mirror of
https://github.com/Athou/commafeed.git
synced 2026-03-21 21:37:29 +00:00
dropwizard upgrade to 0.8.0
This commit is contained in:
Athou
@@ -0,0 +1,96 @@
|
||||
package com.commafeed.frontend.auth;
|
||||
|
||||
import javax.inject.Inject;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.ws.rs.WebApplicationException;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
import javax.ws.rs.core.Response;
|
||||
|
||||
import lombok.RequiredArgsConstructor;
|
||||
|
||||
import org.eclipse.jetty.util.B64Code;
|
||||
import org.eclipse.jetty.util.StringUtil;
|
||||
import org.glassfish.jersey.server.internal.inject.AbstractContainerRequestValueFactory;
|
||||
|
||||
import com.commafeed.backend.model.User;
|
||||
import com.commafeed.backend.model.UserRole.Role;
|
||||
import com.commafeed.backend.service.UserService;
|
||||
import com.commafeed.frontend.session.SessionHelper;
|
||||
import com.google.common.base.Optional;
|
||||
|
||||
@RequiredArgsConstructor
|
||||
public class SecurityCheckFactory extends AbstractContainerRequestValueFactory<User> {
|
||||
|
||||
private static final String PREFIX = "Basic";
|
||||
|
||||
@Context
|
||||
HttpServletRequest request;
|
||||
|
||||
@Inject
|
||||
UserService userService;
|
||||
|
||||
private final Role role;
|
||||
private final boolean apiKeyAllowed;
|
||||
|
||||
@Override
|
||||
public User provide() {
|
||||
Optional<User> user = apiKeyLogin();
|
||||
if (!user.isPresent()) {
|
||||
user = basicAuthenticationLogin();
|
||||
}
|
||||
if (!user.isPresent()) {
|
||||
user = cookieSessionLogin(new SessionHelper(request));
|
||||
}
|
||||
|
||||
if (user.isPresent()) {
|
||||
if (user.get().hasRole(role)) {
|
||||
return user.get();
|
||||
} else {
|
||||
throw new WebApplicationException(Response.status(Response.Status.FORBIDDEN)
|
||||
.entity("You don't have the required role to access this resource.").type(MediaType.TEXT_PLAIN_TYPE).build());
|
||||
}
|
||||
} else {
|
||||
throw new WebApplicationException(Response.status(Response.Status.UNAUTHORIZED)
|
||||
.entity("Credentials are required to access this resource.").type(MediaType.TEXT_PLAIN_TYPE).build());
|
||||
}
|
||||
}
|
||||
|
||||
Optional<User> cookieSessionLogin(SessionHelper sessionHelper) {
|
||||
Optional<User> loggedInUser = sessionHelper.getLoggedInUser();
|
||||
if (loggedInUser.isPresent()) {
|
||||
userService.performPostLoginActivities(loggedInUser.get());
|
||||
}
|
||||
return loggedInUser;
|
||||
}
|
||||
|
||||
private Optional<User> basicAuthenticationLogin() {
|
||||
String header = request.getHeader(HttpHeaders.AUTHORIZATION);
|
||||
if (header != null) {
|
||||
int space = header.indexOf(' ');
|
||||
if (space > 0) {
|
||||
String method = header.substring(0, space);
|
||||
if (PREFIX.equalsIgnoreCase(method)) {
|
||||
String decoded = B64Code.decode(header.substring(space + 1), StringUtil.__ISO_8859_1);
|
||||
int i = decoded.indexOf(':');
|
||||
if (i > 0) {
|
||||
String username = decoded.substring(0, i);
|
||||
String password = decoded.substring(i + 1);
|
||||
return userService.login(username, password);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
return Optional.absent();
|
||||
}
|
||||
|
||||
private Optional<User> apiKeyLogin() {
|
||||
String apiKey = request.getParameter("apiKey");
|
||||
if (apiKey != null && apiKeyAllowed) {
|
||||
return userService.login(apiKey);
|
||||
}
|
||||
return Optional.absent();
|
||||
}
|
||||
|
||||
}
|
||||
@@ -0,0 +1,64 @@
|
||||
package com.commafeed.frontend.auth;
|
||||
|
||||
import javax.inject.Inject;
|
||||
import javax.inject.Singleton;
|
||||
|
||||
import lombok.RequiredArgsConstructor;
|
||||
|
||||
import org.glassfish.hk2.api.Factory;
|
||||
import org.glassfish.hk2.api.InjectionResolver;
|
||||
import org.glassfish.hk2.api.ServiceLocator;
|
||||
import org.glassfish.hk2.api.TypeLiteral;
|
||||
import org.glassfish.hk2.utilities.binding.AbstractBinder;
|
||||
import org.glassfish.jersey.server.internal.inject.AbstractValueFactoryProvider;
|
||||
import org.glassfish.jersey.server.internal.inject.MultivaluedParameterExtractorProvider;
|
||||
import org.glassfish.jersey.server.internal.inject.ParamInjectionResolver;
|
||||
import org.glassfish.jersey.server.model.Parameter;
|
||||
import org.glassfish.jersey.server.spi.internal.ValueFactoryProvider;
|
||||
|
||||
import com.commafeed.backend.model.User;
|
||||
import com.commafeed.backend.service.UserService;
|
||||
|
||||
@Singleton
|
||||
public class SecurityCheckFactoryProvider extends AbstractValueFactoryProvider {
|
||||
|
||||
@Inject
|
||||
public SecurityCheckFactoryProvider(final MultivaluedParameterExtractorProvider extractorProvider, final ServiceLocator injector) {
|
||||
super(extractorProvider, injector, Parameter.Source.UNKNOWN);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected Factory<?> createValueFactory(final Parameter parameter) {
|
||||
final Class<?> classType = parameter.getRawType();
|
||||
|
||||
SecurityCheck securityCheck = parameter.getAnnotation(SecurityCheck.class);
|
||||
if (securityCheck == null)
|
||||
return null;
|
||||
|
||||
if (classType.isAssignableFrom(User.class)) {
|
||||
return new SecurityCheckFactory(securityCheck.value(), securityCheck.apiKeyAllowed());
|
||||
} else {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
public static class SecurityCheckInjectionResolver extends ParamInjectionResolver<SecurityCheck> {
|
||||
public SecurityCheckInjectionResolver() {
|
||||
super(SecurityCheckFactoryProvider.class);
|
||||
}
|
||||
}
|
||||
|
||||
@RequiredArgsConstructor
|
||||
public static class Binder extends AbstractBinder {
|
||||
|
||||
private final UserService userService;
|
||||
|
||||
@Override
|
||||
protected void configure() {
|
||||
bind(SecurityCheckFactoryProvider.class).to(ValueFactoryProvider.class).in(Singleton.class);
|
||||
bind(SecurityCheckInjectionResolver.class).to(new TypeLiteral<InjectionResolver<SecurityCheck>>() {
|
||||
}).in(Singleton.class);
|
||||
bind(userService).to(UserService.class);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1,124 +0,0 @@
|
||||
package com.commafeed.frontend.auth;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.ws.rs.WebApplicationException;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
import javax.ws.rs.core.Response;
|
||||
|
||||
import lombok.RequiredArgsConstructor;
|
||||
|
||||
import org.eclipse.jetty.util.B64Code;
|
||||
import org.eclipse.jetty.util.StringUtil;
|
||||
|
||||
import com.commafeed.backend.model.User;
|
||||
import com.commafeed.backend.model.UserRole.Role;
|
||||
import com.commafeed.backend.service.UserService;
|
||||
import com.commafeed.frontend.session.SessionHelper;
|
||||
import com.google.common.base.Optional;
|
||||
import com.sun.jersey.api.core.HttpContext;
|
||||
import com.sun.jersey.api.model.Parameter;
|
||||
import com.sun.jersey.core.spi.component.ComponentContext;
|
||||
import com.sun.jersey.core.spi.component.ComponentScope;
|
||||
import com.sun.jersey.server.impl.inject.AbstractHttpContextInjectable;
|
||||
import com.sun.jersey.spi.inject.Injectable;
|
||||
import com.sun.jersey.spi.inject.InjectableProvider;
|
||||
import com.sun.jersey.spi.inject.SingletonTypeInjectableProvider;
|
||||
|
||||
public class SecurityCheckProvider implements InjectableProvider<SecurityCheck, Parameter> {
|
||||
|
||||
public static class SecurityCheckUserServiceProvider extends SingletonTypeInjectableProvider<Context, UserService> {
|
||||
|
||||
public SecurityCheckUserServiceProvider(UserService userService) {
|
||||
super(UserService.class, userService);
|
||||
}
|
||||
}
|
||||
|
||||
@RequiredArgsConstructor
|
||||
static class SecurityCheckInjectable extends AbstractHttpContextInjectable<User> {
|
||||
private static final String PREFIX = "Basic";
|
||||
|
||||
private final SessionHelper sessionHelper;
|
||||
private final UserService userService;
|
||||
private final Role role;
|
||||
private final boolean apiKeyAllowed;
|
||||
|
||||
@Override
|
||||
public User getValue(HttpContext c) {
|
||||
Optional<User> user = apiKeyLogin(c);
|
||||
if (!user.isPresent()) {
|
||||
user = basicAuthenticationLogin(c);
|
||||
}
|
||||
if (!user.isPresent()) {
|
||||
user = cookieSessionLogin();
|
||||
}
|
||||
|
||||
if (user.isPresent()) {
|
||||
if (user.get().hasRole(role)) {
|
||||
return user.get();
|
||||
} else {
|
||||
throw new WebApplicationException(Response.status(Response.Status.FORBIDDEN)
|
||||
.entity("You don't have the required role to access this resource.").type(MediaType.TEXT_PLAIN_TYPE).build());
|
||||
}
|
||||
} else {
|
||||
throw new WebApplicationException(Response.status(Response.Status.UNAUTHORIZED)
|
||||
.entity("Credentials are required to access this resource.").type(MediaType.TEXT_PLAIN_TYPE).build());
|
||||
}
|
||||
}
|
||||
|
||||
Optional<User> cookieSessionLogin() {
|
||||
Optional<User> loggedInUser = sessionHelper.getLoggedInUser();
|
||||
if (loggedInUser.isPresent()) {
|
||||
userService.performPostLoginActivities(loggedInUser.get());
|
||||
}
|
||||
return loggedInUser;
|
||||
}
|
||||
|
||||
private Optional<User> basicAuthenticationLogin(HttpContext c) {
|
||||
String header = c.getRequest().getHeaderValue(HttpHeaders.AUTHORIZATION);
|
||||
if (header != null) {
|
||||
int space = header.indexOf(' ');
|
||||
if (space > 0) {
|
||||
String method = header.substring(0, space);
|
||||
if (PREFIX.equalsIgnoreCase(method)) {
|
||||
String decoded = B64Code.decode(header.substring(space + 1), StringUtil.__ISO_8859_1);
|
||||
int i = decoded.indexOf(':');
|
||||
if (i > 0) {
|
||||
String username = decoded.substring(0, i);
|
||||
String password = decoded.substring(i + 1);
|
||||
return userService.login(username, password);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
return Optional.absent();
|
||||
}
|
||||
|
||||
private Optional<User> apiKeyLogin(HttpContext c) {
|
||||
String apiKey = c.getUriInfo().getQueryParameters().getFirst("apiKey");
|
||||
if (apiKey != null && apiKeyAllowed) {
|
||||
return userService.login(apiKey);
|
||||
}
|
||||
return Optional.absent();
|
||||
}
|
||||
}
|
||||
|
||||
private SessionHelper sessionHelper;
|
||||
private UserService userService;
|
||||
|
||||
public SecurityCheckProvider(@Context HttpServletRequest req, @Context UserService userService) {
|
||||
this.sessionHelper = new SessionHelper(req);
|
||||
this.userService = userService;
|
||||
}
|
||||
|
||||
@Override
|
||||
public ComponentScope getScope() {
|
||||
return ComponentScope.PerRequest;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Injectable<?> getInjectable(ComponentContext ic, SecurityCheck sc, Parameter c) {
|
||||
return new SecurityCheckInjectable(sessionHelper, userService, sc.value(), sc.apiKeyAllowed());
|
||||
}
|
||||
}
|
||||
@@ -35,6 +35,7 @@ import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.commons.io.IOUtils;
|
||||
import org.apache.commons.lang.ObjectUtils;
|
||||
import org.apache.commons.lang.StringUtils;
|
||||
import org.glassfish.jersey.media.multipart.FormDataParam;
|
||||
|
||||
import com.commafeed.CommaFeedApplication;
|
||||
import com.commafeed.CommaFeedConfiguration;
|
||||
@@ -78,7 +79,6 @@ import com.rometools.rome.feed.synd.SyndFeed;
|
||||
import com.rometools.rome.feed.synd.SyndFeedImpl;
|
||||
import com.rometools.rome.io.SyndFeedOutput;
|
||||
import com.rometools.rome.io.WireFeedOutput;
|
||||
import com.sun.jersey.multipart.FormDataParam;
|
||||
import com.wordnik.swagger.annotations.Api;
|
||||
import com.wordnik.swagger.annotations.ApiOperation;
|
||||
import com.wordnik.swagger.annotations.ApiParam;
|
||||
|
||||
@@ -0,0 +1,17 @@
|
||||
package com.commafeed.frontend.session;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.ws.rs.core.Context;
|
||||
|
||||
import org.glassfish.jersey.server.internal.inject.AbstractContainerRequestValueFactory;
|
||||
|
||||
public class SessionHelperFactory extends AbstractContainerRequestValueFactory<SessionHelper> {
|
||||
|
||||
@Context
|
||||
HttpServletRequest request;
|
||||
|
||||
@Override
|
||||
public SessionHelper provide() {
|
||||
return new SessionHelper(request);
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,56 @@
|
||||
package com.commafeed.frontend.session;
|
||||
|
||||
import javax.inject.Inject;
|
||||
import javax.inject.Singleton;
|
||||
import javax.ws.rs.core.Context;
|
||||
|
||||
import org.glassfish.hk2.api.Factory;
|
||||
import org.glassfish.hk2.api.InjectionResolver;
|
||||
import org.glassfish.hk2.api.ServiceLocator;
|
||||
import org.glassfish.hk2.api.TypeLiteral;
|
||||
import org.glassfish.hk2.utilities.binding.AbstractBinder;
|
||||
import org.glassfish.jersey.server.internal.inject.AbstractValueFactoryProvider;
|
||||
import org.glassfish.jersey.server.internal.inject.MultivaluedParameterExtractorProvider;
|
||||
import org.glassfish.jersey.server.internal.inject.ParamInjectionResolver;
|
||||
import org.glassfish.jersey.server.model.Parameter;
|
||||
import org.glassfish.jersey.server.spi.internal.ValueFactoryProvider;
|
||||
|
||||
@Singleton
|
||||
public class SessionHelperFactoryProvider extends AbstractValueFactoryProvider {
|
||||
|
||||
@Inject
|
||||
public SessionHelperFactoryProvider(final MultivaluedParameterExtractorProvider extractorProvider, final ServiceLocator injector) {
|
||||
super(extractorProvider, injector, Parameter.Source.CONTEXT);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected Factory<?> createValueFactory(final Parameter parameter) {
|
||||
final Class<?> classType = parameter.getRawType();
|
||||
|
||||
Context context = parameter.getAnnotation(Context.class);
|
||||
if (context == null)
|
||||
return null;
|
||||
|
||||
if (classType.isAssignableFrom(SessionHelper.class)) {
|
||||
return new SessionHelperFactory();
|
||||
} else {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
public static class SessionHelperInjectionResolver extends ParamInjectionResolver<Context> {
|
||||
public SessionHelperInjectionResolver() {
|
||||
super(SessionHelperFactoryProvider.class);
|
||||
}
|
||||
}
|
||||
|
||||
public static class Binder extends AbstractBinder {
|
||||
|
||||
@Override
|
||||
protected void configure() {
|
||||
bind(SessionHelperFactoryProvider.class).to(ValueFactoryProvider.class).in(Singleton.class);
|
||||
bind(SessionHelperInjectionResolver.class).to(new TypeLiteral<InjectionResolver<Context>>() {
|
||||
}).in(Singleton.class);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1,44 +0,0 @@
|
||||
package com.commafeed.frontend.session;
|
||||
|
||||
import java.lang.reflect.Type;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.ext.Provider;
|
||||
|
||||
import com.sun.jersey.core.spi.component.ComponentContext;
|
||||
import com.sun.jersey.core.spi.component.ComponentScope;
|
||||
import com.sun.jersey.spi.inject.Injectable;
|
||||
import com.sun.jersey.spi.inject.InjectableProvider;
|
||||
|
||||
@Provider
|
||||
public class SessionHelperProvider implements InjectableProvider<Context, Type> {
|
||||
|
||||
private final ThreadLocal<HttpServletRequest> request;
|
||||
|
||||
public SessionHelperProvider(@Context ThreadLocal<HttpServletRequest> request) {
|
||||
this.request = request;
|
||||
}
|
||||
|
||||
@Override
|
||||
public ComponentScope getScope() {
|
||||
return ComponentScope.PerRequest;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Injectable<?> getInjectable(ComponentContext ic, final Context session, Type type) {
|
||||
if (type.equals(SessionHelper.class)) {
|
||||
return new Injectable<SessionHelper>() {
|
||||
@Override
|
||||
public SessionHelper getValue() {
|
||||
final HttpServletRequest req = request.get();
|
||||
if (req != null) {
|
||||
return new SessionHelper(req);
|
||||
}
|
||||
return null;
|
||||
}
|
||||
};
|
||||
}
|
||||
return null;
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user