/**
* Authenticate within a given realm (user provider).
*
* @param form
* @return
*/
@POST
@Path("/authenticate")
public Json authenticate(Json form) {
if (!form.has("provider") || form.is("provider", ""))
form.set("provider", desc.at("authenticatesWith").at("hasName"));
if (form.is("provider", authenticateProvider())) {
if (!form.has("password") || form.is("password", "")) return ko("Please provide a password.");
Json userdata = userProfile(form);
if (userdata.is("error", "No profile")) return ko("User not found or invalid password.");
else if (!userdata.is("ok", true)) return userdata;
else if (!StartUp.getConfig().is("ignorePasswords", true)) {
if (!provider(form.at("provider").asString())
.authenticate(
userdata.at("profile").at("hasUsername").asString(),
form.at("password").asString())) return ko("User not found or invalid password.");
}
if (dbg()) {
String msg =
(userdata.at("profile").has("hasUsername"))
? userdata.at("profile").at("hasUsername").asString()
: "Unknown";
msg += " | lastname: " + (userdata.at("profile").at("lastName", " no lastname")).toString();
msg +=
"\r\n | groups: "
+ (userdata.at("profile").at("groups", " no groups")).toString()
+ "\r\n";
ThreadLocalStopwatch.getWatch().time("Auth success: " + msg);
ThreadLocalStopwatch.dispose();
}
return ok().set("user", prepareReturn(userdata.at("profile")));
}
// other realms/providers...
else return ko("Unknown realm");
}
/**
* Decodes form parameters that are sent double encoded by performing one decode step on their
* values, if their restlet framework decoded value starts with an "%".
*
* @param request a restlet request
* @throws IOException did not occur during tests but may.
* @throws IllegalArgumentException if an Encode representation is received.
*/
void decodeFormParamsIfDoubleEncoded(Request request) throws IOException {
Representation r = request.getEntity();
if (r instanceof EncodeRepresentation)
throw new IllegalArgumentException(
"Received an Encode representation."
+ " This filter must be after the Encoder filter. please check your filter chain order.");
if (!(r instanceof EmptyRepresentation)) {
ContentType c = new ContentType(r);
if (MediaType.APPLICATION_WWW_FORM.equals(c.getMediaType(), true)) {
Form form = new Form(r);
Form newform = new Form(r);
Map<String, String> valuesMap = form.getValuesMap();
for (Map.Entry<String, String> e : valuesMap.entrySet()) {
if (DBG) ThreadLocalStopwatch.now("" + e.getKey() + " - " + e.getValue());
String shouldBeDecodedValue = e.getValue();
if (shouldBeDecodedValue.startsWith("%")) {
shouldBeDecodedValue = URLDecoder.decode(e.getValue(), DECODER_CHAR_SET);
totalDecodings.incrementAndGet();
if (DBG) {
ThreadLocalStopwatch.now("DECODED " + request.getResourceRef());
ThreadLocalStopwatch.now(
"DECODED "
+ totalDecodings.get()
+ " : "
+ e.getKey()
+ " - "
+ shouldBeDecodedValue);
}
}
newform.add(e.getKey(), shouldBeDecodedValue);
}
// we must always set the entity, because above getEntitiy call causes
// NPEs later if repeated by the framework.
request.setEntity(newform.encode(), c.getMediaType());
}
}
}