Mercurial > hg > AnnotationManager

changeset 20:6629e8422760

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
half baked version for new JWT auth :-(
author casties
date Fri, 23 Mar 2012 21:41:53 +0100
parents a681113fd0eb
children 0cd1e7608d25
files .classpath .project .settings/org.eclipse.wst.common.component libs/commons-codec-1.4.jar libs/google-collections-1.0.jar libs/gson-1.4.jar libs/jsontoken-1.1-SNAPSHOT.jar src/de/mpiwg/itgroup/annotationManager/restlet/AnnotatorResourceImpl.java
diffstat 8 files changed, 80 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/.classpath	Fri Mar 23 14:27:15 2012 +0100
+++ b/.classpath	Fri Mar 23 21:41:53 2012 +0100
@@ -23,6 +23,26 @@
 			<attribute name="org.eclipse.jst.component.dependency" value="/WEB-INF/lib"/>
 		</attributes>
 	</classpathentry>
+	<classpathentry kind="lib" path="libs/jsontoken-1.1-SNAPSHOT.jar">
+		<attributes>
+			<attribute name="org.eclipse.jst.component.dependency" value="/WEB-INF/lib"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="lib" path="libs/gson-1.4.jar">
+		<attributes>
+			<attribute name="org.eclipse.jst.component.dependency" value="/WEB-INF/lib"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="lib" path="libs/google-collections-1.0.jar">
+		<attributes>
+			<attribute name="org.eclipse.jst.component.dependency" value="/WEB-INF/lib"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="lib" path="libs/commons-codec-1.4.jar">
+		<attributes>
+			<attribute name="org.eclipse.jst.component.dependency" value="/WEB-INF/lib"/>
+		</attributes>
+	</classpathentry>
 	<classpathentry combineaccessrules="false" kind="src" path="/TripleStoreManager"/>
 	<classpathentry kind="lib" path="/Volumes/Schlachteplatte/Users/casties/Library/Eclipse/AnnotationManager/libs/org.restlet-2.0.11.jar">
 		<attributes>
--- a/.project	Fri Mar 23 14:27:15 2012 +0100
+++ b/.project	Fri Mar 23 21:41:53 2012 +0100
@@ -4,6 +4,7 @@
 	<comment></comment>
 	<projects>
 		<project>TripleStoreManager</project>
+		<project>jsontoken</project>
 	</projects>
 	<buildSpec>
 		<buildCommand>
--- a/.settings/org.eclipse.wst.common.component	Fri Mar 23 14:27:15 2012 +0100
+++ b/.settings/org.eclipse.wst.common.component	Fri Mar 23 21:41:53 2012 +0100
@@ -6,6 +6,9 @@
         <dependent-module archiveName="TripleStoreManager.jar" deploy-path="/WEB-INF/lib" handle="module:/resource/TripleStoreManager/TripleStoreManager">
             <dependency-type>uses</dependency-type>
         </dependent-module>
+        <dependent-module archiveName="jsontoken.jar" deploy-path="/WEB-INF/lib" handle="module:/resource/jsontoken/jsontoken">
+            <dependency-type>uses</dependency-type>
+        </dependent-module>
         <property name="context-root" value="AnnotationManager"/>
         <property name="java-output-path" value="/AnnotationManager/build/classes"/>
     </wb-module>
Binary file libs/commons-codec-1.4.jar has changed
Binary file libs/google-collections-1.0.jar has changed
Binary file libs/gson-1.4.jar has changed
Binary file libs/jsontoken-1.1-SNAPSHOT.jar has changed
--- a/src/de/mpiwg/itgroup/annotationManager/restlet/AnnotatorResourceImpl.java	Fri Mar 23 14:27:15 2012 +0100
+++ b/src/de/mpiwg/itgroup/annotationManager/restlet/AnnotatorResourceImpl.java	Fri Mar 23 21:41:53 2012 +0100
@@ -15,10 +15,10 @@
 
 import javax.xml.bind.DatatypeConverter;
 
+import net.oauth.jsontoken.JsonToken;
+import net.oauth.jsontoken.JsonTokenParser;
+
 import org.apache.log4j.Logger;
-import org.joda.time.DateTime;
-import org.joda.time.format.DateTimeFormatter;
-import org.joda.time.format.ISODateTimeFormat;
 import org.json.JSONArray;
 import org.json.JSONException;
 import org.json.JSONObject;
@@ -30,6 +30,8 @@
 import org.restlet.resource.ServerResource;
 import org.restlet.security.User;
 
+import com.google.gson.JsonPrimitive;
+
 import de.mpiwg.itgroup.annotationManager.Constants.NS;
 import de.mpiwg.itgroup.annotationManager.RDFHandling.Annotation;
 
@@ -139,6 +141,56 @@
      */
     public String checkAuthToken(Representation entity) {
         Form requestHeaders = (Form) getRequest().getAttributes().get("org.restlet.http.headers");
+        String authToken = requestHeaders.getFirstValue("x-annotator-auth-token", true);
+        String userId = null;
+        String tokenString;
+        JsonToken token = new JsonTokenParser(null, null).deserialize(authToken);
+        String consumerKey = token.getParamAsPrimitive("consumerKey").getAsString();
+        // get stored consumer secret for key
+        RestServer restServer = (RestServer) getApplication();
+        String consumerSecret = restServer.getConsumerSecret(consumerKey);
+        logger.debug("requested consumer key=" + consumerKey + " secret=" + consumerSecret);
+        if (consumerSecret == null) {
+            return null;
+        }
+        logger.debug("token="+token);
+        /* try {
+            logger.debug(String.format("authToken=%s", authToken));
+            String[] tokenParts = authToken.split("\\.");
+            logger.debug(String.format("tokenParts=%s", tokenParts.toString()));
+            String payloadEnc = tokenParts[1];
+            if (payloadEnc.length() % 4 > 0) {
+                // add padding for parseBase64Binary
+                payloadEnc += "===".substring(0, payloadEnc.length() % 4);
+            }
+            String payloadString = new String(DatatypeConverter.parseBase64Binary(payloadEnc), "UTF-8");
+            logger.debug(String.format("payloadString=%s", payloadString));
+            JSONObject to = new JSONObject(payloadString);
+            logger.debug(String.format("jsonToken=%s", to));
+            String consumerKey = to.getString("consumerKey");
+            // get stored consumer secret for key
+            RestServer restServer = (RestServer) getApplication();
+            String consumerSecret = restServer.getConsumerSecret(consumerKey);
+            logger.debug("requested consumer key=" + consumerKey + " secret=" + consumerSecret);
+            if (consumerSecret == null) {
+                return null;
+            }
+            String decrypted = WebToken.decrypt(authToken, consumerSecret);
+            logger.debug("decrypted="+decrypted);
+        } catch (UnsupportedEncodingException e) {
+            // TODO Auto-generated catch block
+            e.printStackTrace();
+        } catch (JSONException e) {
+            // TODO Auto-generated catch block
+            e.printStackTrace();
+        } catch (ArrayIndexOutOfBoundsException e) {
+            e.printStackTrace();
+        } catch (Exception e) {
+            // TODO Auto-generated catch block
+            e.printStackTrace();
+        } */
+        //WebToken.decrypt(encrypted, password)
+        /*
         String consumerKey = requestHeaders.getFirstValue("x-annotator-consumer-key", true);
         if (consumerKey == null) {
             return null;
@@ -186,6 +238,7 @@
             // we dont care about validity right now
             //return null;
         }
+        */
         // must be ok then
         logger.debug("auth OK! user="+userId);
         return userId;