Changed token type to authentication type.
Change-Id: Icb2f87c5d1da57dab8a1ed31817bce84222a4a27
diff --git a/full/src/main/java/de/ids_mannheim/korap/authentication/APIAuthentication.java b/full/src/main/java/de/ids_mannheim/korap/authentication/APIAuthentication.java
index c07744f..7072d5b 100644
--- a/full/src/main/java/de/ids_mannheim/korap/authentication/APIAuthentication.java
+++ b/full/src/main/java/de/ids_mannheim/korap/authentication/APIAuthentication.java
@@ -1,33 +1,31 @@
package de.ids_mannheim.korap.authentication;
+import java.text.ParseException;
+import java.util.Map;
+
import com.nimbusds.jose.JOSEException;
import com.nimbusds.jwt.SignedJWT;
+
import de.ids_mannheim.korap.config.JWTSigner;
-import de.ids_mannheim.korap.config.KustvaktCacheable;
import de.ids_mannheim.korap.config.KustvaktConfiguration;
import de.ids_mannheim.korap.exceptions.KustvaktException;
import de.ids_mannheim.korap.exceptions.StatusCodes;
import de.ids_mannheim.korap.interfaces.AuthenticationIface;
-import de.ids_mannheim.korap.config.Attributes;
import de.ids_mannheim.korap.user.TokenContext;
import de.ids_mannheim.korap.user.User;
-import de.ids_mannheim.korap.utils.NamingUtils;
-import de.ids_mannheim.korap.utils.StringUtils;
import net.sf.ehcache.Cache;
import net.sf.ehcache.CacheManager;
import net.sf.ehcache.Element;
-import java.text.ParseException;
-import java.util.Map;
-
-/**
+/** EM: there is no authentication here, just implementation for creating token context etc.
+ *
* Created by hanl on 5/23/14.
*/
-public class APIAuthentication implements AuthenticationIface{
+public abstract class APIAuthentication implements AuthenticationIface {
private JWTSigner signedToken;
- private Cache invalided = CacheManager.getInstance().getCache(
- "id_tokens_inv");
+ private Cache invalided =
+ CacheManager.getInstance().getCache("id_tokens_inv");
//private Cache id_tokens = CacheManager.getInstance().getCache("id_tokens");
@@ -38,17 +36,17 @@
@Override
- public TokenContext getTokenContext(String authToken)
+ public TokenContext getTokenContext (String authToken)
throws KustvaktException {
TokenContext context;
//Element ein = invalided.get(authToken);
- try {
- context = signedToken.getTokenContext(authToken);
- context.setTokenType(Attributes.API_AUTHENTICATION);
- }
- catch (JOSEException | ParseException ex) {
- throw new KustvaktException(StatusCodes.ILLEGAL_ARGUMENT);
- }
+ try {
+ context = signedToken.getTokenContext(authToken);
+ context.setAuthenticationType(getIdentifier());
+ }
+ catch (JOSEException | ParseException ex) {
+ throw new KustvaktException(StatusCodes.ILLEGAL_ARGUMENT);
+ }
//context = (TokenContext) e.getObjectValue();
//throw new KustvaktException(StatusCodes.EXPIRED);
return context;
@@ -56,7 +54,7 @@
@Override
- public TokenContext createTokenContext(User user, Map<String, Object> attr)
+ public TokenContext createTokenContext (User user, Map<String, Object> attr)
throws KustvaktException {
TokenContext c = new TokenContext();
c.setUsername(user.getUsername());
@@ -67,7 +65,7 @@
catch (ParseException e) {
throw new KustvaktException(StatusCodes.ILLEGAL_ARGUMENT);
}
- c.setTokenType(Attributes.API_AUTHENTICATION);
+ c.setAuthenticationType(getIdentifier());
c.setToken(jwt.serialize());
//id_tokens.put(new Element(c.getToken(), c));
return c;
@@ -84,14 +82,8 @@
@Override
- public TokenContext refresh (TokenContext context) throws KustvaktException {
+ public TokenContext refresh (TokenContext context)
+ throws KustvaktException {
return null;
}
-
-
- @Override
- public String getIdentifier () {
- return Attributes.API_AUTHENTICATION;
- }
-
}
diff --git a/full/src/main/java/de/ids_mannheim/korap/authentication/BasicHttpAuth.java b/full/src/main/java/de/ids_mannheim/korap/authentication/BasicHttpAuth.java
index cb25b1f..1d15ca2 100644
--- a/full/src/main/java/de/ids_mannheim/korap/authentication/BasicHttpAuth.java
+++ b/full/src/main/java/de/ids_mannheim/korap/authentication/BasicHttpAuth.java
@@ -6,6 +6,7 @@
import org.springframework.beans.factory.annotation.Autowired;
import de.ids_mannheim.korap.config.Attributes;
+import de.ids_mannheim.korap.config.AuthenticationType;
import de.ids_mannheim.korap.config.KustvaktConfiguration;
import de.ids_mannheim.korap.config.Scopes;
import de.ids_mannheim.korap.exceptions.KustvaktException;
@@ -19,7 +20,11 @@
import de.ids_mannheim.korap.utils.StringUtils;
import de.ids_mannheim.korap.utils.TimeUtils;
-/** EM: do not use at the moment, there is no authentication checking
+/** EM: do not use at the moment, there is no authentication
+ * checking, formerly used a database. Should separate between
+ * authentication procedure and the real authentication checking
+ * method.
+ *
*
* @author hanl
* @date 28/04/2015
@@ -93,7 +98,7 @@
}
c.setUsername(values[0]);
c.setExpirationTime(TimeUtils.plusSeconds(this.config.getTokenTTL()).getMillis());
- c.setTokenType(Attributes.BASIC_AUTHENTICATION);
+ c.setAuthenticationType(AuthenticationType.DATABASE);
// todo: for production mode, set true
c.setSecureRequired(false);
c.setToken(StringUtils.stripTokenType(authToken));
@@ -127,7 +132,7 @@
@Override
- public String getIdentifier () {
- return Attributes.BASIC_AUTHENTICATION;
+ public AuthenticationType getIdentifier () {
+ return AuthenticationType.DATABASE;
}
}
diff --git a/full/src/main/java/de/ids_mannheim/korap/authentication/KustvaktAuthenticationManager.java b/full/src/main/java/de/ids_mannheim/korap/authentication/KustvaktAuthenticationManager.java
index b420399..3c90a2c 100644
--- a/full/src/main/java/de/ids_mannheim/korap/authentication/KustvaktAuthenticationManager.java
+++ b/full/src/main/java/de/ids_mannheim/korap/authentication/KustvaktAuthenticationManager.java
@@ -102,10 +102,13 @@
if (token == null)
throw new KustvaktException(StatusCodes.MISSING_ARGUMENT, "authorization header");
+ // EM: fix me
String token_type = StringUtils.getTokenType(token);
+ AuthenticationType type = AuthenticationType.valueOf(token_type);
+
token = StringUtils.stripTokenType(token);
jlog.info("getting session status of token type '{}'", token.split(" ")[0]);
- AuthenticationIface provider = getProvider(token_type, null);
+ AuthenticationIface provider = getProvider(type , null);
if (provider == null)
// throw exception for missing type parameter
@@ -147,7 +150,7 @@
}
public TokenContext refresh(TokenContext context) throws KustvaktException {
- AuthenticationIface provider = getProvider(context.getTokenType(), null);
+ AuthenticationIface provider = getProvider(context.getAuthenticationType(), null);
if (provider == null) {
// todo:
}
@@ -255,9 +258,9 @@
} // getAccess
@Override
- public TokenContext createTokenContext(User user, Map<String, Object> attr, String provider_key)
+ public TokenContext createTokenContext(User user, Map<String, Object> attr, AuthenticationType type)
throws KustvaktException {
- AuthenticationIface provider = getProvider(provider_key, Attributes.API_AUTHENTICATION);
+ AuthenticationIface provider = getProvider(type, AuthenticationType.LDAP);
// EM: not in the new DB
// if (attr.get(Attributes.SCOPES) != null)
@@ -538,11 +541,11 @@
public void logout(TokenContext context) throws KustvaktException {
try {
- AuthenticationIface provider = getProvider(context.getTokenType(), null);
+ AuthenticationIface provider = getProvider(context.getAuthenticationType(), null);
if (provider == null) {
- throw new KustvaktException(StatusCodes.ILLEGAL_ARGUMENT, "provider not supported!",
- context.getTokenType());
+ throw new KustvaktException(StatusCodes.ILLEGAL_ARGUMENT, "Authentication "
+ + "provider not supported!", context.getAuthenticationType().name());
}
provider.removeUserSession(context.getToken());
} catch (KustvaktException e) {
diff --git a/full/src/main/java/de/ids_mannheim/korap/authentication/LdapAuth3.java b/full/src/main/java/de/ids_mannheim/korap/authentication/LdapAuth3.java
index 8d1d859..1ce2772 100644
--- a/full/src/main/java/de/ids_mannheim/korap/authentication/LdapAuth3.java
+++ b/full/src/main/java/de/ids_mannheim/korap/authentication/LdapAuth3.java
@@ -28,18 +28,22 @@
import com.unboundid.ldap.sdk.*;
+import de.ids_mannheim.korap.config.AuthenticationType;
+import de.ids_mannheim.korap.config.KustvaktConfiguration;
+
import java.io.*;
import java.util.*;
/**
* LDAP Login Tests
- *
+ *
+ * @author bodmer, margaretha
+ * @see APIAuthentication
*/
-public class LdapAuth3
+public class LdapAuth3 extends APIAuthentication {
-{
- /* For SSL Connection to LDAP, see: https://www.novell.com/documentation/developer/jldap/jldapenu/data/cchcbejj.html.
+ /* For SSL Connection to LDAP, see: https://www.novell.com/documentation/developer/jldap/jldapenu/data/cchcbejj.html.
* and use DEFAULT_SSL_PORT.
* For now, plain text connection is used.
* FB
@@ -68,6 +72,16 @@
public static final int LDAP_AUTH_RLOCKED = 3;
public static final int LDAP_AUTH_RNOTREG = 4;
+ public LdapAuth3 (KustvaktConfiguration config) {
+ super(config);
+ }
+
+
+ @Override
+ public AuthenticationType getIdentifier () {
+ return AuthenticationType.LDAP;
+ }
+
/**
* getErrMessage:
* returns String Message for LDAP_AUTH_Rxxx code.
@@ -75,7 +89,7 @@
* @param code
* @return Message in string form.
*/
- static String getErrMessage(int code)
+ public static String getErrMessage(int code)
{
switch(code)
diff --git a/full/src/main/java/de/ids_mannheim/korap/authentication/OpenIDconnectAuthentication.java b/full/src/main/java/de/ids_mannheim/korap/authentication/OpenIDconnectAuthentication.java
index 78d1915..0257c68 100644
--- a/full/src/main/java/de/ids_mannheim/korap/authentication/OpenIDconnectAuthentication.java
+++ b/full/src/main/java/de/ids_mannheim/korap/authentication/OpenIDconnectAuthentication.java
@@ -9,6 +9,7 @@
import de.ids_mannheim.korap.interfaces.AuthenticationIface;
import de.ids_mannheim.korap.interfaces.db.PersistenceClient;
import de.ids_mannheim.korap.config.Attributes;
+import de.ids_mannheim.korap.config.AuthenticationType;
import de.ids_mannheim.korap.user.TokenContext;
import de.ids_mannheim.korap.user.User;
import de.ids_mannheim.korap.utils.NamingUtils;
@@ -63,7 +64,7 @@
catch (ParseException e) {
throw new KustvaktException(StatusCodes.ILLEGAL_ARGUMENT);
}
- c.setTokenType(Attributes.OPENID_AUTHENTICATION);
+ c.setAuthenticationType(AuthenticationType.OPENID);
c.setToken(jwt.serialize());
CacheManager.getInstance().getCache("id_tokens")
.put(new Element(c.getToken(), c));
@@ -84,7 +85,7 @@
@Override
- public String getIdentifier () {
- return Attributes.OPENID_AUTHENTICATION;
+ public AuthenticationType getIdentifier () {
+ return AuthenticationType.OPENID;
}
}
diff --git a/full/src/main/java/de/ids_mannheim/korap/authentication/SessionAuthentication.java b/full/src/main/java/de/ids_mannheim/korap/authentication/SessionAuthentication.java
index bd015d6..c0eb9cd 100644
--- a/full/src/main/java/de/ids_mannheim/korap/authentication/SessionAuthentication.java
+++ b/full/src/main/java/de/ids_mannheim/korap/authentication/SessionAuthentication.java
@@ -6,6 +6,7 @@
import de.ids_mannheim.korap.interfaces.AuthenticationIface;
import de.ids_mannheim.korap.interfaces.EncryptionIface;
import de.ids_mannheim.korap.config.Attributes;
+import de.ids_mannheim.korap.config.AuthenticationType;
import de.ids_mannheim.korap.user.TokenContext;
import de.ids_mannheim.korap.user.User;
import de.ids_mannheim.korap.utils.TimeUtils;
@@ -66,7 +67,7 @@
now.getMillis());
TokenContext ctx = new TokenContext();
ctx.setUsername(user.getUsername());
- ctx.setTokenType(Attributes.SESSION_AUTHENTICATION);
+ ctx.setAuthenticationType(AuthenticationType.SESSION);
ctx.setToken(token);
ctx.setExpirationTime(ex.getMillis()+(1000));
ctx.setHostAddress(attr.get(Attributes.HOST).toString());
@@ -92,8 +93,8 @@
@Override
- public String getIdentifier () {
- return Attributes.SESSION_AUTHENTICATION;
+ public AuthenticationType getIdentifier () {
+ return AuthenticationType.OPENID;
}
}
diff --git a/full/src/main/java/de/ids_mannheim/korap/handlers/OAuthDb.java b/full/src/main/java/de/ids_mannheim/korap/handlers/OAuthDb.java
index 711e6d8..ec9d036 100644
--- a/full/src/main/java/de/ids_mannheim/korap/handlers/OAuthDb.java
+++ b/full/src/main/java/de/ids_mannheim/korap/handlers/OAuthDb.java
@@ -6,6 +6,7 @@
import de.ids_mannheim.korap.exceptions.DatabaseException;
import de.ids_mannheim.korap.interfaces.db.PersistenceClient;
import de.ids_mannheim.korap.config.Attributes;
+import de.ids_mannheim.korap.config.AuthenticationType;
import de.ids_mannheim.korap.user.TokenContext;
import de.ids_mannheim.korap.user.User;
import de.ids_mannheim.korap.utils.BooleanUtils;
@@ -208,7 +209,8 @@
c.setUsername(rs.getString(Attributes.USERNAME));
c.setExpirationTime(exp);
c.setToken(token);
- c.setTokenType(Attributes.OAUTH2_AUTHORIZATION);
+ c.setAuthenticationType(AuthenticationType.OAUTH2);
+ //.setTokenType(Attributes.OAUTH2_AUTHORIZATION);
c.addContextParameter(Attributes.SCOPES,
rs.getString(Attributes.SCOPES));
return c;
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/AuthenticationController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/AuthenticationController.java
index 745470a..bed0d5d 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/AuthenticationController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/AuthenticationController.java
@@ -207,7 +207,7 @@
attr.put(Attributes.LOCATION, user.getLocation());
attr.put(Attributes.CORPUS_ACCESS, user.getCorpusAccess());
context = controller.createTokenContext(user, attr,
- AuthenticationType.LDAP.name());
+ AuthenticationType.LDAP);
//Attributes.API_AUTHENTICATION);
}
catch (KustvaktException e) {
@@ -279,7 +279,7 @@
User user = controller.authenticate(AuthenticationType.SESSION,
values[0], values[1], attr);
context = controller.createTokenContext(user, attr,
- Attributes.SESSION_AUTHENTICATION);
+ AuthenticationType.SESSION);
contextJson = context.toJson();
jlog.debug(contextJson);
}
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuthController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuthController.java
index 06988f1..95d25cd 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuthController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuthController.java
@@ -320,7 +320,8 @@
try {
TokenContext new_context = this.controller
.createTokenContext(user, attr, null);
- builder.setParam(new_context.getTokenType(),
+ //builder.setParam(new_context.getTokenType(),
+ builder.setParam(new_context.getAuthenticationType().name(),
new_context.getToken());
}
catch (KustvaktException e) {
@@ -579,8 +580,10 @@
attr.put(Attributes.CLIENT_SECRET,
oauthRequest.getClientSecret());
TokenContext c = controller.createTokenContext(user, attr,
- Attributes.OPENID_AUTHENTICATION);
- builder.setParam(c.getTokenType(), c.getToken());
+ AuthenticationType.OPENID);
+ //Attributes.OPENID_AUTHENTICATION);
+ //EM: why openid, not oauth2?
+ builder.setParam(c.getAuthenticationType().name(), c.getToken());
}
catch (KustvaktException e) {
throw kustvaktResponseHandler.throwit(e);
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/filter/AdminFilter.java b/full/src/main/java/de/ids_mannheim/korap/web/filter/AdminFilter.java
index 3326380..16840f1 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/filter/AdminFilter.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/filter/AdminFilter.java
@@ -42,15 +42,15 @@
if (authentication == null) {
throw kustvaktResponseHandler.throwAuthenticationException("The authorization header value is missing.");
}
-
+
// EM: fix me: authentication header format
// decode password
- String authenticationType = StringUtils.getTokenType(authentication);
+ AuthenticationType authenticationType = AuthenticationType.valueOf(StringUtils.getTokenType(authentication));
String authenticationCode = StringUtils.stripTokenType(authentication);
String username = null, token = null;
-// A tokenType = 0;
+ // String tokenType = 0;
- if (authenticationType.equals(Attributes.BASIC_AUTHENTICATION)) {
+ if (authenticationType.equals(AuthenticationType.DATABASE)) {
String[] authContent = BasicHttpAuth.decode(authenticationCode);
username = authContent[0];
token = authContent[1];
@@ -75,7 +75,7 @@
TokenContext c = new TokenContext();
c.setUsername(username);
- c.setTokenType(authenticationType);
+ c.setAuthenticationType(authenticationType);
c.setToken(token);
c.setHostAddress(host);
c.setUserAgent(agent);
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/filter/DemoFilter.java b/full/src/main/java/de/ids_mannheim/korap/web/filter/DemoFilter.java
index e2b8178..ee6a24f 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/filter/DemoFilter.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/filter/DemoFilter.java
@@ -7,6 +7,7 @@
import de.ids_mannheim.korap.authentication.BasicHttpAuth;
import de.ids_mannheim.korap.config.Attributes;
+import de.ids_mannheim.korap.config.AuthenticationType;
import de.ids_mannheim.korap.user.TokenContext;
import de.ids_mannheim.korap.web.utils.KustvaktContext;
@@ -40,7 +41,7 @@
TokenContext context = new TokenContext();
String token = BasicHttpAuth.encode("demo", "demo2015");
context.setToken(token);
- context.setTokenType(Attributes.BASIC_AUTHENTICATION);
+ context.setAuthenticationType(AuthenticationType.LDAP);
context.setUsername("demo");
return new KustvaktContext(context);
}
diff --git a/full/src/main/resources/default-config.xml b/full/src/main/resources/default-config.xml
index 46aa18a..5fb4896 100644
--- a/full/src/main/resources/default-config.xml
+++ b/full/src/main/resources/default-config.xml
@@ -195,7 +195,12 @@
</bean>
<!-- authentication providers to use -->
- <bean id="api_auth" class="de.ids_mannheim.korap.authentication.APIAuthentication">
+ <!-- <bean id="api_auth" class="de.ids_mannheim.korap.authentication.APIAuthentication">
+ <constructor-arg type="de.ids_mannheim.korap.config.KustvaktConfiguration"
+ ref="kustvakt_config" />
+ </bean> -->
+
+ <bean id="ldap_auth" class="de.ids_mannheim.korap.authentication.LdapAuth3">
<constructor-arg type="de.ids_mannheim.korap.config.KustvaktConfiguration"
ref="kustvakt_config" />
</bean>
@@ -222,8 +227,9 @@
<util:list id="kustvakt_authproviders"
value-type="de.ids_mannheim.korap.interfaces.AuthenticationIface">
<ref bean="basic_auth" />
+ <ref bean="ldap_auth" />
<ref bean="session_auth" />
- <ref bean="api_auth" />
+ <!-- <ref bean="api_auth" /> -->
<ref bean="openid_auth" />
</util:list>
diff --git a/full/src/test/resources/test-config.xml b/full/src/test/resources/test-config.xml
index c1adc4f..7b85090 100644
--- a/full/src/test/resources/test-config.xml
+++ b/full/src/test/resources/test-config.xml
@@ -192,11 +192,15 @@
</bean>
<!-- authentication providers to use -->
- <bean id="api_auth" class="de.ids_mannheim.korap.authentication.APIAuthentication">
+ <!-- <bean id="api_auth" class="de.ids_mannheim.korap.authentication.APIAuthentication">
+ <constructor-arg type="de.ids_mannheim.korap.config.KustvaktConfiguration"
+ ref="kustvakt_config" />
+ </bean> -->
+ <bean id="ldap_auth" class="de.ids_mannheim.korap.authentication.LdapAuth3">
<constructor-arg type="de.ids_mannheim.korap.config.KustvaktConfiguration"
ref="kustvakt_config" />
</bean>
-
+
<bean id="openid_auth"
class="de.ids_mannheim.korap.authentication.OpenIDconnectAuthentication">
<constructor-arg type="de.ids_mannheim.korap.config.KustvaktConfiguration"
@@ -219,8 +223,9 @@
<util:list id="kustvakt_authproviders"
value-type="de.ids_mannheim.korap.interfaces.AuthenticationIface">
<ref bean="basic_auth" />
+ <ref bean="ldap_auth" />
<ref bean="session_auth" />
- <ref bean="api_auth" />
+ <!-- <ref bean="api_auth" /> -->
<ref bean="openid_auth" />
</util:list>