Fixed session authentication & some other tests.
Change-Id: Ie863d53f0542d7a6964caab284bc038f1a1c82c6
diff --git a/src/main/java/de/ids_mannheim/korap/config/KustvaktConfiguration.java b/src/main/java/de/ids_mannheim/korap/config/KustvaktConfiguration.java
index 24f631a..6c100ab 100644
--- a/src/main/java/de/ids_mannheim/korap/config/KustvaktConfiguration.java
+++ b/src/main/java/de/ids_mannheim/korap/config/KustvaktConfiguration.java
@@ -165,9 +165,9 @@
ldapConfig = properties.getProperty("ldap.config");
// EM: regex for matching availability in Krill matches
- setPattern(properties.getProperty("kustvakt.regex.free",""), freeLicensePattern);
- setPattern(properties.getProperty("kustvakt.regex.public",""), publicLicensePattern);
- setPattern(properties.getProperty("kustvakt.regex.all",""), allLicensePattern);
+ freeLicensePattern = compilePattern(properties.getProperty("kustvakt.regex.free",""));
+ publicLicensePattern = compilePattern(properties.getProperty("kustvakt.regex.public",""));
+ allLicensePattern = compilePattern(properties.getProperty("kustvakt.regex.all",""));
// EM: not use in the future
//policyConfig = properties.getProperty("policies.config");
@@ -186,14 +186,13 @@
return properties;
}
- private void setPattern (String patternStr, Pattern pattern) {
+ private Pattern compilePattern (String patternStr) {
if (!patternStr.isEmpty()){
- pattern = Pattern.compile(patternStr);
+ return Pattern.compile(patternStr);
}
else{
- pattern = null;
+ return null;
}
-
}
public void setFoundriesAndLayers(String config) throws IOException {
diff --git a/src/main/java/de/ids_mannheim/korap/security/auth/KustvaktAuthenticationManager.java b/src/main/java/de/ids_mannheim/korap/security/auth/KustvaktAuthenticationManager.java
index f9cf0bf..063a465 100644
--- a/src/main/java/de/ids_mannheim/korap/security/auth/KustvaktAuthenticationManager.java
+++ b/src/main/java/de/ids_mannheim/korap/security/auth/KustvaktAuthenticationManager.java
@@ -328,7 +328,7 @@
boolean isAdmin = adminHandler.isAdmin(unknown.getId());
unknown.setAdmin(isAdmin);
- jlog.trace("Authentication: found username " + unknown.getUsername());
+ jlog.debug("Authentication: found username " + unknown.getUsername());
if (unknown instanceof KorAPUser) {
if (password == null || password.isEmpty())
@@ -374,7 +374,7 @@
} else if (unknown instanceof ShibUser) {
// todo
}
- jlog.debug("Authentication done: " + username);
+ jlog.debug("Authentication done: "+unknown);
return unknown;
}
diff --git a/src/main/java/de/ids_mannheim/korap/security/auth/SessionAuthentication.java b/src/main/java/de/ids_mannheim/korap/security/auth/SessionAuthentication.java
index 6f42073..d6060a5 100644
--- a/src/main/java/de/ids_mannheim/korap/security/auth/SessionAuthentication.java
+++ b/src/main/java/de/ids_mannheim/korap/security/auth/SessionAuthentication.java
@@ -28,7 +28,7 @@
private static final Logger jlog = LoggerFactory
.getLogger(SessionAuthentication.class);
- private SessionFactory sessions;
+ public static SessionFactory sessions;
private ScheduledThreadPoolExecutor scheduled;
private EncryptionIface crypto;
private KustvaktConfiguration config;
@@ -68,10 +68,12 @@
ctx.setUsername(user.getUsername());
ctx.setTokenType(Attributes.SESSION_AUTHENTICATION);
ctx.setToken(token);
- ctx.setExpirationTime(ex.getMillis());
+ ctx.setExpirationTime(ex.getMillis()+(1000));
ctx.setHostAddress(attr.get(Attributes.HOST).toString());
ctx.setUserAgent(attr.get(Attributes.USER_AGENT).toString());
+ jlog.debug(ctx.toJson());
this.sessions.putSession(token, ctx);
+ jlog.debug("session " +sessions.getSession(token).toString());
jlog.info("create session for user: " + user.getUsername());
return ctx;
}
diff --git a/src/main/java/de/ids_mannheim/korap/security/auth/SessionFactory.java b/src/main/java/de/ids_mannheim/korap/security/auth/SessionFactory.java
index 9cc270f..2d6d53e 100644
--- a/src/main/java/de/ids_mannheim/korap/security/auth/SessionFactory.java
+++ b/src/main/java/de/ids_mannheim/korap/security/auth/SessionFactory.java
@@ -33,9 +33,9 @@
private static Logger jlog = LoggerFactory.getLogger(SessionFactory.class);
- private final ConcurrentMap<String, TokenContext> sessionsObject;
- private final ConcurrentMap<String, DateTime> timeCheck;
- private final ConcurrentMultiMap<String, String> loggedInRecord;
+ public static ConcurrentMap<String, TokenContext> sessionsObject;
+ public static ConcurrentMap<String, DateTime> timeCheck;
+ public static ConcurrentMultiMap<String, String> loggedInRecord;
// private final ConcurrentMultiMap<String, Long> failedLogins;
private final boolean multipleEnabled;
private final int inactive;
diff --git a/src/main/java/de/ids_mannheim/korap/web/KustvaktBaseServer.java b/src/main/java/de/ids_mannheim/korap/web/KustvaktBaseServer.java
index 974fa00..4ef0d7a 100644
--- a/src/main/java/de/ids_mannheim/korap/web/KustvaktBaseServer.java
+++ b/src/main/java/de/ids_mannheim/korap/web/KustvaktBaseServer.java
@@ -103,7 +103,7 @@
servletHolder.setInitParameter("com.sun.jersey.config.property.packages",
rootPackages);
servletHolder.setInitOrder(1);
- contextHandler.addServlet(servletHolder, "/kustvakt/*");
+ contextHandler.addServlet(servletHolder, "/api/*");
SocketConnector connector = new SocketConnector();
connector.setPort(kargs.port);
diff --git a/src/main/java/de/ids_mannheim/korap/web/service/full/AuthService.java b/src/main/java/de/ids_mannheim/korap/web/service/full/AuthService.java
index 4cb0169..2802ceb 100644
--- a/src/main/java/de/ids_mannheim/korap/web/service/full/AuthService.java
+++ b/src/main/java/de/ids_mannheim/korap/web/service/full/AuthService.java
@@ -17,6 +17,7 @@
import de.ids_mannheim.korap.web.filter.*;
import de.ids_mannheim.korap.web.utils.KustvaktResponseHandler;
+import org.eclipse.jetty.util.log.Log;
import org.slf4j.Logger;
import javax.servlet.http.HttpServletRequest; // FB
@@ -45,24 +46,25 @@
@Produces(MediaType.TEXT_HTML + ";charset=utf-8")
public class AuthService {
- private static Boolean DEBUG_LOG = true;
-
+ private static Boolean DEBUG_LOG = true;
+
//todo: bootstrap function to transmit certain default configuration settings and examples (example user queries,
// default usersettings, etc.)
private static Logger jlog = KustvaktLogger.getLogger(AuthService.class);
private AuthenticationManagerIface controller;
+
// private SendMail mail;
public AuthService () {
- this.controller = BeansFactory.getKustvaktContext()
- .getAuthenticationManager();
+ this.controller =
+ BeansFactory.getKustvaktContext().getAuthenticationManager();
//todo: replace with real property values
// this.mail = new SendMail(ExtConfiguration.getMailProperties());
}
-
+
/**
* represents json string with data. All GUI clients can access
* this method to get certain default values
@@ -88,7 +90,8 @@
// fixme: moved to user
@GET
@Path("status")
- @ResourceFilters({ AuthFilter.class, DemoUserFilter.class, BlockingFilter.class })
+ @ResourceFilters({ AuthFilter.class, DemoUserFilter.class,
+ BlockingFilter.class })
public Response getStatus (@Context SecurityContext context,
@HeaderParam(ContainerRequest.USER_AGENT) String agent,
@HeaderParam(ContainerRequest.HOST) String host,
@@ -101,61 +104,65 @@
@GET
@Path("apiToken")
//@ResourceFilters({HeaderFilter.class})
- public Response requestAPIToken (
- @Context HttpHeaders headers,
+ public Response requestAPIToken (@Context HttpHeaders headers,
@Context Locale locale,
@HeaderParam(ContainerRequest.USER_AGENT) String agent,
@HeaderParam(ContainerRequest.HOST) String host,
@HeaderParam("referer-url") String referer,
@QueryParam("scope") String scopes,
- // @Context WebServiceContext wsContext, // FB
+ // @Context WebServiceContext wsContext, // FB
@Context SecurityContext secCtx) {
-
- List<String> auth = headers
- .getRequestHeader(ContainerRequest.AUTHORIZATION);
+
+ List<String> auth =
+ headers.getRequestHeader(ContainerRequest.AUTHORIZATION);
+ if (auth == null || auth.isEmpty()) {
+ throw KustvaktResponseHandler
+ .throwit(new KustvaktException(StatusCodes.MISSING_ARGUMENT,
+ "Authorization header is missing.",
+ "Authorization header"));
+ }
String[] values = BasicHttpAuth.decode(auth.get(0));
- if( DEBUG_LOG == true )
- {
+ if (DEBUG_LOG == true) {
System.out.printf("Debug: AuthService.requestAPIToken...:\n");
- System.out.printf("Debug: auth.size=%d\n", auth.size());
- System.out.printf("auth.get(0)='%s'\n", auth.get(0));
- System.out.printf("Debug: values.length=%d\n", values.length);
- /* hide password etc. - FB
- if( auth.size() > 0 )
- {
- Iterator it = auth.iterator();
- while( it.hasNext() )
- System.out.printf(" header '%s'\n", it.next());
- }
- if( values.length > 0 )
- {
- for(int i=0; i< values.length; i++)
- {
- System.out.printf(" values[%d]='%s'\n", i, values[i]);
- }
- }
- */
- MultivaluedMap<String,String> headerMap = headers.getRequestHeaders();
- if( headerMap != null && headerMap.size() > 0 )
- {
- Iterator<String> it = headerMap.keySet().iterator();
- while( it.hasNext() )
- {
- String key = (String)it.next();
- List<String> vals= headerMap.get(key);
- System.out.printf("Debug: requestAPIToken: '%s' = '%s'\n", key, vals);
- }
-
- }
- System.out.printf("Debug: requestAPIToken: isSecure = %s.\n", secCtx.isSecure() ? "yes" : "no");
- } // DEBUG_LOG
-
+ System.out.printf("Debug: auth.size=%d\n", auth.size());
+ System.out.printf("auth.get(0)='%s'\n", auth.get(0));
+ System.out.printf("Debug: values.length=%d\n", values.length);
+ /* hide password etc. - FB
+ if( auth.size() > 0 )
+ {
+ Iterator it = auth.iterator();
+ while( it.hasNext() )
+ System.out.printf(" header '%s'\n", it.next());
+ }
+ if( values.length > 0 )
+ {
+ for(int i=0; i< values.length; i++)
+ {
+ System.out.printf(" values[%d]='%s'\n", i, values[i]);
+ }
+ }
+ */
+ MultivaluedMap<String, String> headerMap =
+ headers.getRequestHeaders();
+ if (headerMap != null && headerMap.size() > 0) {
+ Iterator<String> it = headerMap.keySet().iterator();
+ while (it.hasNext()) {
+ String key = (String) it.next();
+ List<String> vals = headerMap.get(key);
+ System.out.printf("Debug: requestAPIToken: '%s' = '%s'\n",
+ key, vals);
+ }
+
+ }
+ System.out.printf("Debug: requestAPIToken: isSecure = %s.\n",
+ secCtx.isSecure() ? "yes" : "no");
+ } // DEBUG_LOG
+
// "Invalid syntax for username and password"
if (values == null)
- throw KustvaktResponseHandler
- .throwit(StatusCodes.ACCESS_DENIED);
+ throw KustvaktResponseHandler.throwit(StatusCodes.ACCESS_DENIED);
if (values[0].equalsIgnoreCase("null")
| values[1].equalsIgnoreCase("null"))
@@ -167,7 +174,7 @@
attr.put(Attributes.SCOPES, scopes);
attr.put(Attributes.HOST, host);
attr.put(Attributes.USER_AGENT, agent);
-
+
TokenContext context;
try {
// User user = controller.authenticate(0, values[0], values[1], attr); Implementation by Hanl
@@ -176,11 +183,13 @@
// todo: is this necessary?
// attr.putAll(data.fields());
controller.setAccessAndLocation(user, headers);
- if( DEBUG_LOG == true )
- System.out.printf("Debug: /apiToken/: location=%s, access='%s'.\n", user.locationtoString(), user.accesstoString());
+ if (DEBUG_LOG == true) System.out.printf(
+ "Debug: /apiToken/: location=%s, access='%s'.\n",
+ user.locationtoString(), user.accesstoString());
attr.put(Attributes.LOCATION, user.getLocation());
- attr.put(Attributes.CORPUS_ACCESS, user.getCorpusAccess());
- context = controller.createTokenContext(user, attr, Attributes.API_AUTHENTICATION);
+ attr.put(Attributes.CORPUS_ACCESS, user.getCorpusAccess());
+ context = controller.createTokenContext(user, attr,
+ Attributes.API_AUTHENTICATION);
}
catch (KustvaktException e) {
throw KustvaktResponseHandler.throwit(e);
@@ -217,8 +226,8 @@
@Context Locale locale,
@HeaderParam(ContainerRequest.USER_AGENT) String agent,
@HeaderParam(ContainerRequest.HOST) String host) {
- List<String> auth = headers
- .getRequestHeader(ContainerRequest.AUTHORIZATION);
+ List<String> auth =
+ headers.getRequestHeader(ContainerRequest.AUTHORIZATION);
String[] values = BasicHttpAuth.decode(auth.get(0));
// authentication = StringUtils.stripTokenType(authentication);
@@ -228,8 +237,7 @@
// "Invalid syntax for username and password"
if (values == null)
- throw KustvaktResponseHandler
- .throwit(StatusCodes.BAD_CREDENTIALS);
+ throw KustvaktResponseHandler.throwit(StatusCodes.BAD_CREDENTIALS);
// Implementation Hanl mit '|'. 16.02.17/FB
//if (values[0].equalsIgnoreCase("null")
@@ -242,15 +250,18 @@
attr.put(Attributes.HOST, host);
attr.put(Attributes.USER_AGENT, agent);
TokenContext context;
+ String contextJson;
try {
User user = controller.authenticate(0, values[0], values[1], attr);
context = controller.createTokenContext(user, attr,
Attributes.SESSION_AUTHENTICATION);
+ contextJson = context.toJson();
+ jlog.debug(contextJson);
}
catch (KustvaktException e) {
throw KustvaktResponseHandler.throwit(e);
}
- return Response.ok().entity(context.toJson()).build();
+ return Response.ok().entity(contextJson).build();
}
@@ -290,8 +301,10 @@
//fixme: moved from userservice
@GET
@Path("logout")
- @ResourceFilters({ AuthFilter.class, DemoUserFilter.class, PiwikFilter.class })
- public Response logout (@Context SecurityContext ctx, @Context Locale locale) {
+ @ResourceFilters({ AuthFilter.class, DemoUserFilter.class,
+ PiwikFilter.class })
+ public Response logout (@Context SecurityContext ctx,
+ @Context Locale locale) {
TokenContext context = (TokenContext) ctx.getUserPrincipal();
try {
controller.logout(context);
diff --git a/src/main/java/de/ids_mannheim/korap/web/service/full/SearchService.java b/src/main/java/de/ids_mannheim/korap/web/service/full/SearchService.java
index 6f2835f..3358eb4 100644
--- a/src/main/java/de/ids_mannheim/korap/web/service/full/SearchService.java
+++ b/src/main/java/de/ids_mannheim/korap/web/service/full/SearchService.java
@@ -24,6 +24,7 @@
import javax.ws.rs.core.SecurityContext;
import javax.ws.rs.core.UriBuilder;
+import org.junit.Ignore;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
@@ -143,6 +144,7 @@
}
+ @Deprecated
@GET
@Path("{type}/{id}/{child}")
public Response getResource (@Context SecurityContext context,
@@ -160,6 +162,7 @@
* @param type
* @return
*/
+ @Deprecated
@GET
@Path("{type}/{id}")
public Response getResource (@Context SecurityContext context,
diff --git a/src/main/java/de/ids_mannheim/korap/web/service/full/UserService.java b/src/main/java/de/ids_mannheim/korap/web/service/full/UserService.java
index 74f3cf5..b36ff99 100644
--- a/src/main/java/de/ids_mannheim/korap/web/service/full/UserService.java
+++ b/src/main/java/de/ids_mannheim/korap/web/service/full/UserService.java
@@ -32,7 +32,7 @@
* @author hanl, margaretha
* @lastUpdate 04/2017
*/
-@Path(KustvaktServer.API_VERSION + "/user")
+@Path("/user")
@Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
@ResourceFilters({ PiwikFilter.class })
public class UserService {
@@ -68,8 +68,7 @@
User user;
try {
uriBuilder = info.getBaseUriBuilder();
- uriBuilder.path(KustvaktServer.API_VERSION).path("user")
- .path("confirm");
+ uriBuilder.path("user").path("confirm");
user = controller.createUserAccount(values, true);
}
catch (KustvaktException e) {
diff --git a/src/main/resources/default-config.xml b/src/main/resources/default-config.xml
index a688882..94a9c53 100644
--- a/src/main/resources/default-config.xml
+++ b/src/main/resources/default-config.xml
@@ -101,9 +101,10 @@
<!-- <property name="validateOnMigrate" value="false" /> -->
<!-- <property name="cleanOnValidationError" value="true" /> -->
<property name="locations" value="${jdbc.schemaPath}" />
- <property name="dataSource" ref="dataSource" />
+ <property name="dataSource" ref="sqliteDataSource" />
</bean>
-
+
+
<bean id="kustvakt_db" class="de.ids_mannheim.korap.handlers.JDBCClient">
<constructor-arg index="0" ref="dataSource" />
<!-- deprecated property -->