protected User getCurrentUser() {
final Object principal = getSubject().getPrincipal();
final User user = userService.load(principal.toString());
if (user == null) {
LOG.error(
"Loading the current user failed, this should not happen. Did you call this method in an unauthenticated REST resource?");
}
return user;
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token)
throws AuthenticationException {
SessionIdToken sessionIdToken = (SessionIdToken) token;
final Subject subject =
new Subject.Builder().sessionId(sessionIdToken.getSessionId()).buildSubject();
final Session session = subject.getSession(false);
if (session == null) {
LOG.debug(
"Invalid session {}. Either it has expired or did not exist.",
sessionIdToken.getSessionId());
return null;
}
final Object username = subject.getPrincipal();
final User user = userService.load(String.valueOf(username));
if (user == null) {
LOG.debug("No user named {} found for session {}", username, sessionIdToken.getSessionId());
return null;
}
if (user.isExternalUser() && !ldapAuthenticator.isEnabled()) {
throw new LockedAccountException("LDAP authentication is currently disabled.");
}
if (LOG.isDebugEnabled()) {
LOG.debug("Found session {} for user name {}", session.getId(), username);
}
@SuppressWarnings("unchecked")
final MultivaluedMap<String, String> requestHeaders =
(MultivaluedMap<String, String>) ThreadContext.get("REQUEST_HEADERS");
// extend session unless the relevant header was passed.
if (requestHeaders == null
|| !"true".equalsIgnoreCase(requestHeaders.getFirst("X-Graylog-No-Session-Extension"))) {
session.touch();
} else {
LOG.debug("Not extending session because the request indicated not to.");
}
ThreadContext.bind(subject);
return new SimpleAccount(user.getName(), null, "session authenticator");
}
@Override
public void doRun() {
final ContentPackLoaderConfig contentPackLoaderConfig =
clusterConfigService.getOrDefault(
ContentPackLoaderConfig.class, ContentPackLoaderConfig.EMPTY);
final List<Path> files = getFiles(contentPacksDir, FILENAME_GLOB);
final Map<String, ConfigurationBundle> contentPacks = new HashMap<>(files.size());
final Set<String> loadedContentPacks =
new HashSet<>(contentPackLoaderConfig.loadedContentPacks());
final Set<String> appliedContentPacks =
new HashSet<>(contentPackLoaderConfig.appliedContentPacks());
final Map<String, String> checksums = new HashMap<>(contentPackLoaderConfig.checksums());
for (Path file : files) {
final String fileName = file.getFileName().toString();
LOG.debug("Reading content pack from {}", file);
final byte[] bytes;
try {
bytes = Files.readAllBytes(file);
} catch (IOException e) {
LOG.warn("Couldn't read " + file + ". Skipping.", e);
continue;
}
final String encodedFileName = encodeFileNameForMongo(fileName);
final String checksum = HASH_FUNCTION.hashBytes(bytes).toString();
final String storedChecksum = checksums.get(encodedFileName);
if (storedChecksum == null) {
checksums.put(encodedFileName, checksum);
} else if (!checksum.equals(storedChecksum)) {
LOG.info(
"Checksum of {} changed (expected: {}, actual: {})", file, storedChecksum, checksum);
continue;
}
if (contentPackLoaderConfig.loadedContentPacks().contains(fileName)) {
LOG.debug("Skipping already loaded content pack {} (SHA-256: {})", file, storedChecksum);
continue;
}
LOG.debug("Parsing content pack from {}", file);
final ConfigurationBundle contentPack;
try {
contentPack = objectMapper.readValue(bytes, ConfigurationBundle.class);
} catch (IOException e) {
LOG.warn("Couldn't parse content pack in file " + file + ". Skipping", e);
continue;
}
final ConfigurationBundle existingContentPack =
bundleService.findByNameAndCategory(contentPack.getName(), contentPack.getCategory());
if (existingContentPack != null) {
LOG.debug(
"Content pack {}/{} already exists in database. Skipping.",
contentPack.getCategory(),
contentPack.getName());
contentPacks.put(fileName, existingContentPack);
continue;
}
final ConfigurationBundle insertedContentPack;
try {
insertedContentPack = bundleService.insert(contentPack);
LOG.debug(
"Successfully inserted content pack {} into database with ID {}",
file,
insertedContentPack.getId());
} catch (MongoException e) {
LOG.error("Error while inserting content pack " + file + " into database. Skipping.", e);
continue;
}
contentPacks.put(fileName, insertedContentPack);
loadedContentPacks.add(fileName);
}
LOG.debug("Applying selected content packs");
for (Map.Entry<String, ConfigurationBundle> entry : contentPacks.entrySet()) {
final String fileName = entry.getKey();
final ConfigurationBundle contentPack = entry.getValue();
if (contentPacksAutoLoad.contains(fileName) && appliedContentPacks.contains(fileName)) {
LOG.debug(
"Content pack {}/{} ({}) already applied. Skipping.",
contentPack.getName(),
contentPack.getCategory(),
fileName);
continue;
}
if (contentPacksAutoLoad.contains(fileName)) {
LOG.debug(
"Applying content pack {}/{} ({})",
contentPack.getName(),
contentPack.getCategory(),
fileName);
bundleService.applyConfigurationBundle(contentPack, userService.getAdminUser());
appliedContentPacks.add(fileName);
}
}
final ContentPackLoaderConfig changedContentPackLoaderConfig =
ContentPackLoaderConfig.create(loadedContentPacks, appliedContentPacks, checksums);
if (!contentPackLoaderConfig.equals(changedContentPackLoaderConfig)) {
clusterConfigService.write(changedContentPackLoaderConfig);
}
}