diff --git a/dmp-backend/src/main/java/dao/entities/security/UserAuthDao.java b/dmp-backend/src/main/java/dao/entities/security/UserAuthDao.java new file mode 100644 index 000000000..3fee4f35f --- /dev/null +++ b/dmp-backend/src/main/java/dao/entities/security/UserAuthDao.java @@ -0,0 +1,14 @@ +package dao.entities.security; + +import java.util.UUID; + +import dao.Dao; +import entities.security.UserAuth; + +public interface UserAuthDao extends Dao { + + + public String getPasswordHashOfUser(String username); + + +} diff --git a/dmp-backend/src/main/java/dao/entities/security/UserAuthDaoImpl.java b/dmp-backend/src/main/java/dao/entities/security/UserAuthDaoImpl.java new file mode 100644 index 000000000..1fb105de3 --- /dev/null +++ b/dmp-backend/src/main/java/dao/entities/security/UserAuthDaoImpl.java @@ -0,0 +1,30 @@ +package dao.entities.security; + +import java.util.UUID; + +import javax.persistence.TypedQuery; + +import dao.JpaDao; +import entities.security.UserAuth; + +public class UserAuthDaoImpl extends JpaDao implements UserAuthDao { + + @Override + public UserAuth loadDetails(UserAuth t) { + // TODO Auto-generated method stub + return null; + } + + + @Override + public String getPasswordHashOfUser(String username) { + + String queryString = "SELECT userAuth.password FROM UserAuth userAuth where userAuth.username = :username"; + TypedQuery typedQuery = entityManager.createQuery(queryString, String.class); + typedQuery.setParameter("username", username); + return typedQuery.getSingleResult(); + + } + + +} diff --git a/dmp-backend/src/main/java/entities/security/UserAuth.java b/dmp-backend/src/main/java/entities/security/UserAuth.java new file mode 100644 index 000000000..daafca794 --- /dev/null +++ b/dmp-backend/src/main/java/entities/security/UserAuth.java @@ -0,0 +1,57 @@ +package entities.security; + +import java.util.UUID; + +import javax.persistence.Column; +import javax.persistence.Entity; +import javax.persistence.GeneratedValue; +import javax.persistence.Id; +import javax.persistence.Table; + +import org.hibernate.annotations.GenericGenerator; + +@Entity +@Table(name="\"UserAuth\"") +public class UserAuth { + + @Id + @GeneratedValue + @GenericGenerator(name = "uuid2", strategy = "uuid2") + @Column(name = "id", updatable = false, nullable = false, columnDefinition = "BINARY(16)") + private UUID id; + + @Column(name = "username", nullable = false) + private String username; + + @Column(name = "password", nullable = false) + private String password; //hash-encoded password + + + + public UUID getId() { + return id; + } + + public void setId(UUID id) { + this.id = id; + } + + public String getUsername() { + return username; + } + + public void setUsername(String username) { + this.username = username; + } + + public String getPassword() { + return password; + } + + public void setPassword(String password) { + this.password = password; + } + + + +} diff --git a/dmp-backend/src/main/java/entities/security/UserInfo.java b/dmp-backend/src/main/java/entities/security/UserInfo.java index 1e95a0c21..23710c997 100644 --- a/dmp-backend/src/main/java/entities/security/UserInfo.java +++ b/dmp-backend/src/main/java/entities/security/UserInfo.java @@ -1,13 +1,19 @@ package entities.security; import java.io.Serializable; +import java.util.Date; import java.util.UUID; import javax.persistence.Column; import javax.persistence.Entity; +import javax.persistence.FetchType; import javax.persistence.GeneratedValue; import javax.persistence.Id; +import javax.persistence.JoinColumn; +import javax.persistence.OneToOne; import javax.persistence.Table; +import javax.persistence.Temporal; +import javax.persistence.TemporalType; import org.hibernate.annotations.GenericGenerator; import org.hibernate.annotations.Type; @@ -29,106 +35,97 @@ public class UserInfo implements Serializable{ @Column(name = "autoid", updatable = false, nullable = false, columnDefinition = "BINARY(16)") private UUID autoid; - //required - @Column(name = "id") - String id = null; - @Column(name = "email") - String email = null; - //non required - @Column(name = "\"emailIsVerified\"", nullable = true) - Boolean emailIsVerified = null; + @Column(name = "identification", nullable = false) + private String identification = null; + + @Column(name = "email", nullable = false) + private String email = null; + + @Column(name = "authorization_level", nullable = false) + private Short authorization_level; //0 admin, 1 user + + @Column(name = "usertype", nullable = false) + private Short usertype; // 0 internal, 1 external + + @OneToOne(fetch = FetchType.LAZY) + @JoinColumn(name = "authentication", nullable = true) + private UserAuth authentication; + + @Column(name = "verified_email", nullable = true) + private Boolean verified_email = null; + @Column(name = "name", nullable = true) - String name = null; - @Column(name = "\"pictureUrl\"", nullable = true) - String pictureUrl = null; - @Column(name = "locale", nullable = true) - String locale = null; - @Column(name = "\"familyName\"", nullable = true) - String familyName = null; - @Column(name = "\"givenName\"", nullable = true) - String givenName = null; + private String name = null; + @Column(name = "created", nullable = false) + private Date created = null; + + + @Column(name = "lastloggedin", nullable = true) + private Date lastloggedin = null; + + @Type(type="typedefinition.XMLType") @Column(name = "additionalinfo", columnDefinition = "xml", nullable = true) private String additionalinfo; - - - public UserInfo () {} - - public UserInfo(String id, String email, Boolean emailIsVerified, String name, String pictureUrl, String locale, String familyName, String givenName, String additionalinfo) { - this.id = id; - this.email = email; - this.emailIsVerified = emailIsVerified; - this.name = name; - this.pictureUrl = pictureUrl; - this.locale = locale; - this.familyName = familyName; - this.givenName = givenName; - this.additionalinfo = additionalinfo; + public String getIdentification() { + return identification; } - - - - public String getId() { - return id; - } - public void setId(String id) { - this.id = id; + + public void setIdentification(String identification) { + this.identification = identification; } + public String getEmail() { return email; } + public void setEmail(String email) { this.email = email; } - public boolean isEmailIsVerified() { - return emailIsVerified; + + public Short getAuthorization_level() { + return authorization_level; } - public void setEmailIsVerified(boolean emailIsVerified) { - this.emailIsVerified = emailIsVerified; + + public void setAuthorization_level(Short authorization_level) { + this.authorization_level = authorization_level; } + + public Short getUsertype() { + return usertype; + } + + public void setUsertype(Short usertype) { + this.usertype = usertype; + } + + public UserAuth getAuthentication() { + return authentication; + } + + public void setAuthentication(UserAuth authentication) { + this.authentication = authentication; + } + + public Boolean getVerified_email() { + return verified_email; + } + + public void setVerified_email(Boolean verified_email) { + this.verified_email = verified_email; + } + public String getName() { return name; } + public void setName(String name) { this.name = name; } - public String getPictureUrl() { - return pictureUrl; - } - public void setPictureUrl(String pictureUrl) { - this.pictureUrl = pictureUrl; - } - public String getLocale() { - return locale; - } - public void setLocale(String locale) { - this.locale = locale; - } - public String getFamilyName() { - return familyName; - } - public void setFamilyName(String familyName) { - this.familyName = familyName; - } - public String getGivenName() { - return givenName; - } - public void setGivenName(String givenName) { - this.givenName = givenName; - } - - - public Boolean getEmailIsVerified() { - return emailIsVerified; - } - - public void setEmailIsVerified(Boolean emailIsVerified) { - this.emailIsVerified = emailIsVerified; - } public String getAdditionalinfo() { return additionalinfo; @@ -137,15 +134,7 @@ public class UserInfo implements Serializable{ public void setAdditionalinfo(String additionalinfo) { this.additionalinfo = additionalinfo; } - - @Override - public String toString() { - return "UserInfo [id=" + id + ", email=" + email + ", emailIsVerified=" + emailIsVerified - + ", name=" + name + ", pictureUrl=" + pictureUrl + ", locale=" + locale + ", familyName=" + familyName - + ", givenName=" + givenName + ", additionalinfo=" + additionalinfo + "]"; - } - - + } diff --git a/dmp-backend/src/main/java/rest/login/Login.java b/dmp-backend/src/main/java/rest/login/Login.java new file mode 100644 index 000000000..4db8ae27a --- /dev/null +++ b/dmp-backend/src/main/java/rest/login/Login.java @@ -0,0 +1,70 @@ +package rest.login; + +import java.io.Serializable; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.http.HttpStatus; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.CrossOrigin; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; +import org.springframework.web.bind.annotation.ResponseBody; +import org.springframework.web.bind.annotation.RestController; + +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.databind.ObjectMapper; + +import dao.entities.DataRepositoryDao; +import dao.entities.security.UserAuthDao; +import dao.entities.security.UserInfoDao; + + +@RestController +@CrossOrigin +public class Login { + + + @Autowired private UserInfoDao userInfoDao; + @Autowired private UserAuthDao userAuthDao; + + + private ObjectMapper objectMapper = new ObjectMapper(); + + + @RequestMapping(method = RequestMethod.POST, value = { "/nativeLogin" }, consumes = "application/json", produces="text/plain") + public @ResponseBody ResponseEntity nativeLogin(@RequestBody Credentials credentials) { + + + System.out.println(userAuthDao.getPasswordHashOfUser("admin")); + + + + return ResponseEntity.status(HttpStatus.OK).body("OUR-GENERATED-TOKEN"); + + } + + +} + +class Credentials implements Serializable{ + + private static final long serialVersionUID = 3519634756673886633L; + + private String username; + private String password; + + public String getUsername() { + return username; + } + public void setUsername(String username) { + this.username = username; + } + public String getPassword() { + return password; + } + public void setPassword(String password) { + this.password = password; + } + +} diff --git a/dmp-backend/src/main/java/rest/Proxy.java b/dmp-backend/src/main/java/rest/proxy/Proxy.java similarity index 99% rename from dmp-backend/src/main/java/rest/Proxy.java rename to dmp-backend/src/main/java/rest/proxy/Proxy.java index a8e480d93..4678ee955 100644 --- a/dmp-backend/src/main/java/rest/Proxy.java +++ b/dmp-backend/src/main/java/rest/proxy/Proxy.java @@ -1,4 +1,4 @@ -package rest; +package rest.proxy; import java.io.BufferedReader; import java.io.IOException; diff --git a/dmp-backend/src/main/java/security/TokenAuthenticationFilter.java b/dmp-backend/src/main/java/security/TokenAuthenticationFilter.java index 24c7099eb..dd69e94c6 100644 --- a/dmp-backend/src/main/java/security/TokenAuthenticationFilter.java +++ b/dmp-backend/src/main/java/security/TokenAuthenticationFilter.java @@ -15,22 +15,29 @@ import org.springframework.web.filter.GenericFilterBean; public class TokenAuthenticationFilter extends GenericFilterBean { - private static final String HEADER_TOKEN_FIELD = "oauth2-token"; - + private static final String HEADER_NATIVE_TOKEN_FIELD = "native-token"; + private static final String HEADER_GOOGLE_TOKEN_FIELD = "google-token"; @Override public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain) throws IOException, ServletException { final HttpServletRequest httpRequest = (HttpServletRequest) request; - String accessToken = httpRequest.getHeader(HEADER_TOKEN_FIELD); - if(accessToken==null) accessToken = ""; + String nativeToken = httpRequest.getHeader(HEADER_NATIVE_TOKEN_FIELD); + String googleToken = httpRequest.getHeader(HEADER_GOOGLE_TOKEN_FIELD); + //just pass the token into the credentials object of the UsernamePasswordAuthenticationToken class - final UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken("google-user", accessToken); - SecurityContextHolder.getContext().setAuthentication(authentication); - /* - */ - chain.doFilter(request, response); + UsernamePasswordAuthenticationToken authentication = null; + if(nativeToken != null) + authentication = new UsernamePasswordAuthenticationToken("native-user", nativeToken); + if(googleToken != null) + authentication = new UsernamePasswordAuthenticationToken("google-user", nativeToken); + + if(authentication != null) { + SecurityContextHolder.getContext().setAuthentication(authentication); + chain.doFilter(request, response); + } + } } diff --git a/dmp-backend/src/main/java/security/GoogleTokenValidator.java b/dmp-backend/src/main/java/security/validators/GoogleTokenValidator.java similarity index 84% rename from dmp-backend/src/main/java/security/GoogleTokenValidator.java rename to dmp-backend/src/main/java/security/validators/GoogleTokenValidator.java index 8e133d93c..23fecaf41 100644 --- a/dmp-backend/src/main/java/security/GoogleTokenValidator.java +++ b/dmp-backend/src/main/java/security/validators/GoogleTokenValidator.java @@ -1,4 +1,4 @@ -package security; +package security.validators; import java.io.IOException; import java.security.GeneralSecurityException; @@ -54,14 +54,14 @@ public class GoogleTokenValidator { if (idToken != null) { Payload payload = idToken.getPayload(); - UserInfo userInfo = new UserInfo(payload.getSubject(), payload.getEmail(), - payload.getEmailVerified(), (String)payload.get("name"), (String)payload.get("picture"), - (String)payload.get("locale"), (String)payload.get("family_name"), (String)payload.get("given_name"), ""); - +// UserInfo userInfo = new UserInfo(payload.getSubject(), payload.getEmail(), +// payload.getEmailVerified(), (String)payload.get("name"), (String)payload.get("picture"), +// (String)payload.get("locale"), (String)payload.get("family_name"), (String)payload.get("given_name"), ""); // System.out.println(userInfo.toString()); +// return userInfo; + + return null; - return userInfo; - } else { throw new NonValidTokenException("Not a valid token"); } diff --git a/dmp-backend/src/main/webapp/WEB-INF/applicationContext.xml b/dmp-backend/src/main/webapp/WEB-INF/applicationContext.xml index 40ada7523..a8333cb5b 100644 --- a/dmp-backend/src/main/webapp/WEB-INF/applicationContext.xml +++ b/dmp-backend/src/main/webapp/WEB-INF/applicationContext.xml @@ -25,7 +25,7 @@ - + @@ -95,6 +95,7 @@ + diff --git a/dmp-backend/src/main/webapp/WEB-INF/dmp-backend-rest-servlet.xml b/dmp-backend/src/main/webapp/WEB-INF/dmp-backend-rest-servlet.xml index 8c473efe2..1b2b28672 100644 --- a/dmp-backend/src/main/webapp/WEB-INF/dmp-backend-rest-servlet.xml +++ b/dmp-backend/src/main/webapp/WEB-INF/dmp-backend-rest-servlet.xml @@ -16,7 +16,7 @@ - +