usergrid-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mru...@apache.org
Subject [16/50] [abbrv] usergrid git commit: reading token from SecurityUtils rather than queryParams.
Date Mon, 01 Aug 2016 16:53:51 GMT
reading token from SecurityUtils rather than queryParams.


Project: http://git-wip-us.apache.org/repos/asf/usergrid/repo
Commit: http://git-wip-us.apache.org/repos/asf/usergrid/commit/d393445f
Tree: http://git-wip-us.apache.org/repos/asf/usergrid/tree/d393445f
Diff: http://git-wip-us.apache.org/repos/asf/usergrid/diff/d393445f

Branch: refs/heads/master
Commit: d393445f19b214788a3b75ea74fb5e93265bedf4
Parents: 5c54d15
Author: Ayesha Dastagiri <ayesha.amrin@gmail.com>
Authored: Mon Jul 11 16:40:45 2016 -0700
Committer: Ayesha Dastagiri <ayesha.amrin@gmail.com>
Committed: Mon Jul 11 16:40:45 2016 -0700

----------------------------------------------------------------------
 .../rest/management/ManagementResource.java     | 23 +++++++++++++++++++-
 .../rest/management/users/UserResource.java     |  6 +++--
 .../cassandra/ManagementServiceImpl.java        |  4 +++-
 3 files changed, 29 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/usergrid/blob/d393445f/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
b/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
index 056303a..c94987a 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
@@ -22,6 +22,7 @@ import org.apache.amber.oauth2.common.exception.OAuthProblemException;
 import org.apache.amber.oauth2.common.message.OAuthResponse;
 import org.apache.amber.oauth2.common.message.types.GrantType;
 import org.apache.commons.lang.StringUtils;
+import org.apache.shiro.SecurityUtils;
 import org.apache.shiro.codec.Base64;
 import org.apache.usergrid.management.ApplicationCreator;
 import org.apache.usergrid.management.UserInfo;
@@ -34,6 +35,7 @@ import org.apache.usergrid.rest.exceptions.RedirectionException;
 import org.apache.usergrid.rest.management.organizations.OrganizationsResource;
 import org.apache.usergrid.rest.management.users.UsersResource;
 import org.apache.usergrid.security.oauth.AccessInfo;
+import org.apache.usergrid.security.shiro.principals.PrincipalIdentifier;
 import org.apache.usergrid.security.shiro.utils.SubjectUtils;
 import org.apache.usergrid.security.sso.ExternalSSOProvider;
 import org.apache.usergrid.security.sso.SSOProviderFactory;
@@ -99,6 +101,9 @@ public class ManagementResource extends AbstractContextResource {
     MetricsFactory metricsFactory = null;
 
 
+    String access_token = null;
+
+
     public ManagementResource() {
         if (logger.isTraceEnabled()) {
             logger.trace( "ManagementResource initialized" );
@@ -159,7 +164,6 @@ public class ManagementResource extends AbstractContextResource {
                                          @QueryParam( "client_id" ) String client_id,
                                          @QueryParam( "client_secret" ) String client_secret,
                                          @QueryParam( "ttl" ) long ttl,
-                                         @QueryParam( "access_token" ) String access_token,
                                          @QueryParam( "callback" ) @DefaultValue( "" ) String
callback )
             throws Exception {
 
@@ -181,6 +185,12 @@ public class ManagementResource extends AbstractContextResource {
         final boolean ssoEnabled = Boolean.parseBoolean(properties.getProperty(USERGRID_EXTERNAL_SSO_ENABLED));
         long tokenTtl;
 
+        PrincipalIdentifier userPrincipal  = (PrincipalIdentifier) SecurityUtils.getSubject().getPrincipal();
+        if ( userPrincipal != null && userPrincipal.getAccessTokenCredentials() !=
null ) {
+            this.access_token = userPrincipal.getAccessTokenCredentials().getToken();
+        }
+
+
         if(ssoEnabled){
 
             ExternalSSOProvider provider = ssoProviderFactory.getProvider();
@@ -384,6 +394,7 @@ public class ManagementResource extends AbstractContextResource {
                                              @FormParam( "access_token" ) String access_token,
                                              @FormParam( "callback" ) @DefaultValue( "" )
String callback )
             throws Exception {
+
         return getAccessTokenInternal( ui, authorization, grant_type, username, password,
client_id, client_secret, ttl,
                 callback, false, true );
     }
@@ -425,6 +436,16 @@ public class ManagementResource extends AbstractContextResource {
                                               @QueryParam( "callback" ) @DefaultValue( ""
) String callback,
                                               @HeaderParam( "Authorization" ) String authorization
) throws Exception {
 
+
+        if ( json == null ) {
+            String errorDescription = "invalid request, expected data in the request.";
+            OAuthResponse response =
+                OAuthResponse.errorResponse( SC_BAD_REQUEST ).setError( OAuthError.TokenResponse.INVALID_REQUEST
)
+                    .setErrorDescription( errorDescription ).buildJSONMessage();
+            return Response.status( response.getResponseStatus() ).type( jsonMediaType( callback
) )
+                .entity( wrapWithCallback( response.getBody(), callback ) ).build();
+        }
+
         String grant_type = ( String ) json.get( "grant_type" );
         String username = ( String ) json.get( "username" );
         String password = ( String ) json.get( "password" );

http://git-wip-us.apache.org/repos/asf/usergrid/blob/d393445f/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java
b/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java
index 739ef28..f568463 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java
@@ -64,7 +64,7 @@ public class UserResource extends AbstractContextResource {
 
     String errorMsg;
 
-    String token;
+    String token = null;
 
 
     public UserResource() {
@@ -74,7 +74,9 @@ public class UserResource extends AbstractContextResource {
     public UserResource init( UserInfo user ) {
         this.user = user;
         PrincipalIdentifier userPrincipal  = (PrincipalIdentifier) SecurityUtils.getSubject().getPrincipal();
-        this.token = userPrincipal.getAccessTokenCredentials().getToken();
+        if ( userPrincipal != null && userPrincipal.getAccessTokenCredentials() !=
null ) {
+            this.token = userPrincipal.getAccessTokenCredentials().getToken();
+        }
         return this;
     }
 

http://git-wip-us.apache.org/repos/asf/usergrid/blob/d393445f/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java
----------------------------------------------------------------------
diff --git a/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java
b/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java
index 9637dff..e812b75 100644
--- a/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java
+++ b/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java
@@ -1732,7 +1732,9 @@ public class ManagementServiceImpl implements ManagementService {
         invalidateManagementAppAuthCache();
 
         if ( email ) {
-            sendAdminUserInvitedEmail( user, organization );
+            if(!tokens.isExternalSSOProviderEnabled()) {
+                sendAdminUserInvitedEmail(user, organization);
+            }
         }
     }
 


Mime
View raw message