@GET
  @Produces(MediaType.APPLICATION_JSON)
  @Path("/binary/read/{id}")
  @Override
  public Record getWithBinaryBy(@PathParam("id") long id) {
    this.LOGGER.info("getWithBinaryBy()");

    final Record record = this.recordService.getById(id);
    final String filePath = record.getPath().concat(record.getName());

    this.LOGGER.info("filePath: " + filePath);

    final File file = new File(filePath);
    this.LOGGER.info("" + file.exists());

    if (file.exists()) {
      try {
        byte[] fileBuffer = Files.toByteArray(file);

        record.setBinary(new String(Base64.encode(fileBuffer), "UTF-8"));

        return record;
      } catch (IOException ioe) {
        return null;
      }
    }

    return null;
  }
  @Override
  public ResponseVO isUserAuthenticated(String authString, ResponseVO response) throws IOException {
    String decodedAuth = "";
    // Header is in the format "Basic 5tyc0uiDat4"
    // We need to extract data before decoding it back to original string
    // Decode the data back to original string
    byte[] bytes = null;
    new Base64();
    bytes = Base64.decode(authString);
    decodedAuth = new String(bytes);

    String[] decodedAuths = decodedAuth.split(":");

    User user = getUserDetail(decodedAuths[0], decodedAuths[1]);
    if (user == null) {
      response.setSuccess(false);
      response.setError(new Error(222, "Invalid credentials!!"));
    } else {
      String accessToken = ApplicationUtilities.generateAccessToken(user);
      CachedObject newCachedObject = new CachedObject(user.getUuid(), accessToken, 0);
      CacheManager.putCache(newCachedObject);
      response.setSuccess(true);
      // response.setData(new LoggedInUserVO(accessToken,user.getEmailAddress()));
    }
    return response;
  }
 public ClientResponse handle(ClientRequest cr) {
   cr.getHeaders()
       .add(
           HttpHeaders.AUTHORIZATION,
           "Basic " + new String(Base64.encode(user + ":" + pass), Charset.forName("ASCII")));
   ClientResponse resp = getNext().handle(cr);
   return resp;
 }
Exemple #4
0
  public static Token create(String username, String password) {
    String value =
        String.format("%s%s%s", username, password, String.valueOf(new Date().getTime()));
    String result = "";
    try {
      result = new String(Base64.encode(value), "UTF-8");
    } catch (UnsupportedEncodingException e) {
      e.printStackTrace();
    }

    return new Token(result);
  }
  @Override
  public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
      throws IOException, ServletException {
    final HttpServletRequest httpRequest = (HttpServletRequest) request;
    final HttpServletResponse httpResponse = (HttpServletResponse) response;

    // OPTIONS methods is used for CORS, no auth is required with this
    // method
    if (!"OPTIONS".equals(httpRequest.getMethod())) {
      final String authHeader = httpRequest.getHeader("authorization");
      if (authHeader == null) {
        log.warn("Login failed : no auth header!");
        httpResponse.setContentType("text/html");
        httpResponse.sendError(
            HttpServletResponse.SC_FORBIDDEN, "Unauthorized access, no authorization header.");
        return;
      }

      final String encodedValue = authHeader.split(" ")[1];
      final String[] decodedValue = Base64.base64Decode(encodedValue).split(":");

      if (decodedValue.length != 2) {
        log.warn("Login failed : malformed auth header!");
        httpResponse.setContentType("text/html");
        httpResponse.sendError(
            HttpServletResponse.SC_FORBIDDEN,
            "Unauthorized access, malformed authorization header.");
        return;
      }

      final String login = decodedValue[0];
      final String password = decodedValue[1];

      if (!USR.equals(login)) {
        log.info("Login failed for " + login);
        httpResponse.setContentType("text/html");
        httpResponse.sendError(
            HttpServletResponse.SC_FORBIDDEN, "Unauthorized access, unknown user.");
        return;
      }

      if (!PWD.equals(password)) {
        log.info("Login failed for " + login);
        httpResponse.setContentType("text/html");
        httpResponse.sendError(
            HttpServletResponse.SC_FORBIDDEN, "Unauthorized access, wrong password.");
        return;
      }

      log.info("Login success for " + login);
    }
    chain.doFilter(request, response);
  }
Exemple #6
0
  @Override
  public void map(LongWritable ikey, Text ivalue, Context context)
      throws IOException, InterruptedException {
    // TODO Auto-generated method stub
    String line = ivalue.toString();
    int index = line.indexOf('\t');
    if (index < 0) return;

    int bIndex = line.indexOf(':');
    if (bIndex < 0) return;

    double val = Double.parseDouble(line.substring(0, bIndex));

    try {
      int pIndex = model.cIndex(val);
      if (pIndex < li || pIndex > ri) return;

      String cb = line.substring(bIndex + 1, index);
      String b = new String(util.Dec(SecurityUtility.K, Base64.decode(cb.getBytes())));

      if (pIndex == li) {
        if (b.equals(bl) && val < left) return;
        if (bl.equals("0") && b.equals("1")) return;
      }

      if (pIndex == ri) {
        if (b.equals(bl) && val > right) return;
        if (br.equals("1") && b.equals("0")) return;
      }

      long p = model.decRng(val, b);

      String cextra = line.substring(index + 1);
      String pextra = new String(util.Dec(SecurityUtility.K, Base64.decode(cextra.getBytes())));
      context.write(new LongWritable(p), new Text(pextra));
    } catch (Exception e) {
      // TODO: handle exception
      System.err.println(StringUtils.stringifyException(e));
    }
  }
  public static CacheRequestContext build(
      ContainerRequest request, Set<String> vary, boolean includeBody) {
    try {
      MessageDigest digest = MessageDigest.getInstance("SHA-1");

      for (String header : vary) {
        List<String> headerValues = request.getRequestHeader(header);

        if (headerValues != null && headerValues.size() > 0) {
          digest.update(header.getBytes(Charsets.UTF_8));
          digest.update((byte) 0xFD);

          for (String value : headerValues) {
            digest.update(value.getBytes(Charsets.UTF_8));
            digest.update((byte) 0xFE);
          }

          digest.update((byte) 0xFF);
        }
      }

      if (includeBody) {
        byte[] requestBody = request.getEntity(byte[].class);

        if (requestBody == null) {
          requestBody = new byte[0];
        }

        if (requestBody.length > 0) {
          digest.update("Body".getBytes(Charsets.UTF_8));
          digest.update((byte) 0xFD);

          digest.update(requestBody);
          digest.update((byte) 0xFF);
        }

        request.setEntityInputStream(new ByteArrayInputStream(requestBody));
      }

      String hash = new String(Base64.encode(digest.digest()), Charsets.US_ASCII);
      return new CacheRequestContext(
          request.getMethod(), request.getRequestUri(), request.getRequestHeaders(), hash);
    } catch (NoSuchAlgorithmException ex) {
      // This error should not occur since SHA-1 must be included with every java distribution
      throw Throwables.propagate(ex);
    }
  }
  /* This function performs the decoding of the authentication header */
  public void decodeAuthorizationHeader() {
    // check if this request has basic authentication
    if (!authHeader.contains("Basic ")) {
      throw new WebApplicationException(Response.Status.BAD_REQUEST);
    }

    authHeader = authHeader.substring("Basic ".length());
    String[] decodedHeader;
    decodedHeader = Base64.base64Decode(authHeader).split(":");

    if (decodedHeader == null) {
      throw new WebApplicationException(Response.Status.BAD_REQUEST);
    }

    oAuthenticationAccount.setusername(decodedHeader[0]);
    oAuthenticationAccount.setpassword(decodedHeader[1]);
  }
  protected boolean authenticate(HttpServletRequest request) {
    if (provider.isAuthenticated(request.getSession())) return true;

    String user = null, pass = null;
    String authorization = request.getHeader("Authorization");
    if (authorization != null) {
      String userpass = Base64.base64Decode(authorization.substring(6));
      user = userpass.substring(0, userpass.indexOf(":"));
      pass = userpass.substring(userpass.indexOf(":") + 1);
    }

    if (provider.authenticate(request.getSession(), user, pass)) {
      log.info("Web API authenticated " + request.getSession() + " for user " + user);
      if (user != null) {
        request.getSession().setAttribute(AUTHENTICATED_USER_SESSION_ATTRIBUTE, user);
      }
      return true;
    }

    return false;
  }
  @Override
  protected void configure() {
    // If we want to add an auth header :
    // http://blogs.oracle.com/enterprisetechtips/entry/consuming_restful_web_services_with
    //		webResource.header("authorization", Base64.encode("tomcat:tomcat"));

    // Init http auth header
    final byte[] pwd = Base64.encode("cloud-rest-user:niancat");
    final String value = new String(pwd);
    final String authorization = "Basic " + value;

    bindConstant().annotatedWith(AuthorizationHeader.class).to(authorization);

    // Init client
    final ClientConfig clientConfig = new DefaultClientConfig();
    clientConfig.getFeatures().put(JSONConfiguration.FEATURE_POJO_MAPPING, Boolean.TRUE);
    final Client client = Client.create(clientConfig);

    client.addFilter(
        new ClientFilter() {
          @Override
          public ClientResponse handle(final ClientRequest cr) throws ClientHandlerException {
            final ClientResponse response = getNext().handle(cr);
            return response;
          }
        });

    final Properties properties = new Properties();
    try {
      properties.load(getClass().getResourceAsStream("/client.properties"));
    } catch (final IOException e) {
      e.printStackTrace();
    }
    final String serverUrl = properties.getProperty("server.http.url");
    System.out.println("HTTPClientModule.configure() " + serverUrl);
    // Init web resource
    final WebResource webResource = client.resource(serverUrl);

    bind(WebResource.class).toInstance(webResource);
  }
 // Code to add comments for Jira Issue
 public static void RestAddComment(String strComment, String strIssueID) {
   try {
     String auth = new String(Base64.encode("admin:admin"));
     String createCommentData = "{\"body\": \"" + strComment + "\"}\"";
     String comment =
         invokePostMethod(
             auth, BASE_URL + "/rest/api/2/issue/" + strIssueID + "/comment", createCommentData);
     System.out.println(comment);
     JSONObject issueObj = new JSONObject(comment);
     String newKey = issueObj.getString("id");
     System.out.println("id:" + newKey);
   } catch (AuthenticationException e) {
     System.out.println("Username or Password wrong!");
     e.printStackTrace();
   } catch (ClientHandlerException e) {
     System.out.println("Error invoking REST method");
     e.printStackTrace();
   } catch (JSONException e) {
     System.out.println("Invalid JSON output");
     e.printStackTrace();
   }
 }
  @POST
  @Path("/update")
  @Consumes(value = "application/json")
  @Override
  public void update(Record record) {
    this.LOGGER.debug("update(), record: {}", record);

    if (record == null) return;
    if (record.getName() == null) return;
    if (record.getPath() == null) return;

    if (record.getBinary() != null && !record.getBinary().isEmpty()) {
      final String encodedString = record.getBinary();
      byte[] decodedBuffer = Base64.decode(encodedString);

      File file = new File(record.getPath());
      if (!file.exists()) {
        file.mkdirs();
      }

      try {
        FileOutputStream outstream =
            new FileOutputStream(record.getPath().concat(record.getName()));
        outstream.write(decodedBuffer);
        outstream.flush();
        outstream.close();
      } catch (FileNotFoundException fnfe) {
        this.LOGGER.error(fnfe.getMessage());
        Response.status(Status.INTERNAL_SERVER_ERROR).build();
      } catch (IOException ioe) {
        this.LOGGER.error(ioe.getMessage());
        Response.status(Status.INTERNAL_SERVER_ERROR).build();
      }
    }

    final Record updatedRecord = this.recordService.update(record);
  }
  public Response authAdmin(HttpHeaders header) {
    try {
      String authorization = header.getRequestHeader(HttpHeaders.AUTHORIZATION).get(0);

      byte[] authorizationArr = Base64.decode(authorization);

      authorization = new String(authorizationArr, "UTF-8");

      String[] authArr = authorization.split(":");

      if (authArr.length == 2) {
        String username = authArr[0];
        String password = authArr[1];

        logger.info("Trying login of admin  {}", username);
        try {
          AuthorizationHandler auth = new AuthorizationHandler();
          AuthTransfer type = auth.authAdmin(username, password);
          return Response.status(Status.OK).entity(type).build();
        } catch (WrongPasswordException e) {
          logger.error("", e);
          return Response.status(Status.UNAUTHORIZED).build();
        } catch (NoUserFoundException e) {
          logger.error("", e);
          return Response.status(Status.NOT_FOUND).build();
        } catch (Exception e) {
          logger.error("", e);
          return Response.status(Status.INTERNAL_SERVER_ERROR).build();
        }
      }
    } catch (UnsupportedEncodingException e) {
      logger.error("", e);
    }

    return Response.status(Status.BAD_REQUEST).build();
  }
 @Override
 public String encode(final String value) {
   return new String(com.sun.jersey.core.util.Base64.encode(value));
 }
 @Override
 public String decode(final String value) {
   return com.sun.jersey.core.util.Base64.base64Decode(value);
 }
  @GET
  @Path("flowStats/{cluster}/{user}/{appId}")
  @Produces(MediaType.APPLICATION_JSON)
  public PaginatedResult<Flow> getJobFlowStats(
      @PathParam("cluster") String cluster,
      @PathParam("user") String user,
      @PathParam("appId") String appId,
      @QueryParam("version") String version,
      @QueryParam("startRow") String startRowParam,
      @QueryParam("startTime") long startTime,
      @QueryParam("endTime") long endTime,
      @QueryParam("limit") @DefaultValue("100") int limit,
      @QueryParam("includeJobs") boolean includeJobs)
      throws IOException {
    LOG.info(
        "Fetching flowStats for flowStats/{cluster}/{user}/{appId} with input query: "
            + "flowStats/"
            + cluster
            + SLASH // + user /{appId} cluster + " user " + user
            + appId
            + "?version="
            + version
            + "&limit="
            + limit
            + "&startRow="
            + startRowParam
            + "&startTime="
            + startTime
            + "&endTime="
            + endTime
            + "&includeJobs="
            + includeJobs);

    Stopwatch timer = new Stopwatch().start();
    byte[] startRow = null;
    if (startRowParam != null) {
      startRow = Base64.decode(startRowParam);
    }

    if (includeJobs) {
      serializationContext.set(
          new SerializationContext(
              SerializationContext.DetailLevel.FLOW_SUMMARY_STATS_WITH_JOB_STATS));
    } else {
      serializationContext.set(
          new SerializationContext(SerializationContext.DetailLevel.FLOW_SUMMARY_STATS_ONLY));
    }

    if (endTime == 0) {
      endTime = Long.MAX_VALUE;
    }

    if ((limit == 0) || (limit == Integer.MAX_VALUE)) {
      limit = Integer.MAX_VALUE - 1;
    }

    List<Flow> flows =
        getJobHistoryService()
            .getFlowTimeSeriesStats(
                cluster, user, appId, version, startTime, endTime, limit + 1, startRow);
    PaginatedResult<Flow> flowStatsPage = new PaginatedResult<Flow>(limit);
    // add request parameters
    flowStatsPage.addRequestParameter("user", user);
    flowStatsPage.addRequestParameter("appId", appId);
    if (StringUtils.isNotBlank(version)) {
      flowStatsPage.addRequestParameter("version", version);
    } else {
      flowStatsPage.addRequestParameter("version", "all");
    }

    flowStatsPage.addRequestParameter("startTime", Long.toString(startTime));
    flowStatsPage.addRequestParameter("endTime", Long.toString(endTime));
    flowStatsPage.addRequestParameter("limit", Integer.toString(limit));

    if (startRow != null) {
      flowStatsPage.addRequestParameter("startRow", startRowParam);
    }

    if (includeJobs) {
      flowStatsPage.addRequestParameter("includeJobs", "true");
    } else {
      flowStatsPage.addRequestParameter("includeJobs", "false");
    }

    if (flows.size() > limit) {
      // copy over the last excluding the last element
      // the last element is the start row for next page
      flowStatsPage.setValues(flows.subList(0, limit));
      flowStatsPage.setNextStartRow(new FlowKeyConverter().toBytes(flows.get(limit).getFlowKey()));
    } else {
      flowStatsPage.setNextStartRow(null);
      flowStatsPage.setValues(flows);
    }
    timer.stop();

    LOG.info(
        "For flowStats/{cluster}/{user}/{appId} with input query: "
            + "flowStats/"
            + cluster
            + SLASH // + user /{appId} cluster + " user " + user
            + appId
            + "?version="
            + version
            + "&limit="
            + limit
            + "&startRow="
            + startRow
            + "&startTime="
            + startTime
            + "&endTime="
            + endTime
            + "&includeJobs="
            + includeJobs
            + " fetched "
            + flows.size()
            + " in "
            + timer);
    return flowStatsPage;
  }
 private String base64(String value) {
   return new String(Base64.encode(value), Charset.forName("UTF-8"));
 }
  @GET
  @Produces({MediaType.TEXT_XML, MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON})
  // Browser XML response, XML application response and JSON application response all in the same
  // method automatically.
  public Device getDevice() {

    logger.debug("URL .../rest/devices/<device_name> called.");
    javax.naming.Context context = null; // JDBC
    DataSource dataSource = null;
    Connection connection = null;
    Device device = null;

    // Check access rights and filters

    // Get login credentials for HTTP basic authentication (over HTTPS):
    String header = headers.getRequestHeader("authorization").get(0);
    header = header.substring("Basic ".length());
    String[] creds = new String(Base64.base64Decode(header)).split(":");
    String username = creds[0];
    String password = creds[1];
    System.out.println(
        "["
            + this.getClass()
            + "] Basic HTTP authentication ('username','password'): '"
            + username
            + "','"
            + password
            + "'.");
    // Debug print. DO NOT LEAVE HERE BECAUSE EXPOSES THE CREDENTIALS TO CONSOLE/LOGS.

    // Check authorization in the case this service is accidentally installed on a non-secure Tomcat
    // server:
    if (username == null || username.length() == 0)
      throw new javax.ws.rs.WebApplicationException(
          javax.ws.rs.core.Response.Status
              .UNAUTHORIZED); // Proper HTTP 401 response when invalid user.
    /* No need to have the method introduce RuntimeExceptions in its signature, see inheritance:
    java.lang.Object
     extended by java.lang.Throwable
    	  extended by java.lang.Exception
       extended by java.lang.RuntimeException
    	    extended by javax.ws.rs.WebApplicationException */

    // Parse request parameters from a HttpServletRequest (not the Jersey way of doing things but
    // needed here because we lack context information):
    device_name = req.getParameter("device_name");
    logger_application_name = req.getParameter("logger_application_name");
    timestamp = req.getParameter("timestamp");
    start_time = req.getParameter("start_time");
    end_time = req.getParameter("end_time");

    // Test print of request parameters in different ways:
    System.out.println(
        "[" + this.getClass() + "] Full request URL: " + uriInfo.getRequestUri().toString());
    System.out.println("[" + this.getClass() + "] URL request parameters ('name','value'):");
    System.out.println("'device_name','" + device_name + "'");
    System.out.println("'logger_application_name','" + logger_application_name + "'");
    System.out.println("'timestamp','" + timestamp + "'");
    System.out.println("'start_time','" + start_time + "'");
    System.out.println("'end_time','" + end_time + "'");

    // Check access restrictions: NOT NEEDED HERE BECAUSE THE URL IDENTIFIES & VERIFIES THE USER.
    // if ( ( device_name == null || device_name.length() == 0 ) &&
    // !ConditionalAccess.NAME_DB_ADMINISTRATOR.equals(username) )
    // 	throw new javax.ws.rs.WebApplicationException(javax.ws.rs.core.Response.Status.FORBIDDEN);
    // A proper HTTP 403 response when an authenticated user has insufficient rights to the
    // resource.
    // Wikipedia (http://en.wikipedia.org/wiki/List_of_HTTP_status_codes):
    // "The request was a valid request, but the server is refusing to respond to it.[2] Unlike a
    // 401 Unauthorized response, authenticating will
    // make no difference.[2] On servers where authentication is required, this commonly means that
    // the provided credentials were successfully
    // authenticated but that the credentials still do not grant the client permission to access the
    // resource (e.g. a recognized user attempting
    // to access restricted content)."

    // Run a database request and create a REST response

    try {
      logger.debug("intializing JDBC connection.");
      context = new InitialContext();
      dataSource = (DataSource) context.lookup("java:comp/env/jdbc/postgres");
      connection = dataSource.getConnection();
      logger.debug("Got connection..");
      // Get named device from the database:
      device =
          Queries.findDevice(
              connection, deviceName); // Returns first match only or null if no device.
      logger.debug("Fetching device '" + deviceName + "' done.");
    } catch (Exception e) {
      e.printStackTrace();
      logger.warn(e.getMessage());
    } finally {
      if (context != null) {
        try {
          connection.close();
          context.close();
        } catch (Exception e) {
          System.out.print(e.toString());
        }
        context = null;
      }
    }
    if (device == null)
      //  throw new RuntimeException("GET: Device (user) with the name '" + deviceName +  "' not
      // found!");
      throw new javax.ws.rs.WebApplicationException(
          javax.ws.rs.core.Response.Status
              .NOT_FOUND); // Proper HTTP 404 response if resource was not found.
    /* No need to have the method introduce RuntimeExceptions in its signature, see inheritance:
      java.lang.Object
    extended by java.lang.Throwable
     		 extended by java.lang.Exception
       		  extended by java.lang.RuntimeException
        		   extended by javax.ws.rs.WebApplicationException */
    return device;
  }