kangaroo-and-rabbit/karso
1
0
Fork 0
Code Issues Pull Requests Packages Projects 1 Releases Activity

[DEV] update get tocken

Browse Source
This commit is contained in:
Edouard DUPIN 2023-11-23 21:53:37 +01:00
parent a135ff746d
commit caa3ccba33
3 changed files with 67 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
back/src/org/kar/karso/WebLauncher.java
View File

@ -88,7 +88,7 @@ public class WebLauncher {
WebLauncher.LOGGER.info("Add migration since last version");
// NOTHING for now
WebLauncher.LOGGER.info("Migrate the DB [START]");
migrationEngine.migrate(GlobalConfiguration.dbConfig);
migrationEngine.migrateErrorThrow(GlobalConfiguration.dbConfig);
WebLauncher.LOGGER.info("Migrate the DB [STOP]");
}

72
back/src/org/kar/karso/api/UserResource.java
View File

@ -50,26 +50,26 @@ import jakarta.ws.rs.core.SecurityContext;
@Produces(MediaType.APPLICATION_JSON)
public class UserResource {
final Logger logger = LoggerFactory.getLogger(UserResource.class);
@JsonInclude(JsonInclude.Include.NON_NULL)
public class UserOut {
public long id;
public String login;
public UserOut(final long id, final String login) {
this.id = id;
this.login = login;
}
}
public UserResource() {}
}
public UserResource() {}
@GET
@RolesAllowed("ADMIN")
public List<UserAuthGet> getUsers() throws Exception {
return DataAccess.gets(UserAuthGet.class);
}
@GET
@Path("{id}")
@RolesAllowed("ADMIN")
@ -77,7 +77,7 @@ public class UserResource {
//GenericContext gc = (GenericContext) sc.getUserPrincipal();
return DataAccess.get(UserAuthGet.class, userId);
}
@POST
@Path("{userId}/application/{applicationId}/link")
@RolesAllowed("ADMIN")
@ -91,14 +91,14 @@ public class UserResource {
}
return DataAccess.get(UserAuth.class, userId);
}
@GET
@Path("{userId}/application/{applicationId}/rights")
@RolesAllowed("ADMIN")
public Map<String, Object> getApplicationRight(@Context final SecurityContext sc, @PathParam("userId") final long userId, @PathParam("applicationId") final long applicationId) throws Exception {
return RightResource.getUserRight(userId, applicationId);
}
@PUT
@Path("{userId}/application/{applicationId}/rights")
@RolesAllowed("ADMIN")
@ -108,7 +108,7 @@ public class UserResource {
RightResource.updateUserRight(userId, applicationId, data);
return RightResource.getUserRight(userId, applicationId);
}
// TODO: check this it might be deprecated ...
@POST
@Path("{id}/set_admin")
@ -122,7 +122,7 @@ public class UserResource {
}
return Response.ok("{}").build();
}
@POST
@Path("{id}/set_blocked")
@RolesAllowed("ADMIN")
@ -135,7 +135,7 @@ public class UserResource {
}
return Response.ok("{}").build();
}
@POST
@Path("create_new_user")
@RolesAllowed("ADMIN")
@ -146,17 +146,17 @@ public class UserResource {
throw new InputException("login", "Authentiocate-method-error (login too small: '" + user.login + "')");
}
// TODO: check login format
if (user.email == null || user.email.length() < 6) {
throw new InputException("email", "Authentiocate-method-error (email too small: '" + user.email + "')");
}
// TODO: check email format
if (user.password == null || user.password.length() != 128) {
throw new InputException("password", "null password, or wrong hash size");
}
// TODO: verify if the data are a hash ...
// Check login does not exist
List<UserAuth> out = DataAccess.getsWhere(UserAuth.class, new QueryCondition("login", "=", user.login));
if (out.size() >= 1) {
@ -167,7 +167,7 @@ public class UserResource {
if (out.size() >= 1) {
throw new FailException(Response.Status.BAD_REQUEST, "e-mail already used !!!");
}
// Add new user and return formated dat.
final UserAuth newUser = new UserAuth();
newUser.admin = false;
@ -182,7 +182,7 @@ public class UserResource {
this.logger.debug("create new user done with id=={}", tmp.id);
return DataAccess.get(UserAuthGet.class, tmp.id);
}
@GET
@Path("me")
@RolesAllowed("USER")
@ -192,7 +192,7 @@ public class UserResource {
this.logger.debug("== USER ? {}", gc.userByToken);
return new UserOut(gc.userByToken.id, gc.userByToken.name);
}
@POST
@Path("password")
@RolesAllowed("USER")
@ -200,7 +200,7 @@ public class UserResource {
this.logger.debug("ChangePassword()");
final GenericContext gc = (GenericContext) sc.getUserPrincipal();
this.logger.debug("== USER ? {}", gc.userByToken);
if (data == null) {
throw new InputException("data", "No data set...");
}
@ -216,24 +216,24 @@ public class UserResource {
DataAccess.update(user, user.id, List.of("password"));
return Response.status(Response.Status.OK).build();
}
/*
@GET
@Path("validipass")
@PermitAll
public Response validatePasswordFromEMail(@QueryParam("uuid") String uuid, @QueryParam("securityId") String securityId) {
// Validate new password if OK
// clear the passwordChange, passwordValidation fields
// send an e-mail to confirm the new password has been set.
return Response.status(500).build();
}
*/
@GET
@Path("/check_login")
@PermitAll
@ -245,7 +245,7 @@ public class UserResource {
}
throw new NotFoundException("User does not exist: '" + login + "'");
}
// TODO: add an application TOKEN and permit only 50 requested (maybe add an option to disable it).
@GET
@Path("/check_email")
@ -258,7 +258,7 @@ public class UserResource {
}
throw new NotFoundException("emain does not exist: '" + email + "'");
}
private UserAuth checkAuthUser(final String method, final String login, final String time, final String password) throws Exception {
// check good version:
if (!"v1".contentEquals(method)) {
@ -277,7 +277,7 @@ public class UserResource {
query = "email";
}
final UserAuth user = DataAccess.getWhere(UserAuth.class, new QueryCondition(query, "=", login));
if (user == null) {
throw new FailException(Response.Status.PRECONDITION_FAILED, "FAIL Authentiocate-wrong email/login '" + login + "')");
}
@ -292,7 +292,7 @@ public class UserResource {
}
return user;
}
@POST
@Path("/get_token")
@PermitAll
@ -303,7 +303,7 @@ public class UserResource {
// at the point the user has been not deleted and not blocked.
// this authentication is valid only for Karso ==> not for the application
final int expirationTimeInMinutes = ConfigVariable.getAuthExpirationTime();
// Get the USER Right (Note: by construction KARSO have application ID = KARSO_INITIALISATION_ID
final Map<String, Object> ssoRight = RightResource.getUserRight(user.id, Initialization.KARSO_INITIALISATION_ID);
if (!ssoRight.containsKey("USER")) {
@ -317,16 +317,16 @@ public class UserResource {
outRight.put(applicationName, ssoRight);
// TODO: maybe correct this get of TTL...
final String ret = JWTWrapper.generateJWToken(user.id, user.login, "KarAuth", applicationName, outRight, expirationTimeInMinutes);
// Update last connection:
final UserAuth newUser = new UserAuth();
newUser.lastConnection = Timestamp.valueOf(LocalDateTime.now());
DataAccess.update(newUser, user.id, List.of("lastConnection"));
//logger.debug(" ==> generate token: {}", ret);
return new GetToken(ret);
}
public static String bytesToHex(final byte[] bytes) {
final StringBuilder sb = new StringBuilder();
for (final byte b : bytes) {
@ -334,7 +334,7 @@ public class UserResource {
}
return sb.toString();
}
public String getSHA512(final String passwordToHash) {
try {
final MessageDigest md = MessageDigest.getInstance("SHA-512");
@ -345,5 +345,5 @@ public class UserResource {
}
return null;
}
}

58
back/src/org/kar/karso/model/DataGetToken.java
View File

@ -4,38 +4,40 @@ import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
public record DataGetToken(String login,
String method,
String time,
String password
) {
public record DataGetToken(
String login,
String method,
String time,
String password) {
/*public DataGetToken(String login, String method,
String time,
String password) {
String time,
String password) {
this(login, method, time, password);
}*/
public static String sha512(final String passwordToHash) { //, String salt){
String generatedPassword = null;
try {
final MessageDigest md = MessageDigest.getInstance("SHA-512");
//md.update(salt.getBytes(StandardCharsets.UTF_8));
final byte[] bytes = md.digest(passwordToHash.getBytes(StandardCharsets.UTF_8));
final StringBuilder sb = new StringBuilder();
for (final byte element : bytes) {
sb.append(Integer.toString((element & 0xff) + 0x100, 16).substring(1));
}
generatedPassword = sb.toString();
} catch (final NoSuchAlgorithmException e) {
e.printStackTrace();
}
return generatedPassword;
}
public static String sha512(String passwordToHash) { //, String salt){
String generatedPassword = null;
try {
MessageDigest md = MessageDigest.getInstance("SHA-512");
//md.update(salt.getBytes(StandardCharsets.UTF_8));
byte[] bytes = md.digest(passwordToHash.getBytes(StandardCharsets.UTF_8));
StringBuilder sb = new StringBuilder();
for(int i=0; i< bytes.length ;i++){
sb.append(Integer.toString((bytes[i] & 0xff) + 0x100, 16).substring(1));
}
generatedPassword = sb.toString();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
return generatedPassword;
public static DataGetToken generate(final String login, final String method, final String time, final String password) {
return generateSha(login, method, time, sha512(password));
}
public static DataGetToken generate(String login, String method, String time, String password) {
return generateSha(login, method , time , sha512(password));
}
public static DataGetToken generateSha(String login, String method, String time, String password) {
return new DataGetToken(login, method , time , sha512("login='" + login + "';pass='" + password + "';date='" + time + "'"));
public static DataGetToken generateSha(final String login, final String method, final String time, final String password) {
return new DataGetToken(login, method, time, sha512("login='" + login + "';pass='" + password + "';date='" + time + "'"));
}
}