diff options
author | Roberto E. Escobar | 2015-01-20 22:54:49 +0000 |
---|---|---|
committer | Roberto Escobar | 2015-01-23 20:58:18 +0000 |
commit | 781d04a3cef0301b06f041a0ed5afa34ac63e28a (patch) | |
tree | 85b52425eaa3585d798eb4686fb90460c7cba219 /plugins/org.eclipse.osee.jaxrs.server | |
parent | 665ea26f89c67007b4f732ef3cea7014e8fed126 (diff) | |
download | org.eclipse.osee-781d04a3cef0301b06f041a0ed5afa34ac63e28a.tar.gz org.eclipse.osee-781d04a3cef0301b06f041a0ed5afa34ac63e28a.tar.xz org.eclipse.osee-781d04a3cef0301b06f041a0ed5afa34ac63e28a.zip |
feature[ats_ATS98522]: Make SecurityContext serializable
Change-Id: Ica7126afffc632d662c45863b2839f7faca6a16d
Diffstat (limited to 'plugins/org.eclipse.osee.jaxrs.server')
4 files changed, 316 insertions, 59 deletions
diff --git a/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/OAuthUtil.java b/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/OAuthUtil.java index 16d02770c8d..4a7aac7f0cf 100644 --- a/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/OAuthUtil.java +++ b/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/OAuthUtil.java @@ -14,7 +14,6 @@ import java.io.UnsupportedEncodingException; import java.net.URI; import java.security.Principal; import java.util.ArrayList; -import java.util.Collection; import java.util.Collections; import java.util.HashMap; import java.util.LinkedHashSet; @@ -41,6 +40,7 @@ import org.eclipse.osee.framework.jdk.core.type.BaseIdentity; import org.eclipse.osee.framework.jdk.core.type.OseePrincipal; import org.eclipse.osee.framework.jdk.core.util.Strings; import org.eclipse.osee.jaxrs.server.internal.JaxRsUtils; +import org.eclipse.osee.jaxrs.server.internal.security.util.CustomSecurityContextImpl; /** * @author Roberto E. Escobar @@ -146,21 +146,7 @@ public final class OAuthUtil { } public static SecurityContext newSecurityContext(final OseePrincipal principal) { - return new SecurityContext() { - @Override - public boolean isUserInRole(String role) { - Collection<String> roles = principal.getRoles(); - if (roles == null) { - roles = Collections.emptyList(); - } - return roles.contains(role); - } - - @Override - public OseePrincipal getUserPrincipal() { - return principal; - } - }; + return new CustomSecurityContextImpl(principal); } private static final String SUBJECT_USERNAME = "username"; diff --git a/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/OseeOAuthContextProvider.java b/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/OseeOAuthContextProvider.java index 4ef3bbd2108..4c2ebaca36e 100644 --- a/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/OseeOAuthContextProvider.java +++ b/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/OseeOAuthContextProvider.java @@ -10,6 +10,7 @@ *******************************************************************************/ package org.eclipse.osee.jaxrs.server.internal.security.oauth2; +import java.security.Principal; import java.util.ArrayList; import java.util.Collections; import java.util.List; @@ -18,6 +19,7 @@ import org.apache.cxf.jaxrs.ext.ContextProvider; import org.apache.cxf.message.Message; import org.apache.cxf.rs.security.oauth2.common.OAuthPermission; import org.apache.cxf.rs.security.oauth2.common.UserSubject; +import org.apache.cxf.security.SecurityContext; import org.eclipse.osee.framework.jdk.core.type.BaseIdentity; import org.eclipse.osee.framework.jdk.core.type.OseeOAuthContext; import org.eclipse.osee.framework.jdk.core.type.OseePermission; @@ -35,64 +37,108 @@ public class OseeOAuthContextProvider implements ContextProvider<OseeOAuthContex org.apache.cxf.rs.security.oauth2.common.OAuthContext cxt = message.getContent(org.apache.cxf.rs.security.oauth2.common.OAuthContext.class); if (cxt != null) { - toReturn = new OAuthContextImpl(cxt); + toReturn = newOAuthContext(cxt); + } else { + SecurityContext sc = message.get(SecurityContext.class); + Principal userPrincipal = sc.getUserPrincipal(); + OseePrincipal owner = null; + if (userPrincipal instanceof OseePrincipal) { + owner = (OseePrincipal) userPrincipal; + } + toReturn = newOAuthContext(owner, null); } return toReturn; } - private static final class OAuthContextImpl implements OseeOAuthContext { + private static OseeOAuthContext newOAuthContext(final OseePrincipal owner, final OseePrincipal client) { + return new OseeOAuthContext() { - private final org.apache.cxf.rs.security.oauth2.common.OAuthContext ctx; + @Override + public OseePrincipal getOwner() { + return owner; + } - public OAuthContextImpl(org.apache.cxf.rs.security.oauth2.common.OAuthContext ctx) { - super(); - this.ctx = ctx; - } + @Override + public OseePrincipal getClient() { + return client; + } - @Override - public OseePrincipal getOwner() { - UserSubject subject = ctx.getSubject(); - return subject != null ? OAuthUtil.newOseePrincipal(subject) : null; - } + @Override + public String getTokenGrantType() { + return "N/A"; + } - @Override - public OseePrincipal getClient() { - UserSubject subject = ctx.getClientSubject(); - return subject != null ? OAuthUtil.newOseePrincipal(subject) : null; - } + @Override + public String getClientId() { + return "N/A"; + } - @Override - public List<OseePermission> getPermissions() { - List<OseePermission> perms = Collections.emptyList(); - List<OAuthPermission> permissions = ctx.getPermissions(); - if (permissions != null && !permissions.isEmpty()) { - perms = new ArrayList<OseePermission>(); - for (OAuthPermission permission : permissions) { - perms.add(newPermission(permission)); + @Override + public String getTokenKey() { + return "N/A"; + } + + @Override + public String getTokenAudience() { + return "N/A"; + } + + @Override + public List<OseePermission> getPermissions() { + return Collections.emptyList(); + } + + }; + } + + private static OseeOAuthContext newOAuthContext(final org.apache.cxf.rs.security.oauth2.common.OAuthContext ctx) { + return new OseeOAuthContext() { + + @Override + public OseePrincipal getOwner() { + UserSubject subject = ctx.getSubject(); + return subject != null ? OAuthUtil.newOseePrincipal(subject) : null; + } + + @Override + public OseePrincipal getClient() { + UserSubject subject = ctx.getClientSubject(); + return subject != null ? OAuthUtil.newOseePrincipal(subject) : null; + } + + @Override + public List<OseePermission> getPermissions() { + List<OseePermission> perms = Collections.emptyList(); + List<OAuthPermission> permissions = ctx.getPermissions(); + if (permissions != null && !permissions.isEmpty()) { + perms = new ArrayList<OseePermission>(); + for (OAuthPermission permission : permissions) { + perms.add(newPermission(permission)); + } } + return perms; } - return perms; - } - @Override - public String getTokenGrantType() { - return ctx.getTokenGrantType(); - } + @Override + public String getTokenGrantType() { + return ctx.getTokenGrantType(); + } - @Override - public String getClientId() { - return ctx.getClientId(); - } + @Override + public String getClientId() { + return ctx.getClientId(); + } - @Override - public String getTokenKey() { - return ctx.getTokenKey(); - } + @Override + public String getTokenKey() { + return ctx.getTokenKey(); + } - @Override - public String getTokenAudience() { - return ctx.getTokenAudience(); - } + @Override + public String getTokenAudience() { + return ctx.getTokenAudience(); + } + }; } private static OseePermission newPermission(OAuthPermission permission) { diff --git a/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/util/CustomSecurityContextImpl.java b/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/util/CustomSecurityContextImpl.java new file mode 100644 index 00000000000..f66bace8001 --- /dev/null +++ b/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/util/CustomSecurityContextImpl.java @@ -0,0 +1,135 @@ +/******************************************************************************* + * Copyright (c) 2015 Boeing. + * All rights reserved. This program and the accompanying materials + * are made available under the terms of the Eclipse Public License v1.0 + * which accompanies this distribution, and is available at + * http://www.eclipse.org/legal/epl-v10.html + * + * Contributors: + * Boeing - initial API and implementation + *******************************************************************************/ +package org.eclipse.osee.jaxrs.server.internal.security.util; + +import java.io.IOException; +import java.io.Serializable; +import java.util.Collection; +import java.util.Collections; +import java.util.LinkedHashMap; +import java.util.LinkedHashSet; +import java.util.Map; +import java.util.Set; +import org.apache.cxf.security.SecurityContext; +import org.eclipse.osee.framework.jdk.core.type.OseePrincipal; +import org.eclipse.osee.framework.jdk.core.util.Strings; + +/** + * @author Roberto E. Escobar + */ +public class CustomSecurityContextImpl implements SecurityContext, Serializable { + + private static final long serialVersionUID = -8643469202637719566L; + private OseePrincipal principal; + + public CustomSecurityContextImpl(OseePrincipal principal) { + super(); + this.principal = principal; + } + + @Override + public boolean isUserInRole(String role) { + Collection<String> roles = principal.getRoles(); + if (roles == null) { + roles = Collections.emptyList(); + } + return roles.contains(role); + } + + @Override + public OseePrincipal getUserPrincipal() { + return principal; + } + + private void writeObject(java.io.ObjectOutputStream out) throws IOException { + out.writeLong(principal.getGuid()); + writeString(out, principal.getDisplayName()); + writeString(out, principal.getEmailAddress()); + writeString(out, principal.getLogin()); + writeString(out, principal.getName()); + writeString(out, principal.getUserName()); + out.writeBoolean(principal.isActive()); + out.writeBoolean(principal.isAuthenticated()); + writeRoles(out, principal.getRoles()); + writeProps(out, principal.getProperties()); + } + + private void writeString(java.io.ObjectOutputStream out, String value) throws IOException { + if (value != null) { + out.writeObject(value); + } else { + out.writeObject(""); + } + } + + private void readObject(java.io.ObjectInputStream in) throws IOException { + Long uuid = in.readLong(); + String displayName = in.readUTF(); + String email = in.readUTF(); + String login = in.readUTF(); + String name = in.readUTF(); + String username = in.readUTF(); + boolean active = in.readBoolean(); + boolean authenticated = in.readBoolean(); + Set<String> roles = readRoles(in); + Map<String, String> props = readProps(in); + principal = + new OseePrincipalImpl(uuid, displayName, email, login, name, username, active, authenticated, roles, props); + } + + private void writeRoles(java.io.ObjectOutputStream out, Set<String> roles) throws IOException { + writeString(out, org.eclipse.osee.framework.jdk.core.util.Collections.toString(",", roles)); + } + + private Set<String> readRoles(java.io.ObjectInputStream in) throws IOException { + Set<String> roles; + String allRoles = in.readUTF(); + if (Strings.isValid(allRoles)) { + roles = new LinkedHashSet<String>(); + for (String role : allRoles.split(",")) { + roles.add(role); + } + } else { + roles = java.util.Collections.emptySet(); + } + return roles; + } + + private void writeProps(java.io.ObjectOutputStream out, Map<String, String> props) throws IOException { + String value = props.toString(); + if (!value.equals("[]")) { + value = value.substring(1, value.length() - 1); + out.writeUTF(value); + } else { + out.writeUTF(""); + } + } + + private Map<String, String> readProps(java.io.ObjectInputStream in) throws IOException { + Map<String, String> props; + String allProps = in.readUTF(); + if (Strings.isValid(allProps)) { + props = new LinkedHashMap<String, String>(); + String key = null; + for (String value : allProps.split(",")) { + if (key == null) { + key = value; + } else { + props.put(key, value); + key = null; + } + } + } else { + props = Collections.emptyMap(); + } + return props; + } +}
\ No newline at end of file diff --git a/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/util/OseePrincipalImpl.java b/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/util/OseePrincipalImpl.java new file mode 100644 index 00000000000..52a0d0285c5 --- /dev/null +++ b/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/util/OseePrincipalImpl.java @@ -0,0 +1,90 @@ +/******************************************************************************* + * Copyright (c) 2015 Boeing. + * All rights reserved. This program and the accompanying materials + * are made available under the terms of the Eclipse Public License v1.0 + * which accompanies this distribution, and is available at + * http://www.eclipse.org/legal/epl-v10.html + * + * Contributors: + * Boeing - initial API and implementation + *******************************************************************************/ +package org.eclipse.osee.jaxrs.server.internal.security.util; + +import java.util.Map; +import java.util.Set; +import org.eclipse.osee.framework.jdk.core.type.BaseIdentity; +import org.eclipse.osee.framework.jdk.core.type.OseePrincipal; + +/** + * @author Roberto E. Escobar + */ +public class OseePrincipalImpl extends BaseIdentity<Long> implements OseePrincipal { + + private final String displayName; + private final String email; + private final String login; + private final String name; + private final String username; + private final boolean active; + private final boolean authenticated; + private final Set<String> roles; + private final Map<String, String> props; + + public OseePrincipalImpl(Long uuid, String displayName, String email, String login, String name, String username, boolean active, boolean authenticated, Set<String> roles, Map<String, String> props) { + super(uuid); + this.displayName = displayName; + this.email = email; + this.login = login; + this.name = name; + this.username = username; + this.active = active; + this.authenticated = authenticated; + this.roles = roles; + this.props = props; + } + + @Override + public String getName() { + return name; + } + + @Override + public String getLogin() { + return login; + } + + @Override + public Set<String> getRoles() { + return roles; + } + + @Override + public String getDisplayName() { + return displayName; + } + + @Override + public String getUserName() { + return username; + } + + @Override + public String getEmailAddress() { + return email; + } + + @Override + public boolean isActive() { + return active; + } + + @Override + public boolean isAuthenticated() { + return authenticated; + } + + @Override + public Map<String, String> getProperties() { + return props; + } +} |