com.textrecruit.ustackserverapi.auth.APIClientKeyUserAuth Maven / Gradle / Ivy
package com.textrecruit.ustackserverapi.auth;
import java.util.*;
import com.mongodb.DBObject;
import com.textrecruit.ustackserverapi.params.ParamNames;
import com.textrecruit.ustackserverapi.params.types.ParameterDefinitionInt;
import com.textrecruit.ustack.data.APIClient;
import org.apache.log4j.Logger;
import org.jboss.netty.handler.codec.http.HttpRequest;
import com.textrecruit.ustack.data.UserAccount;
import com.textrecruit.ustackserverapi.APIException;
import com.textrecruit.ustackserverapi.CallParameters;
import com.textrecruit.ustackserverapi.MethodDefinition;
/**
* Authentication method for client key with a provided username
*
* @author jdanner
*
*/
public class APIClientKeyUserAuth implements AuthenticationInt {
static Logger logger = Logger.getLogger(APIClientKeyUserAuth.class);
public static final String CookieTokenName = "UNTZ";
public String getAuthenticationDescription() {
return "Authentication via an API Client and API Key. An authentication access token may also be used.";
}
public boolean isBasicAuth() {
return false;
}
/**
*
*/
public List> getAuthenticationParameters() {
List> ret = new ArrayList>();
ret.add(ParamNames.client_id);
ret.add(ParamNames.api_key);
return ret;
}
@Override
public UserAccount authenticate(MethodDefinition method, HttpRequest req, CallParameters params) throws APIException {
String userName = null;
if ( params.get(ParamNames.token) != null)
{
AccessTokenAuth auth = new AccessTokenAuth();
return auth.authenticate(method, req, params);
// //AuthTypes.ClientKey.authenticate(method, req, params);
// AccessTokenDetails details = AccessToken.decode( params.get(ParamNames.token) );
//
// if (details == null)
// {
// logger.warn(String.format("Invalid Token => '%s'", params.get(ParamNames.token)));
// throw new APIAuthenticationException("Invalid Token");
// }
//
// LogoutUtil.checkTokenLogout(details);
//
// long tokenLife = details.getExpirationAge() - System.currentTimeMillis();
// if (tokenLife < 0)
// {
// logger.info(String.format("%s -- %s/%s | Access Token expired at '%s'", method.getPath(), details.getUserName(), details.getClientId(), new SimpleDateFormat("MM/dd/yyyy h:mm:ss a").format(new Date(details.getExpirationAge()))));
// throw new APIAuthenticationException("Token has expired");
// }
//
// // logger.info(String.format("%s -> Expiration %d -> Now: %d", details.userName, details.expirationAge, System.currentTimeMillis()));
//
// params.setParameterValue(ParamNames.client_id.getName(), details.getClientId());
// params.setTokenTTL(tokenLife);
//
// userName = details.getUserName();
}
else if (params.get(ParamNames.client_id) != null) {
/*
* Make sure that the ApiClient record has a resourceLink with a customerId that the given username also has.
* Don't trust the username here.
*/
ClientKeyAuthBase.authenticate(method, req, params);
// Get set of API Client's customer IDs.
APIClient acct = APIClient.getAPIClient(params.get(ParamNames.client_id));
if (acct == null) {
throw new APIAuthenticationException("Could not find API client");
}
if (acct.getResourceLinkList().isEmpty()) {
throw new APIAuthenticationException("API client's resource list is empty.");
}
Set apiClientCustomerIds = new HashSet();
for (Object apiClientResourceLinkObj : acct.getResourceLinkList()) {
apiClientCustomerIds.add((String) ((DBObject)apiClientResourceLinkObj).get("customerId"));
}
// Fetch user object.
userName = params.get(ParamNames.username);
UserAccount user = UserAccount.getUser(userName);
if (user == null) {
// If there's no user, we will support the previous behavior and return null.
return null;
}
// Make sure a common customer ID exists between API Client and User.
boolean commonCustomerIdsExist = false;
for (Object userResourceLinkObj : user.getResourceLinkList()) {
if (apiClientCustomerIds.contains((String)((DBObject)userResourceLinkObj).get("customerId"))) {
commonCustomerIdsExist = true;
}
}
if (!commonCustomerIdsExist) {
throw new APIAuthenticationException("API does not have access to given username");
}
}
else
throw new APIAuthenticationException("Authentication Parameters Not Provided");
return UserAccount.getUser(userName);
}
}
© 2015 - 2024 Weber Informatics LLC | Privacy Policy