[New] Use InvalidCredentialsException

ch.eitchnet.privilege

@@ -1 +1 @@
-Subproject commit 5dc94514e13d142de8e2532b3bec18b28c7855dd
+Subproject commit d5491e4f0d0106866eea4f59c32826aa20a9d139

li.strolch.agent/src/main/java/li/strolch/runtime/privilege/DefaultStrolchPrivilegeHandler.java

@@ -20,7 +20,6 @@ import java.io.FileInputStream;
 import java.text.MessageFormat;
 import java.util.Map;
 
-import ch.eitchnet.privilege.base.AccessDeniedException;
 import ch.eitchnet.privilege.base.PrivilegeException;
 import ch.eitchnet.privilege.handler.DefaultPrivilegeHandler;
 import ch.eitchnet.privilege.handler.EncryptionHandler;
@@ -37,7 +36,6 @@ import ch.eitchnet.utils.helper.XmlHelper;
 import li.strolch.agent.api.ComponentContainer;
 import li.strolch.agent.api.StrolchComponent;
 import li.strolch.agent.api.StrolchRealm;
-import li.strolch.exception.StrolchException;
 import li.strolch.model.audit.AccessType;
 import li.strolch.model.audit.Audit;
 import li.strolch.persistence.api.StrolchTransaction;
@@ -125,20 +123,16 @@ public class DefaultStrolchPrivilegeHandler extends StrolchComponent implements
 	@Override
 	public Certificate authenticate(String username, byte[] password) {
 		assertContainerStarted();
-		try {
+		Certificate certificate = this.privilegeHandler.authenticate(username, password);
-			Certificate certificate = this.privilegeHandler.authenticate(username, password);
+		StrolchRealm realm = getContainer().getRealm(certificate);
-			StrolchRealm realm = getContainer().getRealm(certificate);
+		try (StrolchTransaction tx = realm.openTx(certificate, StrolchPrivilegeConstants.LOGIN)) {
-			try (StrolchTransaction tx = realm.openTx(certificate, StrolchPrivilegeConstants.LOGIN)) {
+			tx.setSuppressDoNothingLogging(true);
-				tx.setSuppressDoNothingLogging(true);
+			tx.setSuppressAudits(true);
-				tx.setSuppressAudits(true);
+			Audit audit = tx.auditFrom(AccessType.CREATE, StrolchPrivilegeConstants.PRIVILEGE,
-				Audit audit = tx.auditFrom(AccessType.CREATE, StrolchPrivilegeConstants.PRIVILEGE,
+					StrolchPrivilegeConstants.CERTIFICATE, username);
-						StrolchPrivilegeConstants.CERTIFICATE, username);
+			tx.getAuditTrail().add(tx, audit);
-				tx.getAuditTrail().add(tx, audit);
-			}
-			return certificate;
-		} catch (AccessDeniedException e) {
-			throw new StrolchException("Authentication credentials are invalid", e); //$NON-NLS-1$
 		}
+		return certificate;
 	}
 
 	@Override

li.strolch.rest/src/main/java/li/strolch/rest/endpoint/AuthenticationService.java

@@ -22,6 +22,7 @@ import java.util.Set;
 
 import javax.ws.rs.Consumes;
 import javax.ws.rs.DELETE;
+import javax.ws.rs.HEAD;
 import javax.ws.rs.POST;
 import javax.ws.rs.Path;
 import javax.ws.rs.PathParam;
@@ -35,7 +36,11 @@ import javax.ws.rs.core.Response.Status;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import com.google.gson.Gson;
+import com.google.gson.JsonObject;
+
 import ch.eitchnet.privilege.base.AccessDeniedException;
+import ch.eitchnet.privilege.base.InvalidCredentialsException;
 import ch.eitchnet.privilege.base.PrivilegeException;
 import ch.eitchnet.privilege.model.Certificate;
 import ch.eitchnet.privilege.model.IPrivilege;
@@ -111,6 +116,10 @@ public class AuthenticationService {
 					.header(HttpHeaders.AUTHORIZATION, certificate.getAuthToken())//
 					.build();
 
+		} catch (InvalidCredentialsException e) {
+			logger.error(e.getMessage(), e);
+			loginResult.setMsg("Could not log in as the given credentials are invalid"); //$NON-NLS-1$
+			return Response.status(Status.UNAUTHORIZED).entity(loginResult).build();
 		} catch (AccessDeniedException e) {
 			logger.error(e.getMessage(), e);
 			loginResult.setMsg(MessageFormat.format("Could not log in due to: {0}", e.getMessage())); //$NON-NLS-1$
@@ -130,8 +139,8 @@ public class AuthenticationService {
 	@DELETE
 	@Consumes(MediaType.APPLICATION_JSON)
 	@Produces(MediaType.APPLICATION_JSON)
-	@Path("{sessionId}")
+	@Path("{authToken}")
-	public Response logout(@PathParam("sessionId") String sessionId) {
+	public Response logout(@PathParam("authToken") String authToken) {
 
 		LogoutResult logoutResult = new LogoutResult();
 
@@ -139,11 +148,11 @@ public class AuthenticationService {
 
 			StrolchSessionHandler sessionHandlerHandler = RestfulStrolchComponent.getInstance()
 					.getComponent(StrolchSessionHandler.class);
-			Certificate certificate = sessionHandlerHandler.validate(sessionId);
+			Certificate certificate = sessionHandlerHandler.validate(authToken);
 			sessionHandlerHandler.invalidate(certificate);
 
 			logoutResult.setUsername(certificate.getUsername());
-			logoutResult.setSessionId(sessionId);
+			logoutResult.setAuthToken(authToken);
 			logoutResult.setMsg(MessageFormat.format("{0} has been logged out.", certificate.getUsername())); //$NON-NLS-1$
 			return Response.ok().entity(logoutResult).build();
 
@@ -158,4 +167,34 @@ public class AuthenticationService {
 			return Response.serverError().entity(logoutResult).build();
 		}
 	}
+
+	@HEAD
+	@Consumes(MediaType.APPLICATION_JSON)
+	@Produces(MediaType.APPLICATION_JSON)
+	@Path("{authToken}")
+	public Response validateSessions(@PathParam("authToken") String authToken) {
+
+		try {
+
+			StrolchSessionHandler sessionHandlerHandler = RestfulStrolchComponent.getInstance()
+					.getComponent(StrolchSessionHandler.class);
+			sessionHandlerHandler.validate(authToken);
+
+			return Response.ok().build();
+
+		} catch (StrolchException | PrivilegeException e) {
+			logger.error(e.getMessage(), e);
+			JsonObject root = new JsonObject();
+			root.addProperty("msg", MessageFormat.format("Session invalid: {0}", e.getMessage()));
+			String json = new Gson().toJson(root);
+			return Response.status(Status.UNAUTHORIZED).entity(json).build();
+		} catch (Exception e) {
+			logger.error(e.getMessage(), e);
+			String msg = e.getMessage();
+			JsonObject root = new JsonObject();
+			root.addProperty("msg", MessageFormat.format("Session invalid: {0}: {1}", e.getClass().getName(), msg));
+			String json = new Gson().toJson(root);
+			return Response.serverError().entity(json).build();
+		}
+	}
 }

li.strolch.rest/src/main/java/li/strolch/rest/model/LogoutResult.java

@@ -30,8 +30,8 @@ public class LogoutResult {
 	@XmlAttribute(name = "username")
 	private String username;
 
-	@XmlAttribute(name = "sessionId")
+	@XmlAttribute(name = "authToken")
-	private String sessionId;
+	private String authToken;
 
 	@XmlAttribute(name = "msg")
 	private String msg;
@@ -71,17 +71,17 @@ public class LogoutResult {
 	}
 
 	/**
-	 * @return the sessionId
+	 * @return the authToken
 	 */
 	public String getSessionId() {
-		return this.sessionId;
+		return this.authToken;
 	}
 
 	/**
-	 * @param sessionId
+	 * @param authToken
-	 *            the sessionId to set
+	 *            the authToken to set
 	 */
-	public void setSessionId(String sessionId) {
+	public void setAuthToken(String authToken) {
-		this.sessionId = sessionId;
+		this.authToken = authToken;
 	}
 }