Changeset 88:b406507a953d in AnnotationManagerN4J for src

Timestamp:

Feb 3, 2015, 6:01:27 PM (10 years ago)

Author:

casties

Branch:

default

Message:

upped version to 0.5.
can use display name and groups from auth token.

Location:

src/main/java/de/mpiwg/itgroup/annotations

Files:

• Actor.java (modified) (1 diff)
• Person.java (modified) (4 diffs)
• restlet/AnnotatorAnnotations.java (modified) (6 diffs)
• restlet/AnnotatorAnnotationsByResources.java (modified) (1 diff)
• restlet/AnnotatorAnnotationsByTags.java (modified) (1 diff)
• restlet/AnnotatorGroups.java (modified) (4 diffs)
• restlet/AnnotatorResourceImpl.java (modified) (10 diffs)
• restlet/AnnotatorRestlet.java (modified) (1 diff)
• restlet/AnnotatorSearch.java (modified) (1 diff)

src/main/java/de/mpiwg/itgroup/annotations/Actor.java

@@ -58 +58 @@
         if (isGroup() && store != null) {
             // check if person in group
+            if (person.groups != null) {
+                // check person's groups
+                if (person.groups.contains(this.id)) {
+                    return true;
+                }
+            }
+            // check in store
             return store.isPersonInGroup(person, (Group) this);            
         }

src/main/java/de/mpiwg/itgroup/annotations/Person.java

@@ -1 @@
-/**
- * 
- */
 package de.mpiwg.itgroup.annotations;
 
@@ -26 +23 @@
  */
 
+import java.util.Set;
+
 import de.mpiwg.itgroup.annotations.restlet.BaseRestlet;
 
@@ -34 +33 @@
 public class Person extends Actor {
 
+    public Set<String> groups;
+    
     public Person() {
     }
@@ -92 +93 @@
         return name;
     }
+    
+    /**
+     * Returns the anonymous Person.
+     * 
+     * @return
+     */
+    public static Person getAnonymous() {
+        return new Person("anonymous");
+    }
 
     /* (non-Javadoc)

src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorAnnotations.java

@@ -1 @@
-/**
- * Implements the "annotations" uri of the Annotator API. see
- * <https://github.com/okfn/annotator/wiki/Storage>
- */
 package de.mpiwg.itgroup.annotations.restlet;
 
@@ -88 +84 @@
 
         // do authentication
-        Person authUser = Person.createPersonWithId(this.checkAuthToken(entity));
+        Person authUser = getUserFromAuthToken(entity);
         logger.fine("request authenticated=" + authUser);
 
@@ -173 +169 @@
 
         // do authentication TODO: who's allowed to create?
-        Person authUser = Person.createPersonWithId(this.checkAuthToken(entity));
+        Person authUser = getUserFromAuthToken(entity);
         logger.fine("request authenticated=" + authUser);
         if (authUser == null) {
@@ -190 +186 @@
             // make sure id is not set for POST
             jo.remove("id");
-            // get Annotation object from posted JSON
+            // create Annotation object from posted JSON
             annot = createAnnotation(jo, entity);
         } catch (IOException e1) {
@@ -231 +227 @@
 
         // do authentication
-        Person authUser = Person.createPersonWithId(this.checkAuthToken(entity));
+        Person authUser = getUserFromAuthToken(entity);
         logger.fine("request authenticated=" + authUser);
 
@@ -294 +290 @@
 
         // do authentication
-        Person authUser = Person.createPersonWithId(this.checkAuthToken(entity));
+        Person authUser = getUserFromAuthToken(entity);
         logger.fine("request authenticated=" + authUser);
         AnnotationStore store = getAnnotationStore();

src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorAnnotationsByResources.java

@@ -60 +60 @@
 
         // do authentication
-        Person authUser = Person.createPersonWithId(this.checkAuthToken(entity));
+        Person authUser = getUserFromAuthToken(entity);
         logger.fine("request authenticated=" + authUser);
 

src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorAnnotationsByTags.java

@@ -59 +59 @@
 
         // do authentication
-        Person authUser = Person.createPersonWithId(this.checkAuthToken(entity));
+        Person authUser = getUserFromAuthToken(entity);
         logger.fine("request authenticated=" + authUser);
 

src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorGroups.java

@@ -1 @@
-/**
- * ReST API for accessing groups in the Annotation store.
- */
 package de.mpiwg.itgroup.annotations.restlet;
 
@@ -40 +37 @@
 import de.mpiwg.itgroup.annotations.Actor;
 import de.mpiwg.itgroup.annotations.Group;
+import de.mpiwg.itgroup.annotations.Person;
 import de.mpiwg.itgroup.annotations.neo4j.AnnotationStore;
 
@@ -67 +65 @@
         logger.fine("AnnotatorGroups doGetJSON!");
         setCorsHeaders();
-        Form form = getRequest().getResourceRef().getQueryAsForm();
-        String user = form.getFirstValue("user");
-        String uri = form.getFirstValue("uri");
+        // get user from auth token (preferred)
+        Person authUser = getUserFromAuthToken(entity);
+        JSONArray results = null;
+        if (authUser != null && authUser.groups != null) {
+            results  = getGroupsFromPerson(authUser);
+        } else {
+            // get user or uri from request
+            Form form = getRequest().getResourceRef().getQueryAsForm();
+            String user = form.getFirstValue("user");
+            String uri = form.getFirstValue("uri");
+            results = getGroupsFromStore(uri, user);
+        }
+        // assemble result object
+        JSONObject result = new JSONObject();
+        try {
+            result.put("rows", results);
+            result.put("total", results.length());
+        } catch (JSONException e) {
+            setStatus(Status.SERVER_ERROR_INTERNAL, "JSON Error");
+            return null;
+        }
+        logger.fine("sending:");
+        logger.fine(result.toString());
+        return new JsonRepresentation(result);
+    }
+
+    public JSONArray getGroupsFromPerson(Person person) {
+        JSONArray results = new JSONArray();
+        for (String group : person.groups) {
+            JSONObject jo = new JSONObject();
+            try {
+                jo.put("id", group);
+                jo.put("name", group);
+            } catch (JSONException e) {
+            }
+            results.put(jo);
+        }
+        return results;
+    }
+
+    public JSONArray getGroupsFromStore(String uri, String user) {
+        JSONArray results = new JSONArray();
         if (uri == null || uri.isEmpty()) {
             // get uri from user-id
             uri = Actor.getUriFromId(user, false);
         }
-        JSONArray results = new JSONArray();
         AnnotationStore store = getAnnotationStore();
         Node person = store.getPersonNodeByUri(uri);
@@ -90 +126 @@
             }
         }
-        // assemble result object
-        JSONObject result = new JSONObject();
-        try {
-            result.put("rows", results);
-            result.put("total", results.length());
-        } catch (JSONException e) {
-            setStatus(Status.SERVER_ERROR_INTERNAL, "JSON Error");
-            return null;
-        }
-        logger.fine("sending:");
-        logger.fine(result.toString());
-        return new JsonRepresentation(result);
-
+        return results;
     }
 }

src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorResourceImpl.java

@@ -1 @@
-/**
- * Base class for Annotator resource classes.
- */
 package de.mpiwg.itgroup.annotations.restlet;
 
@@ -27 +24 @@
 
 import java.io.UnsupportedEncodingException;
-import java.security.InvalidKeyException;
-import java.security.SignatureException;
 import java.text.SimpleDateFormat;
 import java.util.ArrayList;
@@ -57 +52 @@
 import org.restlet.util.Series;
 
+import com.google.gson.JsonArray;
+import com.google.gson.JsonElement;
+import com.google.gson.JsonObject;
+
 import de.mpiwg.itgroup.annotations.Actor;
 import de.mpiwg.itgroup.annotations.Annotation;
@@ -155 +154 @@
      */
     public boolean isAuthenticated(Representation entity) {
-        return (checkAuthToken(entity) != null);
+        return (getUserFromAuthToken(entity) != null);
     }
 
@@ -166 +165 @@
      * @return user-id
      */
-    public String checkAuthToken(Representation entity) {
+    public Person getUserFromAuthToken(Representation entity) {
         @SuppressWarnings("unchecked")
         Series<Header> requestHeaders = (Series<Header>) getRequest().getAttributes().get("org.restlet.http.headers");
@@ -172 +171 @@
         if (authToken == null) {
             if (!((BaseRestlet) getApplication()).isAuthorizationMode()) {
-                return "anonymous";
+                return Person.getAnonymous();
             }
             return null;
         }
-        // decode token first to get consumer key
-        JsonToken token = new JsonTokenParser(null, null).deserialize(authToken);
-        String userId = token.getParamAsPrimitive("userId").getAsString();
-        String consumerKey = token.getParamAsPrimitive("consumerKey").getAsString();
-        // get stored consumer secret for key
-        BaseRestlet restServer = (BaseRestlet) getApplication();
-        String consumerSecret = restServer.getConsumerSecret(consumerKey);
-        logger.fine("requested consumer key=" + consumerKey + " secret=" + consumerSecret);
-        if (consumerSecret == null) {
-            return null;
-        }
-        // logger.fine(String.format("token=%s tokenString=%s signatureAlgorithm=%s",token,token.getTokenString(),token.getSignatureAlgorithm()));
-        try {
+        Person user = null;
+                try {
+                        // decode token first to get consumer key
+            JsonToken token = new JsonTokenParser(null, null).deserialize(authToken);
+            String consumerKey = token.getParamAsPrimitive("consumerKey").getAsString();
+            // get stored consumer secret for key
+            BaseRestlet restServer = (BaseRestlet) getApplication();
+            String consumerSecret = restServer.getConsumerSecret(consumerKey);
+            logger.fine("requested consumer key=" + consumerKey + " secret=" + consumerSecret);
+                        if (consumerSecret == null) {
+                            logger.warning("Error: unknown consumer key: "+consumerKey);
+                                return null;
+                        }
+                        // logger.fine(String.format("token=%s tokenString=%s signatureAlgorithm=%s",token,token.getTokenString(),token.getSignatureAlgorithm()));
             List<Verifier> verifiers = new ArrayList<Verifier>();
             // we only do HS256 yet
@@ -194 +194 @@
             // verify token signature(should really be static...)
             new JsonTokenParser(new SystemClock(), null, (Checker[]) null).verify(token, verifiers);
-        } catch (SignatureException e) {
-            // TODO Auto-generated catch block
-            e.printStackTrace();
-        } catch (InvalidKeyException e) {
-            // TODO Auto-generated catch block
-            e.printStackTrace();
-        } catch (UnsupportedEncodingException e) {
-            // TODO Auto-generated catch block
-            e.printStackTrace();
+            // create Person
+            JsonObject payload = token.getPayloadAsJsonObject();
+            // userId is mandatory
+            String userId = payload.get("userId").getAsString();
+            user = new Person(userId);
+            // displayName is optional
+            if (payload.has("displayName")) {
+                user.name = payload.get("displayName").getAsString();
+            }
+            // memberOf groups is optional
+            if (payload.has("memberOf")) {
+                Set<String> groups = new HashSet<String>();
+                JsonArray jgroups = payload.get("memberOf").getAsJsonArray();
+                for (JsonElement jgroup : jgroups) {
+                    groups.add(jgroup.getAsString());
+                }
+                user.groups = groups;
+            }
+        } catch (Exception e) {
+            logger.warning("Error checking auth token: "+e.toString());
+            return null;
         }
         // must be ok then
-        logger.fine("auth OK! user=" + userId);
-        return userId;
+        logger.fine("auth OK! user=" + user);
+        return user;
     }
 
@@ -212 +224 @@
      * creates Annotator-JSON from an Annotation object.
      * 
-     * @param annot
+     * @param annot annotation object
      * @param forAnonymous
-     *            TODO
-     * @return
+     * @return Annotator-JSON
      */
     public JSONObject createAnnotatorJson(Annotation annot, boolean forAnonymous) {
@@ -577 +588 @@
          * check authentication
          */
-        String authUser = checkAuthToken(entity);
+        Person authUser = getUserFromAuthToken(entity);
         if (authUser == null) {
             /*
@@ -620 +631 @@
         }
         if (username == null) {
-            username = authUser;
+            username = authUser.getName();
         }
         // try to get full name

src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorRestlet.java

@@ -35 +35 @@
 public class AnnotatorRestlet extends BaseRestlet {
 
-    public final String version = "AnnotationManagerN4J/Annotator 0.4.0";
+    public final String version = "AnnotationManagerN4J/Annotator 0.5.0";
 
     /*

src/main/java/de/mpiwg/itgroup/annotations/restlet/AnnotatorSearch.java

@@ -68 +68 @@
         setCorsHeaders();
         // do authentication
-        Person authUser = Person.createPersonWithId(this.checkAuthToken(entity));
+        Person authUser = getUserFromAuthToken(entity);
         logger.fine("request authenticated=" + authUser);