Mercurial > hg > AnnotationManagerN4J
comparison src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorResourceImpl.java @ 88:b406507a953d
upped version to 0.5.
can use display name and groups from auth token.
author | casties |
---|---|
date | Tue, 03 Feb 2015 19:01:27 +0100 |
parents | e3f0613b2f2d |
children | 247cbbb385de |
comparison
equal
deleted
inserted
replaced
87:2beafb8e19e4 | 88:b406507a953d |
---|---|
1 /** | |
2 * Base class for Annotator resource classes. | |
3 */ | |
4 package de.mpiwg.itgroup.annotations.restlet; | 1 package de.mpiwg.itgroup.annotations.restlet; |
5 | 2 |
6 /* | 3 /* |
7 * #%L | 4 * #%L |
8 * AnnotationManager | 5 * AnnotationManager |
24 * <http://www.gnu.org/licenses/lgpl-3.0.html>. | 21 * <http://www.gnu.org/licenses/lgpl-3.0.html>. |
25 * #L% | 22 * #L% |
26 */ | 23 */ |
27 | 24 |
28 import java.io.UnsupportedEncodingException; | 25 import java.io.UnsupportedEncodingException; |
29 import java.security.InvalidKeyException; | |
30 import java.security.SignatureException; | |
31 import java.text.SimpleDateFormat; | 26 import java.text.SimpleDateFormat; |
32 import java.util.ArrayList; | 27 import java.util.ArrayList; |
33 import java.util.Calendar; | 28 import java.util.Calendar; |
34 import java.util.HashSet; | 29 import java.util.HashSet; |
35 import java.util.List; | 30 import java.util.List; |
54 import org.restlet.representation.Representation; | 49 import org.restlet.representation.Representation; |
55 import org.restlet.resource.Options; | 50 import org.restlet.resource.Options; |
56 import org.restlet.resource.ServerResource; | 51 import org.restlet.resource.ServerResource; |
57 import org.restlet.util.Series; | 52 import org.restlet.util.Series; |
58 | 53 |
54 import com.google.gson.JsonArray; | |
55 import com.google.gson.JsonElement; | |
56 import com.google.gson.JsonObject; | |
57 | |
59 import de.mpiwg.itgroup.annotations.Actor; | 58 import de.mpiwg.itgroup.annotations.Actor; |
60 import de.mpiwg.itgroup.annotations.Annotation; | 59 import de.mpiwg.itgroup.annotations.Annotation; |
61 import de.mpiwg.itgroup.annotations.Annotation.FragmentTypes; | 60 import de.mpiwg.itgroup.annotations.Annotation.FragmentTypes; |
62 import de.mpiwg.itgroup.annotations.Group; | 61 import de.mpiwg.itgroup.annotations.Group; |
63 import de.mpiwg.itgroup.annotations.Person; | 62 import de.mpiwg.itgroup.annotations.Person; |
152 * | 151 * |
153 * @param entity | 152 * @param entity |
154 * @return | 153 * @return |
155 */ | 154 */ |
156 public boolean isAuthenticated(Representation entity) { | 155 public boolean isAuthenticated(Representation entity) { |
157 return (checkAuthToken(entity) != null); | 156 return (getUserFromAuthToken(entity) != null); |
158 } | 157 } |
159 | 158 |
160 /** | 159 /** |
161 * Checks Annotator Auth plugin authentication information from headers. | 160 * Checks Annotator Auth plugin authentication information from headers. |
162 * Returns userId if successful. Returns "anonymous" in non-authorization | 161 * Returns userId if successful. Returns "anonymous" in non-authorization |
163 * mode. | 162 * mode. |
164 * | 163 * |
165 * @param entity | 164 * @param entity |
166 * @return user-id | 165 * @return user-id |
167 */ | 166 */ |
168 public String checkAuthToken(Representation entity) { | 167 public Person getUserFromAuthToken(Representation entity) { |
169 @SuppressWarnings("unchecked") | 168 @SuppressWarnings("unchecked") |
170 Series<Header> requestHeaders = (Series<Header>) getRequest().getAttributes().get("org.restlet.http.headers"); | 169 Series<Header> requestHeaders = (Series<Header>) getRequest().getAttributes().get("org.restlet.http.headers"); |
171 String authToken = requestHeaders.getFirstValue("x-annotator-auth-token", true); | 170 String authToken = requestHeaders.getFirstValue("x-annotator-auth-token", true); |
172 if (authToken == null) { | 171 if (authToken == null) { |
173 if (!((BaseRestlet) getApplication()).isAuthorizationMode()) { | 172 if (!((BaseRestlet) getApplication()).isAuthorizationMode()) { |
174 return "anonymous"; | 173 return Person.getAnonymous(); |
175 } | 174 } |
176 return null; | 175 return null; |
177 } | 176 } |
178 // decode token first to get consumer key | 177 Person user = null; |
179 JsonToken token = new JsonTokenParser(null, null).deserialize(authToken); | 178 try { |
180 String userId = token.getParamAsPrimitive("userId").getAsString(); | 179 // decode token first to get consumer key |
181 String consumerKey = token.getParamAsPrimitive("consumerKey").getAsString(); | 180 JsonToken token = new JsonTokenParser(null, null).deserialize(authToken); |
182 // get stored consumer secret for key | 181 String consumerKey = token.getParamAsPrimitive("consumerKey").getAsString(); |
183 BaseRestlet restServer = (BaseRestlet) getApplication(); | 182 // get stored consumer secret for key |
184 String consumerSecret = restServer.getConsumerSecret(consumerKey); | 183 BaseRestlet restServer = (BaseRestlet) getApplication(); |
185 logger.fine("requested consumer key=" + consumerKey + " secret=" + consumerSecret); | 184 String consumerSecret = restServer.getConsumerSecret(consumerKey); |
186 if (consumerSecret == null) { | 185 logger.fine("requested consumer key=" + consumerKey + " secret=" + consumerSecret); |
187 return null; | 186 if (consumerSecret == null) { |
188 } | 187 logger.warning("Error: unknown consumer key: "+consumerKey); |
189 // logger.fine(String.format("token=%s tokenString=%s signatureAlgorithm=%s",token,token.getTokenString(),token.getSignatureAlgorithm())); | 188 return null; |
190 try { | 189 } |
190 // logger.fine(String.format("token=%s tokenString=%s signatureAlgorithm=%s",token,token.getTokenString(),token.getSignatureAlgorithm())); | |
191 List<Verifier> verifiers = new ArrayList<Verifier>(); | 191 List<Verifier> verifiers = new ArrayList<Verifier>(); |
192 // we only do HS256 yet | 192 // we only do HS256 yet |
193 verifiers.add(new HmacSHA256Verifier(consumerSecret.getBytes("UTF-8"))); | 193 verifiers.add(new HmacSHA256Verifier(consumerSecret.getBytes("UTF-8"))); |
194 // verify token signature(should really be static...) | 194 // verify token signature(should really be static...) |
195 new JsonTokenParser(new SystemClock(), null, (Checker[]) null).verify(token, verifiers); | 195 new JsonTokenParser(new SystemClock(), null, (Checker[]) null).verify(token, verifiers); |
196 } catch (SignatureException e) { | 196 // create Person |
197 // TODO Auto-generated catch block | 197 JsonObject payload = token.getPayloadAsJsonObject(); |
198 e.printStackTrace(); | 198 // userId is mandatory |
199 } catch (InvalidKeyException e) { | 199 String userId = payload.get("userId").getAsString(); |
200 // TODO Auto-generated catch block | 200 user = new Person(userId); |
201 e.printStackTrace(); | 201 // displayName is optional |
202 } catch (UnsupportedEncodingException e) { | 202 if (payload.has("displayName")) { |
203 // TODO Auto-generated catch block | 203 user.name = payload.get("displayName").getAsString(); |
204 e.printStackTrace(); | 204 } |
205 // memberOf groups is optional | |
206 if (payload.has("memberOf")) { | |
207 Set<String> groups = new HashSet<String>(); | |
208 JsonArray jgroups = payload.get("memberOf").getAsJsonArray(); | |
209 for (JsonElement jgroup : jgroups) { | |
210 groups.add(jgroup.getAsString()); | |
211 } | |
212 user.groups = groups; | |
213 } | |
214 } catch (Exception e) { | |
215 logger.warning("Error checking auth token: "+e.toString()); | |
216 return null; | |
205 } | 217 } |
206 // must be ok then | 218 // must be ok then |
207 logger.fine("auth OK! user=" + userId); | 219 logger.fine("auth OK! user=" + user); |
208 return userId; | 220 return user; |
209 } | 221 } |
210 | 222 |
211 /** | 223 /** |
212 * creates Annotator-JSON from an Annotation object. | 224 * creates Annotator-JSON from an Annotation object. |
213 * | 225 * |
214 * @param annot | 226 * @param annot annotation object |
215 * @param forAnonymous | 227 * @param forAnonymous |
216 * TODO | 228 * @return Annotator-JSON |
217 * @return | |
218 */ | 229 */ |
219 public JSONObject createAnnotatorJson(Annotation annot, boolean forAnonymous) { | 230 public JSONObject createAnnotatorJson(Annotation annot, boolean forAnonymous) { |
220 // return user as a JSON object (otherwise just as string) | 231 // return user as a JSON object (otherwise just as string) |
221 boolean makeUserObject = true; | 232 boolean makeUserObject = true; |
222 JSONObject jo = new JSONObject(); | 233 JSONObject jo = new JSONObject(); |
574 annot.setQuote(jo.getString("quote")); | 585 annot.setQuote(jo.getString("quote")); |
575 } | 586 } |
576 /* | 587 /* |
577 * check authentication | 588 * check authentication |
578 */ | 589 */ |
579 String authUser = checkAuthToken(entity); | 590 Person authUser = getUserFromAuthToken(entity); |
580 if (authUser == null) { | 591 if (authUser == null) { |
581 /* | 592 /* |
582 * // try http auth User httpUser = getHttpAuthUser(entity); if | 593 * // try http auth User httpUser = getHttpAuthUser(entity); if |
583 * (httpUser == null) { | 594 * (httpUser == null) { |
584 */ | 595 */ |
617 userUri = user.getString("uri"); | 628 userUri = user.getString("uri"); |
618 } | 629 } |
619 } | 630 } |
620 } | 631 } |
621 if (username == null) { | 632 if (username == null) { |
622 username = authUser; | 633 username = authUser.getName(); |
623 } | 634 } |
624 // try to get full name | 635 // try to get full name |
625 if (creator.getName() == null && username != null) { | 636 if (creator.getName() == null && username != null) { |
626 BaseRestlet restServer = (BaseRestlet) getApplication(); | 637 BaseRestlet restServer = (BaseRestlet) getApplication(); |
627 String fullName = restServer.getFullNameForId(username); | 638 String fullName = restServer.getFullNameForId(username); |