usergrid-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mru...@apache.org
Subject [12/50] [abbrv] usergrid git commit: made changes for PR comments..
Date Mon, 01 Aug 2016 16:53:47 GMT
made changes for PR comments..


Project: http://git-wip-us.apache.org/repos/asf/usergrid/repo
Commit: http://git-wip-us.apache.org/repos/asf/usergrid/commit/930308d7
Tree: http://git-wip-us.apache.org/repos/asf/usergrid/tree/930308d7
Diff: http://git-wip-us.apache.org/repos/asf/usergrid/diff/930308d7

Branch: refs/heads/master
Commit: 930308d7e30f31f7d9f0f25f0bbb02982c30e86e
Parents: b583207
Author: Ayesha Dastagiri <ayesha.amrin@gmail.com>
Authored: Fri Jul 8 11:20:36 2016 -0700
Committer: Ayesha Dastagiri <ayesha.amrin@gmail.com>
Committed: Fri Jul 8 11:20:36 2016 -0700

----------------------------------------------------------------------
 .../usergrid/rest/exceptions/AuthErrorInfo.java |  2 +-
 .../rest/management/ManagementResource.java     |  7 +++--
 .../organizations/OrganizationsResource.java    |  5 +---
 .../rest/management/users/UserResource.java     | 31 +++++++-------------
 .../rest/management/users/UsersResource.java    |  7 ++---
 .../OAuth2AccessTokenSecurityFilter.java        |  4 +--
 ...alSSOProviderAdminUserNotFoundException.java | 11 +++++++
 .../tokens/cassandra/TokenServiceImpl.java      | 13 +++++---
 8 files changed, 40 insertions(+), 40 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/usergrid/blob/930308d7/stack/rest/src/main/java/org/apache/usergrid/rest/exceptions/AuthErrorInfo.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/exceptions/AuthErrorInfo.java
b/stack/rest/src/main/java/org/apache/usergrid/rest/exceptions/AuthErrorInfo.java
index 8b7b969..c9149e5 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/exceptions/AuthErrorInfo.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/exceptions/AuthErrorInfo.java
@@ -43,7 +43,7 @@ public enum AuthErrorInfo {
     INVALID_USERNAME_OR_PASSWORD_ERROR( "auth_invalid_username_or_password",
             "Unable to authenticate due to username or password being incorrect" ), //
     UNVERIFIED_OAUTH_ERROR( "auth_unverified_oath", "Unable to authenticate OAuth credentials"
), //
-    EXTERNALSSOPROVIDER_UNACTIVATED_ADMINUSER("externalssoprovider_unactivated_adminuser","Admin
user needs to be activated via the external provider"),
+    EXTERNALSSOPROVIDER_UNACTIVATED_ADMINUSER("externalssoprovider_unactivated_adminuser","Admin
user not found or does not have access to any organizations."),
     NO_DOMAIN_ERROR( "auth_no_application", "Unable to authenticate due to application not
found" ), //
     NOT_DOMAIN_OWNER_ERROR( "auth_not_application_owner", "" ), //
     EXPIRED_ACCESS_TOKEN_ERROR( "expired_token", "Unable to authenticate due to expired access
token" ), //

http://git-wip-us.apache.org/repos/asf/usergrid/blob/930308d7/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
b/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
index 3d794d6..056303a 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
@@ -531,10 +531,11 @@ public class ManagementResource extends AbstractContextResource {
             return; // we only care about username/password auth
         }
 
-        final boolean externalTokensEnabled =
-                !StringUtils.isEmpty( properties.getProperty( USERGRID_EXTERNAL_SSO_ENABLED
) );
+        //why !isexternal_sso_enabled ?
+//        final boolean externalTokensEnabled =
+//                !StringUtils.isEmpty( properties.getProperty( USERGRID_EXTERNAL_SSO_ENABLED
) );
 
-        if ( externalTokensEnabled ) {
+        if ( tokens.isExternalSSOProviderEnabled() ) {
 
             // when external tokens enabled then only superuser can obtain an access token
 

http://git-wip-us.apache.org/repos/asf/usergrid/blob/930308d7/stack/rest/src/main/java/org/apache/usergrid/rest/management/organizations/OrganizationsResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/management/organizations/OrganizationsResource.java
b/stack/rest/src/main/java/org/apache/usergrid/rest/management/organizations/OrganizationsResource.java
index 0e77d97..476e315 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/management/organizations/OrganizationsResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/management/organizations/OrganizationsResource.java
@@ -185,10 +185,7 @@ public class OrganizationsResource extends AbstractContextResource {
                                              String email, String password, Map<String,
Object> userProperties,
                                              Map<String, Object> orgProperties, String
callback ) throws Exception {
 
-        final boolean externalTokensEnabled =
-                !StringUtils.isEmpty( properties.getProperty( USERGRID_EXTERNAL_PROVIDER_URL
) );
-
-        if ( externalTokensEnabled ) {
+        if ( tokens.isExternalSSOProviderEnabled() ) {
             throw new IllegalArgumentException( "Organization / Admin Users must be created
via " +
                     properties.getProperty( USERGRID_EXTERNAL_PROVIDER_URL ) );
         }

http://git-wip-us.apache.org/repos/asf/usergrid/blob/930308d7/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java
b/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java
index b16e85c..739ef28 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java
@@ -47,7 +47,6 @@ import java.util.UUID;
 
 import static org.apache.usergrid.security.shiro.utils.SubjectUtils.isServiceAdmin;
 import static org.apache.usergrid.security.tokens.cassandra.TokenServiceImpl.USERGRID_EXTERNAL_PROVIDER_URL;
-import static org.apache.usergrid.security.tokens.cassandra.TokenServiceImpl.USERGRID_EXTERNAL_SSO_ENABLED;
 import static org.apache.usergrid.utils.ConversionUtils.string;
 
 
@@ -216,10 +215,7 @@ public class UserResource extends AbstractContextResource {
     @Produces( MediaType.TEXT_HTML )
     public Viewable showPasswordResetForm( @Context UriInfo ui, @QueryParam( "token" ) String
token ) {
 
-        final boolean externalTokensEnabled =
-                Boolean.valueOf( properties.getProperty( USERGRID_EXTERNAL_SSO_ENABLED )
);
-
-        if ( externalTokensEnabled ) {
+        if ( tokens.isExternalSSOProviderEnabled() ) {
             throw new IllegalArgumentException( "Admin Users must reset passwords via " +
                     properties.getProperty( USERGRID_EXTERNAL_PROVIDER_URL ) );
         }
@@ -263,10 +259,7 @@ public class UserResource extends AbstractContextResource {
             logger.trace("handlePasswordResetForm");
         }
 
-        final boolean externalTokensEnabled =
-            Boolean.valueOf( properties.getProperty( USERGRID_EXTERNAL_SSO_ENABLED ) );
-
-        if ( externalTokensEnabled ) {
+        if ( tokens.isExternalSSOProviderEnabled() ) {
             throw new IllegalArgumentException( "Admin Users must reset passwords via " +
                     properties.getProperty( USERGRID_EXTERNAL_PROVIDER_URL ) );
         }
@@ -352,10 +345,7 @@ public class UserResource extends AbstractContextResource {
     @Produces( MediaType.TEXT_HTML )
     public Viewable activate( @Context UriInfo ui, @QueryParam( "token" ) String token )
{
 
-        final boolean externalTokensEnabled =
-            Boolean.valueOf( properties.getProperty( USERGRID_EXTERNAL_SSO_ENABLED ) );
-
-        if ( externalTokensEnabled ) {
+        if ( tokens.isExternalSSOProviderEnabled() ) {
             throw new IllegalArgumentException( "Admin Users must activate via " +
                     properties.getProperty( USERGRID_EXTERNAL_PROVIDER_URL ) );
         }
@@ -385,10 +375,7 @@ public class UserResource extends AbstractContextResource {
     @Produces( MediaType.TEXT_HTML )
     public Viewable confirm( @Context UriInfo ui, @QueryParam( "token" ) String token ) {
 
-        final boolean externalTokensEnabled =
-            Boolean.valueOf( properties.getProperty( USERGRID_EXTERNAL_SSO_ENABLED ) );
-
-        if ( externalTokensEnabled ) {
+        if ( tokens.isExternalSSOProviderEnabled() ) {
             throw new IllegalArgumentException( "Admin Users must confirm via " +
                     properties.getProperty( USERGRID_EXTERNAL_PROVIDER_URL ) );
         }
@@ -424,10 +411,7 @@ public class UserResource extends AbstractContextResource {
                                        @QueryParam( "callback" ) @DefaultValue( "callback"
) String callback )
             throws Exception {
 
-        final boolean externalTokensEnabled =
-            Boolean.valueOf( properties.getProperty( USERGRID_EXTERNAL_SSO_ENABLED ) );
-
-        if ( externalTokensEnabled ) {
+        if ( tokens.isExternalSSOProviderEnabled() ) {
             throw new IllegalArgumentException( "Admin Users must reactivate via " +
                     properties.getProperty( USERGRID_EXTERNAL_PROVIDER_URL ) );
         }
@@ -451,6 +435,11 @@ public class UserResource extends AbstractContextResource {
                                              @QueryParam( "callback" ) @DefaultValue( "callback"
) String callback )
             throws Exception {
 
+        if ( tokens.isExternalSSOProviderEnabled() ) {
+            throw new IllegalArgumentException( "Admin Users must tokens must be revoked
via " +
+                properties.getProperty( USERGRID_EXTERNAL_PROVIDER_URL ) );
+        }
+
         UUID adminId = user.getUuid();
 
         logger.info( "Revoking user tokens for {}", adminId );

http://git-wip-us.apache.org/repos/asf/usergrid/blob/930308d7/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UsersResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UsersResource.java
b/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UsersResource.java
index 9730e06..64281b6 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UsersResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UsersResource.java
@@ -44,7 +44,6 @@ import java.util.UUID;
 
 import static org.apache.commons.lang.StringUtils.isBlank;
 import static org.apache.usergrid.rest.exceptions.SecurityException.mappableSecurityException;
-import static org.apache.usergrid.security.tokens.cassandra.TokenServiceImpl.USERGRID_EXTERNAL_SSO_ENABLED;
 import static org.apache.usergrid.security.tokens.cassandra.TokenServiceImpl.USERGRID_EXTERNAL_PROVIDER_URL;
 
 
@@ -115,10 +114,7 @@ public class UsersResource extends AbstractContextResource {
                                        @QueryParam( "callback" ) @DefaultValue( "callback"
) String callback )
             throws Exception {
 
-        final boolean externalTokensEnabled =
-                Boolean.valueOf( properties.getProperty( USERGRID_EXTERNAL_SSO_ENABLED )
);
-
-        if ( externalTokensEnabled ) {
+        if ( tokens.isExternalSSOProviderEnabled() ) {
             throw new IllegalArgumentException( "Admin Users must signup via " +
                     properties.getProperty( USERGRID_EXTERNAL_PROVIDER_URL ) );
         }
@@ -141,6 +137,7 @@ public class UsersResource extends AbstractContextResource {
 
         UserInfo user = null;
         if ( tokens.isExternalSSOProviderEnabled() ){
+            //autoactivating user, since the activation
             user = management.createAdminUser(null,username,name,email,password,true,false);
         }
         else {

http://git-wip-us.apache.org/repos/asf/usergrid/blob/930308d7/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/OAuth2AccessTokenSecurityFilter.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/OAuth2AccessTokenSecurityFilter.java
b/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/OAuth2AccessTokenSecurityFilter.java
index 4132dd3..7b35df6 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/OAuth2AccessTokenSecurityFilter.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/OAuth2AccessTokenSecurityFilter.java
@@ -27,7 +27,7 @@ import org.apache.shiro.subject.Subject;
 import org.apache.usergrid.management.ApplicationInfo;
 import org.apache.usergrid.management.OrganizationInfo;
 import org.apache.usergrid.management.UserInfo;
-import org.apache.usergrid.management.exceptions.ExternalSSOProviderAdminUserNotFoundExceptions;
+import org.apache.usergrid.management.exceptions.ExternalSSOProviderAdminUserNotFoundException;
 import org.apache.usergrid.management.exceptions.ManagementException;
 import org.apache.usergrid.security.AuthPrincipalInfo;
 import org.apache.usergrid.security.AuthPrincipalType;
@@ -110,7 +110,7 @@ public class OAuth2AccessTokenSecurityFilter extends SecurityFilter implements
C
                 } catch (InvalidTokenException ite) {
                     throw mappableSecurityException( INVALID_AUTH_ERROR );
                 }
-                catch (ExternalSSOProviderAdminUserNotFoundExceptions eAdminUserNotFound){
+                catch (ExternalSSOProviderAdminUserNotFoundException eAdminUserNotFound){
                     throw mappableSecurityException(EXTERNALSSOPROVIDER_UNACTIVATED_ADMINUSER);
                 } catch(IndexOutOfBoundsException ioobe) {
                     // token is just some rubbish string

http://git-wip-us.apache.org/repos/asf/usergrid/blob/930308d7/stack/services/src/main/java/org/apache/usergrid/management/exceptions/ExternalSSOProviderAdminUserNotFoundException.java
----------------------------------------------------------------------
diff --git a/stack/services/src/main/java/org/apache/usergrid/management/exceptions/ExternalSSOProviderAdminUserNotFoundException.java
b/stack/services/src/main/java/org/apache/usergrid/management/exceptions/ExternalSSOProviderAdminUserNotFoundException.java
new file mode 100644
index 0000000..67f1b1e
--- /dev/null
+++ b/stack/services/src/main/java/org/apache/usergrid/management/exceptions/ExternalSSOProviderAdminUserNotFoundException.java
@@ -0,0 +1,11 @@
+package org.apache.usergrid.management.exceptions;
+
+/**
+ * Created by ayeshadastagiri on 7/8/16.
+ */
+public class ExternalSSOProviderAdminUserNotFoundException extends ManagementException {
+
+    public ExternalSSOProviderAdminUserNotFoundException(){super();}
+    public ExternalSSOProviderAdminUserNotFoundException(String arg0){super(arg0);}
+
+}

http://git-wip-us.apache.org/repos/asf/usergrid/blob/930308d7/stack/services/src/main/java/org/apache/usergrid/security/tokens/cassandra/TokenServiceImpl.java
----------------------------------------------------------------------
diff --git a/stack/services/src/main/java/org/apache/usergrid/security/tokens/cassandra/TokenServiceImpl.java
b/stack/services/src/main/java/org/apache/usergrid/security/tokens/cassandra/TokenServiceImpl.java
index dc61b7f..2234257 100644
--- a/stack/services/src/main/java/org/apache/usergrid/security/tokens/cassandra/TokenServiceImpl.java
+++ b/stack/services/src/main/java/org/apache/usergrid/security/tokens/cassandra/TokenServiceImpl.java
@@ -332,10 +332,15 @@ public class TokenServiceImpl implements TokenService {
 
             // If the token doesn't parse as a Usergrid token, see if an external provider
other than Usergrid is
             // enabled.  If so, just validate the external token.
-            if( isExternalSSOProviderEnabled() && !getExternalSSOProvider().equalsIgnoreCase("usergrid"))
{
-                return validateExternalToken(token, 1, getExternalSSOProvider());
-            }else{
-                throw e; // re-throw the error
+            try{
+                if( isExternalSSOProviderEnabled() && !getExternalSSOProvider().equalsIgnoreCase("usergrid"))
{
+                    return validateExternalToken(token, 1, getExternalSSOProvider());
+                }else{
+                    throw new IllegalArgumentException("invalid external provider : " + getExternalSSOProvider());
// re-throw the error
+                }
+            }
+            catch (NullPointerException npe){
+                throw new IllegalArgumentException("The SSO provider in the config is empty.");
             }
 
         }


Mime
View raw message