protected void ldapLogin() throws CLIException {
if (ssoToken == null) {
Authenticator auth = Authenticator.getInstance();
String bindUser = getAdminID();
ssoToken = auth.ldapLogin(getCommandManager(), bindUser, getAdminPassword());
} else {
try {
SSOTokenManager mgr = SSOTokenManager.getInstance();
mgr.validateToken(ssoToken);
} catch (SSOException e) {
throw new CLIException(e, ExitCodes.SESSION_EXPIRED);
}
}
}
/** Is there an Individual associated with this user? */
private String getAssociatedIndividualUri() {
UserAccount userAccount = LoginStatusBean.getCurrentUser(request);
if (userAccount == null) {
log.debug("Not logged in? Must be cancelling the password change");
return null;
}
List<String> uris = Authenticator.getInstance(request).getAssociatedIndividualUris(userAccount);
if (uris.isEmpty()) {
log.debug("'" + userAccount.getEmailAddress() + "' is not associated with an individual.");
return null;
} else {
String uri = uris.get(0);
log.debug("'" + userAccount.getEmailAddress() + "' is associated with an individual: " + uri);
return uri;
}
}
@Override
public ContainerRequest filter(ContainerRequest request) {
String path = request.getPath();
log.info("Filtering request path: " + path);
// IMPORTANT!!! First, Acknowledge any pre-flight test from browsers for
// this case before validating the headers (CORS stuff)
if (request.getMethod().equals("OPTIONS")) {
log.info("en Options?");
ResponseBuilder builder = null;
String response = "OK";
builder = Response.status(Response.Status.OK).entity(response);
throw new WebApplicationException(builder.build());
}
// Then check is the service key exists and is valid.
Authenticator demoAuthenticator = Authenticator.getInstance();
String serviceKey = request.getHeaderValue(HttpHeaderNames.SERVICE_KEY);
if (!demoAuthenticator.isServiceKeyValid(serviceKey)) {
ResponseBuilder builder = null;
String response = "Invalid Service Key";
builder = Response.status(Response.Status.UNAUTHORIZED).entity(response);
throw new WebApplicationException(builder.build());
}
// For any pther methods besides login, the authToken must be verified
if (!path.startsWith("auth/login")) {
String authToken = request.getHeaderValue(HttpHeaderNames.AUTH_TOKEN);
// if it isn't valid, just kick them out.
if (!demoAuthenticator.isAuthTokenValid(serviceKey, authToken)) {
ResponseBuilder builder = null;
String response = "Authentication is need";
builder = Response.status(Response.Status.UNAUTHORIZED).entity(response);
throw new WebApplicationException(builder.build());
}
}
// read(request);
return request;
}
