Package com.alu.e3.common.camel

Examples of com.alu.e3.common.camel.AuthReport

223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
  }

  @Override
  public AuthReport checkOAuthAllowed(Api api, String clientId, String clientSecret) {
   
    AuthReport authReport = new AuthReport();
    if(logger.isDebugEnabled()) {
      logger.debug("Lookup if clientId:clientSecret: " + clientId+":"+clientSecret + " is associated with appId:" + api.getId());
    }
   
    String appId = findString(api.getId(), clientId+":"+clientSecret);
   
    if(appId != null) {
     
      AuthIdentityHelper authIdentityHelper = new AuthIdentityHelper();
     
      authIdentityHelper.setApi(api.getId());
      authIdentityHelper.setAppId(appId);
      authIdentityHelper.setOAuth(clientId, clientSecret);
     
      authReport.setAuthIdentity( authIdentityHelper.getAuthIdentity());
      authReport.setApiActive(true);
     
    } else {
      authReport.setNotAuthorized(true);
    }
   
    return authReport;
  }
View Full Code Here
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
  }
 
  @Override
  public AuthReport checkAllowed(Exchange exchange, Api api) {
   
    AuthReport authReport = new AuthReport();
   
    String authHeader = (String) exchange.getIn().getHeader("Authorization");
   
    if(authHeader != null){
      String[] chunks = authHeader.split(" ");
     
      // Only expect two parts: the auth scheme and the user/pass encoding
      if(chunks.length == 2){
        String scheme = chunks[0];
        if("Basic".equalsIgnoreCase(scheme)){
          String base64 = chunks[1];
          String decoded = new String(Base64.decodeBase64(base64.getBytes()));
          chunks = decoded.split(":");
          if(chunks.length >= 2){
            String user = chunks[0];
            String pass = chunks[1];
            // Checks if the user is allowed to use this service
            authReport = dataAccess.checkAllowed(api, user, pass);
          }
          else{
            if(logger.isDebugEnabled()) {
              logger.debug("Unable to decode user/pass");
            }
            authReport.setBadRequest(true);
          }
        }
        else{
          if(logger.isDebugEnabled()) {
            logger.debug("Auth scheme not Basic ("+scheme+"). Cannot authenticate request");
          }
          authReport.setBadRequest(true);
        }
      }
      else{
        if(logger.isDebugEnabled()) {
          logger.debug("Improperly formed authorization header:"+authHeader);
        }
        authReport.setBadRequest(true);
      }
    }
    else{
      if(logger.isDebugEnabled()) {
        logger.debug("Http Basic Authentication Header is missing");
      }
      authReport.setBadRequest(true);
    }
   
    return authReport;
  }
View Full Code Here
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
  }

  @Override
  public AuthReport checkAllowed(Exchange exchange, Api api) {
   
    AuthReport authReport = new AuthReport();
    
    if(logger.isDebugEnabled()) {
      logger.debug("Hit the IpWhitelistExecutor.isAllowed");
    }
   
    // magic Jetty stuff
    HttpServletRequest request = (HttpServletRequest) exchange.getIn().getHeader(Exchange.HTTP_SERVLET_REQUEST);
   
    if(request != null) {
      //retrieve the real IP adress from the request
      String remoteAddr = CommonTools.remoteAddr(request);
         
          CanonicalizedIpAddress ip = new CanonicalizedIpAddress(remoteAddr);
      authReport = dataAccess.checkAllowed(api, ip);
    } else {
      authReport.setBadRequest(true);
    }
     
    return authReport;
  }
View Full Code Here
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
  }
 
  @Override
  public AuthReport checkAllowed(Exchange exchange, Api api) {
   
    AuthReport authReport = new AuthReport();
    Object keyObj = null;
   
    Map<?, ?> parameters = exchange.getProperty(ExchangeConstantKeys.E3_REQUEST_PARAMETERS.toString(), Map.class);
    if (parameters == null) {
      if(logger.isDebugEnabled()) {
        logger.debug("Request parameters not set");
      }
      authReport.setBadRequest(true);
    } else {
   
      keyObj = parameters.get(keyName);
      if (keyObj == null) { // No parameter by keyName, checking for a header "headerName"
        keyObj = exchange.getIn().getHeader(headerName, String.class);
        if (keyObj == null) {   
          // Abort
          if(logger.isDebugEnabled()) {
            logger.debug("Unable to find url parameter or header matching the provisioned api key name");
          }
          authReport.setBadRequest(true);
        }
      }
    }
   
    // if not a bad request
    if(!authReport.isBadRequest()) {
   
      String authKey = keyObj.toString();
      if(logger.isDebugEnabled()) {
        logger.debug("authKey= " + authKey);
      }
View Full Code Here
54
55
56
57
58
59
60
61
62
63
64
65
    // Setting the key in the query - should be removed
    exchange.getIn().setHeader(Exchange.HTTP_QUERY, appKeyName + "=asdf");
   
    AppKeyExecutor executor = new AppKeyExecutor(appKeyName, appHeaderName, new MockAuthDataAccess("asdf", null, null));
   
    AuthReport authReport = executor.checkAllowed(exchange, api);
   
    assertNotNull("This authentication should have succeeded", authReport.getAuthIdentity());

    // Check the query parameter
    assertNull("The query parameter should have been removed", exchange.getIn().getHeader(Exchange.HTTP_QUERY));
  }
View Full Code Here
75
76
77
78
79
80
81
82
83
84
85
86
    // Setting the key in the header - should be removed
    exchange.getIn().setHeader(appHeaderName, "asdf");
   
    AppKeyExecutor executor = new AppKeyExecutor(appKeyName, appHeaderName, new MockAuthDataAccess("asdf", null, null));
   
    AuthReport authReport = executor.checkAllowed(exchange, api);
   
    assertNotNull("This authentication should have succeeded", authReport.getAuthIdentity());

    // Check the query parameter
    assertNull("The header should have been removed", exchange.getIn().getHeader(appHeaderName));
  }
View Full Code Here
98
99
100
101
102
103
104
105
106
    parameters.put(appKeyName, "asdf");
    exchange.setProperty(ExchangeConstantKeys.E3_REQUEST_PARAMETERS.toString(), parameters);
   
    AppKeyExecutor executor = new AppKeyExecutor(appKeyName, appHeaderName, new MockAuthDataAccess(null, null, null));

    AuthReport authReport = executor.checkAllowed(exchange, api);
   
    assertNull("This authentication should have failed", authReport.getAuthIdentity());
  }
View Full Code Here
114
115
116
117
118
119
120
121
122
    api.setId("1234");

    // no parameter should fail
    AppKeyExecutor executor = new AppKeyExecutor(appKeyName, appHeaderName, new MockAuthDataAccess("asdf", null, null));
   
    AuthReport authReport = executor.checkAllowed(exchange, api);
   
    assertNull("This authentication should have failed", authReport.getAuthIdentity());
  }
View Full Code Here
55
56
57
58
59
60
61
62
63
64
65
66
   
    Policy policy = new Policy();
    mockDataManager.getCallDescriptors().add(new CallDescriptor(policy, 1, 2));
   
   
    AuthReport authReport = dataAccess.checkAllowed(api);
    AuthIdentity authIdentity = authReport.getAuthIdentity();
    assertNotNull(authIdentity);
   
    assertNotNull(authIdentity.getApi() == api); // compare memory reference
    assertNull(authIdentity.getAuth());
    assertNotNull(authIdentity.getCallDescriptors().get(0).getPolicy() == policy); // compare memory reference
View Full Code Here
133
134
135
136
137
138
139
140
141
    parameters.put(appKeyName.toUpperCase(), "asdf");
    exchange.setProperty(ExchangeConstantKeys.E3_REQUEST_PARAMETERS.toString(), parameters);

    AppKeyExecutor executor = new AppKeyExecutor(appKeyName, appHeaderName, new MockAuthDataAccess("asdf", null, null));
   
    AuthReport authReport = executor.checkAllowed(exchange, api);
   
    assertNull("This authentication should have failed",  authReport.getAuthIdentity());
  }
View Full Code Here
TOP

Related Classes of com.alu.e3.common.camel.AuthReport

  • com.alu.e3.auth.access.data.DataManagerAccess
  • com.alu.e3.auth.access.file.FileData
  • com.alu.e3.auth.camel.component.AuthComponent
  • com.alu.e3.auth.executor.AppKeyExecutorTest
  • com.alu.e3.auth.executor.HttpBasicExecutorTest
  • com.alu.e3.auth.MockAuthDataAccess
  • com.alu.e3.common.caching.transaction.TestTransactionManagement
  • com.alu.e3.common.camel.AuthIdentity
  • com.alu.e3.common.logging.LoggingUtil
  • com.alu.e3.common.MiscTests
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.