZipEntry)
KeystoreEnabledUserDetails(won.owner.service.impl.KeystoreEnabledUserDetails)
CertificateException(java.security.cert.CertificateException)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
KeyStoreException(java.security.KeyStoreException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
IOException(java.io.IOException)
KeyStoreException(java.security.KeyStoreException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
LinkedDataFetchingException(won.protocol.rest.LinkedDataFetchingException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
Authentication(org.springframework.security.core.Authentication)
ZipOutputStream(java.util.zip.ZipOutputStream)
FileOutputStream(java.io.FileOutputStream)
LinkedDataFetchingException(won.protocol.rest.LinkedDataFetchingException)
File(java.io.File)
Aggregations
User (won.owner.model.User)3
KeystoreEnabledUserDetails (won.owner.service.impl.KeystoreEnabledUserDetails)3
Authentication (org.springframework.security.core.Authentication)2
SecurityContext (org.springframework.security.core.context.SecurityContext)2
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)2
ResponseBody (org.springframework.web.bind.annotation.ResponseBody)2
OnExportUserEvent (won.owner.web.events.OnExportUserEvent)2
ByteArrayOutputStream (java.io.ByteArrayOutputStream)1
File (java.io.File)1
FileOutputStream (java.io.FileOutputStream)1
IOException (java.io.IOException)1
MethodHandles (java.lang.invoke.MethodHandles)1
URI (java.net.URI)1
Charset (java.nio.charset.Charset)1
KeyStoreException (java.security.KeyStoreException)1
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1
CertificateException (java.security.cert.CertificateException)1
Arrays (java.util.Arrays)1
HashSet (java.util.HashSet)1
Set (java.util.Set)1
