• Home
• io.soabase
• soabase-admin
• 0.9.1
• source code
• AuthResource.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

io.soabase.admin.rest.AuthResource Maven / Gradle / Ivy

/**
 * Copyright 2014 Jordan Zimmerman
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package io.soabase.admin.rest;

import io.soabase.admin.auth.AuthDetails;
import io.soabase.admin.auth.AuthSpecHolder;
import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.FormParam;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import java.net.URI;

@Path("/soa/auth")
public class AuthResource
{
    private final AuthSpecHolder authSpecHolder;

    @Inject
    public AuthResource(AuthSpecHolder authSpecHolder)
    {
        this.authSpecHolder = authSpecHolder;
    }

    @POST
    @Consumes(MediaType.APPLICATION_FORM_URLENCODED)
    public Response authorize(@Context HttpServletRequest request, @FormParam("username") String username, @FormParam("email") String email, @FormParam("domain") String domain, @FormParam("password") String password) throws Exception
    {
        if ( !authSpecHolder.hasAuth() )
        {
            return Response.status(Response.Status.NOT_FOUND).build();
        }

        if ( authSpecHolder.getAuthSpec().getAuthMethod().login(request, username, email, domain, password) )
        {
            return Response.temporaryRedirect(new URI("/")).build();
        }
        return Response.temporaryRedirect(new URI("/signin?error=true")).build();
    }

    @DELETE
    public Response unAuthorize(@Context HttpServletRequest request) throws Exception
    {
        if ( !authSpecHolder.hasAuth() )
        {
            return Response.status(Response.Status.NOT_FOUND).build();
        }

        authSpecHolder.getAuthSpec().getAuthMethod().logOut(request);
        return Response.ok().build();
    }

    @GET
    @Produces(MediaType.APPLICATION_JSON)
    public AuthStatus getAuthStatus(@Context HttpServletRequest request) throws Exception
    {
        AuthStatus status = new AuthStatus();
        if ( authSpecHolder.hasAuth() )
        {
            AuthDetails authDetails = authSpecHolder.getAuthSpec().getAuthMethod().requestIsAuthorized(request);
            status.setName(authDetails.isAuthorized() ? authDetails.getAuthName() : "");
            status.setType(authDetails.isAuthorized() ? AuthStatusType.LOGGED_IN : AuthStatusType.MUST_LOG_IN);
        }
        else
        {
            status.setName("");
            status.setType(AuthStatusType.NOT_LOGGED_IN);
        }
        return status;
    }
}