Implemented OAuth2 client authentication.
Change-Id: Ia8b10116e72c3702f369d1cc04561bab5e269f95
diff --git a/core/src/main/java/de/ids_mannheim/korap/config/AuthCodeInfo.java b/core/src/main/java/de/ids_mannheim/korap/config/AuthCodeInfo.java
deleted file mode 100644
index 03c22d5..0000000
--- a/core/src/main/java/de/ids_mannheim/korap/config/AuthCodeInfo.java
+++ /dev/null
@@ -1,33 +0,0 @@
-package de.ids_mannheim.korap.config;
-
-import lombok.Data;
-
-import java.util.ArrayList;
-import java.util.List;
-
-/**
- * @author hanl
- * @date 13/05/2015
- */
-@Data
-public class AuthCodeInfo {
- private String clientId;
- private String scopes;
- private Integer userId;
- private Boolean status;
- private String code;
- private List<String> tokens;
-
-
- public AuthCodeInfo () {
- this.setStatus(true);
- this.tokens = new ArrayList<>();
- }
-
-
- public AuthCodeInfo (String clientid, String authcode) {
- this();
- this.clientId = clientid;
- this.code = authcode;
- }
-}
diff --git a/core/src/main/java/de/ids_mannheim/korap/config/BeanConfiguration.java b/core/src/main/java/de/ids_mannheim/korap/config/BeanConfiguration.java
deleted file mode 100644
index 5e8aa36..0000000
--- a/core/src/main/java/de/ids_mannheim/korap/config/BeanConfiguration.java
+++ /dev/null
@@ -1,199 +0,0 @@
-package de.ids_mannheim.korap.config;
-
-import java.io.IOException;
-
-import org.springframework.beans.factory.NoSuchBeanDefinitionException;
-import org.springframework.context.ApplicationContext;
-import org.springframework.context.support.ClassPathXmlApplicationContext;
-import org.springframework.context.support.FileSystemXmlApplicationContext;
-
-import de.ids_mannheim.korap.interfaces.EncryptionIface;
-import de.ids_mannheim.korap.interfaces.ValidatorIface;
-import de.ids_mannheim.korap.interfaces.db.AuditingIface;
-import de.ids_mannheim.korap.interfaces.db.PersistenceClient;
-import de.ids_mannheim.korap.interfaces.db.ResourceOperationIface;
-import de.ids_mannheim.korap.interfaces.db.UserDataDbIface;
-import de.ids_mannheim.korap.interfaces.defaults.ApacheValidator;
-import de.ids_mannheim.korap.web.CoreResponseHandler;
-
-/**
- * User: hanl
- * Date: 10/9/13
- * Time: 11:20 AM
- */
-@Deprecated
-public class BeanConfiguration {
-
- private static final String CONFIG_FILE = "light-config.xml";
- public static final String KUSTVAKT_DB = "kustvakt_db";
-
- public static final String KUSTVAKT_ENCRYPTION = "kustvakt_encryption";
- public static final String KUSTVAKT_AUDITING = "kustvakt_auditing";
- public static final String KUSTVAKT_CONFIG = "kustvakt_config";
- public static final String KUSTVAKT_USERSETTINGS = "kustvakt_usersettings";
- public static final String KUSTVAKT_USERDETAILS = "kustvakt_userdetails";
-
- public static final String KUSTVAKT_AUTHENTICATION_MANAGER = "kustvakt_authenticationmanager";
- public static final String KUSTVAKT_USERDB = "kustvakt_userdb";
-
- private static BeanHolderHelper beans;
-
-
- //todo: allow this for external plugin systems that are not kustvakt specific
- @Deprecated
- public static void setCustomBeansHolder (BeanHolderHelper holder) {
- ApplicationContext context = beans.context;
- holder.context = context;
- BeanConfiguration.beans = holder;
- }
-
-
- public static BeanHolderHelper getBeans () {
- return BeanConfiguration.beans;
- }
-
-
-
- public static boolean hasContext () {
- return beans != null && beans.context != null;
- }
-
-
- public static void loadClasspathContext (String ... files) {
- if (hasContext())
- closeApplication();
-
- ApplicationContext context;
- if (files.length == 0)
- context = new ClassPathXmlApplicationContext(CONFIG_FILE);
- else
- context = new ClassPathXmlApplicationContext(files);
-
- BeanConfiguration.beans = new BeanHolderHelper(context);
-
- }
-
-
- public static void loadFileContext (String filepath) {
- if (!hasContext()) {
- ApplicationContext context = new FileSystemXmlApplicationContext(
- "file:" + filepath);
- BeanConfiguration.beans = new BeanHolderHelper(context);
- }
- }
-
-
- public static void closeApplication () {
- if (hasContext())
- beans.finish();
- beans = null;
- }
-
-
- //todo: set response handler
- @Deprecated
- public static CoreResponseHandler getResponseHandler () {
- return null;
- }
-
- public static class BeanHolderHelper {
-
- private ApplicationContext context = null;
- private DefaultHandler handler;
-
-
- private BeanHolderHelper (ApplicationContext context) {
- this.handler = new DefaultHandler();
- this.context = context;
- // todo: better method?!
- new CoreResponseHandler(getAuditingProvider());
- }
-
-
- protected <T> T getBean (Class<T> clazz) {
- if (context != null) {
- try {
- return context.getBean(clazz);
- }
- catch (NoSuchBeanDefinitionException e) {
- // do nothing
- }
- }
- return this.handler.getDefault(clazz);
- }
-
-
- protected <T> T getBean (String name) {
- if (context != null) {
- try {
- return (T) context.getBean(name);
- }
- catch (NoSuchBeanDefinitionException e) {
- // do nothing
- }
- }
- return (T) this.handler.getDefault(name);
- }
-
-
- public AuditingIface getAuditingProvider () {
- return (AuditingIface) getBean(KUSTVAKT_AUDITING);
- }
-
-
- public <T extends KustvaktConfiguration> T getConfiguration () {
- return (T) getBean(KUSTVAKT_CONFIG);
- }
-
-
- public PersistenceClient getPersistenceClient () {
- return getBean(KUSTVAKT_DB);
- }
-
-
- public UserDataDbIface getUserDetailsDao () {
- return getBean(KUSTVAKT_USERDETAILS);
- }
-
-
- public UserDataDbIface getUserSettingsDao () {
- return getBean(KUSTVAKT_USERSETTINGS);
- }
-
-
- public EncryptionIface getEncryption () {
- return getBean(KUSTVAKT_ENCRYPTION);
- }
-
-
-// public AuthenticationManagerIface getAuthenticationManager () {
-// return getBean(KUSTVAKT_AUTHENTICATION_MANAGER);
-// }
-
-
-// public EntityHandlerIface getUserDBHandler () {
-// return getBean(KUSTVAKT_USERDB);
-// }
-
- public ValidatorIface getValidator() {
- try {
- return new ApacheValidator();
- } catch (IOException e) {
- throw new RuntimeException("validator could not be loaded!");
- }
- }
-
- // todo: !!!!!!!!!!!!!!!!!!!!!!!!!!
- // todo: more specific --> collection provider, document provider, etc.
- public ResourceOperationIface getResourceProvider () {
- return getBean("resourceProvider");
- }
-
-
- private void finish () {
- this.getAuditingProvider().finish();
- context = null;
- }
-
- }
-}
diff --git a/core/src/main/java/de/ids_mannheim/korap/config/BeansFactory.java b/core/src/main/java/de/ids_mannheim/korap/config/BeansFactory.java
index d9e2a73..46d319e 100644
--- a/core/src/main/java/de/ids_mannheim/korap/config/BeansFactory.java
+++ b/core/src/main/java/de/ids_mannheim/korap/config/BeansFactory.java
@@ -8,6 +8,7 @@
import org.springframework.context.support.ClassPathXmlApplicationContext;
import org.springframework.context.support.FileSystemXmlApplicationContext;
+import de.ids_mannheim.korap.interfaces.KustvaktTypeInterface;
import de.ids_mannheim.korap.web.CoreResponseHandler;
/**
diff --git a/core/src/main/java/de/ids_mannheim/korap/config/ClientInfo.java b/core/src/main/java/de/ids_mannheim/korap/config/ClientInfo.java
index bf98fe9..66cc6a0 100644
--- a/core/src/main/java/de/ids_mannheim/korap/config/ClientInfo.java
+++ b/core/src/main/java/de/ids_mannheim/korap/config/ClientInfo.java
@@ -10,6 +10,7 @@
* @author hanl
* @date 22/01/2014
*/
+@Deprecated
@Data
public class ClientInfo {
diff --git a/core/src/main/java/de/ids_mannheim/korap/config/ExceptionBuilder.java b/core/src/main/java/de/ids_mannheim/korap/config/ExceptionBuilder.java
deleted file mode 100644
index 84b2046..0000000
--- a/core/src/main/java/de/ids_mannheim/korap/config/ExceptionBuilder.java
+++ /dev/null
@@ -1,12 +0,0 @@
-package de.ids_mannheim.korap.config;
-
-/**
- * @author hanl
- * @date 10/02/2016
- */
-// todo:
-// run simple queries to determine the exception cause (e.g. policy could not be created because resource doesnt exist, etc.)
-public class ExceptionBuilder {
- // use sqlbuilder to build the respective query (one instance per dao interface)
-
-}
diff --git a/core/src/main/java/de/ids_mannheim/korap/config/JWTSigner.java b/core/src/main/java/de/ids_mannheim/korap/config/JWTSigner.java
deleted file mode 100644
index 40cb90d..0000000
--- a/core/src/main/java/de/ids_mannheim/korap/config/JWTSigner.java
+++ /dev/null
@@ -1,185 +0,0 @@
-package de.ids_mannheim.korap.config;
-
-import com.nimbusds.jose.*;
-import com.nimbusds.jose.crypto.MACSigner;
-import com.nimbusds.jose.crypto.MACVerifier;
-import com.nimbusds.jwt.JWTClaimsSet;
-import com.nimbusds.jwt.SignedJWT;
-import de.ids_mannheim.korap.exceptions.KustvaktException;
-import de.ids_mannheim.korap.exceptions.StatusCodes;
-import de.ids_mannheim.korap.user.GenericUserData;
-import de.ids_mannheim.korap.user.TokenContext;
-import de.ids_mannheim.korap.user.User;
-import de.ids_mannheim.korap.user.Userdata;
-import de.ids_mannheim.korap.utils.TimeUtils;
-import org.joda.time.DateTime;
-
-import java.net.MalformedURLException;
-import java.net.URL;
-import java.text.ParseException;
-import java.util.Map;
-
-/**
- * @author hanl
- * @date 19/05/2014
- */
-public class JWTSigner {
-
- private URL issuer;
- private JWSSigner signer;
- private JWSVerifier verifier;
- private final int defaultttl;
-
-
- public JWTSigner (final byte[] secret, URL issuer, final int defaulttl) {
- this.issuer = issuer;
- this.signer = new MACSigner(secret);
- this.verifier = new MACVerifier(secret);
- this.defaultttl = defaulttl;
- }
-
-
- public JWTSigner (final byte[] secret, String issuer)
- throws MalformedURLException {
- this(secret, new URL(issuer), 72 * 60 * 60);
- }
-
-
- public SignedJWT createJWT (User user, Map<String, Object> attr) {
- return signContent(user, attr, defaultttl);
- }
-
-
- public SignedJWT signContent (User user, Map<String, Object> attr, int ttl) {
- String scopes;
-
- JWTClaimsSet cs = new JWTClaimsSet();
- cs.setIssuerClaim(this.issuer.toString());
-
- if ((scopes = (String) attr.get(Attributes.SCOPES)) != null) {
- Userdata data = new GenericUserData();
- data.readQuietly(attr, false);
- Scopes claims = Scopes.mapScopes(scopes, data);
- cs.setCustomClaims(claims.toMap());
- }
-
- cs.setSubjectClaim(user.getUsername());
- if (attr.get(Attributes.CLIENT_ID) != null)
- cs.setAudienceClaim(new String[] { (String) attr
- .get(Attributes.CLIENT_ID) });
- cs.setExpirationTimeClaim(TimeUtils.getNow().plusSeconds(ttl)
- .getMillis());
- SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.HS256),
- cs);
- try {
- signedJWT.sign(signer);
- }
- catch (JOSEException e) {
- return null;
- }
- return signedJWT;
- }
-
-
- /**
- * @param username
- * @param json
- * @return
- */
- public SignedJWT signContent (String username, String userclient,
- String json, int ttl) {
- JWTClaimsSet cs = new JWTClaimsSet();
- cs.setSubjectClaim(username);
- if (!json.isEmpty())
- cs.setCustomClaim("data", json);
- cs.setExpirationTimeClaim(TimeUtils.getNow().plusSeconds(ttl)
- .getMillis());
- cs.setIssuerClaim(this.issuer.toString());
-
- if (!userclient.isEmpty())
- cs.setCustomClaim("userip", userclient);
-
- SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.HS256),
- cs);
- try {
- signedJWT.sign(signer);
- }
- catch (JOSEException e) {
- return null;
- }
- return signedJWT;
- }
-
-
- public SignedJWT signContent (String username, String userclient,
- String json) {
- return signContent(username, userclient, json, defaultttl);
- }
-
-
- public SignedJWT createSignedToken (String username) {
- return createSignedToken(username, defaultttl);
- }
-
-
- // add client info
- public SignedJWT createSignedToken (String username, int ttl) {
- return signContent(username, "", "", ttl);
- }
-
-
- public SignedJWT verifyToken (String token) throws KustvaktException {
- SignedJWT client;
- try {
- client = SignedJWT.parse(token);
- if (!client.verify(verifier))
- throw new KustvaktException(StatusCodes.REQUEST_INVALID);
-
- if (!new DateTime(client.getJWTClaimsSet().getExpirationTimeClaim())
- .isAfterNow())
- throw new KustvaktException(StatusCodes.EXPIRED,
- "Authentication token is expired", token);
- }
- catch (ParseException | JOSEException e) {
- //todo: message or entity, how to treat??!
- throw new KustvaktException(StatusCodes.ILLEGAL_ARGUMENT,
- "Token could not be verified", token);
- }
- return client;
- }
-
-
- // does not care about expiration times
- public String retrieveContent (String signedContent)
- throws KustvaktException {
- SignedJWT jwt;
- try {
- jwt = SignedJWT.parse(signedContent);
- if (!jwt.verify(verifier))
- throw new KustvaktException(StatusCodes.REQUEST_INVALID,
- "token invalid", signedContent);
- return (String) jwt.getJWTClaimsSet().getCustomClaim("data");
- }
- catch (ParseException | JOSEException e) {
- return null;
- }
- }
-
-
- public TokenContext getTokenContext (String idtoken) throws ParseException,
- JOSEException, KustvaktException {
- SignedJWT signedJWT = verifyToken(idtoken);
-
- TokenContext c = new TokenContext();
- c.setUsername(signedJWT.getJWTClaimsSet().getSubjectClaim());
- if (signedJWT.getJWTClaimsSet().getAudienceClaim() != null)
- c.addContextParameter(Attributes.CLIENT_ID, signedJWT
- .getJWTClaimsSet().getAudienceClaim()[0]);
- c.setExpirationTime(signedJWT.getJWTClaimsSet()
- .getExpirationTimeClaim());
- c.setToken(idtoken);
- c.addParams(signedJWT.getJWTClaimsSet().getCustomClaims());
- return c;
- }
-
-}
diff --git a/core/src/main/java/de/ids_mannheim/korap/config/KustvaktContext.java b/core/src/main/java/de/ids_mannheim/korap/config/KustvaktContext.java
deleted file mode 100644
index ed3b5dc..0000000
--- a/core/src/main/java/de/ids_mannheim/korap/config/KustvaktContext.java
+++ /dev/null
@@ -1,14 +0,0 @@
-package de.ids_mannheim.korap.config;
-
-/**
- * @author hanl
- * @date 14/03/2016
- */
-public class KustvaktContext {
-
-
- private KustvaktContext context;
-
-
-
-}
diff --git a/core/src/main/java/de/ids_mannheim/korap/config/TokenType.java b/core/src/main/java/de/ids_mannheim/korap/config/TokenType.java
deleted file mode 100644
index db99dd9..0000000
--- a/core/src/main/java/de/ids_mannheim/korap/config/TokenType.java
+++ /dev/null
@@ -1,13 +0,0 @@
-package de.ids_mannheim.korap.config;
-
-public enum TokenType {
- BASIC, API, SESSION,
- // openid token, e.g. within oauth2 response (json body)
- ID_TOKEN,
- // OAuth2 access_token, practically formulated identical as TokenType.API
- BEARER;
-
- public String displayName () {
- return name().toLowerCase();
- }
-}
\ No newline at end of file
diff --git a/core/src/main/java/de/ids_mannheim/korap/exceptions/KustvaktException.java b/core/src/main/java/de/ids_mannheim/korap/exceptions/KustvaktException.java
index ac73909..52dc54a 100644
--- a/core/src/main/java/de/ids_mannheim/korap/exceptions/KustvaktException.java
+++ b/core/src/main/java/de/ids_mannheim/korap/exceptions/KustvaktException.java
@@ -5,7 +5,7 @@
import java.util.List;
import de.ids_mannheim.korap.auditing.AuditRecord;
-import de.ids_mannheim.korap.config.TokenType;
+//import de.ids_mannheim.korap.constant.TokenType;
import lombok.Getter;
import lombok.Setter;
@@ -23,7 +23,7 @@
private String entity;
private String notification;
private boolean isNotification;
- private TokenType authType;
+// private TokenType authType;
public KustvaktException (int status) {
this.statusCode = status;
@@ -74,13 +74,6 @@
this.userid = String.valueOf(userid);
}
- public KustvaktException (TokenType type, int status, String message, String entity) {
- super(message);
- this.statusCode = status;
- this.entity = entity;
- this.authType = type;
- }
-
public KustvaktException (int status, String message, String entity) {
super(message);
this.statusCode = status;
diff --git a/core/src/main/java/de/ids_mannheim/korap/exceptions/StatusCodes.java b/core/src/main/java/de/ids_mannheim/korap/exceptions/StatusCodes.java
index 1c78ef0..7d4cf09 100644
--- a/core/src/main/java/de/ids_mannheim/korap/exceptions/StatusCodes.java
+++ b/core/src/main/java/de/ids_mannheim/korap/exceptions/StatusCodes.java
@@ -15,7 +15,7 @@
*/
public static final int DEFAULT_ERROR = 100;
public static final int NO_RESULT_FOUND = 101;
-
+ public static final int UNSUPPORTED_AUTHENTICATION_SCHEME = 102;
public static final int UNSUPPORTED_OPERATION = 103;
public static final int ILLEGAL_ARGUMENT = 104;
public static final int MISSING_ARGUMENT = 105;
@@ -23,28 +23,28 @@
public static final int INVALID_ARGUMENT = 107;
public static final int NOT_SUPPORTED = 108;
public static final int NOT_ALLOWED = 109;
-
+
/**
* 300 status codes for query language and serialization
*/
public static final int NO_QUERY = 301;
-// public static final int INVALID_TYPE = 302;
+ // public static final int INVALID_TYPE = 302;
public static final int MISSING_ATTRIBUTE = 303;
public static final int INVALID_ATTRIBUTE = 304;
public static final int UNSUPPORTED_VALUE = 305;
public static final int SERIALIZATION_FAILED = 306;
public static final int DESERIALIZATION_FAILED = 307;
-
+
/**
* 400 status codes for authorization and rewrite functions
*/
// fixme: use unsupported resource and include type in return message
public static final int POLICY_ERROR_DEFAULT = 400;
-
+
public static final int UNSUPPORTED_RESOURCE = 402;
-// public static final int REWRITE_FAILED = 403;
+ // public static final int REWRITE_FAILED = 403;
//public static final int UNSUPPORTED_FOUNDRY = 403;
//public static final int UNSUPPORTED_CORPUS = 404;
//public static final int UNSUPPORTED_LAYER = 405;
@@ -53,14 +53,14 @@
//public static final int CORPUS_REWRITE = 407;
//public static final int FOUNDRY_REWRITE = 408;
//public static final int FOUNDRY_INJECTION = 409;
-// public static final int MISSING_RESOURCE = 405;
+ // public static final int MISSING_RESOURCE = 405;
public static final int NO_POLICY_TARGET = 406;
public static final int NO_POLICY_CONDITION = 407;
public static final int NO_POLICY_PERMISSION = 408;
public static final int NO_POLICIES = 409;
-
-
+
+
/**
* 500 status codes for access control related components (also
* policy rewrite)
@@ -80,8 +80,8 @@
public static final int DB_DELETE_SUCCESSFUL = 506;
public static final int DB_UPDATE_SUCCESSFUL = 507;
public static final int DB_ENTRY_EXISTS = 508;
-
-
+
+
// User group and member
public static final int GROUP_MEMBER_EXISTS = 601;
public static final int GROUP_MEMBER_INACTIVE = 602;
@@ -90,9 +90,9 @@
public static final int INVITATION_EXPIRED = 605;
public static final int GROUP_NOT_FOUND = 606;
public static final int GROUP_DELETED = 607;
-
-// public static final int ARGUMENT_VALIDATION_FAILURE = 700;
+
+ // public static final int ARGUMENT_VALIDATION_FAILURE = 700;
// public static final int ARGUMENT_VALIDATION_FAILURE = 701;
// service status codes
@@ -105,8 +105,8 @@
public static final int GET_ACCOUNT_SUCCESSFUL = 706;
public static final int GET_ACCOUNT_FAILED = 707;
-
-
+
+
public static final int STATUS_OK = 1000;
public static final int NOTHING_CHANGED = 1001;
public static final int REQUEST_INVALID = 1002;
@@ -118,20 +118,25 @@
public static final int CLIENT_REGISTRATION_FAILED = 1800;
public static final int CLIENT_REMOVAL_FAILURE = 1801;
+ public static final int CLIENT_AUTHENTICATION_FAILED = 1802;
+ public static final int CLIENT_NOT_FOUND = 1803;
+ public static final int UNSUPPORTED_GRANT_TYPE = 1810;
+
+
/**
* 1900 User account and logins
*/
public static final int LOGIN_SUCCESSFUL = 1900;
public static final int ALREADY_LOGGED_IN = 1901;
-
+
public static final int LOGOUT_SUCCESSFUL = 1902;
public static final int LOGOUT_FAILED = 1903;
-
+
public static final int ACCOUNT_CONFIRMATION_FAILED = 1904;
public static final int PASSWORD_RESET_FAILED = 1905;
-
+
/**
* 2000 status and error codes concerning authentication
*
@@ -148,29 +153,28 @@
public static final int ACCOUNT_NOT_CONFIRMED = 2004;
public static final int ACCOUNT_DEACTIVATED = 2005;
-// public static final int CLIENT_AUTHORIZATION_FAILED = 2013;
+ // public static final int CLIENT_AUTHORIZATION_FAILED = 2013;
public static final int AUTHORIZATION_FAILED = 2010;
-
+
// 2020 - 2029 reserviert für LDAP-Fehlercodes - 21.04.17/FB
public static final int LDAP_BASE_ERRCODE = 2020;
-
+
/**/
private static StatusCodes codes;
private final Properties props;
- private StatusCodes() {
+ private StatusCodes () {
this.props = ConfigLoader.loadProperties("codes.info");
}
- public static final String getMessage(int code) {
+ public static final String getMessage (int code) {
return getCodes().props.getProperty(String.valueOf(code));
}
- public static StatusCodes getCodes() {
- if (codes == null)
- codes = new StatusCodes();
+ public static StatusCodes getCodes () {
+ if (codes == null) codes = new StatusCodes();
return codes;
}
diff --git a/core/src/main/java/de/ids_mannheim/korap/config/KustvaktBaseDaoInterface.java b/core/src/main/java/de/ids_mannheim/korap/interfaces/KustvaktBaseDaoInterface.java
similarity index 75%
rename from core/src/main/java/de/ids_mannheim/korap/config/KustvaktBaseDaoInterface.java
rename to core/src/main/java/de/ids_mannheim/korap/interfaces/KustvaktBaseDaoInterface.java
index 2543d73..42a2a74 100644
--- a/core/src/main/java/de/ids_mannheim/korap/config/KustvaktBaseDaoInterface.java
+++ b/core/src/main/java/de/ids_mannheim/korap/interfaces/KustvaktBaseDaoInterface.java
@@ -1,4 +1,4 @@
-package de.ids_mannheim.korap.config;
+package de.ids_mannheim.korap.interfaces;
/**
* @author hanl
diff --git a/core/src/main/java/de/ids_mannheim/korap/config/KustvaktTypeInterface.java b/core/src/main/java/de/ids_mannheim/korap/interfaces/KustvaktTypeInterface.java
similarity index 73%
rename from core/src/main/java/de/ids_mannheim/korap/config/KustvaktTypeInterface.java
rename to core/src/main/java/de/ids_mannheim/korap/interfaces/KustvaktTypeInterface.java
index 5980aa2..2f66b95 100644
--- a/core/src/main/java/de/ids_mannheim/korap/config/KustvaktTypeInterface.java
+++ b/core/src/main/java/de/ids_mannheim/korap/interfaces/KustvaktTypeInterface.java
@@ -1,4 +1,4 @@
-package de.ids_mannheim.korap.config;
+package de.ids_mannheim.korap.interfaces;
/**
* @author hanl
diff --git a/core/src/main/java/de/ids_mannheim/korap/interfaces/db/ResourceOperationIface.java b/core/src/main/java/de/ids_mannheim/korap/interfaces/db/ResourceOperationIface.java
index 565ceec..c27f3b6 100644
--- a/core/src/main/java/de/ids_mannheim/korap/interfaces/db/ResourceOperationIface.java
+++ b/core/src/main/java/de/ids_mannheim/korap/interfaces/db/ResourceOperationIface.java
@@ -1,8 +1,8 @@
package de.ids_mannheim.korap.interfaces.db;
-import de.ids_mannheim.korap.config.KustvaktBaseDaoInterface;
-import de.ids_mannheim.korap.config.KustvaktTypeInterface;
import de.ids_mannheim.korap.exceptions.KustvaktException;
+import de.ids_mannheim.korap.interfaces.KustvaktBaseDaoInterface;
+import de.ids_mannheim.korap.interfaces.KustvaktTypeInterface;
import de.ids_mannheim.korap.resources.KustvaktResource;
import de.ids_mannheim.korap.user.User;
diff --git a/core/src/main/java/de/ids_mannheim/korap/interfaces/db/UserDataDbIface.java b/core/src/main/java/de/ids_mannheim/korap/interfaces/db/UserDataDbIface.java
index a475dae..23dfbc4 100644
--- a/core/src/main/java/de/ids_mannheim/korap/interfaces/db/UserDataDbIface.java
+++ b/core/src/main/java/de/ids_mannheim/korap/interfaces/db/UserDataDbIface.java
@@ -1,7 +1,7 @@
package de.ids_mannheim.korap.interfaces.db;
-import de.ids_mannheim.korap.config.KustvaktTypeInterface;
import de.ids_mannheim.korap.exceptions.KustvaktException;
+import de.ids_mannheim.korap.interfaces.KustvaktTypeInterface;
import de.ids_mannheim.korap.user.User;
import de.ids_mannheim.korap.user.Userdata;
diff --git a/core/src/main/java/de/ids_mannheim/korap/user/TokenContext.java b/core/src/main/java/de/ids_mannheim/korap/user/TokenContext.java
deleted file mode 100644
index df3b7db..0000000
--- a/core/src/main/java/de/ids_mannheim/korap/user/TokenContext.java
+++ /dev/null
@@ -1,156 +0,0 @@
-package de.ids_mannheim.korap.user;
-
-import java.io.Serializable;
-import java.util.HashMap;
-import java.util.Map;
-
-import com.fasterxml.jackson.databind.JsonNode;
-
-import de.ids_mannheim.korap.config.Attributes;
-import de.ids_mannheim.korap.config.TokenType;
-import de.ids_mannheim.korap.exceptions.KustvaktException;
-import de.ids_mannheim.korap.utils.JsonUtils;
-import de.ids_mannheim.korap.utils.TimeUtils;
-import lombok.AccessLevel;
-import lombok.Data;
-import lombok.Getter;
-import lombok.Setter;
-
-/**
- * @author hanl
- * @date 27/01/2014
- */
-@Data
-public class TokenContext implements java.security.Principal, Serializable {
-
- /**
- * session relevant data. Are never persisted into a database
- */
- private String username;
- private long expirationTime;
- // either "session_token " / "api_token
- private TokenType tokenType;
- private String token;
- private boolean secureRequired;
-
- @Getter(AccessLevel.PRIVATE)
- @Setter(AccessLevel.PRIVATE)
- private Map<String, Object> parameters;
- private String hostAddress;
- private String userAgent;
-
-
- public TokenContext () {
- this.parameters = new HashMap<>();
- this.setUsername("");
- this.setToken("");
- this.setSecureRequired(false);
- this.setExpirationTime(-1);
- }
-
-
- private Map statusMap () {
- Map m = new HashMap();
- if (username != null && !username.isEmpty())
- m.put(Attributes.USERNAME, username);
- m.put(Attributes.TOKEN_EXPIRATION,
- TimeUtils.format(this.expirationTime));
- m.put(Attributes.TOKEN, this.token);
- m.put(Attributes.TOKEN_TYPE, this.tokenType);
- return m;
- }
-
-
- public Map<String, Object> params () {
- return new HashMap<>(parameters);
- }
-
-
- public boolean match (TokenContext other) {
- if (other.getToken().equals(this.token))
- if (this.getHostAddress().equals(this.hostAddress))
- // user agent should be irrelvant -- what about os system version?
- // if (other.getUserAgent().equals(this.userAgent))
- return true;
- return false;
- }
-
-
- public void addContextParameter (String key, String value) {
- this.parameters.put(key, value);
- }
-
-
- public void addParams (Map<String, Object> map) {
- for (Map.Entry<String, Object> e : map.entrySet())
- this.parameters.put(e.getKey(), String.valueOf(e.getValue()));
- }
-
-
- public void removeContextParameter (String key) {
- this.parameters.remove(key);
- }
-
-
- public void setExpirationTime (long date) {
- this.expirationTime = date;
- }
-
-
- //todo: complete
- public static TokenContext fromJSON (String s) throws KustvaktException {
- JsonNode node = JsonUtils.readTree(s);
- TokenContext c = new TokenContext();
- if (node != null) {
- c.setUsername(node.path(Attributes.USERNAME).asText());
- c.setToken(node.path(Attributes.TOKEN).asText());
- }
- return c;
- }
-
-
- public static TokenContext fromOAuth2 (String s) throws KustvaktException {
- JsonNode node = JsonUtils.readTree(s);
- TokenContext c = new TokenContext();
- if (node != null) {
- c.setToken(node.path("token").asText());
- c.setTokenType(TokenType.valueOf(
- node.path("token_type").asText()));
- c.setExpirationTime(node.path("expires_in").asLong());
- c.addContextParameter("refresh_token", node.path("refresh_token")
- .asText());
-
- }
- return c;
- }
-
-
- public boolean isValid () {
- return (this.username != null && !this.username.isEmpty())
- && (this.token != null && !this.token.isEmpty())
- && (this.tokenType != null);
- }
-
-
- public String getToken () {
- return token;
- }
-
-
- public String toJson() throws KustvaktException {
- return JsonUtils.toJSON(this.statusMap());
- }
-
-
- public boolean isDemo() {
- return User.UserFactory.isDemo(this.username);
- }
-
-
-
- @Override
- public String getName () {
- return this.getUsername();
- }
-
-}
diff --git a/core/src/main/java/de/ids_mannheim/korap/web/utils/KustvaktContext.java b/core/src/main/java/de/ids_mannheim/korap/web/utils/KustvaktContext.java
deleted file mode 100644
index f34cd43..0000000
--- a/core/src/main/java/de/ids_mannheim/korap/web/utils/KustvaktContext.java
+++ /dev/null
@@ -1,47 +0,0 @@
-package de.ids_mannheim.korap.web.utils;
-
-import de.ids_mannheim.korap.user.TokenContext;
-
-import javax.ws.rs.core.SecurityContext;
-import java.security.Principal;
-
-/**
- * @author hanl
- * @date 13/05/2014
- *
- * wrapper for REST security context
- *
- */
-public class KustvaktContext implements SecurityContext {
-
- private TokenContext user;
-
-
- public KustvaktContext (final TokenContext user) {
- this.user = user;
- }
-
-
- @Override
- public Principal getUserPrincipal () {
- return this.user;
- }
-
-
- @Override
- public boolean isUserInRole (String role) {
- throw new UnsupportedOperationException();
- }
-
-
- @Override
- public boolean isSecure () {
- return false;
- }
-
-
- @Override
- public String getAuthenticationScheme () {
- return SecurityContext.BASIC_AUTH;
- }
-}