Пример #1
0
 /**
  * Authenticate within a given realm (user provider).
  *
  * @param form
  * @return
  */
 @POST
 @Path("/authenticate")
 public Json authenticate(Json form) {
   if (!form.has("provider") || form.is("provider", ""))
     form.set("provider", desc.at("authenticatesWith").at("hasName"));
   if (form.is("provider", authenticateProvider())) {
     if (!form.has("password") || form.is("password", "")) return ko("Please provide a password.");
     Json userdata = userProfile(form);
     if (userdata.is("error", "No profile")) return ko("User not found or invalid password.");
     else if (!userdata.is("ok", true)) return userdata;
     else if (!StartUp.getConfig().is("ignorePasswords", true)) {
       if (!provider(form.at("provider").asString())
           .authenticate(
               userdata.at("profile").at("hasUsername").asString(),
               form.at("password").asString())) return ko("User not found or invalid password.");
     }
     if (dbg()) {
       String msg =
           (userdata.at("profile").has("hasUsername"))
               ? userdata.at("profile").at("hasUsername").asString()
               : "Unknown";
       msg += " | lastname: " + (userdata.at("profile").at("lastName", " no lastname")).toString();
       msg +=
           "\r\n | groups: "
               + (userdata.at("profile").at("groups", " no groups")).toString()
               + "\r\n";
       ThreadLocalStopwatch.getWatch().time("Auth success: " + msg);
       ThreadLocalStopwatch.dispose();
     }
     return ok().set("user", prepareReturn(userdata.at("profile")));
   }
   // other realms/providers...
   else return ko("Unknown realm");
 }
Пример #2
0
 @GET
 @Path("search")
 public Json search(
     @QueryParam("id") String id,
     @QueryParam("name") String searchString,
     @QueryParam("providers") String providers) {
   if (id != null && !id.isEmpty()) {
     return Json.array().add(searchUserById(id));
   }
   Json resultList = Json.array();
   final int maxResults = 15;
   try {
     if (searchString == null || searchString.length() == 0) return null;
     else searchString = searchString.trim();
     Json user = Json.object();
     String name = searchString;
     name = name.trim();
     int idx;
     // Parse search string
     if ((idx = name.indexOf(',')) > -1) { // Miller, Bob
       user.set("LastName", name.substring(0, idx).trim());
       user.set("FirstName", name.substring(idx + 1).trim());
     } else if ((idx = name.indexOf(' ')) > -1) { // Bob Miller
       user.set("LastName", name.substring(idx + 1).trim());
       user.set("FirstName", name.substring(0, idx).trim());
     } else { // Miller
       user.set("LastName", name);
     }
     if (user.is("FirstName", "")) user.delAt("FirstName");
     if (user.is("LastName", "")) user.delAt("LastName");
     if (user.asJsonMap().size() > 0) {
       Collection<String> P =
           providers != null ? Arrays.asList(providers.split(",")) : orderedProviders();
       for (String providerName : P)
         resultList.with(searchProvider(providerName, user, maxResults));
     }
   } catch (Exception e) {
     e.printStackTrace();
     return ko(e);
   }
   return prepareReturn(resultList);
 }
Пример #3
0
 /**
  * This is a general method to retrieve information about a particular user. Because it's
  * expensive to fill out all information we can get about a user, the request is a more complex
  * object that specifies what is to be provided. In this way, a client can request all that is
  * needed and only that which is needed in a single network round-trip.
  *
  * <p>The basic profile (first name, email etc.) is returned regardless. Here are the expected
  * properties of the JSON <code>request</code> parameter that control what else is returned:
  *
  * <ul>
  *   <li>username - mandatory...of course
  *   <li>groups - true/false whether to include the list of groups the user belongs to
  *   <li>access - true/false whether to include the access policies for this user
  * </ul>
  *
  * @param request
  * @return
  */
 @POST
 @Path("/profile")
 public Json userProfile(Json request) {
   try {
     if (!request.isObject() || !request.has("username")) return ko("bad request.");
     if (!request.has("provider") || request.is("provider", ""))
       request.set("provider", desc.at("authenticatesWith").at("hasName"));
     UserProvider providerImpl = provider(request.at("provider").asString());
     Json profile = providerImpl.get(request.at("username").asString());
     if (profile.isNull()) return ko("No profile");
     if (request.is("groups", true) || request.is("access", true))
       profile.set("groups", providerImpl.findGroups(request.at("username").asString()));
     if (request.is("access", true))
       profile.set("access", getAccessPolicies(profile.at("groups")));
     return ok().set("profile", prepareReturn(profile));
   } catch (Throwable t) {
     if (!"unavailable"
         .equals(t.getMessage())) // error would have already been reported in the logs
     t.printStackTrace(System.err);
     return ko(t.getMessage());
   }
 }
Пример #4
0
 @Test
 public void testObjectMerge() {
   Json o1 =
       object(
           "id",
           2,
           "name",
           "John",
           "address",
           object(
               "streetName", "Main",
               "streetNumber", 20,
               "city", "Detroit"));
   Json o2 = o1.dup().set("age", 20).at("address").delAt("city").up();
   o1.with(o2, "merge");
   Assert.assertTrue(o1.is("age", 20));
   Assert.assertTrue(o1.at("address").is("city", "Detroit"));
 }