Exemplo n.º 1
0
 @Override
 protected void postAuthModification(Account account) {
   if (account != null) {
     ApiRequest request = ApiContext.getContext().getApiRequest();
     String accessToken = (String) request.getAttribute(AzureConstants.AZURE_ACCESS_TOKEN);
     String refreshToken = (String) request.getAttribute(AzureConstants.AZURE_REFRESH_TOKEN);
     DataAccessor.fields(account).withKey(AzureConstants.AZURE_ACCESS_TOKEN).set(accessToken);
     DataAccessor.fields(account).withKey(AzureConstants.AZURE_REFRESH_TOKEN).set(refreshToken);
     getObjectManager().persist(account);
   }
 }
Exemplo n.º 2
0
  private Account getAccountRequested(
      Account authenticatedAsAccount, Set<Identity> identities, ApiRequest request) {
    Account project;

    String projectId =
        request.getServletContext().getRequest().getHeader(ProjectConstants.PROJECT_HEADER);
    if (projectId == null || projectId.isEmpty()) {
      projectId = request.getServletContext().getRequest().getParameter("projectId");
    }
    if (projectId == null || projectId.isEmpty()) {
      projectId = (String) request.getAttribute(ProjectConstants.PROJECT_HEADER);
    }

    if (projectId == null || projectId.isEmpty()) {
      return authenticatedAsAccount;
    }

    String parsedProjectId;

    try {
      parsedProjectId = ApiContext.getContext().getIdFormatter().parseId(projectId);
    } catch (NumberFormatException e) {
      throw new ClientVisibleException(
          ResponseCodes.BAD_REQUEST,
          "InvalidFormat",
          "projectId header format is incorrect " + projectId,
          null);
    }

    if (StringUtils.isEmpty(parsedProjectId)) {
      throw new ClientVisibleException(ResponseCodes.FORBIDDEN);
    }
    try {
      project = authDao.getAccountById(new Long(parsedProjectId));
      if (project == null || !project.getState().equalsIgnoreCase(CommonStatesConstants.ACTIVE)) {
        throw new ClientVisibleException(ResponseCodes.FORBIDDEN);
      }
      if (authenticatedAsAccount.getId().equals(project.getId())) {
        return authenticatedAsAccount;
      }
    } catch (NumberFormatException e) {
      throw new ClientVisibleException(ResponseCodes.FORBIDDEN);
    }
    Policy tempPolicy =
        getPolicy(authenticatedAsAccount, authenticatedAsAccount, identities, request);
    if (authDao.hasAccessToProject(
        project.getId(),
        authenticatedAsAccount.getId(),
        tempPolicy.isOption(Policy.AUTHORIZED_FOR_ALL_ACCOUNTS),
        identities)) {
      return project;
    }
    throw new ClientVisibleException(ResponseCodes.FORBIDDEN);
  }