diff --git a/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/AuthenticationService.java b/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/AuthenticationService.java index 2b75daf57..604a2f973 100644 --- a/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/AuthenticationService.java +++ b/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/AuthenticationService.java @@ -62,38 +62,36 @@ public class AuthenticationService { try { - StringBuilder sb = new StringBuilder(); - JsonElement usernameE = login.get("username"); - if (usernameE == null || usernameE.getAsString().length() < 2) { - sb.append("Username was not given or is too short!"); //$NON-NLS-1$ + if (!login.has("username") || login.get("username").getAsString().length() < 2) { + logger.error("Authentication failed: Username was not given or is too short!"); + loginResult.addProperty("msg", MessageFormat.format("Could not log in due to: {0}", + "Username was not given or is too short!")); //$NON-NLS-2$ + return Response.status(Status.BAD_REQUEST).entity(loginResult.toString()).build(); } - JsonElement passwordE = login.get("password"); - if (passwordE == null) { - if (sb.length() > 0) - sb.append("\n"); - sb.append("Password was not given!"); //$NON-NLS-1$ + if (!login.has("password") || login.get("password").getAsString().length() < 3) { + logger.error("Authentication failed: Password was not given or is too short!"); + loginResult.addProperty("msg", MessageFormat.format("Could not log in due to: {0}", + "Password was not given or is too short!")); //$NON-NLS-2$ + return Response.status(Status.BAD_REQUEST).entity(loginResult.toString()).build(); } - char[] password = passwordE == null ? - new char[] {} : - new String(Base64.getDecoder().decode(passwordE.getAsString())).toCharArray(); + String username = login.get("username").getAsString(); + String passwordEncoded = login.get("password").getAsString(); + + byte[] decode = Base64.getDecoder().decode(passwordEncoded); + char[] password = new String(decode).toCharArray(); + if (password.length < 3) { - if (sb.length() > 0) - sb.append("\n"); - sb.append("Password not given or too short!"); //$NON-NLS-1$ - } - - if (sb.length() != 0) { - logger.error("Authentication failed due to: " + sb.toString()); - loginResult.addProperty("msg", - MessageFormat.format("Could not log in due to: {0}", sb.toString())); //$NON-NLS-2$ + logger.error("Authentication failed: Password was not given or is too short!"); + loginResult.addProperty("msg", MessageFormat.format("Could not log in due to: {0}", + "Password was not given or is too short!")); //$NON-NLS-2$ return Response.status(Status.BAD_REQUEST).entity(loginResult.toString()).build(); } StrolchSessionHandler sessionHandler = RestfulStrolchComponent.getInstance().getSessionHandler(); String source = getRemoteIp(request); - Certificate certificate = sessionHandler.authenticate(usernameE.getAsString(), password, source); + Certificate certificate = sessionHandler.authenticate(username, password, source); return getAuthenticationResponse(request, loginResult, certificate, source); diff --git a/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/PrivilegeUsersService.java b/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/PrivilegeUsersService.java index 552d45661..3d518a772 100644 --- a/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/PrivilegeUsersService.java +++ b/li.strolch.rest/src/main/java/li/strolch/rest/endpoint/PrivilegeUsersService.java @@ -48,6 +48,8 @@ import li.strolch.service.JsonServiceArgument; import li.strolch.service.api.ServiceHandler; import li.strolch.service.api.ServiceResult; import li.strolch.service.privilege.users.*; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; /** * @author Robert von Burg @@ -55,6 +57,8 @@ import li.strolch.service.privilege.users.*; @Path("strolch/privilege/users") public class PrivilegeUsersService { + private static final Logger logger = LoggerFactory.getLogger(PrivilegeUsersService.class); + private PrivilegeHandler getPrivilegeHandler() { ComponentContainer container = RestfulStrolchComponent.getInstance().getContainer(); return container.getPrivilegeHandler().getPrivilegeHandler(); @@ -270,26 +274,38 @@ public class PrivilegeUsersService { @Context HttpServletRequest request) { Certificate cert = (Certificate) request.getAttribute(StrolchRestfulConstants.STROLCH_CERTIFICATE); - String password = new JsonParser().parse(data).getAsJsonObject().get("password").getAsString(); - char[] passwordChars = new String(Base64.getDecoder().decode(password)).toCharArray(); + try { - ServiceHandler svcHandler = RestfulStrolchComponent.getInstance().getComponent(ServiceHandler.class); - PrivilegeSetUserPasswordService svc = new PrivilegeSetUserPasswordService(); - PrivilegeSetUserPasswordArgument arg = new PrivilegeSetUserPasswordArgument(); - arg.username = username; - arg.password = passwordChars; + JsonObject jsonObject = new JsonParser().parse(data).getAsJsonObject(); - ServiceResult svcResult = svcHandler.doService(cert, svc, arg); - if (svcResult.isNok()) - return ResponseUtil.toResponse(svcResult); + String passwordEncoded = jsonObject.get("password").getAsString(); + byte[] decode = Base64.getDecoder().decode(passwordEncoded); + String passwordString = new String(decode); - // if user changes their own password, then invalidate the session - if (cert.getUsername().equals(username)) { - StrolchSessionHandler sessionHandler = RestfulStrolchComponent.getInstance().getSessionHandler(); - sessionHandler.invalidate(cert); + ServiceHandler svcHandler = RestfulStrolchComponent.getInstance().getComponent(ServiceHandler.class); + PrivilegeSetUserPasswordService svc = new PrivilegeSetUserPasswordService(); + PrivilegeSetUserPasswordArgument arg = new PrivilegeSetUserPasswordArgument(); + arg.username = username; + arg.password = passwordString.toCharArray(); + + ServiceResult svcResult = svcHandler.doService(cert, svc, arg); + if (svcResult.isNok()) + return ResponseUtil.toResponse(svcResult); + + // if user changes their own password, then invalidate the session + if (cert.getUsername().equals(username)) { + StrolchSessionHandler sessionHandler = RestfulStrolchComponent.getInstance().getSessionHandler(); + sessionHandler.invalidate(cert); + } + + return ResponseUtil.toResponse(); + + } catch (Exception e) { + logger.error(e.getMessage(), e); + String msg = e.getMessage(); + return ResponseUtil.toResponse("Failed to set password: ", + MessageFormat.format("{0}: {1}", e.getClass().getName(), msg)); } - - return ResponseUtil.toResponse(); } private Response handleServiceResult(PrivilegeUserResult svcResult) { diff --git a/li.strolch.service/src/main/java/li/strolch/execution/command/SetActionToClosedCommand.java b/li.strolch.service/src/main/java/li/strolch/execution/command/SetActionToClosedCommand.java index 76d0a82d1..7dede423d 100644 --- a/li.strolch.service/src/main/java/li/strolch/execution/command/SetActionToClosedCommand.java +++ b/li.strolch.service/src/main/java/li/strolch/execution/command/SetActionToClosedCommand.java @@ -43,7 +43,7 @@ public class SetActionToClosedCommand extends ExecutionCommand { tx().lock(getResourceLocator(this.action)); if (this.action.getState() == State.CLOSED) { - logger.warn("Action " + this.action.getLocator() + " is already in CLOSED! Not changing."); + logger.warn("Action " + this.action.getLocator() + " is already in state CLOSED! Not changing."); return; } diff --git a/li.strolch.service/src/main/java/li/strolch/execution/command/SetActionToCreatedCommand.java b/li.strolch.service/src/main/java/li/strolch/execution/command/SetActionToCreatedCommand.java index 7ddb90df4..ff619f847 100644 --- a/li.strolch.service/src/main/java/li/strolch/execution/command/SetActionToCreatedCommand.java +++ b/li.strolch.service/src/main/java/li/strolch/execution/command/SetActionToCreatedCommand.java @@ -43,7 +43,7 @@ public class SetActionToCreatedCommand extends ExecutionCommand { tx().lock(getResourceLocator(this.action)); if (this.action.getState() == State.CREATED) { - logger.warn("Action " + this.action.getLocator() + " is already in CREATED! Not changing."); + logger.warn("Action " + this.action.getLocator() + " is already in state CREATED! Not changing."); return; } diff --git a/li.strolch.service/src/main/java/li/strolch/execution/command/SetActionToErrorCommand.java b/li.strolch.service/src/main/java/li/strolch/execution/command/SetActionToErrorCommand.java index ac51c730c..f04a77148 100644 --- a/li.strolch.service/src/main/java/li/strolch/execution/command/SetActionToErrorCommand.java +++ b/li.strolch.service/src/main/java/li/strolch/execution/command/SetActionToErrorCommand.java @@ -43,7 +43,7 @@ public class SetActionToErrorCommand extends ExecutionCommand { tx().lock(getResourceLocator(this.action)); if (this.action.getState() == State.ERROR) { - logger.warn("Action " + this.action.getLocator() + " is already in ERROR! Not changing."); + logger.warn("Action " + this.action.getLocator() + " is already in state ERROR! Not changing."); return; } diff --git a/li.strolch.service/src/main/java/li/strolch/execution/command/SetActionToExecutedCommand.java b/li.strolch.service/src/main/java/li/strolch/execution/command/SetActionToExecutedCommand.java index fdb3f0330..9cae0dbc6 100644 --- a/li.strolch.service/src/main/java/li/strolch/execution/command/SetActionToExecutedCommand.java +++ b/li.strolch.service/src/main/java/li/strolch/execution/command/SetActionToExecutedCommand.java @@ -43,7 +43,7 @@ public class SetActionToExecutedCommand extends ExecutionCommand { tx().lock(getResourceLocator(this.action)); if (this.action.getState() == State.EXECUTED) { - logger.warn("Action " + this.action.getLocator() + " is already in EXECUTED! Not changing."); + logger.warn("Action " + this.action.getLocator() + " is already in state EXECUTED! Not changing."); return; } diff --git a/li.strolch.service/src/main/java/li/strolch/execution/command/SetActionToPlannedCommand.java b/li.strolch.service/src/main/java/li/strolch/execution/command/SetActionToPlannedCommand.java index 846f0095d..028bd8adf 100644 --- a/li.strolch.service/src/main/java/li/strolch/execution/command/SetActionToPlannedCommand.java +++ b/li.strolch.service/src/main/java/li/strolch/execution/command/SetActionToPlannedCommand.java @@ -43,7 +43,7 @@ public class SetActionToPlannedCommand extends ExecutionCommand { tx().lock(getResourceLocator(this.action)); if (this.action.getState() == State.PLANNED) { - logger.warn("Action " + this.action.getLocator() + " is already in PLANNED! Not changing."); + logger.warn("Action " + this.action.getLocator() + " is already in state PLANNED! Not changing."); return; } diff --git a/li.strolch.service/src/main/java/li/strolch/execution/command/SetActionToPlanningCommand.java b/li.strolch.service/src/main/java/li/strolch/execution/command/SetActionToPlanningCommand.java index 32cbfb88e..beff9b1af 100644 --- a/li.strolch.service/src/main/java/li/strolch/execution/command/SetActionToPlanningCommand.java +++ b/li.strolch.service/src/main/java/li/strolch/execution/command/SetActionToPlanningCommand.java @@ -43,7 +43,7 @@ public class SetActionToPlanningCommand extends ExecutionCommand { tx().lock(getResourceLocator(this.action)); if (this.action.getState() == State.PLANNING) { - logger.warn("Action " + this.action.getLocator() + " is already in PLANNING! Not changing."); + logger.warn("Action " + this.action.getLocator() + " is already in state PLANNING! Not changing."); return; } diff --git a/li.strolch.service/src/main/java/li/strolch/execution/command/SetActionToStoppedCommand.java b/li.strolch.service/src/main/java/li/strolch/execution/command/SetActionToStoppedCommand.java index f45b26780..277804f8b 100644 --- a/li.strolch.service/src/main/java/li/strolch/execution/command/SetActionToStoppedCommand.java +++ b/li.strolch.service/src/main/java/li/strolch/execution/command/SetActionToStoppedCommand.java @@ -43,7 +43,7 @@ public class SetActionToStoppedCommand extends ExecutionCommand { tx().lock(getResourceLocator(this.action)); if (this.action.getState() == State.STOPPED) { - logger.warn("Action " + this.action.getLocator() + " is already in STOPPED! Not changing."); + logger.warn("Action " + this.action.getLocator() + " is already in state STOPPED! Not changing."); return; } diff --git a/li.strolch.service/src/main/java/li/strolch/execution/command/SetActionToWarningCommand.java b/li.strolch.service/src/main/java/li/strolch/execution/command/SetActionToWarningCommand.java index 4cf980f82..3e1217560 100644 --- a/li.strolch.service/src/main/java/li/strolch/execution/command/SetActionToWarningCommand.java +++ b/li.strolch.service/src/main/java/li/strolch/execution/command/SetActionToWarningCommand.java @@ -43,7 +43,7 @@ public class SetActionToWarningCommand extends ExecutionCommand { tx().lock(getResourceLocator(this.action)); if (this.action.getState() == State.WARNING) { - logger.warn("Action " + this.action.getLocator() + " is already in WARNING! Not changing."); + logger.warn("Action " + this.action.getLocator() + " is already in state WARNING! Not changing."); return; } diff --git a/li.strolch.service/src/main/java/li/strolch/service/JsonServiceArgument.java b/li.strolch.service/src/main/java/li/strolch/service/JsonServiceArgument.java index 802ef8936..0bb1bbc4e 100644 --- a/li.strolch.service/src/main/java/li/strolch/service/JsonServiceArgument.java +++ b/li.strolch.service/src/main/java/li/strolch/service/JsonServiceArgument.java @@ -11,6 +11,12 @@ import li.strolch.service.api.ServiceArgument; * @author Robert von Burg */ public class JsonServiceArgument extends ServiceArgument { + + /** + * the objectType - its context is defined by the service + */ + public String objectType; + /** * the objectId - its context is defined by the service */ diff --git a/li.strolch.websocket/src/main/java/li/strolch/websocket/WebSocketClient.java b/li.strolch.websocket/src/main/java/li/strolch/websocket/WebSocketClient.java index c2cdf9134..aedb78811 100644 --- a/li.strolch.websocket/src/main/java/li/strolch/websocket/WebSocketClient.java +++ b/li.strolch.websocket/src/main/java/li/strolch/websocket/WebSocketClient.java @@ -34,6 +34,7 @@ public class WebSocketClient implements MessageHandler.Whole { private ComponentContainer container; private final Session session; private final EndpointConfig config; + private String remoteIp; private Certificate certificate; private Map observerHandlersByRealm; @@ -42,6 +43,7 @@ public class WebSocketClient implements MessageHandler.Whole { this.container = container; this.session = session; this.config = config; + this.remoteIp = WebSocketRemoteIp.get(); this.observerHandlersByRealm = new HashMap<>(1); } @@ -50,6 +52,7 @@ public class WebSocketClient implements MessageHandler.Whole { JsonObject jsonObject = new JsonParser().parse(message).getAsJsonObject(); String msgType = jsonObject.get(MSG_TYPE).getAsString(); + logger.info("Handling message " + msgType); switch (msgType) { @@ -75,13 +78,13 @@ public class WebSocketClient implements MessageHandler.Whole { if (this.certificate == null) { logger.error("Received " + type + " request, but not yet authed!"); - close(CloseReason.CloseCodes.UNEXPECTED_CONDITION, "Not yet authed!"); + close(CloseReason.CloseCodes.PROTOCOL_ERROR, "Not yet authed!"); return; } try { StrolchSessionHandler sessionHandler = RestfulStrolchComponent.getInstance().getSessionHandler(); - sessionHandler.validate(this.certificate); + sessionHandler.validate(this.certificate, this.remoteIp); } catch (RuntimeException e) { logger.error("Received " + type + " request, but authentication is not valid anymore: " + ExceptionHelper .getExceptionMessage(e)); @@ -144,13 +147,14 @@ public class WebSocketClient implements MessageHandler.Whole { try { StrolchSessionHandler sessionHandler = RestfulStrolchComponent.getInstance().getSessionHandler(); - this.certificate = sessionHandler.validate(authToken, WebSocketRemoteIp.get()); + this.certificate = sessionHandler.validate(authToken, this.remoteIp); if (!this.certificate.getUsername().equals(username)) { logger.error("Invalid authentication for " + username); close(CloseReason.CloseCodes.UNEXPECTED_CONDITION, "Invalid authentication"); return; } } catch (Exception e) { + logger.error("Failed to authenticate user " + username, e); close(CloseReason.CloseCodes.UNEXPECTED_CONDITION, "Invalid authentication"); return; }