private static AuthConfig.Builder parseDockerConfig(final Path configPath, String serverAddress)
throws IOException {
checkNotNull(configPath);
final AuthConfig.Builder authBuilder = AuthConfig.builder();
final JsonNode authJson = extractAuthJson(configPath);
if (isNullOrEmpty(serverAddress)) {
final Iterator<String> servers = authJson.fieldNames();
if (servers.hasNext()) {
serverAddress = servers.next();
}
} else {
if (!authJson.has(serverAddress)) {
log.error("Could not find auth config for {}. Returning empty builder", serverAddress);
return AuthConfig.builder().serverAddress(serverAddress);
}
}
final JsonNode serverAuth = authJson.get(serverAddress);
if (serverAuth != null && serverAuth.has("auth")) {
authBuilder.serverAddress(serverAddress);
final String authString = serverAuth.get("auth").asText();
final String[] authParams = Base64.decodeAsString(authString).split(":");
if (authParams.length == 2) {
authBuilder.username(authParams[0].trim());
authBuilder.password(authParams[1].trim());
} else {
log.warn("Failed to parse auth string for {}", serverAddress);
return authBuilder;
}
} else {
log.warn("Could not find auth field for {}", serverAddress);
return authBuilder;
}
if (serverAuth.has("email")) {
authBuilder.email(serverAuth.get("email").asText());
}
return authBuilder;
}
@Override
public void filter(ContainerRequestContext requestContext) throws IOException {
List<String> authHeader = requestContext.getHeaders().get(AUTHORIZATION_KEY_NAME);
if (requestContext.getUriInfo().getAbsolutePath().getPath().contains(SECURED_URL)
&& authHeader != null
&& authHeader.size() > 0) {
String authToken = authHeader.get(0);
authToken = authToken.replace(AUTHORIZATION_BASIC_PREFIX, "");
String authTokenDecoded = Base64.decodeAsString(authToken.getBytes("UTF-8"));
StringTokenizer tokenizer = new StringTokenizer(authTokenDecoded, ":");
String userName = tokenizer.nextToken();
String password = tokenizer.nextToken();
if (userName.equalsIgnoreCase("user") && password.equalsIgnoreCase("password")) return;
}
Response unauthorizedStatus =
Response.status(Response.Status.UNAUTHORIZED)
.entity("User cannot Access the resource")
.build();
requestContext.abortWith(unauthorizedStatus);
}
/**
* Build Authorization header for final user.
*
* @param username target username
* @param password target password
* @return target header
*/
public static String buildAuthorization4UserName(String username, String password) {
return " Basic " + new String(Base64.encodeAsString(username + ":" + password));
}
/**
* The response entity from message service is
* {"statusCode":"000000","templateSMS":{"dateCreated":"20140827105250",
* "smsMessageSid":"20140827105250065847"}}
*
* @param phoneNumber
* @return
* @throws NoSuchAlgorithmException
* @throws UnsupportedEncodingException
*/
@GET
@Path("registration/sms")
@Produces(MediaType.APPLICATION_JSON)
public Response sendVerifyMessageToMobile(@QueryParam("phoneNumber") String phoneNumber)
throws NoSuchAlgorithmException, UnsupportedEncodingException {
if (phoneNumber == null) {
return Response.ok(
new PhoneVerifyResponse(
AuthenticationConstants.MESSAGESENDFAILURE,
"Parameter phoneNumber provided is null",
null))
.build();
}
Properties tzProperties = PropertiesUtils.getProperties(servletConfig.getServletContext());
SslConfigurator sslConfig =
SslConfigurator.newInstance()
.trustStoreFile(tzProperties.getProperty("ssl.trust.store.file"))
.trustStorePassword(tzProperties.getProperty("ssl.trust.store.pass"))
.trustStoreType("JKS")
.trustManagerFactoryAlgorithm("PKIX")
.keyStoreFile(tzProperties.getProperty("ssl.key.store.file"))
.keyPassword(tzProperties.getProperty("ssl.key.store.pass"))
.keyStoreType("JKS")
.keyManagerFactoryAlgorithm("SunX509")
.keyStoreProvider("SUN")
.securityProtocol("SSL");
SSLContext sslContext = sslConfig.createSSLContext();
Client client = ClientBuilder.newBuilder().sslContext(sslContext).build();
WebTarget target = client.target(tzProperties.getProperty("mobile.verify.service"));
String timeStamp = new SimpleDateFormat("yyyyMMddHHmmss").format(new Date());
String accountSid = tzProperties.getProperty("mobile.account.sid");
String encodeString = accountSid + tzProperties.getProperty("mobile.auth.token") + timeStamp;
String authenticationString = accountSid + ":" + timeStamp;
String sig = new EncryptUtil().md5Digest(encodeString);
JsonObjectBuilder messageBuilder = Json.createObjectBuilder();
JsonArrayBuilder datasBuilder = Json.createArrayBuilder();
String verificationCode = String.valueOf(VerificationCodeGenerator.randInt(100000, 999999));
datasBuilder.add(verificationCode).add(tzProperties.getProperty("mobile.code.active.time"));
messageBuilder
.add("to", phoneNumber)
.add("appId", tzProperties.getProperty("mobile.appid"))
.add("templateId", tzProperties.getProperty("mobile.templateid"))
.add("datas", datasBuilder);
Response providerResponse =
target
.queryParam("sig", sig)
.request(MediaType.APPLICATION_JSON)
.header(HttpHeaders.AUTHORIZATION, Base64.encodeAsString(authenticationString))
.post(Entity.entity(messageBuilder.build(), MediaType.APPLICATION_JSON));
JsonObject jsonObject = providerResponse.readEntity(JsonObject.class);
if (jsonObject.getString("statusCode").equals("000000")) {
TokenHolder.verificationCodeMap.put(phoneNumber, verificationCode);
return Response.ok(
new PhoneVerifyResponse(
AuthenticationConstants.MESSAGESENDSUCCESS,
jsonObject.toString(),
verificationCode))
.build();
} else {
return Response.ok(
new PhoneVerifyResponse(
AuthenticationConstants.MESSAGESENDFAILURE, jsonObject.toString(), null))
.build();
}
}