inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-14 17:58:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged HEAD (5.2) to 5.2.N (5.2.1)

Browse Source 
127562 jkaabimofrad: Merged API-STRIKES-BACK (5.2.0) to HEAD (5.2)
      125748 jkaabimofrad: RA-933, RA-934, RA-972: Modified the logout and validate ticket API to support only "-me-" (dummy parameter) in the URL path rather than ticket id. Also, renamed the JSON attributes.


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/BRANCHES/DEV/5.2.N/root@127656 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Alan Davis
2016-06-03 14:08:59 +00:00
parent b9f4a68302
commit ad267ea682
6 changed files with 129 additions and 103 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
source/java/org/alfresco/rest/api/Authentications.java
View File

@@ -32,7 +32,7 @@ public interface Authentications
LoginTicketResponse createTicket(LoginTicket loginRequest, Parameters parameters);
LoginTicketResponse validateTicket(String ticket, Parameters parameters, WithResponse withResponse);
LoginTicketResponse validateTicket(String me, Parameters parameters, WithResponse withResponse);
void deleteTicket(String ticket, Parameters parameters, WithResponse withResponse);
void deleteTicket(String me, Parameters parameters, WithResponse withResponse);
}

10
source/java/org/alfresco/rest/api/authentications/AuthenticationTicketsEntityResource.java
View File

@@ -72,17 +72,17 @@ public class AuthenticationTicketsEntityResource implements EntityResourceAction
return Collections.singletonList(result);
}
@WebApiDescription(title = "Validate login ticket", description = "Validates the specified ticket is still valid.")
@WebApiDescription(title = "Validate login ticket", description = "Validate login ticket.")
@Override
public LoginTicket readById(String ticket, Parameters parameters, WithResponse withResponse)
public LoginTicket readById(String me, Parameters parameters, WithResponse withResponse)
{
return authentications.validateTicket(ticket, parameters, withResponse);
return authentications.validateTicket(me, parameters, withResponse);
}
@WebApiDescription(title = "Logout", description = "Logout.")
@Override
public void delete(String ticket, Parameters parameters, WithResponse withResponse)
public void delete(String me, Parameters parameters, WithResponse withResponse)
{
authentications.deleteTicket(ticket, parameters, withResponse);
authentications.deleteTicket(me, parameters, withResponse);
}
}

69
source/java/org/alfresco/rest/api/impl/AuthenticationsImpl.java
View File

@@ -21,8 +21,10 @@ package org.alfresco.rest.api.impl;
import org.alfresco.repo.security.authentication.AuthenticationException;
import org.alfresco.repo.security.authentication.AuthenticationUtil;
import org.alfresco.repo.security.authentication.Authorization;
import org.alfresco.repo.security.authentication.TicketComponent;
import org.alfresco.rest.api.Authentications;
import org.alfresco.rest.api.People;
import org.alfresco.rest.api.model.LoginTicket;
import org.alfresco.rest.api.model.LoginTicketResponse;
import org.alfresco.rest.framework.core.exceptions.InvalidArgumentException;
@@ -32,6 +34,7 @@ import org.alfresco.rest.framework.webscripts.WithResponse;
import org.alfresco.service.cmr.security.AuthenticationService;
import org.alfresco.util.PropertyCheck;
import org.apache.commons.lang.StringUtils;
import org.springframework.extensions.surf.util.Base64;
import org.springframework.extensions.webscripts.Status;
/**
@@ -39,6 +42,9 @@ import org.springframework.extensions.webscripts.Status;
*/
public class AuthenticationsImpl implements Authentications
{
private static final String AUTHORIZATION_HEADER = "Authorization";
private static final String PARAM_ALF_TICKET = "alf_ticket";
private AuthenticationService authenticationService;
private TicketComponent ticketComponent;
@@ -65,11 +71,11 @@ public class AuthenticationsImpl implements Authentications
try
{
// get ticket
authenticationService.authenticate(loginRequest.getUsername(), loginRequest.getPassword().toCharArray());
authenticationService.authenticate(loginRequest.getUserId(), loginRequest.getPassword().toCharArray());
LoginTicketResponse response = new LoginTicketResponse();
response.setUsername(loginRequest.getUsername());
response.setTicket(authenticationService.getCurrentTicket());
response.setUserId(loginRequest.getUserId());
response.setId(authenticationService.getCurrentTicket());
return response;
}
@@ -84,18 +90,19 @@ public class AuthenticationsImpl implements Authentications
}
@Override
public LoginTicketResponse validateTicket(String ticket, Parameters parameters, WithResponse withResponse)
public LoginTicketResponse validateTicket(String me, Parameters parameters, WithResponse withResponse)
{
if (StringUtils.isEmpty(ticket))
if (!People.DEFAULT_USER.equals(me))
{
throw new InvalidArgumentException("ticket can't be null or empty.");
throw new InvalidArgumentException("Invalid parameter: " + me);
}
final String ticket = getTicket(parameters);
try
{
String ticketUser = ticketComponent.validateTicket(ticket);
final String ticketUser = ticketComponent.validateTicket(ticket);
String currentUser = AuthenticationUtil.getFullyAuthenticatedUser();
final String currentUser = AuthenticationUtil.getFullyAuthenticatedUser();
// do not go any further if tickets are different
// or the user is not fully authenticated
if (currentUser == null || !currentUser.equals(ticketUser))
@@ -108,23 +115,24 @@ public class AuthenticationsImpl implements Authentications
withResponse.setStatus(Status.STATUS_NOT_FOUND);
}
LoginTicketResponse response = new LoginTicketResponse();
response.setTicket(ticket);
response.setId(ticket);
return response;
}
@Override
public void deleteTicket(String ticket, Parameters parameters, WithResponse withResponse)
public void deleteTicket(String me, Parameters parameters, WithResponse withResponse)
{
if (StringUtils.isEmpty(ticket))
if (!People.DEFAULT_USER.equals(me))
{
throw new InvalidArgumentException("ticket can't be null or empty.");
throw new InvalidArgumentException("Invalid parameter: " + me);
}
final String ticket = getTicket(parameters);
try
{
String ticketUser = ticketComponent.validateTicket(ticket);
final String ticketUser = ticketComponent.validateTicket(ticket);
String currentUser = AuthenticationUtil.getFullyAuthenticatedUser();
final String currentUser = AuthenticationUtil.getFullyAuthenticatedUser();
// do not go any further if tickets are different
// or the user is not fully authenticated
if (currentUser == null || !currentUser.equals(ticketUser))
@@ -145,9 +153,40 @@ public class AuthenticationsImpl implements Authentications
protected void validateLoginRequest(LoginTicket loginTicket)
{
if (loginTicket == null || loginTicket.getUsername() == null || loginTicket.getPassword() == null)
if (loginTicket == null || loginTicket.getUserId() == null || loginTicket.getPassword() == null)
{
throw new InvalidArgumentException("Invalid login details.");
}
}
protected String getTicket(Parameters parameters)
{
// First check the alf_ticket in the URL
final String alfTicket = parameters.getParameter(PARAM_ALF_TICKET);
if (StringUtils.isNotEmpty(alfTicket))
{
return alfTicket;
}
// Check the Authorization header
final String authorization = parameters.getRequest().getHeader(AUTHORIZATION_HEADER);
if (StringUtils.isEmpty(authorization))
{
throw new InvalidArgumentException("Authorization header is required.");
}
final String[] authorizationParts = authorization.split(" ");
if (!authorizationParts[0].equalsIgnoreCase("basic"))
{
throw new InvalidArgumentException("Authorization '" + authorizationParts[0] + "' not supported.");
}
final String decodedAuthorisation = new String(Base64.decode(authorizationParts[1]));
Authorization authObj = new Authorization(decodedAuthorisation);
if (!authObj.isTicket())
{
throw new InvalidArgumentException("Ticket base authentication required.");
}
return authObj.getTicket();
}
}

24
source/java/org/alfresco/rest/api/model/LoginTicket.java
View File

@@ -24,18 +24,18 @@ package org.alfresco.rest.api.model;
*/
public class LoginTicket
{
protected String username;
protected String userId;
protected String password;
protected String ticket;
protected String id;
public String getUsername()
public String getUserId()
{
return username;
return userId;
}
public void setUsername(String username)
public void setUserId(String userId)
{
this.username = username;
this.userId = userId;
}
public String getPassword()
@@ -48,23 +48,23 @@ public class LoginTicket
this.password = password;
}
public String getTicket()
public String getId()
{
return ticket;
return id;
}
public void setTicket(String ticket)
public void setId(String id)
{
this.ticket = ticket;
this.id = id;
}
@Override
public String toString()
{
final StringBuilder sb = new StringBuilder(150);
sb.append("LoginTicket [username=").append(username)
sb.append("LoginTicket [userId=").append(userId)
.append(", password=").append(password)
.append(", ticket=").append(ticket)
.append(", id=").append(id)
.append(']');
return sb.toString();
}

4
source/java/org/alfresco/rest/api/model/LoginTicketResponse.java
View File

@@ -46,9 +46,9 @@ public class LoginTicketResponse extends LoginTicket
public String toString()
{
final StringBuilder sb = new StringBuilder(150);
sb.append("LoginTicketResponse [username=").append(username)
sb.append("LoginTicketResponse [userId=").append(userId)
.append(", password=").append(password)
.append(", ticket=").append(ticket)
.append(", id=").append(id)
.append(']');
return sb.toString();
}