1 package org
.argeo
.cms
.integration
;
3 import java
.io
.IOException
;
4 import java
.time
.ZonedDateTime
;
8 import javax
.security
.auth
.Subject
;
9 import javax
.security
.auth
.callback
.Callback
;
10 import javax
.security
.auth
.callback
.UnsupportedCallbackException
;
11 import javax
.security
.auth
.login
.LoginContext
;
12 import javax
.security
.auth
.login
.LoginException
;
13 import javax
.servlet
.ServletException
;
14 import javax
.servlet
.http
.HttpServlet
;
15 import javax
.servlet
.http
.HttpServletRequest
;
16 import javax
.servlet
.http
.HttpServletResponse
;
18 import org
.argeo
.api
.NodeConstants
;
19 import org
.argeo
.cms
.CmsUserManager
;
20 import org
.argeo
.cms
.auth
.HttpRequestCallback
;
21 import org
.argeo
.cms
.auth
.HttpRequestCallbackHandler
;
22 import org
.argeo
.naming
.NamingUtils
;
23 import org
.osgi
.service
.useradmin
.Authorization
;
25 import com
.fasterxml
.jackson
.core
.JsonGenerator
;
26 import com
.fasterxml
.jackson
.databind
.ObjectMapper
;
28 /** Provides access to tokens. */
29 public class CmsTokenServlet
extends HttpServlet
{
30 private static final long serialVersionUID
= 302918711430864140L;
32 public final static String PARAM_EXPIRY_DATE
= "expiryDate";
33 public final static String PARAM_TOKEN
= "token";
35 private final static int DEFAULT_HOURS
= 24;
37 private CmsUserManager userManager
;
38 private ObjectMapper objectMapper
= new ObjectMapper();
41 protected void doPost(HttpServletRequest request
, HttpServletResponse response
)
42 throws ServletException
, IOException
{
43 LoginContext lc
= null;
45 lc
= new LoginContext(NodeConstants
.LOGIN_CONTEXT_USER
, new HttpRequestCallbackHandler(request
, response
) {
46 public void handle(Callback
[] callbacks
) throws IOException
, UnsupportedCallbackException
{
47 for (Callback callback
: callbacks
) {
48 if (callback
instanceof HttpRequestCallback
) {
49 ((HttpRequestCallback
) callback
).setRequest(request
);
50 ((HttpRequestCallback
) callback
).setResponse(response
);
56 } catch (LoginException e
) {
61 Subject subject
= lc
.getSubject();
62 Authorization authorization
= extractFrom(subject
.getPrivateCredentials(Authorization
.class));
63 String token
= UUID
.randomUUID().toString();
64 String expiryDateStr
= request
.getParameter(PARAM_EXPIRY_DATE
);
65 ZonedDateTime expiryDate
;
66 if (expiryDateStr
!= null) {
67 expiryDate
= NamingUtils
.ldapDateToZonedDateTime(expiryDateStr
);
69 expiryDate
= ZonedDateTime
.now().plusHours(DEFAULT_HOURS
);
70 expiryDateStr
= NamingUtils
.instantToLdapDate(expiryDate
);
72 userManager
.addAuthToken(authorization
.getName(), token
, expiryDate
);
74 TokenDescriptor tokenDescriptor
= new TokenDescriptor();
75 tokenDescriptor
.setUsername(authorization
.getName());
76 tokenDescriptor
.setToken(token
);
77 tokenDescriptor
.setExpiryDate(expiryDateStr
);
78 // tokenDescriptor.setRoles(Collections.unmodifiableSortedSet(new TreeSet<>(Arrays.asList(roles))));
80 response
.setContentType("application/json");
81 JsonGenerator jg
= objectMapper
.getFactory().createGenerator(response
.getWriter());
82 jg
.writeObject(tokenDescriptor
);
83 } catch (Exception e
) {
84 new CmsExceptionsChain(e
).writeAsJson(objectMapper
, response
);
89 protected void doGet(HttpServletRequest req
, HttpServletResponse resp
) throws ServletException
, IOException
{
90 // temporarily wrap POST for ease of testing
95 protected void doDelete(HttpServletRequest req
, HttpServletResponse resp
) throws ServletException
, IOException
{
97 String token
= req
.getParameter(PARAM_TOKEN
);
98 userManager
.expireAuthToken(token
);
99 } catch (Exception e
) {
100 new CmsExceptionsChain(e
).writeAsJson(objectMapper
, resp
);
104 protected <T
> T
extractFrom(Set
<T
> creds
) {
105 if (creds
.size() > 0)
106 return creds
.iterator().next();
111 public void setUserManager(CmsUserManager userManager
) {
112 this.userManager
= userManager
;