Implementing the security.

This commit is contained in:
Nikolaos Laskaris 2017-10-12 18:41:20 +03:00
parent c795b030ee
commit 2c4c37c5b4
10 changed files with 272 additions and 104 deletions

View File

@ -0,0 +1,14 @@
package dao.entities.security;
import java.util.UUID;
import dao.Dao;
import entities.security.UserAuth;
public interface UserAuthDao extends Dao<UserAuth, UUID> {
public String getPasswordHashOfUser(String username);
}

View File

@ -0,0 +1,30 @@
package dao.entities.security;
import java.util.UUID;
import javax.persistence.TypedQuery;
import dao.JpaDao;
import entities.security.UserAuth;
public class UserAuthDaoImpl extends JpaDao<UserAuth, UUID> implements UserAuthDao {
@Override
public UserAuth loadDetails(UserAuth t) {
// TODO Auto-generated method stub
return null;
}
@Override
public String getPasswordHashOfUser(String username) {
String queryString = "SELECT userAuth.password FROM UserAuth userAuth where userAuth.username = :username";
TypedQuery<String> typedQuery = entityManager.createQuery(queryString, String.class);
typedQuery.setParameter("username", username);
return typedQuery.getSingleResult();
}
}

View File

@ -0,0 +1,57 @@
package entities.security;
import java.util.UUID;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.GeneratedValue;
import javax.persistence.Id;
import javax.persistence.Table;
import org.hibernate.annotations.GenericGenerator;
@Entity
@Table(name="\"UserAuth\"")
public class UserAuth {
@Id
@GeneratedValue
@GenericGenerator(name = "uuid2", strategy = "uuid2")
@Column(name = "id", updatable = false, nullable = false, columnDefinition = "BINARY(16)")
private UUID id;
@Column(name = "username", nullable = false)
private String username;
@Column(name = "password", nullable = false)
private String password; //hash-encoded password
public UUID getId() {
return id;
}
public void setId(UUID id) {
this.id = id;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
}

View File

@ -1,13 +1,19 @@
package entities.security; package entities.security;
import java.io.Serializable; import java.io.Serializable;
import java.util.Date;
import java.util.UUID; import java.util.UUID;
import javax.persistence.Column; import javax.persistence.Column;
import javax.persistence.Entity; import javax.persistence.Entity;
import javax.persistence.FetchType;
import javax.persistence.GeneratedValue; import javax.persistence.GeneratedValue;
import javax.persistence.Id; import javax.persistence.Id;
import javax.persistence.JoinColumn;
import javax.persistence.OneToOne;
import javax.persistence.Table; import javax.persistence.Table;
import javax.persistence.Temporal;
import javax.persistence.TemporalType;
import org.hibernate.annotations.GenericGenerator; import org.hibernate.annotations.GenericGenerator;
import org.hibernate.annotations.Type; import org.hibernate.annotations.Type;
@ -29,106 +35,97 @@ public class UserInfo implements Serializable{
@Column(name = "autoid", updatable = false, nullable = false, columnDefinition = "BINARY(16)") @Column(name = "autoid", updatable = false, nullable = false, columnDefinition = "BINARY(16)")
private UUID autoid; private UUID autoid;
//required
@Column(name = "id")
String id = null;
@Column(name = "email")
String email = null;
//non required @Column(name = "identification", nullable = false)
@Column(name = "\"emailIsVerified\"", nullable = true) private String identification = null;
Boolean emailIsVerified = null;
@Column(name = "email", nullable = false)
private String email = null;
@Column(name = "authorization_level", nullable = false)
private Short authorization_level; //0 admin, 1 user
@Column(name = "usertype", nullable = false)
private Short usertype; // 0 internal, 1 external
@OneToOne(fetch = FetchType.LAZY)
@JoinColumn(name = "authentication", nullable = true)
private UserAuth authentication;
@Column(name = "verified_email", nullable = true)
private Boolean verified_email = null;
@Column(name = "name", nullable = true) @Column(name = "name", nullable = true)
String name = null; private String name = null;
@Column(name = "\"pictureUrl\"", nullable = true)
String pictureUrl = null;
@Column(name = "locale", nullable = true)
String locale = null;
@Column(name = "\"familyName\"", nullable = true)
String familyName = null;
@Column(name = "\"givenName\"", nullable = true)
String givenName = null;
@Column(name = "created", nullable = false)
private Date created = null;
@Column(name = "lastloggedin", nullable = true)
private Date lastloggedin = null;
@Type(type="typedefinition.XMLType") @Type(type="typedefinition.XMLType")
@Column(name = "additionalinfo", columnDefinition = "xml", nullable = true) @Column(name = "additionalinfo", columnDefinition = "xml", nullable = true)
private String additionalinfo; private String additionalinfo;
public String getIdentification() {
public UserInfo () {} return identification;
public UserInfo(String id, String email, Boolean emailIsVerified, String name, String pictureUrl, String locale, String familyName, String givenName, String additionalinfo) {
this.id = id;
this.email = email;
this.emailIsVerified = emailIsVerified;
this.name = name;
this.pictureUrl = pictureUrl;
this.locale = locale;
this.familyName = familyName;
this.givenName = givenName;
this.additionalinfo = additionalinfo;
} }
public void setIdentification(String identification) {
this.identification = identification;
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
} }
public String getEmail() { public String getEmail() {
return email; return email;
} }
public void setEmail(String email) { public void setEmail(String email) {
this.email = email; this.email = email;
} }
public boolean isEmailIsVerified() {
return emailIsVerified; public Short getAuthorization_level() {
return authorization_level;
} }
public void setEmailIsVerified(boolean emailIsVerified) {
this.emailIsVerified = emailIsVerified; public void setAuthorization_level(Short authorization_level) {
this.authorization_level = authorization_level;
} }
public Short getUsertype() {
return usertype;
}
public void setUsertype(Short usertype) {
this.usertype = usertype;
}
public UserAuth getAuthentication() {
return authentication;
}
public void setAuthentication(UserAuth authentication) {
this.authentication = authentication;
}
public Boolean getVerified_email() {
return verified_email;
}
public void setVerified_email(Boolean verified_email) {
this.verified_email = verified_email;
}
public String getName() { public String getName() {
return name; return name;
} }
public void setName(String name) { public void setName(String name) {
this.name = name; this.name = name;
} }
public String getPictureUrl() {
return pictureUrl;
}
public void setPictureUrl(String pictureUrl) {
this.pictureUrl = pictureUrl;
}
public String getLocale() {
return locale;
}
public void setLocale(String locale) {
this.locale = locale;
}
public String getFamilyName() {
return familyName;
}
public void setFamilyName(String familyName) {
this.familyName = familyName;
}
public String getGivenName() {
return givenName;
}
public void setGivenName(String givenName) {
this.givenName = givenName;
}
public Boolean getEmailIsVerified() {
return emailIsVerified;
}
public void setEmailIsVerified(Boolean emailIsVerified) {
this.emailIsVerified = emailIsVerified;
}
public String getAdditionalinfo() { public String getAdditionalinfo() {
return additionalinfo; return additionalinfo;
@ -137,15 +134,7 @@ public class UserInfo implements Serializable{
public void setAdditionalinfo(String additionalinfo) { public void setAdditionalinfo(String additionalinfo) {
this.additionalinfo = additionalinfo; this.additionalinfo = additionalinfo;
} }
@Override
public String toString() {
return "UserInfo [id=" + id + ", email=" + email + ", emailIsVerified=" + emailIsVerified
+ ", name=" + name + ", pictureUrl=" + pictureUrl + ", locale=" + locale + ", familyName=" + familyName
+ ", givenName=" + givenName + ", additionalinfo=" + additionalinfo + "]";
}
} }

View File

@ -0,0 +1,70 @@
package rest.login;
import java.io.Serializable;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import dao.entities.DataRepositoryDao;
import dao.entities.security.UserAuthDao;
import dao.entities.security.UserInfoDao;
@RestController
@CrossOrigin
public class Login {
@Autowired private UserInfoDao userInfoDao;
@Autowired private UserAuthDao userAuthDao;
private ObjectMapper objectMapper = new ObjectMapper();
@RequestMapping(method = RequestMethod.POST, value = { "/nativeLogin" }, consumes = "application/json", produces="text/plain")
public @ResponseBody ResponseEntity<String> nativeLogin(@RequestBody Credentials credentials) {
System.out.println(userAuthDao.getPasswordHashOfUser("admin"));
return ResponseEntity.status(HttpStatus.OK).body("OUR-GENERATED-TOKEN");
}
}
class Credentials implements Serializable{
private static final long serialVersionUID = 3519634756673886633L;
private String username;
private String password;
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
}

View File

@ -1,4 +1,4 @@
package rest; package rest.proxy;
import java.io.BufferedReader; import java.io.BufferedReader;
import java.io.IOException; import java.io.IOException;

View File

@ -15,22 +15,29 @@ import org.springframework.web.filter.GenericFilterBean;
public class TokenAuthenticationFilter extends GenericFilterBean { public class TokenAuthenticationFilter extends GenericFilterBean {
private static final String HEADER_TOKEN_FIELD = "oauth2-token"; private static final String HEADER_NATIVE_TOKEN_FIELD = "native-token";
private static final String HEADER_GOOGLE_TOKEN_FIELD = "google-token";
@Override @Override
public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain) throws IOException, ServletException { public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain) throws IOException, ServletException {
final HttpServletRequest httpRequest = (HttpServletRequest) request; final HttpServletRequest httpRequest = (HttpServletRequest) request;
String accessToken = httpRequest.getHeader(HEADER_TOKEN_FIELD); String nativeToken = httpRequest.getHeader(HEADER_NATIVE_TOKEN_FIELD);
if(accessToken==null) accessToken = ""; String googleToken = httpRequest.getHeader(HEADER_GOOGLE_TOKEN_FIELD);
//just pass the token into the credentials object of the UsernamePasswordAuthenticationToken class //just pass the token into the credentials object of the UsernamePasswordAuthenticationToken class
final UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken("google-user", accessToken); UsernamePasswordAuthenticationToken authentication = null;
SecurityContextHolder.getContext().setAuthentication(authentication); if(nativeToken != null)
/* authentication = new UsernamePasswordAuthenticationToken("native-user", nativeToken);
*/ if(googleToken != null)
chain.doFilter(request, response); authentication = new UsernamePasswordAuthenticationToken("google-user", nativeToken);
if(authentication != null) {
SecurityContextHolder.getContext().setAuthentication(authentication);
chain.doFilter(request, response);
}
} }
} }

View File

@ -1,4 +1,4 @@
package security; package security.validators;
import java.io.IOException; import java.io.IOException;
import java.security.GeneralSecurityException; import java.security.GeneralSecurityException;
@ -54,14 +54,14 @@ public class GoogleTokenValidator {
if (idToken != null) { if (idToken != null) {
Payload payload = idToken.getPayload(); Payload payload = idToken.getPayload();
UserInfo userInfo = new UserInfo(payload.getSubject(), payload.getEmail(), // UserInfo userInfo = new UserInfo(payload.getSubject(), payload.getEmail(),
payload.getEmailVerified(), (String)payload.get("name"), (String)payload.get("picture"), // payload.getEmailVerified(), (String)payload.get("name"), (String)payload.get("picture"),
(String)payload.get("locale"), (String)payload.get("family_name"), (String)payload.get("given_name"), ""); // (String)payload.get("locale"), (String)payload.get("family_name"), (String)payload.get("given_name"), "");
// System.out.println(userInfo.toString()); // System.out.println(userInfo.toString());
// return userInfo;
return null;
return userInfo;
} else { } else {
throw new NonValidTokenException("Not a valid token"); throw new NonValidTokenException("Not a valid token");
} }

View File

@ -25,7 +25,7 @@
</bean> </bean>
<bean id="proxy" class="rest.Proxy"> <bean id="proxy" class="rest.proxy.Proxy">
<constructor-arg type = "String" value = "${proxy.allowed.host}"/> <constructor-arg type = "String" value = "${proxy.allowed.host}"/>
</bean> </bean>
@ -95,6 +95,7 @@
<bean id="researcherDao" class="dao.entities.ResearcherDaoImpl" /> <bean id="researcherDao" class="dao.entities.ResearcherDaoImpl" />
<bean id="serviceDao" class="dao.entities.ServiceDaoImpl" /> <bean id="serviceDao" class="dao.entities.ServiceDaoImpl" />
<bean id="userInfoDao" class="dao.entities.security.UserInfoDaoImpl" /> <bean id="userInfoDao" class="dao.entities.security.UserInfoDaoImpl" />
<bean id="userAuthDao" class="dao.entities.security.UserAuthDaoImpl" />
<context:annotation-config /> <context:annotation-config />

View File

@ -16,7 +16,7 @@
<mvc:annotation-driven /> <mvc:annotation-driven />
<context:component-scan base-package="rest" /> <context:component-scan base-package="rest" />
<bean id="proxy" class="rest.Proxy"> <bean id="proxy" class="rest.proxy.Proxy">
<constructor-arg type = "String" value = "${proxy.allowed.host}"/> <constructor-arg type = "String" value = "${proxy.allowed.host}"/>
</bean> </bean>