@Transactional
public AccessKey create(@NotNull User user, @NotNull AccessKey accessKey) {
if (accessKey.getLabel() == null) {
throw new IllegalParametersException(Messages.LABEL_IS_REQUIRED);
}
Optional<AccessKey> akOpt =
genericDAO
.createNamedQuery(
AccessKey.class, "AccessKey.getByUserAndLabel", Optional.<CacheConfig>empty())
.setParameter("userId", user.getId())
.setParameter("label", accessKey.getLabel())
.getResultList()
.stream()
.findFirst();
if (akOpt.isPresent()) {
logger.error("Access key with label {} already exists", accessKey.getLabel());
throw new ActionNotAllowedException(Messages.DUPLICATE_LABEL_FOUND);
}
if (accessKey.getId() != null) {
logger.error("Access key id shouldn't be present in request parameters");
throw new IllegalParametersException(Messages.INVALID_REQUEST_PARAMETERS);
}
authenticationUtils.validateActions(accessKey);
AccessKeyProcessor keyProcessor = new AccessKeyProcessor();
String key = keyProcessor.generateKey();
accessKey.setKey(key);
accessKey.setUser(user);
genericDAO.persist(accessKey);
for (AccessKeyPermission current : accessKey.getPermissions()) {
AccessKeyPermission permission = preparePermission(current);
permission.setAccessKey(accessKey);
genericDAO.persist(permission);
}
return genericDAO.find(AccessKey.class, accessKey.getId());
}
@Transactional
public AccessKey createAccessKeyFromOAuthGrant(OAuthGrant grant, User user, Date now) {
AccessKey newKey = new AccessKey();
newKey.setType(AccessKeyType.OAUTH);
if (grant.getAccessType().equals(AccessType.ONLINE)) {
Date expirationDate = new Date(now.getTime() + 600000); // the key is valid for 10 minutes
newKey.setExpirationDate(expirationDate);
}
newKey.setUser(user);
newKey.setLabel(
String.format(
Messages.OAUTH_GRANT_TOKEN_LABEL,
grant.getClient().getName(),
System.currentTimeMillis()));
Set<AccessKeyPermission> permissions = new HashSet<>();
AccessKeyPermission permission = new AccessKeyPermission();
permission.setDomainArray(grant.getClient().getDomain());
permission.setActionsArray(StringUtils.split(grant.getScope(), ' '));
permission.setSubnetsArray(grant.getClient().getSubnet());
permission.setNetworkIds(grant.getNetworkIds());
permissions.add(permission);
newKey.setPermissions(permissions);
create(user, newKey);
return newKey;
}