diff --git a/src/org/kar/archidata/dataAccess/addOn/AddOnSQLTableExternalForeinKeyAsList.java b/src/org/kar/archidata/dataAccess/addOn/AddOnSQLTableExternalForeinKeyAsList.java index 4b52fb8..603fed9 100644 --- a/src/org/kar/archidata/dataAccess/addOn/AddOnSQLTableExternalForeinKeyAsList.java +++ b/src/org/kar/archidata/dataAccess/addOn/AddOnSQLTableExternalForeinKeyAsList.java @@ -26,7 +26,7 @@ import jakarta.validation.constraints.NotNull; public class AddOnSQLTableExternalForeinKeyAsList implements DataAccessAddOn { static final Logger LOGGER = LoggerFactory.getLogger(AddOnManyToMany.class); static final String SEPARATOR = "-"; - + /** Convert the list if external id in a string '-' separated * @param ids List of value (null are removed) * @return '-' string separated */ @@ -34,12 +34,12 @@ public class AddOnSQLTableExternalForeinKeyAsList implements DataAccessAddOn { final List tmp = new ArrayList<>(ids); return tmp.stream().map(String::valueOf).collect(Collectors.joining(SEPARATOR)); } - + @Override public Class getAnnotationClass() { return SQLTableExternalForeinKeyAsList.class; } - + @Override public String getSQLFieldType(final Field field) throws Exception { final String fieldName = AnnotationTools.getFieldName(field); @@ -51,13 +51,13 @@ public class AddOnSQLTableExternalForeinKeyAsList implements DataAccessAddOn { } return null; } - + @Override public boolean isCompatibleField(final Field field) { final SQLTableExternalForeinKeyAsList decorators = field.getDeclaredAnnotation(SQLTableExternalForeinKeyAsList.class); return decorators != null; } - + @Override public void insertData(final PreparedStatement ps, final Field field, final Object rootObject, final CountInOut iii) throws SQLException, IllegalArgumentException, IllegalAccessException { final Object data = field.get(rootObject); @@ -70,22 +70,22 @@ public class AddOnSQLTableExternalForeinKeyAsList implements DataAccessAddOn { ps.setString(iii.value, dataTmp); } } - + @Override public boolean canInsert(final Field field) { return false; } - + @Override public boolean isInsertAsync(final Field field) throws Exception { return false; } - + @Override public boolean canRetrieve(final Field field) { return true; } - + @Override public void generateQuerry(@NotNull final String tableName, @NotNull final Field field, @NotNull final StringBuilder querrySelect, @NotNull final StringBuilder querry, @NotNull final String name, @NotNull final CountInOut elemCount, final QueryOptions options) { @@ -95,7 +95,7 @@ public class AddOnSQLTableExternalForeinKeyAsList implements DataAccessAddOn { querrySelect.append("."); querrySelect.append(name); } - + @Override public void fillFromQuerry(final ResultSet rs, final Field field, final Object data, final CountInOut count, final QueryOptions options, final List lazyCall) throws SQLException, IllegalArgumentException, IllegalAccessException { @@ -103,12 +103,12 @@ public class AddOnSQLTableExternalForeinKeyAsList implements DataAccessAddOn { field.set(data, idList); count.inc(); } - + @Override public void createTables(final String tableName, final Field field, final StringBuilder mainTableBuilder, final List preActionList, final List postActionList, final boolean createIfNotExist, final boolean createDrop, final int fieldId) throws Exception { // TODO Auto-generated method stub - + DataFactory.createTablesSpecificType(tableName, field, mainTableBuilder, preActionList, postActionList, createIfNotExist, createDrop, fieldId, String.class); } } diff --git a/src/org/kar/archidata/filter/AuthenticationFilter.java b/src/org/kar/archidata/filter/AuthenticationFilter.java index a888698..95be39d 100644 --- a/src/org/kar/archidata/filter/AuthenticationFilter.java +++ b/src/org/kar/archidata/filter/AuthenticationFilter.java @@ -42,14 +42,14 @@ public class AuthenticationFilter implements ContainerRequestFilter { @Context private ResourceInfo resourceInfo; protected final String applicationName; - + public static final String AUTHENTICATION_SCHEME = "Bearer"; public static final String APIKEY = "ApiKey"; - + public AuthenticationFilter(final String applicationName) { this.applicationName = applicationName; } - + @Override public void filter(final ContainerRequestContext requestContext) throws IOException { /* logger.debug("-----------------------------------------------------"); logger.debug("---- Check if have authorization ----"); @@ -61,7 +61,7 @@ public class AuthenticationFilter implements ContainerRequestFilter { abortWithForbidden(requestContext, "Access blocked !!!"); return; } - + // Access allowed for all if (method.isAnnotationPresent(PermitAll.class)) { // logger.debug(" ==> permit all " + requestContext.getUriInfo().getPath()); @@ -74,7 +74,7 @@ public class AuthenticationFilter implements ContainerRequestFilter { abortWithForbidden(requestContext, "Access ILLEGAL !!!"); return; } - + // Get the Authorization header from the request String authorizationHeader = requestContext.getHeaderString(HttpHeaders.AUTHORIZATION); String apikeyHeader = requestContext.getHeaderString(APIKEY); @@ -129,7 +129,7 @@ public class AuthenticationFilter implements ContainerRequestFilter { abortWithUnauthorized(requestContext, "get a NULL application ..."); return; } - + } // create the security context model: final String scheme = requestContext.getUriInfo().getRequestUri().getScheme(); @@ -154,16 +154,16 @@ public class AuthenticationFilter implements ContainerRequestFilter { requestContext.setSecurityContext(userContext); // logger.debug("Get local user : {} / {}", user, userByToken); } - + private boolean isTokenBasedAuthentication(final String authorizationHeader) { // Check if the Authorization header is valid // It must not be null and must be prefixed with "Bearer" plus a whitespace // The authentication scheme comparison must be case-insensitive return authorizationHeader != null && authorizationHeader.toLowerCase().startsWith(AUTHENTICATION_SCHEME.toLowerCase() + " "); } - + private void abortWithUnauthorized(final ContainerRequestContext requestContext, final String message) { - + // Abort the filter chain with a 401 status code response // The WWW-Authenticate header is sent along with the response LOGGER.warn("abortWithUnauthorized:"); @@ -172,18 +172,18 @@ public class AuthenticationFilter implements ContainerRequestFilter { requestContext.abortWith(Response.status(ret.status).header(HttpHeaders.WWW_AUTHENTICATE, AUTHENTICATION_SCHEME + " base64(HEADER).base64(CONTENT).base64(KEY)").entity(ret) .type(MediaType.APPLICATION_JSON).build()); } - + private void abortWithForbidden(final ContainerRequestContext requestContext, final String message) { final RestErrorResponse ret = new RestErrorResponse(Response.Status.FORBIDDEN, "FORBIDDEN", message); LOGGER.error("Error UUID={}", ret.uuid); requestContext.abortWith(Response.status(ret.status).header(HttpHeaders.WWW_AUTHENTICATE, message).entity(ret).type(MediaType.APPLICATION_JSON).build()); } - + protected UserByToken validateToken(final String authorization) throws Exception { LOGGER.info("Must be Override by the application implmentation, otherwise it dose not work"); return null; } - + // must be override to be good implementation protected UserByToken validateJwtToken(final String authorization) throws Exception { // logger.debug(" validate token : " + authorization); diff --git a/src/org/kar/archidata/tools/JWTWrapper.java b/src/org/kar/archidata/tools/JWTWrapper.java index a209c1d..ad4ac6e 100644 --- a/src/org/kar/archidata/tools/JWTWrapper.java +++ b/src/org/kar/archidata/tools/JWTWrapper.java @@ -34,7 +34,7 @@ import com.nimbusds.jwt.SignedJWT; class TestSigner implements JWSSigner { public static String test_signature = "TEST_SIGNATURE_FOR_LOCAL_TEST_AND_TEST_E2E"; - + /** Signs the specified {@link JWSObject#getSigningInput input} of a {@link JWSObject JWS object}. * * @param header The JSON Web Signature (JWS) header. Must specify a supported JWS algorithm and must not be {@code null}. @@ -48,13 +48,13 @@ class TestSigner implements JWSSigner { public Base64URL sign(final JWSHeader header, final byte[] signingInput) throws JOSEException { return new Base64URL(test_signature); } - + @Override public Set supportedJWSAlgorithms() { // TODO Auto-generated method stub return Set.of(JWSAlgorithm.RS256); } - + @Override public JCAContext getJCAContext() { // TODO Auto-generated method stub @@ -64,20 +64,20 @@ class TestSigner implements JWSSigner { public class JWTWrapper { static final Logger LOGGER = LoggerFactory.getLogger(JWTWrapper.class); - + private static RSAKey rsaJWK = null; private static RSAKey rsaPublicJWK = null; - + public static class PublicKey { public String key; - + public PublicKey(final String key) { this.key = key; } - + public PublicKey() {} } - + public static void initLocalTokenRemote(final String ssoUri, final String application) throws IOException, ParseException { // check Token: final URL obj = new URL(ssoUri + "public_key"); @@ -93,11 +93,11 @@ public class JWTWrapper { con.setRequestProperty(AuthenticationFilter.APIKEY, ssoToken); } final int responseCode = con.getResponseCode(); - + // LOGGER.debug("GET Response Code :: {}", responseCode); if (responseCode == HttpURLConnection.HTTP_OK) { // success final BufferedReader in = new BufferedReader(new InputStreamReader(con.getInputStream())); - + String inputLine; final StringBuffer response = new StringBuffer(); while ((inputLine = in.readLine()) != null) { @@ -113,7 +113,7 @@ public class JWTWrapper { } LOGGER.debug("GET JWT validator token not worked response code {} from {} ", responseCode, obj); } - + public static void initLocalToken(final String baseUUID) throws Exception { // RSA signatures require a public and private RSA key pair, the public key // must be made known to the JWS recipient in order to verify the signatures @@ -137,7 +137,7 @@ public class JWTWrapper { rsaPublicJWK = null; } } - + public static void initValidateToken(final String publicKey) { try { rsaPublicJWK = RSAKey.parse(publicKey); @@ -145,16 +145,16 @@ public class JWTWrapper { e.printStackTrace(); LOGGER.debug("Can not retrieve public Key !!!!!!!! RSAKey='{}'", publicKey); } - + } - + public static String getPublicKeyJson() { if (rsaPublicJWK == null) { return null; } return rsaPublicJWK.toJSONString(); } - + public static java.security.interfaces.RSAPublicKey getPublicKeyJava() throws JOSEException { if (rsaPublicJWK == null) { return null; @@ -162,7 +162,7 @@ public class JWTWrapper { // Convert back to std Java interface return rsaPublicJWK.toRSAPublicKey(); } - + /** Create a token with the provided elements * @param userID UniqueId of the USER (global unique ID) * @param userLogin Login of the user (never change) @@ -179,12 +179,12 @@ public class JWTWrapper { try { // Create RSA-signer with the private key final JWSSigner signer = new RSASSASigner(rsaJWK); - + LOGGER.warn("timeOutInMunites= {}", timeOutInMunites); final Date now = new Date(); LOGGER.warn("now = {}", now); final Date expiration = new Date(new Date().getTime() - 60 * timeOutInMunites * 1000 /* millisecond */); - + LOGGER.warn("expiration= {}", expiration); final JWTClaimsSet.Builder builder = new JWTClaimsSet.Builder().subject(Long.toString(userID)).claim("login", userLogin).claim("application", application).issuer(isuer).issueTime(now) .expirationTime(expiration); // Do not ask why we need a "-" here ... this have no meaning @@ -195,7 +195,7 @@ public class JWTWrapper { // Prepare JWT with claims set final JWTClaimsSet claimsSet = builder.build(); final SignedJWT signedJWT = new SignedJWT(new JWSHeader.Builder(JWSAlgorithm.RS256).type(JOSEObjectType.JWT)/* .keyID(rsaJWK.getKeyID()) */.build(), claimsSet); - + // Compute the RSA signature signedJWT.sign(signer); // serialize the output... @@ -205,7 +205,7 @@ public class JWTWrapper { } return null; } - + public static JWTClaimsSet validateToken(final String signedToken, final String isuer, final String application) { try { // On the consumer side, parse the JWS and verify its RSA signature @@ -250,7 +250,7 @@ public class JWTWrapper { } return null; } - + public static String createJwtTestToken(final long userID, final String userLogin, final String isuer, final String application, final Map> rights) { if (!ConfigBaseVariable.getTestMode()) { LOGGER.error("Test mode disable !!!!!"); @@ -258,10 +258,10 @@ public class JWTWrapper { } try { final int timeOutInMunites = 3600; - + final Date now = new Date(); final Date expiration = new Date(new Date().getTime() + timeOutInMunites * 1000 /* ms */); - + final JWTClaimsSet.Builder builder = new JWTClaimsSet.Builder().subject(Long.toString(userID)).claim("login", userLogin).claim("application", application).issuer(isuer).issueTime(now) .expirationTime(expiration); // Do not ask why we need a "-" here ... this have no meaning // add right if needed: @@ -271,10 +271,10 @@ public class JWTWrapper { // Prepare JWT with claims set final JWTClaimsSet claimsSet = builder.build(); final SignedJWT signedJWT = new SignedJWT(new JWSHeader.Builder(JWSAlgorithm.RS256).type(JOSEObjectType.JWT)/* .keyID(rsaJWK.getKeyID()) */.build(), claimsSet); - + // Compute the RSA signature signedJWT.sign(new TestSigner()); - + // serialize the output... return signedJWT.serialize(); } catch (final Exception ex) {