Implementing the security.
This commit is contained in:
parent
c795b030ee
commit
2c4c37c5b4
|
@ -0,0 +1,14 @@
|
|||
package dao.entities.security;
|
||||
|
||||
import java.util.UUID;
|
||||
|
||||
import dao.Dao;
|
||||
import entities.security.UserAuth;
|
||||
|
||||
public interface UserAuthDao extends Dao<UserAuth, UUID> {
|
||||
|
||||
|
||||
public String getPasswordHashOfUser(String username);
|
||||
|
||||
|
||||
}
|
|
@ -0,0 +1,30 @@
|
|||
package dao.entities.security;
|
||||
|
||||
import java.util.UUID;
|
||||
|
||||
import javax.persistence.TypedQuery;
|
||||
|
||||
import dao.JpaDao;
|
||||
import entities.security.UserAuth;
|
||||
|
||||
public class UserAuthDaoImpl extends JpaDao<UserAuth, UUID> implements UserAuthDao {
|
||||
|
||||
@Override
|
||||
public UserAuth loadDetails(UserAuth t) {
|
||||
// TODO Auto-generated method stub
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
public String getPasswordHashOfUser(String username) {
|
||||
|
||||
String queryString = "SELECT userAuth.password FROM UserAuth userAuth where userAuth.username = :username";
|
||||
TypedQuery<String> typedQuery = entityManager.createQuery(queryString, String.class);
|
||||
typedQuery.setParameter("username", username);
|
||||
return typedQuery.getSingleResult();
|
||||
|
||||
}
|
||||
|
||||
|
||||
}
|
|
@ -0,0 +1,57 @@
|
|||
package entities.security;
|
||||
|
||||
import java.util.UUID;
|
||||
|
||||
import javax.persistence.Column;
|
||||
import javax.persistence.Entity;
|
||||
import javax.persistence.GeneratedValue;
|
||||
import javax.persistence.Id;
|
||||
import javax.persistence.Table;
|
||||
|
||||
import org.hibernate.annotations.GenericGenerator;
|
||||
|
||||
@Entity
|
||||
@Table(name="\"UserAuth\"")
|
||||
public class UserAuth {
|
||||
|
||||
@Id
|
||||
@GeneratedValue
|
||||
@GenericGenerator(name = "uuid2", strategy = "uuid2")
|
||||
@Column(name = "id", updatable = false, nullable = false, columnDefinition = "BINARY(16)")
|
||||
private UUID id;
|
||||
|
||||
@Column(name = "username", nullable = false)
|
||||
private String username;
|
||||
|
||||
@Column(name = "password", nullable = false)
|
||||
private String password; //hash-encoded password
|
||||
|
||||
|
||||
|
||||
public UUID getId() {
|
||||
return id;
|
||||
}
|
||||
|
||||
public void setId(UUID id) {
|
||||
this.id = id;
|
||||
}
|
||||
|
||||
public String getUsername() {
|
||||
return username;
|
||||
}
|
||||
|
||||
public void setUsername(String username) {
|
||||
this.username = username;
|
||||
}
|
||||
|
||||
public String getPassword() {
|
||||
return password;
|
||||
}
|
||||
|
||||
public void setPassword(String password) {
|
||||
this.password = password;
|
||||
}
|
||||
|
||||
|
||||
|
||||
}
|
|
@ -1,13 +1,19 @@
|
|||
package entities.security;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.Date;
|
||||
import java.util.UUID;
|
||||
|
||||
import javax.persistence.Column;
|
||||
import javax.persistence.Entity;
|
||||
import javax.persistence.FetchType;
|
||||
import javax.persistence.GeneratedValue;
|
||||
import javax.persistence.Id;
|
||||
import javax.persistence.JoinColumn;
|
||||
import javax.persistence.OneToOne;
|
||||
import javax.persistence.Table;
|
||||
import javax.persistence.Temporal;
|
||||
import javax.persistence.TemporalType;
|
||||
|
||||
import org.hibernate.annotations.GenericGenerator;
|
||||
import org.hibernate.annotations.Type;
|
||||
|
@ -29,106 +35,97 @@ public class UserInfo implements Serializable{
|
|||
@Column(name = "autoid", updatable = false, nullable = false, columnDefinition = "BINARY(16)")
|
||||
private UUID autoid;
|
||||
|
||||
//required
|
||||
@Column(name = "id")
|
||||
String id = null;
|
||||
@Column(name = "email")
|
||||
String email = null;
|
||||
|
||||
//non required
|
||||
@Column(name = "\"emailIsVerified\"", nullable = true)
|
||||
Boolean emailIsVerified = null;
|
||||
@Column(name = "identification", nullable = false)
|
||||
private String identification = null;
|
||||
|
||||
@Column(name = "email", nullable = false)
|
||||
private String email = null;
|
||||
|
||||
@Column(name = "authorization_level", nullable = false)
|
||||
private Short authorization_level; //0 admin, 1 user
|
||||
|
||||
@Column(name = "usertype", nullable = false)
|
||||
private Short usertype; // 0 internal, 1 external
|
||||
|
||||
@OneToOne(fetch = FetchType.LAZY)
|
||||
@JoinColumn(name = "authentication", nullable = true)
|
||||
private UserAuth authentication;
|
||||
|
||||
@Column(name = "verified_email", nullable = true)
|
||||
private Boolean verified_email = null;
|
||||
|
||||
@Column(name = "name", nullable = true)
|
||||
String name = null;
|
||||
@Column(name = "\"pictureUrl\"", nullable = true)
|
||||
String pictureUrl = null;
|
||||
@Column(name = "locale", nullable = true)
|
||||
String locale = null;
|
||||
@Column(name = "\"familyName\"", nullable = true)
|
||||
String familyName = null;
|
||||
@Column(name = "\"givenName\"", nullable = true)
|
||||
String givenName = null;
|
||||
private String name = null;
|
||||
|
||||
|
||||
@Column(name = "created", nullable = false)
|
||||
private Date created = null;
|
||||
|
||||
|
||||
@Column(name = "lastloggedin", nullable = true)
|
||||
private Date lastloggedin = null;
|
||||
|
||||
|
||||
@Type(type="typedefinition.XMLType")
|
||||
@Column(name = "additionalinfo", columnDefinition = "xml", nullable = true)
|
||||
private String additionalinfo;
|
||||
|
||||
|
||||
|
||||
public UserInfo () {}
|
||||
|
||||
public UserInfo(String id, String email, Boolean emailIsVerified, String name, String pictureUrl, String locale, String familyName, String givenName, String additionalinfo) {
|
||||
this.id = id;
|
||||
this.email = email;
|
||||
this.emailIsVerified = emailIsVerified;
|
||||
this.name = name;
|
||||
this.pictureUrl = pictureUrl;
|
||||
this.locale = locale;
|
||||
this.familyName = familyName;
|
||||
this.givenName = givenName;
|
||||
this.additionalinfo = additionalinfo;
|
||||
public String getIdentification() {
|
||||
return identification;
|
||||
}
|
||||
|
||||
|
||||
|
||||
public String getId() {
|
||||
return id;
|
||||
}
|
||||
public void setId(String id) {
|
||||
this.id = id;
|
||||
public void setIdentification(String identification) {
|
||||
this.identification = identification;
|
||||
}
|
||||
|
||||
public String getEmail() {
|
||||
return email;
|
||||
}
|
||||
|
||||
public void setEmail(String email) {
|
||||
this.email = email;
|
||||
}
|
||||
public boolean isEmailIsVerified() {
|
||||
return emailIsVerified;
|
||||
|
||||
public Short getAuthorization_level() {
|
||||
return authorization_level;
|
||||
}
|
||||
public void setEmailIsVerified(boolean emailIsVerified) {
|
||||
this.emailIsVerified = emailIsVerified;
|
||||
|
||||
public void setAuthorization_level(Short authorization_level) {
|
||||
this.authorization_level = authorization_level;
|
||||
}
|
||||
|
||||
public Short getUsertype() {
|
||||
return usertype;
|
||||
}
|
||||
|
||||
public void setUsertype(Short usertype) {
|
||||
this.usertype = usertype;
|
||||
}
|
||||
|
||||
public UserAuth getAuthentication() {
|
||||
return authentication;
|
||||
}
|
||||
|
||||
public void setAuthentication(UserAuth authentication) {
|
||||
this.authentication = authentication;
|
||||
}
|
||||
|
||||
public Boolean getVerified_email() {
|
||||
return verified_email;
|
||||
}
|
||||
|
||||
public void setVerified_email(Boolean verified_email) {
|
||||
this.verified_email = verified_email;
|
||||
}
|
||||
|
||||
public String getName() {
|
||||
return name;
|
||||
}
|
||||
|
||||
public void setName(String name) {
|
||||
this.name = name;
|
||||
}
|
||||
public String getPictureUrl() {
|
||||
return pictureUrl;
|
||||
}
|
||||
public void setPictureUrl(String pictureUrl) {
|
||||
this.pictureUrl = pictureUrl;
|
||||
}
|
||||
public String getLocale() {
|
||||
return locale;
|
||||
}
|
||||
public void setLocale(String locale) {
|
||||
this.locale = locale;
|
||||
}
|
||||
public String getFamilyName() {
|
||||
return familyName;
|
||||
}
|
||||
public void setFamilyName(String familyName) {
|
||||
this.familyName = familyName;
|
||||
}
|
||||
public String getGivenName() {
|
||||
return givenName;
|
||||
}
|
||||
public void setGivenName(String givenName) {
|
||||
this.givenName = givenName;
|
||||
}
|
||||
|
||||
|
||||
public Boolean getEmailIsVerified() {
|
||||
return emailIsVerified;
|
||||
}
|
||||
|
||||
public void setEmailIsVerified(Boolean emailIsVerified) {
|
||||
this.emailIsVerified = emailIsVerified;
|
||||
}
|
||||
|
||||
public String getAdditionalinfo() {
|
||||
return additionalinfo;
|
||||
|
@ -138,14 +135,6 @@ public class UserInfo implements Serializable{
|
|||
this.additionalinfo = additionalinfo;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String toString() {
|
||||
return "UserInfo [id=" + id + ", email=" + email + ", emailIsVerified=" + emailIsVerified
|
||||
+ ", name=" + name + ", pictureUrl=" + pictureUrl + ", locale=" + locale + ", familyName=" + familyName
|
||||
+ ", givenName=" + givenName + ", additionalinfo=" + additionalinfo + "]";
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
|
|
@ -0,0 +1,70 @@
|
|||
package rest.login;
|
||||
|
||||
import java.io.Serializable;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.web.bind.annotation.CrossOrigin;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
import org.springframework.web.bind.annotation.ResponseBody;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
import com.fasterxml.jackson.core.JsonProcessingException;
|
||||
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||
|
||||
import dao.entities.DataRepositoryDao;
|
||||
import dao.entities.security.UserAuthDao;
|
||||
import dao.entities.security.UserInfoDao;
|
||||
|
||||
|
||||
@RestController
|
||||
@CrossOrigin
|
||||
public class Login {
|
||||
|
||||
|
||||
@Autowired private UserInfoDao userInfoDao;
|
||||
@Autowired private UserAuthDao userAuthDao;
|
||||
|
||||
|
||||
private ObjectMapper objectMapper = new ObjectMapper();
|
||||
|
||||
|
||||
@RequestMapping(method = RequestMethod.POST, value = { "/nativeLogin" }, consumes = "application/json", produces="text/plain")
|
||||
public @ResponseBody ResponseEntity<String> nativeLogin(@RequestBody Credentials credentials) {
|
||||
|
||||
|
||||
System.out.println(userAuthDao.getPasswordHashOfUser("admin"));
|
||||
|
||||
|
||||
|
||||
return ResponseEntity.status(HttpStatus.OK).body("OUR-GENERATED-TOKEN");
|
||||
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
class Credentials implements Serializable{
|
||||
|
||||
private static final long serialVersionUID = 3519634756673886633L;
|
||||
|
||||
private String username;
|
||||
private String password;
|
||||
|
||||
public String getUsername() {
|
||||
return username;
|
||||
}
|
||||
public void setUsername(String username) {
|
||||
this.username = username;
|
||||
}
|
||||
public String getPassword() {
|
||||
return password;
|
||||
}
|
||||
public void setPassword(String password) {
|
||||
this.password = password;
|
||||
}
|
||||
|
||||
}
|
|
@ -1,4 +1,4 @@
|
|||
package rest;
|
||||
package rest.proxy;
|
||||
|
||||
import java.io.BufferedReader;
|
||||
import java.io.IOException;
|
|
@ -15,22 +15,29 @@ import org.springframework.web.filter.GenericFilterBean;
|
|||
|
||||
public class TokenAuthenticationFilter extends GenericFilterBean {
|
||||
|
||||
private static final String HEADER_TOKEN_FIELD = "oauth2-token";
|
||||
|
||||
private static final String HEADER_NATIVE_TOKEN_FIELD = "native-token";
|
||||
private static final String HEADER_GOOGLE_TOKEN_FIELD = "google-token";
|
||||
|
||||
@Override
|
||||
public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain) throws IOException, ServletException {
|
||||
|
||||
final HttpServletRequest httpRequest = (HttpServletRequest) request;
|
||||
|
||||
String accessToken = httpRequest.getHeader(HEADER_TOKEN_FIELD);
|
||||
if(accessToken==null) accessToken = "";
|
||||
String nativeToken = httpRequest.getHeader(HEADER_NATIVE_TOKEN_FIELD);
|
||||
String googleToken = httpRequest.getHeader(HEADER_GOOGLE_TOKEN_FIELD);
|
||||
|
||||
//just pass the token into the credentials object of the UsernamePasswordAuthenticationToken class
|
||||
final UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken("google-user", accessToken);
|
||||
SecurityContextHolder.getContext().setAuthentication(authentication);
|
||||
/*
|
||||
*/
|
||||
chain.doFilter(request, response);
|
||||
UsernamePasswordAuthenticationToken authentication = null;
|
||||
if(nativeToken != null)
|
||||
authentication = new UsernamePasswordAuthenticationToken("native-user", nativeToken);
|
||||
if(googleToken != null)
|
||||
authentication = new UsernamePasswordAuthenticationToken("google-user", nativeToken);
|
||||
|
||||
if(authentication != null) {
|
||||
SecurityContextHolder.getContext().setAuthentication(authentication);
|
||||
chain.doFilter(request, response);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
package security;
|
||||
package security.validators;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.security.GeneralSecurityException;
|
||||
|
@ -54,13 +54,13 @@ public class GoogleTokenValidator {
|
|||
if (idToken != null) {
|
||||
Payload payload = idToken.getPayload();
|
||||
|
||||
UserInfo userInfo = new UserInfo(payload.getSubject(), payload.getEmail(),
|
||||
payload.getEmailVerified(), (String)payload.get("name"), (String)payload.get("picture"),
|
||||
(String)payload.get("locale"), (String)payload.get("family_name"), (String)payload.get("given_name"), "");
|
||||
|
||||
// UserInfo userInfo = new UserInfo(payload.getSubject(), payload.getEmail(),
|
||||
// payload.getEmailVerified(), (String)payload.get("name"), (String)payload.get("picture"),
|
||||
// (String)payload.get("locale"), (String)payload.get("family_name"), (String)payload.get("given_name"), "");
|
||||
// System.out.println(userInfo.toString());
|
||||
// return userInfo;
|
||||
|
||||
return userInfo;
|
||||
return null;
|
||||
|
||||
} else {
|
||||
throw new NonValidTokenException("Not a valid token");
|
|
@ -25,7 +25,7 @@
|
|||
</bean>
|
||||
|
||||
|
||||
<bean id="proxy" class="rest.Proxy">
|
||||
<bean id="proxy" class="rest.proxy.Proxy">
|
||||
<constructor-arg type = "String" value = "${proxy.allowed.host}"/>
|
||||
</bean>
|
||||
|
||||
|
@ -95,6 +95,7 @@
|
|||
<bean id="researcherDao" class="dao.entities.ResearcherDaoImpl" />
|
||||
<bean id="serviceDao" class="dao.entities.ServiceDaoImpl" />
|
||||
<bean id="userInfoDao" class="dao.entities.security.UserInfoDaoImpl" />
|
||||
<bean id="userAuthDao" class="dao.entities.security.UserAuthDaoImpl" />
|
||||
|
||||
|
||||
<context:annotation-config />
|
||||
|
|
|
@ -16,7 +16,7 @@
|
|||
<mvc:annotation-driven />
|
||||
<context:component-scan base-package="rest" />
|
||||
|
||||
<bean id="proxy" class="rest.Proxy">
|
||||
<bean id="proxy" class="rest.proxy.Proxy">
|
||||
<constructor-arg type = "String" value = "${proxy.allowed.host}"/>
|
||||
</bean>
|
||||
|
||||
|
|
Loading…
Reference in New Issue