[New] Use InvalidCredentialsException
This commit is contained in:
parent
a22a6db408
commit
292050a8f9
|
@ -1 +1 @@
|
||||||
Subproject commit 5dc94514e13d142de8e2532b3bec18b28c7855dd
|
Subproject commit d5491e4f0d0106866eea4f59c32826aa20a9d139
|
|
@ -20,7 +20,6 @@ import java.io.FileInputStream;
|
||||||
import java.text.MessageFormat;
|
import java.text.MessageFormat;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
|
|
||||||
import ch.eitchnet.privilege.base.AccessDeniedException;
|
|
||||||
import ch.eitchnet.privilege.base.PrivilegeException;
|
import ch.eitchnet.privilege.base.PrivilegeException;
|
||||||
import ch.eitchnet.privilege.handler.DefaultPrivilegeHandler;
|
import ch.eitchnet.privilege.handler.DefaultPrivilegeHandler;
|
||||||
import ch.eitchnet.privilege.handler.EncryptionHandler;
|
import ch.eitchnet.privilege.handler.EncryptionHandler;
|
||||||
|
@ -37,7 +36,6 @@ import ch.eitchnet.utils.helper.XmlHelper;
|
||||||
import li.strolch.agent.api.ComponentContainer;
|
import li.strolch.agent.api.ComponentContainer;
|
||||||
import li.strolch.agent.api.StrolchComponent;
|
import li.strolch.agent.api.StrolchComponent;
|
||||||
import li.strolch.agent.api.StrolchRealm;
|
import li.strolch.agent.api.StrolchRealm;
|
||||||
import li.strolch.exception.StrolchException;
|
|
||||||
import li.strolch.model.audit.AccessType;
|
import li.strolch.model.audit.AccessType;
|
||||||
import li.strolch.model.audit.Audit;
|
import li.strolch.model.audit.Audit;
|
||||||
import li.strolch.persistence.api.StrolchTransaction;
|
import li.strolch.persistence.api.StrolchTransaction;
|
||||||
|
@ -125,7 +123,6 @@ public class DefaultStrolchPrivilegeHandler extends StrolchComponent implements
|
||||||
@Override
|
@Override
|
||||||
public Certificate authenticate(String username, byte[] password) {
|
public Certificate authenticate(String username, byte[] password) {
|
||||||
assertContainerStarted();
|
assertContainerStarted();
|
||||||
try {
|
|
||||||
Certificate certificate = this.privilegeHandler.authenticate(username, password);
|
Certificate certificate = this.privilegeHandler.authenticate(username, password);
|
||||||
StrolchRealm realm = getContainer().getRealm(certificate);
|
StrolchRealm realm = getContainer().getRealm(certificate);
|
||||||
try (StrolchTransaction tx = realm.openTx(certificate, StrolchPrivilegeConstants.LOGIN)) {
|
try (StrolchTransaction tx = realm.openTx(certificate, StrolchPrivilegeConstants.LOGIN)) {
|
||||||
|
@ -136,9 +133,6 @@ public class DefaultStrolchPrivilegeHandler extends StrolchComponent implements
|
||||||
tx.getAuditTrail().add(tx, audit);
|
tx.getAuditTrail().add(tx, audit);
|
||||||
}
|
}
|
||||||
return certificate;
|
return certificate;
|
||||||
} catch (AccessDeniedException e) {
|
|
||||||
throw new StrolchException("Authentication credentials are invalid", e); //$NON-NLS-1$
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
|
@ -22,6 +22,7 @@ import java.util.Set;
|
||||||
|
|
||||||
import javax.ws.rs.Consumes;
|
import javax.ws.rs.Consumes;
|
||||||
import javax.ws.rs.DELETE;
|
import javax.ws.rs.DELETE;
|
||||||
|
import javax.ws.rs.HEAD;
|
||||||
import javax.ws.rs.POST;
|
import javax.ws.rs.POST;
|
||||||
import javax.ws.rs.Path;
|
import javax.ws.rs.Path;
|
||||||
import javax.ws.rs.PathParam;
|
import javax.ws.rs.PathParam;
|
||||||
|
@ -35,7 +36,11 @@ import javax.ws.rs.core.Response.Status;
|
||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
||||||
|
|
||||||
|
import com.google.gson.Gson;
|
||||||
|
import com.google.gson.JsonObject;
|
||||||
|
|
||||||
import ch.eitchnet.privilege.base.AccessDeniedException;
|
import ch.eitchnet.privilege.base.AccessDeniedException;
|
||||||
|
import ch.eitchnet.privilege.base.InvalidCredentialsException;
|
||||||
import ch.eitchnet.privilege.base.PrivilegeException;
|
import ch.eitchnet.privilege.base.PrivilegeException;
|
||||||
import ch.eitchnet.privilege.model.Certificate;
|
import ch.eitchnet.privilege.model.Certificate;
|
||||||
import ch.eitchnet.privilege.model.IPrivilege;
|
import ch.eitchnet.privilege.model.IPrivilege;
|
||||||
|
@ -111,6 +116,10 @@ public class AuthenticationService {
|
||||||
.header(HttpHeaders.AUTHORIZATION, certificate.getAuthToken())//
|
.header(HttpHeaders.AUTHORIZATION, certificate.getAuthToken())//
|
||||||
.build();
|
.build();
|
||||||
|
|
||||||
|
} catch (InvalidCredentialsException e) {
|
||||||
|
logger.error(e.getMessage(), e);
|
||||||
|
loginResult.setMsg("Could not log in as the given credentials are invalid"); //$NON-NLS-1$
|
||||||
|
return Response.status(Status.UNAUTHORIZED).entity(loginResult).build();
|
||||||
} catch (AccessDeniedException e) {
|
} catch (AccessDeniedException e) {
|
||||||
logger.error(e.getMessage(), e);
|
logger.error(e.getMessage(), e);
|
||||||
loginResult.setMsg(MessageFormat.format("Could not log in due to: {0}", e.getMessage())); //$NON-NLS-1$
|
loginResult.setMsg(MessageFormat.format("Could not log in due to: {0}", e.getMessage())); //$NON-NLS-1$
|
||||||
|
@ -130,8 +139,8 @@ public class AuthenticationService {
|
||||||
@DELETE
|
@DELETE
|
||||||
@Consumes(MediaType.APPLICATION_JSON)
|
@Consumes(MediaType.APPLICATION_JSON)
|
||||||
@Produces(MediaType.APPLICATION_JSON)
|
@Produces(MediaType.APPLICATION_JSON)
|
||||||
@Path("{sessionId}")
|
@Path("{authToken}")
|
||||||
public Response logout(@PathParam("sessionId") String sessionId) {
|
public Response logout(@PathParam("authToken") String authToken) {
|
||||||
|
|
||||||
LogoutResult logoutResult = new LogoutResult();
|
LogoutResult logoutResult = new LogoutResult();
|
||||||
|
|
||||||
|
@ -139,11 +148,11 @@ public class AuthenticationService {
|
||||||
|
|
||||||
StrolchSessionHandler sessionHandlerHandler = RestfulStrolchComponent.getInstance()
|
StrolchSessionHandler sessionHandlerHandler = RestfulStrolchComponent.getInstance()
|
||||||
.getComponent(StrolchSessionHandler.class);
|
.getComponent(StrolchSessionHandler.class);
|
||||||
Certificate certificate = sessionHandlerHandler.validate(sessionId);
|
Certificate certificate = sessionHandlerHandler.validate(authToken);
|
||||||
sessionHandlerHandler.invalidate(certificate);
|
sessionHandlerHandler.invalidate(certificate);
|
||||||
|
|
||||||
logoutResult.setUsername(certificate.getUsername());
|
logoutResult.setUsername(certificate.getUsername());
|
||||||
logoutResult.setSessionId(sessionId);
|
logoutResult.setAuthToken(authToken);
|
||||||
logoutResult.setMsg(MessageFormat.format("{0} has been logged out.", certificate.getUsername())); //$NON-NLS-1$
|
logoutResult.setMsg(MessageFormat.format("{0} has been logged out.", certificate.getUsername())); //$NON-NLS-1$
|
||||||
return Response.ok().entity(logoutResult).build();
|
return Response.ok().entity(logoutResult).build();
|
||||||
|
|
||||||
|
@ -158,4 +167,34 @@ public class AuthenticationService {
|
||||||
return Response.serverError().entity(logoutResult).build();
|
return Response.serverError().entity(logoutResult).build();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@HEAD
|
||||||
|
@Consumes(MediaType.APPLICATION_JSON)
|
||||||
|
@Produces(MediaType.APPLICATION_JSON)
|
||||||
|
@Path("{authToken}")
|
||||||
|
public Response validateSessions(@PathParam("authToken") String authToken) {
|
||||||
|
|
||||||
|
try {
|
||||||
|
|
||||||
|
StrolchSessionHandler sessionHandlerHandler = RestfulStrolchComponent.getInstance()
|
||||||
|
.getComponent(StrolchSessionHandler.class);
|
||||||
|
sessionHandlerHandler.validate(authToken);
|
||||||
|
|
||||||
|
return Response.ok().build();
|
||||||
|
|
||||||
|
} catch (StrolchException | PrivilegeException e) {
|
||||||
|
logger.error(e.getMessage(), e);
|
||||||
|
JsonObject root = new JsonObject();
|
||||||
|
root.addProperty("msg", MessageFormat.format("Session invalid: {0}", e.getMessage()));
|
||||||
|
String json = new Gson().toJson(root);
|
||||||
|
return Response.status(Status.UNAUTHORIZED).entity(json).build();
|
||||||
|
} catch (Exception e) {
|
||||||
|
logger.error(e.getMessage(), e);
|
||||||
|
String msg = e.getMessage();
|
||||||
|
JsonObject root = new JsonObject();
|
||||||
|
root.addProperty("msg", MessageFormat.format("Session invalid: {0}: {1}", e.getClass().getName(), msg));
|
||||||
|
String json = new Gson().toJson(root);
|
||||||
|
return Response.serverError().entity(json).build();
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -30,8 +30,8 @@ public class LogoutResult {
|
||||||
@XmlAttribute(name = "username")
|
@XmlAttribute(name = "username")
|
||||||
private String username;
|
private String username;
|
||||||
|
|
||||||
@XmlAttribute(name = "sessionId")
|
@XmlAttribute(name = "authToken")
|
||||||
private String sessionId;
|
private String authToken;
|
||||||
|
|
||||||
@XmlAttribute(name = "msg")
|
@XmlAttribute(name = "msg")
|
||||||
private String msg;
|
private String msg;
|
||||||
|
@ -71,17 +71,17 @@ public class LogoutResult {
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return the sessionId
|
* @return the authToken
|
||||||
*/
|
*/
|
||||||
public String getSessionId() {
|
public String getSessionId() {
|
||||||
return this.sessionId;
|
return this.authToken;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param sessionId
|
* @param authToken
|
||||||
* the sessionId to set
|
* the authToken to set
|
||||||
*/
|
*/
|
||||||
public void setSessionId(String sessionId) {
|
public void setAuthToken(String authToken) {
|
||||||
this.sessionId = sessionId;
|
this.authToken = authToken;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue