@Transactional public AccessKey createAccessKeyFromOAuthGrant(OAuthGrant grant, User user, Date now) { AccessKey newKey = new AccessKey(); newKey.setType(AccessKeyType.OAUTH); if (grant.getAccessType().equals(AccessType.ONLINE)) { Date expirationDate = new Date(now.getTime() + 600000); // the key is valid for 10 minutes newKey.setExpirationDate(expirationDate); } newKey.setUser(user); newKey.setLabel( String.format( Messages.OAUTH_GRANT_TOKEN_LABEL, grant.getClient().getName(), System.currentTimeMillis())); Set<AccessKeyPermission> permissions = new HashSet<>(); AccessKeyPermission permission = new AccessKeyPermission(); permission.setDomainArray(grant.getClient().getDomain()); permission.setActionsArray(StringUtils.split(grant.getScope(), ' ')); permission.setSubnetsArray(grant.getClient().getSubnet()); permission.setNetworkIds(grant.getNetworkIds()); permissions.add(permission); newKey.setPermissions(permissions); create(user, newKey); return newKey; }
@Transactional public boolean update(@NotNull Long userId, @NotNull Long keyId, AccessKeyUpdate toUpdate) { AccessKey existing = find(keyId, userId); if (existing == null) { return false; } if (toUpdate == null) { return true; } if (toUpdate.getLabel() != null) { existing.setLabel(toUpdate.getLabel().orElse(null)); } if (toUpdate.getExpirationDate() != null) { existing.setExpirationDate(toUpdate.getExpirationDate().orElse(null)); } if (toUpdate.getType() != null) { existing.setType(toUpdate.getType().map(v -> toUpdate.getTypeEnum()).orElse(null)); } if (toUpdate.getPermissions() != null) { if (!toUpdate.getPermissions().isPresent()) { logger.error("New permissions shouldn't be empty in request parameters"); throw new IllegalParametersException(Messages.INVALID_REQUEST_PARAMETERS); } Set<AccessKeyPermission> permissionsToReplace = toUpdate.getPermissions().get(); AccessKey toValidate = toUpdate.convertTo(); authenticationUtils.validateActions(toValidate); deleteAccessKeyPermissions(existing); for (AccessKeyPermission current : permissionsToReplace) { AccessKeyPermission permission = preparePermission(current); permission.setAccessKey(existing); genericDAO.persist(permission); } } return true; }