-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[ALS-4793] Initial impl for open access auth
- Loading branch information
Showing
5 changed files
with
146 additions
and
18 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
46 changes: 46 additions & 0 deletions
46
...-auth-services/src/main/java/edu/harvard/hms/dbmi/avillach/auth/rest/OpenAuthService.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
package edu.harvard.hms.dbmi.avillach.auth.rest; | ||
|
||
import edu.harvard.hms.dbmi.avillach.auth.service.auth.OpenAuthenticationService; | ||
import edu.harvard.hms.dbmi.avillach.auth.service.auth.AuthenticationService; | ||
import io.swagger.annotations.Api; | ||
import io.swagger.annotations.ApiOperation; | ||
import io.swagger.annotations.ApiParam; | ||
import org.slf4j.Logger; | ||
import org.slf4j.LoggerFactory; | ||
|
||
import javax.inject.Inject; | ||
import javax.ws.rs.Consumes; | ||
import javax.ws.rs.POST; | ||
import javax.ws.rs.Path; | ||
import javax.ws.rs.Produces; | ||
import javax.ws.rs.core.Context; | ||
import javax.ws.rs.core.Response; | ||
import javax.ws.rs.core.UriInfo; | ||
import java.util.Map; | ||
|
||
/** | ||
* <p>The authentication endpoint for PSAMA.</p> | ||
*/ | ||
@Api | ||
@Path("/open") | ||
@Consumes("application/json") | ||
@Produces("application/json") | ||
public class OpenAuthService { | ||
|
||
private final Logger logger = LoggerFactory.getLogger(this.getClass()); | ||
|
||
@Inject | ||
private OpenAuthenticationService openAuthenticationService; | ||
|
||
// I went with a new endpoint instead of setting a new idp_provider because open_access isn't really an idp_provider. | ||
// Secondly there was already a default authentication endpoint, so I didn't want to change that. | ||
@ApiOperation(value = "The authentication endpoint for retrieving a valid user token") | ||
@POST | ||
@Path("/authentication") | ||
public Response authentication(@Context UriInfo uriInfo, @ApiParam(required = true, value = "A json object that includes all Oauth authentication needs, for example, access_token and redirectURI") Map<String, String> authRequest) { | ||
logger.debug("authentication() starting..."); | ||
|
||
return openAuthenticationService.authenticate(uriInfo, authRequest); | ||
} | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -519,5 +519,4 @@ private void checkAssociation(List<User> users) throws ProtocolException{ | |
} | ||
} | ||
|
||
|
||
} |
57 changes: 57 additions & 0 deletions
57
.../main/java/edu/harvard/hms/dbmi/avillach/auth/service/auth/OpenAuthenticationService.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
package edu.harvard.hms.dbmi.avillach.auth.service.auth; | ||
|
||
import edu.harvard.dbmi.avillach.util.response.PICSUREResponse; | ||
import edu.harvard.hms.dbmi.avillach.auth.data.entity.User; | ||
import edu.harvard.hms.dbmi.avillach.auth.data.repository.UserRepository; | ||
import edu.harvard.hms.dbmi.avillach.auth.rest.UserService; | ||
import edu.harvard.hms.dbmi.avillach.auth.utils.AuthUtils; | ||
import org.slf4j.Logger; | ||
import org.slf4j.LoggerFactory; | ||
|
||
import javax.inject.Inject; | ||
import javax.ws.rs.core.Response; | ||
import javax.ws.rs.core.UriInfo; | ||
import java.util.HashMap; | ||
import java.util.Map; | ||
import java.util.UUID; | ||
|
||
public class OpenAuthenticationService { | ||
|
||
private final Logger logger = LoggerFactory.getLogger(OpenAuthenticationService.class); | ||
|
||
@Inject | ||
private UserRepository userRepository; | ||
|
||
@Inject | ||
AuthUtils authUtil; | ||
|
||
public Response authenticate(UriInfo uriInfo, Map<String, String> authRequest) { | ||
String userUUID = authRequest.get("UUID"); | ||
User current_user = null; | ||
|
||
if (userUUID == null || userUUID.isEmpty()) { | ||
UUID uuid = UUID.fromString(userUUID); | ||
|
||
// Get the user from the database | ||
current_user = userRepository.findByUUID(uuid); | ||
} | ||
|
||
|
||
if (current_user == null) { | ||
current_user = userRepository.createOpenAccessUser(); | ||
|
||
//clear some cache entries if we register a new login | ||
AuthorizationService.clearCache(current_user); | ||
UserService.clearCache(current_user); | ||
} | ||
|
||
HashMap<String, Object> claims = new HashMap<>(); | ||
claims.put("sub", current_user.getUuid().toString()); | ||
claims.put("email", current_user.getSubject()); | ||
HashMap<String, String> responseMap = authUtil.getUserProfileResponse(claims); | ||
|
||
logger.info("LOGIN SUCCESS ___ " + current_user.getEmail() + ":" + current_user.getUuid().toString() + " ___ Authorization will expire at ___ " + responseMap.get("expirationDate") + "___"); | ||
|
||
return PICSUREResponse.success(responseMap); | ||
} | ||
} |