# HG changeset patch
# User casties
# Date 1332535313 -3600
# Node ID 6629e8422760357aef04aeb458ae43a17806976c
# Parent a681113fd0eb923cbb1cbed1482cdb8274532084
half baked version for new JWT auth :-(
diff -r a681113fd0eb -r 6629e8422760 .classpath
--- a/.classpath Fri Mar 23 14:27:15 2012 +0100
+++ b/.classpath Fri Mar 23 21:41:53 2012 +0100
@@ -23,6 +23,26 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff -r a681113fd0eb -r 6629e8422760 .project
--- a/.project Fri Mar 23 14:27:15 2012 +0100
+++ b/.project Fri Mar 23 21:41:53 2012 +0100
@@ -4,6 +4,7 @@
TripleStoreManager
+ jsontoken
diff -r a681113fd0eb -r 6629e8422760 .settings/org.eclipse.wst.common.component
--- a/.settings/org.eclipse.wst.common.component Fri Mar 23 14:27:15 2012 +0100
+++ b/.settings/org.eclipse.wst.common.component Fri Mar 23 21:41:53 2012 +0100
@@ -6,6 +6,9 @@
uses
+
+ uses
+
diff -r a681113fd0eb -r 6629e8422760 libs/commons-codec-1.4.jar
Binary file libs/commons-codec-1.4.jar has changed
diff -r a681113fd0eb -r 6629e8422760 libs/google-collections-1.0.jar
Binary file libs/google-collections-1.0.jar has changed
diff -r a681113fd0eb -r 6629e8422760 libs/gson-1.4.jar
Binary file libs/gson-1.4.jar has changed
diff -r a681113fd0eb -r 6629e8422760 libs/jsontoken-1.1-SNAPSHOT.jar
Binary file libs/jsontoken-1.1-SNAPSHOT.jar has changed
diff -r a681113fd0eb -r 6629e8422760 src/de/mpiwg/itgroup/annotationManager/restlet/AnnotatorResourceImpl.java
--- a/src/de/mpiwg/itgroup/annotationManager/restlet/AnnotatorResourceImpl.java Fri Mar 23 14:27:15 2012 +0100
+++ b/src/de/mpiwg/itgroup/annotationManager/restlet/AnnotatorResourceImpl.java Fri Mar 23 21:41:53 2012 +0100
@@ -15,10 +15,10 @@
import javax.xml.bind.DatatypeConverter;
+import net.oauth.jsontoken.JsonToken;
+import net.oauth.jsontoken.JsonTokenParser;
+
import org.apache.log4j.Logger;
-import org.joda.time.DateTime;
-import org.joda.time.format.DateTimeFormatter;
-import org.joda.time.format.ISODateTimeFormat;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;
@@ -30,6 +30,8 @@
import org.restlet.resource.ServerResource;
import org.restlet.security.User;
+import com.google.gson.JsonPrimitive;
+
import de.mpiwg.itgroup.annotationManager.Constants.NS;
import de.mpiwg.itgroup.annotationManager.RDFHandling.Annotation;
@@ -139,6 +141,56 @@
*/
public String checkAuthToken(Representation entity) {
Form requestHeaders = (Form) getRequest().getAttributes().get("org.restlet.http.headers");
+ String authToken = requestHeaders.getFirstValue("x-annotator-auth-token", true);
+ String userId = null;
+ String tokenString;
+ JsonToken token = new JsonTokenParser(null, null).deserialize(authToken);
+ String consumerKey = token.getParamAsPrimitive("consumerKey").getAsString();
+ // get stored consumer secret for key
+ RestServer restServer = (RestServer) getApplication();
+ String consumerSecret = restServer.getConsumerSecret(consumerKey);
+ logger.debug("requested consumer key=" + consumerKey + " secret=" + consumerSecret);
+ if (consumerSecret == null) {
+ return null;
+ }
+ logger.debug("token="+token);
+ /* try {
+ logger.debug(String.format("authToken=%s", authToken));
+ String[] tokenParts = authToken.split("\\.");
+ logger.debug(String.format("tokenParts=%s", tokenParts.toString()));
+ String payloadEnc = tokenParts[1];
+ if (payloadEnc.length() % 4 > 0) {
+ // add padding for parseBase64Binary
+ payloadEnc += "===".substring(0, payloadEnc.length() % 4);
+ }
+ String payloadString = new String(DatatypeConverter.parseBase64Binary(payloadEnc), "UTF-8");
+ logger.debug(String.format("payloadString=%s", payloadString));
+ JSONObject to = new JSONObject(payloadString);
+ logger.debug(String.format("jsonToken=%s", to));
+ String consumerKey = to.getString("consumerKey");
+ // get stored consumer secret for key
+ RestServer restServer = (RestServer) getApplication();
+ String consumerSecret = restServer.getConsumerSecret(consumerKey);
+ logger.debug("requested consumer key=" + consumerKey + " secret=" + consumerSecret);
+ if (consumerSecret == null) {
+ return null;
+ }
+ String decrypted = WebToken.decrypt(authToken, consumerSecret);
+ logger.debug("decrypted="+decrypted);
+ } catch (UnsupportedEncodingException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ } catch (JSONException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ } catch (ArrayIndexOutOfBoundsException e) {
+ e.printStackTrace();
+ } catch (Exception e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ } */
+ //WebToken.decrypt(encrypted, password)
+ /*
String consumerKey = requestHeaders.getFirstValue("x-annotator-consumer-key", true);
if (consumerKey == null) {
return null;
@@ -186,6 +238,7 @@
// we dont care about validity right now
//return null;
}
+ */
// must be ok then
logger.debug("auth OK! user="+userId);
return userId;