Mercurial > hg > AnnotationManagerN4J

comparison src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorResourceImpl.java @ 88:b406507a953d

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
upped version to 0.5. can use display name and groups from auth token.
author casties
date Tue, 03 Feb 2015 19:01:27 +0100
parents e3f0613b2f2d
children 247cbbb385de
comparison
equal deleted inserted replaced
87:2beafb8e19e4 88:b406507a953d
1 /**
2 * Base class for Annotator resource classes.
3 */
4 package de.mpiwg.itgroup.annotations.restlet; 1 package de.mpiwg.itgroup.annotations.restlet;
5 2
6 /* 3 /*
7 * #%L 4 * #%L
8 * AnnotationManager 5 * AnnotationManager
24 * <http://www.gnu.org/licenses/lgpl-3.0.html>. 21 * <http://www.gnu.org/licenses/lgpl-3.0.html>.
25 * #L% 22 * #L%
26 */ 23 */
27 24
28 import java.io.UnsupportedEncodingException; 25 import java.io.UnsupportedEncodingException;
29 import java.security.InvalidKeyException;
30 import java.security.SignatureException;
31 import java.text.SimpleDateFormat; 26 import java.text.SimpleDateFormat;
32 import java.util.ArrayList; 27 import java.util.ArrayList;
33 import java.util.Calendar; 28 import java.util.Calendar;
34 import java.util.HashSet; 29 import java.util.HashSet;
35 import java.util.List; 30 import java.util.List;
54 import org.restlet.representation.Representation; 49 import org.restlet.representation.Representation;
55 import org.restlet.resource.Options; 50 import org.restlet.resource.Options;
56 import org.restlet.resource.ServerResource; 51 import org.restlet.resource.ServerResource;
57 import org.restlet.util.Series; 52 import org.restlet.util.Series;
58 53
54 import com.google.gson.JsonArray;
55 import com.google.gson.JsonElement;
56 import com.google.gson.JsonObject;
57
59 import de.mpiwg.itgroup.annotations.Actor; 58 import de.mpiwg.itgroup.annotations.Actor;
60 import de.mpiwg.itgroup.annotations.Annotation; 59 import de.mpiwg.itgroup.annotations.Annotation;
61 import de.mpiwg.itgroup.annotations.Annotation.FragmentTypes; 60 import de.mpiwg.itgroup.annotations.Annotation.FragmentTypes;
62 import de.mpiwg.itgroup.annotations.Group; 61 import de.mpiwg.itgroup.annotations.Group;
63 import de.mpiwg.itgroup.annotations.Person; 62 import de.mpiwg.itgroup.annotations.Person;
152 * 151 *
153 * @param entity 152 * @param entity
154 * @return 153 * @return
155 */ 154 */
156 public boolean isAuthenticated(Representation entity) { 155 public boolean isAuthenticated(Representation entity) {
157 return (checkAuthToken(entity) != null); 156 return (getUserFromAuthToken(entity) != null);
158 } 157 }
159 158
160 /** 159 /**
161 * Checks Annotator Auth plugin authentication information from headers. 160 * Checks Annotator Auth plugin authentication information from headers.
162 * Returns userId if successful. Returns "anonymous" in non-authorization 161 * Returns userId if successful. Returns "anonymous" in non-authorization
163 * mode. 162 * mode.
164 * 163 *
165 * @param entity 164 * @param entity
166 * @return user-id 165 * @return user-id
167 */ 166 */
168 public String checkAuthToken(Representation entity) { 167 public Person getUserFromAuthToken(Representation entity) {
169 @SuppressWarnings("unchecked") 168 @SuppressWarnings("unchecked")
170 Series<Header> requestHeaders = (Series<Header>) getRequest().getAttributes().get("org.restlet.http.headers"); 169 Series<Header> requestHeaders = (Series<Header>) getRequest().getAttributes().get("org.restlet.http.headers");
171 String authToken = requestHeaders.getFirstValue("x-annotator-auth-token", true); 170 String authToken = requestHeaders.getFirstValue("x-annotator-auth-token", true);
172 if (authToken == null) { 171 if (authToken == null) {
173 if (!((BaseRestlet) getApplication()).isAuthorizationMode()) { 172 if (!((BaseRestlet) getApplication()).isAuthorizationMode()) {
174 return "anonymous"; 173 return Person.getAnonymous();
175 } 174 }
176 return null; 175 return null;
177 } 176 }
178 // decode token first to get consumer key 177 Person user = null;
179 JsonToken token = new JsonTokenParser(null, null).deserialize(authToken); 178 try {
180 String userId = token.getParamAsPrimitive("userId").getAsString(); 179 // decode token first to get consumer key
181 String consumerKey = token.getParamAsPrimitive("consumerKey").getAsString(); 180 JsonToken token = new JsonTokenParser(null, null).deserialize(authToken);
182 // get stored consumer secret for key 181 String consumerKey = token.getParamAsPrimitive("consumerKey").getAsString();
183 BaseRestlet restServer = (BaseRestlet) getApplication(); 182 // get stored consumer secret for key
184 String consumerSecret = restServer.getConsumerSecret(consumerKey); 183 BaseRestlet restServer = (BaseRestlet) getApplication();
185 logger.fine("requested consumer key=" + consumerKey + " secret=" + consumerSecret); 184 String consumerSecret = restServer.getConsumerSecret(consumerKey);
186 if (consumerSecret == null) { 185 logger.fine("requested consumer key=" + consumerKey + " secret=" + consumerSecret);
187 return null; 186 if (consumerSecret == null) {
188 } 187 logger.warning("Error: unknown consumer key: "+consumerKey);
189 // logger.fine(String.format("token=%s tokenString=%s signatureAlgorithm=%s",token,token.getTokenString(),token.getSignatureAlgorithm())); 188 return null;
190 try { 189 }
190 // logger.fine(String.format("token=%s tokenString=%s signatureAlgorithm=%s",token,token.getTokenString(),token.getSignatureAlgorithm()));
191 List<Verifier> verifiers = new ArrayList<Verifier>(); 191 List<Verifier> verifiers = new ArrayList<Verifier>();
192 // we only do HS256 yet 192 // we only do HS256 yet
193 verifiers.add(new HmacSHA256Verifier(consumerSecret.getBytes("UTF-8"))); 193 verifiers.add(new HmacSHA256Verifier(consumerSecret.getBytes("UTF-8")));
194 // verify token signature(should really be static...) 194 // verify token signature(should really be static...)
195 new JsonTokenParser(new SystemClock(), null, (Checker[]) null).verify(token, verifiers); 195 new JsonTokenParser(new SystemClock(), null, (Checker[]) null).verify(token, verifiers);
196 } catch (SignatureException e) { 196 // create Person
197 // TODO Auto-generated catch block 197 JsonObject payload = token.getPayloadAsJsonObject();
198 e.printStackTrace(); 198 // userId is mandatory
199 } catch (InvalidKeyException e) { 199 String userId = payload.get("userId").getAsString();
200 // TODO Auto-generated catch block 200 user = new Person(userId);
201 e.printStackTrace(); 201 // displayName is optional
202 } catch (UnsupportedEncodingException e) { 202 if (payload.has("displayName")) {
203 // TODO Auto-generated catch block 203 user.name = payload.get("displayName").getAsString();
204 e.printStackTrace(); 204 }
205 // memberOf groups is optional
206 if (payload.has("memberOf")) {
207 Set<String> groups = new HashSet<String>();
208 JsonArray jgroups = payload.get("memberOf").getAsJsonArray();
209 for (JsonElement jgroup : jgroups) {
210 groups.add(jgroup.getAsString());
211 }
212 user.groups = groups;
213 }
214 } catch (Exception e) {
215 logger.warning("Error checking auth token: "+e.toString());
216 return null;
205 } 217 }
206 // must be ok then 218 // must be ok then
207 logger.fine("auth OK! user=" + userId); 219 logger.fine("auth OK! user=" + user);
208 return userId; 220 return user;
209 } 221 }
210 222
211 /** 223 /**
212 * creates Annotator-JSON from an Annotation object. 224 * creates Annotator-JSON from an Annotation object.
213 * 225 *
214 * @param annot 226 * @param annot annotation object
215 * @param forAnonymous 227 * @param forAnonymous
216 * TODO 228 * @return Annotator-JSON
217 * @return
218 */ 229 */
219 public JSONObject createAnnotatorJson(Annotation annot, boolean forAnonymous) { 230 public JSONObject createAnnotatorJson(Annotation annot, boolean forAnonymous) {
220 // return user as a JSON object (otherwise just as string) 231 // return user as a JSON object (otherwise just as string)
221 boolean makeUserObject = true; 232 boolean makeUserObject = true;
222 JSONObject jo = new JSONObject(); 233 JSONObject jo = new JSONObject();
574 annot.setQuote(jo.getString("quote")); 585 annot.setQuote(jo.getString("quote"));
575 } 586 }
576 /* 587 /*
577 * check authentication 588 * check authentication
578 */ 589 */
579 String authUser = checkAuthToken(entity); 590 Person authUser = getUserFromAuthToken(entity);
580 if (authUser == null) { 591 if (authUser == null) {
581 /* 592 /*
582 * // try http auth User httpUser = getHttpAuthUser(entity); if 593 * // try http auth User httpUser = getHttpAuthUser(entity); if
583 * (httpUser == null) { 594 * (httpUser == null) {
584 */ 595 */
617 userUri = user.getString("uri"); 628 userUri = user.getString("uri");
618 } 629 }
619 } 630 }
620 } 631 }
621 if (username == null) { 632 if (username == null) {
622 username = authUser; 633 username = authUser.getName();
623 } 634 }
624 // try to get full name 635 // try to get full name
625 if (creator.getName() == null && username != null) { 636 if (creator.getName() == null && username != null) {
626 BaseRestlet restServer = (BaseRestlet) getApplication(); 637 BaseRestlet restServer = (BaseRestlet) getApplication();
627 String fullName = restServer.getFullNameForId(username); 638 String fullName = restServer.getFullNameForId(username);