This is an automated email from the git hooks/post-receive script. New commit to branch feature/pollen-riot-js in repository pollen. See https://gitlab.nuiton.org/chorem/pollen.git commit e518f4b9bccf11a45e11ff3284e123ba299da0b2 Author: Tony CHEMIT <dev@tchemit.fr> Date: Tue Jan 17 08:56:35 2017 +0100 Can authentice via the cookie --- .../rest/api/PollenRestApiRequestFilter.java | 47 +------------------ .../org/chorem/pollen/rest/api/v1/AuthApi.java | 54 ++++++++++++++++++---- .../chorem/pollen/rest/api/v1/PollenUserApi.java | 10 +++- pollen-rest-api/src/main/resources/mapping | 1 + 4 files changed, 58 insertions(+), 54 deletions(-) diff --git a/pollen-rest-api/src/main/java/org/chorem/pollen/rest/api/PollenRestApiRequestFilter.java b/pollen-rest-api/src/main/java/org/chorem/pollen/rest/api/PollenRestApiRequestFilter.java index eb64c6c..39055b9 100644 --- a/pollen-rest-api/src/main/java/org/chorem/pollen/rest/api/PollenRestApiRequestFilter.java +++ b/pollen-rest-api/src/main/java/org/chorem/pollen/rest/api/PollenRestApiRequestFilter.java @@ -39,11 +39,12 @@ import org.debux.webmotion.server.call.HttpContext; import org.debux.webmotion.server.render.Render; import org.debux.webmotion.server.render.RenderStatus; -import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletResponse; import java.util.Locale; import java.util.Map; +import static org.chorem.pollen.rest.api.v1.AuthApi.COOKIE_POLLEN_AUTH; + /** * Inject {@link PollenRestApiRequestContext} in services. * @@ -55,10 +56,6 @@ public class PollenRestApiRequestFilter extends WebMotionFilter { private static final String HEADER_ACCESS_CONTROL_REQUEST_HEADERS = "Access-Control-Request-Headers"; private static final String HEADER_ACCESS_CONTROL_ALLOW_HEADERS = "Access-Control-Allow-Headers"; - private static final String COOKIE_POLLEN_AUTH = "pollen-auth"; - private static final String COOKIE_POLLEN_CONNECTED = "pollen-connected"; - private final static int COOKIE_MAX_AGE = 60 * 60 * 24 * 365; // 1 year - public static final String REQUEST_PERMISSION_PARAMETER = "permission"; public static final String REQUEST_HEADER_SESSION_TOKEN = "X-Pollen-Session-Token"; @@ -102,46 +99,6 @@ public class PollenRestApiRequestFilter extends WebMotionFilter { doProcess(); - PollenSecurityContext securityContext = pollenRestApiRequestContext.getSecurityContext(); - if (securityContext.isConnected()) { - - // add auth cookies - - SessionToken sessionToken = securityContext.getSessionToken(); - String value = pollenRestApiRequestContext.getSecurityService().encrypt( - sessionToken.getPollenUser().getTopiaId(), - sessionToken.getPollenToken().getToken() - ); - Cookie authCookie = new Cookie(COOKIE_POLLEN_AUTH, value); - authCookie.setPath("/"); - authCookie.setMaxAge(COOKIE_MAX_AGE); - response.addCookie(authCookie); - - Cookie connectedCookie = new Cookie(COOKIE_POLLEN_CONNECTED, "true"); - connectedCookie.setPath("/"); - connectedCookie.setMaxAge(COOKIE_MAX_AGE); - response.addCookie(connectedCookie); - - if (log.isDebugEnabled()) { - log.debug("Add auth cookie:: " + authCookie.getValue()); - } - - } else { - - // remove auth cookies - - Cookie authCookie = new Cookie(COOKIE_POLLEN_AUTH, ""); - authCookie.setPath("/"); - authCookie.setMaxAge(0); - response.addCookie(authCookie); - - Cookie connectedCookie = new Cookie(COOKIE_POLLEN_CONNECTED, ""); - connectedCookie.setPath("/"); - connectedCookie.setMaxAge(0); - response.addCookie(connectedCookie); - - } - } private PollenRestApiRequestContext prepareRequestContext(HttpContext context) throws PollenInvalidSessionTokenException, PollenCypherTechnicalException { diff --git a/pollen-rest-api/src/main/java/org/chorem/pollen/rest/api/v1/AuthApi.java b/pollen-rest-api/src/main/java/org/chorem/pollen/rest/api/v1/AuthApi.java index 79f05c1..5f2d0c3 100644 --- a/pollen-rest-api/src/main/java/org/chorem/pollen/rest/api/v1/AuthApi.java +++ b/pollen-rest-api/src/main/java/org/chorem/pollen/rest/api/v1/AuthApi.java @@ -25,23 +25,22 @@ import org.apache.commons.lang3.StringUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.shiro.codec.Base64; -import org.chorem.pollen.persistence.entity.PollenToken; -import org.chorem.pollen.persistence.entity.PollenTokenImpl; import org.chorem.pollen.persistence.entity.PollenUser; import org.chorem.pollen.persistence.entity.SessionToken; -import org.chorem.pollen.persistence.entity.SessionTokenImpl; import org.chorem.pollen.rest.api.PollenRestApiRequestContext; import org.chorem.pollen.services.bean.PollenEntityRef; import org.chorem.pollen.services.service.PollenUserService; -import org.chorem.pollen.services.service.security.DefaultPollenSecurityContext; import org.chorem.pollen.services.service.security.MissingAuthenticationException; import org.chorem.pollen.services.service.security.PollenAuthenticationException; -import org.chorem.pollen.services.service.security.PollenInvalidEmailActivationTokenException; +import org.chorem.pollen.services.service.security.PollenCypherTechnicalException; import org.chorem.pollen.services.service.security.PollenInvalidSessionTokenException; import org.chorem.pollen.services.service.security.SecurityService; import org.debux.webmotion.server.WebMotionController; import org.debux.webmotion.server.call.HttpContext; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletResponse; + /** * TODO * @@ -53,7 +52,11 @@ public class AuthApi extends WebMotionController { /** Logger */ private static final Log log = LogFactory.getLog(AuthApi.class); - public PollenEntityRef<PollenUser> login(HttpContext requestContext, SecurityService securityService) throws PollenAuthenticationException, MissingAuthenticationException, PollenInvalidSessionTokenException { + public static final String COOKIE_POLLEN_AUTH = "pollen-auth"; + private static final String COOKIE_POLLEN_CONNECTED = "pollen-connected"; + private final static int COOKIE_MAX_AGE = 60 * 60 * 24 * 365; // 1 year + + public PollenEntityRef<PollenUser> login(HttpContext requestContext, SecurityService securityService) throws PollenAuthenticationException, MissingAuthenticationException, PollenInvalidSessionTokenException, PollenCypherTechnicalException { String authHeader = requestContext.getHeader("Authorization"); @@ -72,8 +75,31 @@ public class AuthApi extends WebMotionController { // Inject the session token in security context PollenRestApiRequestContext pollenRestApiRequestContext = PollenRestApiRequestContext.getRequestContext(requestContext); - SessionToken sessionTokenByToken = securityService.getSessionTokenByToken(userPollenEntityRef.getPermission()); - pollenRestApiRequestContext.getSecurityContext().setSessionToken(sessionTokenByToken); + SessionToken sessionToken = securityService.getSessionTokenByToken(userPollenEntityRef.getPermission()); + + pollenRestApiRequestContext.getSecurityContext().setSessionToken(sessionToken); + + // add auth cookies + + String value = pollenRestApiRequestContext.getSecurityService().encrypt( + sessionToken.getPollenUser().getTopiaId(), + sessionToken.getPollenToken().getToken() + ); + HttpServletResponse response = requestContext.getResponse(); + + Cookie authCookie = new Cookie(COOKIE_POLLEN_AUTH, value); + authCookie.setPath("/"); + authCookie.setMaxAge(COOKIE_MAX_AGE); + response.addCookie(authCookie); + + Cookie connectedCookie = new Cookie(COOKIE_POLLEN_CONNECTED, "true"); + connectedCookie.setPath("/"); + connectedCookie.setMaxAge(COOKIE_MAX_AGE); + response.addCookie(connectedCookie); + + if (log.isDebugEnabled()) { + log.debug("Add auth cookie:: " + authCookie.getValue()); + } return userPollenEntityRef; } @@ -95,6 +121,18 @@ public class AuthApi extends WebMotionController { // Remove the session token from security context PollenRestApiRequestContext.getRequestContext(requestContext).getSecurityContext().setSessionToken(null); + HttpServletResponse response = requestContext.getResponse(); + + Cookie authCookie = new Cookie(COOKIE_POLLEN_AUTH, ""); + authCookie.setPath("/"); + authCookie.setMaxAge(0); + response.addCookie(authCookie); + + Cookie connectedCookie = new Cookie(COOKIE_POLLEN_CONNECTED, ""); + connectedCookie.setPath("/"); + connectedCookie.setMaxAge(0); + response.addCookie(connectedCookie); + } public void lostPassword(SecurityService securityService, String login) { diff --git a/pollen-rest-api/src/main/java/org/chorem/pollen/rest/api/v1/PollenUserApi.java b/pollen-rest-api/src/main/java/org/chorem/pollen/rest/api/v1/PollenUserApi.java index 2ae88d8..3b1ac5d 100644 --- a/pollen-rest-api/src/main/java/org/chorem/pollen/rest/api/v1/PollenUserApi.java +++ b/pollen-rest-api/src/main/java/org/chorem/pollen/rest/api/v1/PollenUserApi.java @@ -22,16 +22,17 @@ package org.chorem.pollen.rest.api.v1; */ import org.chorem.pollen.persistence.entity.PollenUser; +import org.chorem.pollen.rest.api.PollenRestApiRequestContext; import org.chorem.pollen.services.bean.PaginationParameterBean; import org.chorem.pollen.services.bean.PaginationResultBean; import org.chorem.pollen.services.bean.PollenEntityId; import org.chorem.pollen.services.bean.PollenEntityRef; import org.chorem.pollen.services.bean.PollenUserBean; import org.chorem.pollen.services.service.InvalidFormException; -import org.chorem.pollen.services.service.NotificationService; import org.chorem.pollen.services.service.PollenUserService; import org.chorem.pollen.services.service.security.PollenInvalidEmailActivationTokenException; import org.debux.webmotion.server.WebMotionController; +import org.debux.webmotion.server.call.HttpContext; /** * TODO @@ -47,6 +48,13 @@ public class PollenUserApi extends WebMotionController { } + public PollenUserBean getConnectedUser(HttpContext context, PollenUserService pollenUserService) { + PollenRestApiRequestContext pollenRestApiRequestContext = PollenRestApiRequestContext.getRequestContext(context); + PollenUser pollenUser = pollenRestApiRequestContext.getSecurityContext().getPollenUser(); + return pollenUserService.getUser(pollenUser.getTopiaId()); + + } + public PollenUserBean getUser(PollenUserService pollenUserService, PollenEntityId<PollenUser> userId) { return pollenUserService.getUser(userId.getEntityId()); diff --git a/pollen-rest-api/src/main/resources/mapping b/pollen-rest-api/src/main/resources/mapping index e68db7b..83822b2 100644 --- a/pollen-rest-api/src/main/resources/mapping +++ b/pollen-rest-api/src/main/resources/mapping @@ -132,6 +132,7 @@ GET /v1/resources/{resourceId}/{n} forward:/v1/resources/{resour # PollenUserApi GET /v1/users PollenUserApi.getUsers +GET /v1/users/connected PollenUserApi.getConnectedUser GET /v1/users/{userId} PollenUserApi.getUser POST /v1/users PollenUserApi.createUser POST /v1/users/{userId} PollenUserApi.editUser -- To stop receiving notification emails like this one, please contact chorem.org SCM administrator <admin+scm@chorem.org>.