@Override public String getUsername(Context ctx) { String[] authTokenHeaderValues = ctx.request().headers().get(AuthUtils.AUTH_HEADER_KEY); if ((authTokenHeaderValues != null) && (authTokenHeaderValues.length == 1) && (authTokenHeaderValues[0] != null)) { String authHeader = authTokenHeaderValues[0]; try { JWTClaimsSet claimSet = (JWTClaimsSet) authenticator.decodeToken(authHeader); if (new DateTime(claimSet.getExpirationTime()).isAfter(DateTime.now())) { return claimSet.getSubject(); } } catch (ParseException | JOSEException e) { Logger.error("Erro na validação do token: " + e.getMessage()); } } return null; }
@Override protected Body getVerifyEmailMailingBody(final String token, final MyUsernamePasswordAuthUser user, final Context ctx) { final boolean isSecure = getConfiguration().getBoolean( SETTING_KEY_VERIFICATION_LINK_SECURE); final String url = routes.Signup.verify(token).absoluteURL( ctx.request(), isSecure); final Lang lang = Lang.preferred(ctx.request().acceptLanguages()); final String langCode = lang.code(); final String html = getEmailTemplate( "views.html.account.signup.email.verify_email", langCode, url, token, user.getName(), user.getEmail()); final String text = getEmailTemplate( "views.txt.account.signup.email.verify_email", langCode, url, token, user.getName(), user.getEmail()); return new Body(text, html); }
protected Body getPasswordResetMailingBody(final String token, final User user, final Context ctx) { final boolean isSecure = getConfiguration().getBoolean( SETTING_KEY_PASSWORD_RESET_LINK_SECURE); final String url = routes.Signup.resetPassword(token).absoluteURL( ctx.request(), isSecure); final Lang lang = Lang.preferred(ctx.request().acceptLanguages()); final String langCode = lang.code(); final String html = getEmailTemplate( "views.html.account.email.password_reset", langCode, url, token, user.name, user.email); final String text = getEmailTemplate( "views.txt.account.email.password_reset", langCode, url, token, user.name, user.email); return new Body(text, html); }
protected Body getVerifyEmailMailingBodyAfterSignup(final String token, final User user, final Context ctx) { final boolean isSecure = getConfiguration().getBoolean( SETTING_KEY_VERIFICATION_LINK_SECURE); final String url = routes.Signup.verify(token).absoluteURL( ctx.request(), isSecure); final Lang lang = Lang.preferred(ctx.request().acceptLanguages()); final String langCode = lang.code(); final String html = getEmailTemplate( "views.html.account.email.verify_email", langCode, url, token, user.name, user.email); final String text = getEmailTemplate( "views.txt.account.email.verify_email", langCode, url, token, user.name, user.email); return new Body(text, html); }
@Override public String getUsername(Context ctx) { // see if user is logged in if (session("username") == null) return null; // see if the session is expired String previousTick = session("userTime"); if (previousTick != null && !previousTick.equals("")) { long previousT = Long.valueOf(previousTick); long currentT = new Date().getTime(); long timeout = Long.valueOf(Play.application().configuration().getString("sessionTimeout")) * 1000 * 60; if ((currentT - previousT) > timeout) { // session expired session().clear(); return null; } } // update time in session String tickString = Long.toString(new Date().getTime()); session("userTime", tickString); return session("username"); }
@Override public Action<Void> createAction(Request request, Method actionMethod) { return new Action.Simple() { @Override public Promise<Result> call(Context ctx) throws Throwable { // Inject the required services into the context injectCommonServicesIncontext(ctx); final Language language = new Language(request.getQueryString("lang")); if (messagesPlugin.isLanguageValid(language.getCode())) { Logger.debug("change language to: " + language.getCode()); ctx.changeLang(language.getCode()); // Update the CAS language cookie which is relying on Spring // framework (not really solid yet works) Utilities.setSsoLanguage(ctx, language.getCode()); } return delegate.call(ctx); } }; }
public String getUsername(final Context ctx, String role) { String username = getUsernameOrIP(ctx, true); User u = User.findByEmail(username); if (u == null) { // Allow access by IP address to ROLE_VIEW_JC things. username // may be null if not from a valid IP, which will deny access. if (role.equals(UserRole.ROLE_VIEW_JC)) { return username; } } else if (u.hasRole(role) && (u.organization == null || u.organization.equals(OrgConfig.get().org))) { // Allow access if this user belongs to this organization or is a // multi-domain admin (null organization). Also, the user must // have the required role. return username; } return null; }
@Override public boolean restrict(List<String[]> deadBoltRoles) { try { if (log.isDebugEnabled()) { log.debug("RESTRICT with handler [" + get() + "] timeout [" + DEFAULT_TIMEOUT + "] for roles " + Utilities.toString(deadBoltRoles)); } Optional<Subject> subjectOption = getSubject(Http.Context.current(), get()).get(DEFAULT_TIMEOUT); if (!subjectOption.isPresent()) { if (log.isDebugEnabled()) { log.debug("RESTRICT FALSE since no subject found"); } return false; } Subject subject = subjectOption.get(); if (log.isDebugEnabled()) { log.debug("RESTRICT Subject = " + subject); } return restrict(deadBoltRoles, subject); } catch (Exception e) { log.error("Error while checking restriction for " + Utilities.toString(deadBoltRoles), e); return false; } }
@Override public Promise<Optional<Result>> beforeAuthCheck(final Http.Context ctx) { String uid = getUserSessionManagerPlugin().getUserSessionId(ctx); if (log.isDebugEnabled()) { log.debug("Calling beforeAuthCheck, user in session is " + uid); } if (uid == null) { return Promise.promise(new Function0<Optional<Result>>() { public Optional<Result> apply() throws Throwable { return Optional.of(redirectToLoginPage(ctx.request().uri())); } }); } Optional<Result> emptyResult = Optional.empty(); return Promise.promise(() -> emptyResult); }
@Override public Promise<Boolean> checkPermission(String permissionValue, DeadboltHandler deadboltHandler, Context ctx) { boolean permissionOk = false; try { IUserAccount userAccount = getSecurityService().getCurrentUser(); if (userAccount != null) { List<? extends Permission> permissions = userAccount.getPermissions(); for (Iterator<? extends Permission> iterator = permissions.iterator(); !permissionOk && iterator.hasNext();) { Permission permission = iterator.next(); permissionOk = permission.getValue().contains(permissionValue); } } } catch (Exception e) { log.error("impossible to get the user", e); } final boolean permissionOkFinal = permissionOk; return Promise.promise(() -> permissionOkFinal); }
@Override public Promise<Result> notify(Context ctx) { if (log.isDebugEnabled()) { log.debug("Notification for request " + ctx.request().path()); } for (String pathPrefix : getRegisteredListeners().keySet()) { if (ctx.request().path().startsWith(pathPrefix)) { if (log.isDebugEnabled()) { log.debug("Notification for request " + ctx.request().path() + " found matching listener " + pathPrefix); } return getRegisteredListeners().get(pathPrefix).notifyRequest(ctx); } } if (log.isDebugEnabled()) { log.debug("No matching listener for " + ctx.request().path()); } return null; }
@Override public Promise<Result> execute(String path, Context ctx) { for (WebCommand webCommand : webCommands) { if (webCommand.isCompatible(path, ctx)) { try { return webCommand.call(path, ctx); } catch (Exception e) { log.error("Error while calling the web command", e); return Promise.promise(() -> Controller.badRequest()); } } } log.info("No compatible command found for path " + path); if (log.isDebugEnabled()) { log.debug("No compatible command found for path " + path); } return Promise.promise(() -> Controller.badRequest()); }
@Override public String getUsername(Context ctx) { String[] authTokenHeaderValues = ctx .request() .headers() .get(SecurityController.AUTH_TOKEN_HEADER.toLowerCase()); if ((authTokenHeaderValues != null) && (authTokenHeaderValues.length == 1) && (authTokenHeaderValues[0] != null)) { User user = userService.getUserByAuthToken(authTokenHeaderValues[0]); if (isAuthenticatedUser(user)) { ctx.args.put("user", user); return user.getEmail(); } } return null; }
@Test public void renderTemplate() throws InstantiationException, IllegalAccessException { Request requestMock = mock(Request.class); Context.current.set(new Context(1l, mock(RequestHeader.class), requestMock, // Collections.<String, String>emptyMap(), // sessionData Collections.<String, String>emptyMap(), // flashData Collections.<String, Object>emptyMap())); when(requestMock.username()).thenReturn("nom_de_test"); Html html = views.html.index.render("Your new application is ready."); assertThat(contentType(html)).isEqualTo("text/html"); assertThat(contentAsString(html)).contains("Your new application is ready."); assertThat(contentAsString(html)).contains("Bonjour nom_de_test!"); }
@Override @Transactional public CompletionStage<Result> call(Context ctx) { String sessionId = ctx.session().get("id"); if(sessionId != null) { Long id = Long.parseLong(ctx.session().get("id")); Account account = accountManager.findById(id); if(account == null) { ctx.session().clear(); Logger.info("Clear Session"); return delegate.call(ctx); } ctx.args.put("account", account); } else { ctx.args.put("account", null); } return delegate.call(ctx); }
@Override public Promise<Result> apply(Request request, Method method, Context context, Action<?> action) throws Throwable { String token = getAuthorizationToken(request); if (token == null) { token = request.getQueryString(OAuth2AccessToken.ACCESS_TOKEN); } if (token == null) { logger.info("Authentication skipped"); } else { Authentication authRequest = new PreAuthenticatedAuthenticationToken(token, ""); Authentication authResult = oauth2AuthenticationManager.authenticate(authRequest); SecurityContextHolder.getContext().setAuthentication(authResult); logger.info("Authenticated successfully"); } return action.call(context); }
@Override protected Body getVerifyEmailMailingBody(final String token, final GSNUsernamePasswordAuthUser user, final Context ctx) { final boolean isSecure = getConfiguration().getBoolean( SETTING_KEY_VERIFICATION_LINK_SECURE); final String url = controllers.gsn.auth.routes.Signup.verify(token).absoluteURL( ctx.request(), isSecure); final Lang lang = Lang.preferred(ctx.request().acceptLanguages()); final String langCode = lang.code(); final String html = getEmailTemplate( "views.html.account.signup.email.verify_email", langCode, url, token, user.getName(), user.getEmail()); final String text = getEmailTemplate( "views.txt.account.signup.email.verify_email", langCode, url, token, user.getName(), user.getEmail()); return new Body(text, html); }
protected Body getPasswordResetMailingBody(final String token, final User user, final Context ctx) { final boolean isSecure = getConfiguration().getBoolean( SETTING_KEY_PASSWORD_RESET_LINK_SECURE); final String url = controllers.gsn.auth.routes.Signup.resetPassword(token).absoluteURL( ctx.request(), isSecure); final Lang lang = Lang.preferred(ctx.request().acceptLanguages()); final String langCode = lang.code(); final String html = getEmailTemplate( "views.html.account.email.password_reset", langCode, url, token, user.name, user.email); final String text = getEmailTemplate( "views.txt.account.email.password_reset", langCode, url, token, user.name, user.email); return new Body(text, html); }
protected Body getVerifyEmailMailingBodyAfterSignup(final String token, final User user, final Context ctx) { final boolean isSecure = getConfiguration().getBoolean( SETTING_KEY_VERIFICATION_LINK_SECURE); final String url = controllers.gsn.auth.routes.Signup.verify(token).absoluteURL( ctx.request(), isSecure); final Lang lang = Lang.preferred(ctx.request().acceptLanguages()); final String langCode = lang.code(); final String html = getEmailTemplate( "views.html.account.email.verify_email", langCode, url, token, user.name, user.email); final String text = getEmailTemplate( "views.txt.account.email.verify_email", langCode, url, token, user.name, user.email); return new Body(text, html); }
public void sendResetEmail(final Context ctx, final String email) { final SignupUser user = getSessionFactory().inSession( new F.Function<Session, SignupUser>() { @Override public SignupUser apply(final Session session) { final UserDAO dao = new UserDAO(session, getJcrom()); final User u = dao.findByEmail(email); return u!=null?new SignupUser(u.getEmail(), u.getName()):null; } }); if(user != null) { final String record = generateVerificationRecord(user); final Body body = getVerifyEmailMailingBody(record, user, ctx); final Mail verifyMail = new Mail("Password reset for AORRA", body, new String[] { getEmailName(user) }); mailer.sendMail(verifyMail); } }
public boolean isAllowed(String name, String meta, DeadboltHandler deadboltHandler, Http.Context context) { Subject subject = deadboltHandler.getSubject(context); boolean allowed; if (DeadboltAnalyzer.hasRole(subject, "admin")) { allowed = true; } else { // a call to view profile is probably a get request, so // the query string is used to provide info Map<String, String[]> queryStrings = context.request().queryString(); String[] requestedNames = queryStrings.get("userName"); allowed = requestedNames != null && requestedNames.length == 1 && requestedNames[0].equals(subject.getIdentifier()); } return allowed; }
@Override public boolean isAllowed(String name, String meta, DeadboltHandler deadboltHandler, Context ctx) { DynamicResourceHandler handler = HANDLERS.get(name); boolean result = false; if (handler == null) { Logger.error("No handler available for " + name); } else { result = handler.isAllowed(name, meta, deadboltHandler, ctx); } return result; }
@Override public boolean checkPermission(String permissionValue, DeadboltHandler deadboltHandler, Context ctx) { boolean permissionOk = false; Subject subject = deadboltHandler.getSubject(ctx); if (subject != null) { List<? extends Permission> permissions = subject.getPermissions(); for (Iterator<? extends Permission> iterator = permissions.iterator(); !permissionOk && iterator.hasNext(); ) { Permission permission = iterator.next(); permissionOk = permission.getValue().contains(permissionValue); } } return permissionOk; }
@Override protected Body getVerifyEmailMailingBody(final String token, final MyUsernamePasswordAuthUser user, final Context ctx) { final boolean isSecure = getConfiguration().getBoolean( SETTING_KEY_VERIFICATION_LINK_SECURE); final String url = routes.Signup.verify(token).absoluteURL( ctx.request(), isSecure); final Lang lang = Lang.preferred(ctx.request().acceptLanguages()); final String langCode = lang.code(); final String html = getEmailTemplate( "views.html.common.account.signup.email.verify_email", langCode, url, token, user.getName(), user.getEmail()); final String text = getEmailTemplate( "views.txt.common.account.signup.email.verify_email", langCode, url, token, user.getName(), user.getEmail()); return new Body(text, html); }
protected Body getPasswordResetMailingBody(final String token, final User user, final Context ctx) { final boolean isSecure = getConfiguration().getBoolean( SETTING_KEY_PASSWORD_RESET_LINK_SECURE); final String url = routes.Signup.resetPassword(token).absoluteURL( ctx.request(), isSecure); final Lang lang = Lang.preferred(ctx.request().acceptLanguages()); final String langCode = lang.code(); final String html = getEmailTemplate( "views.html.common.account.email.password_reset", langCode, url, token, user.name, user.email); final String text = getEmailTemplate( "views.txt.common.account.email.password_reset", langCode, url, token, user.name, user.email); return new Body(text, html); }
protected Body getVerifyEmailMailingBodyAfterSignup(final String token, final User user, final Context ctx) { final boolean isSecure = getConfiguration().getBoolean( SETTING_KEY_VERIFICATION_LINK_SECURE); final String url = routes.Signup.verify(token).absoluteURL( ctx.request(), isSecure); final Lang lang = Lang.preferred(ctx.request().acceptLanguages()); final String langCode = lang.code(); final String html = getEmailTemplate( "views.html.common.account.email.verify_email", langCode, url, token, user.name, user.email); final String text = getEmailTemplate( "views.txt.common.account.email.verify_email", langCode, url, token, user.name, user.email); return new Body(text, html); }
public static Result doSignup() { com.feth.play.module.pa.controllers.Authenticate.noCache(response()); final Form<MySignup> filledForm = MyUsernamePasswordAuthProvider.SIGNUP_FORM .bindFromRequest(); int i = 1; i++; if (filledForm.hasErrors()) { // User did not fill everything properly return badRequest(views.html.common.signup.render(filledForm)); } else { // Everything was filled // do something with your part of the form before handling the user // signup Context c = ctx(); Result r = UsernamePasswordAuthProvider.handleSignup(c); return r; } }
@Override public Promise<SimpleResult> call(Context context) throws Throwable { // TODO Auto-generated method stub String appId = context.session().get("appId"); //there is no application id if (appId == null) { SimpleResult result = ok(Json.newObject().put("code", ErrDefinition.E_APP_NOT_SELECTED)); return Promise.pure(result); } return delegate.call(context); }
@Override public Promise<SimpleResult> call(Context context) throws Throwable { // TODO Auto-generated method stub context = setRespHeader(context); addLogs(context); return delegate.call(context); }
private Context setRespHeader(Context context){ String header = context.request().getHeader("Origin"); header = (header == null ? "*" : header); context.response().setHeader("Access-Control-Allow-Origin", header); context.response().setHeader("Access-Control-Allow-Credentials", "true"); context.response().setHeader("Access-Control-Allow-Methods", "POST,GET,PUT,DELETE,OPTIONS"); return context; }
@Override protected String onLoginUserNotFound(final Context context) { context.flash() .put(controllers.Application.FLASH_ERROR_KEY, Messages.get("songs.password.login.unknown_user_or_pw")); return super.onLoginUserNotFound(context); }
public void sendVerifyEmailMailingAfterSignup(final User user, final Context ctx) { final String subject = getVerifyEmailMailingSubjectAfterSignup(user, ctx); final String token = generateVerificationRecord(user); final Body body = getVerifyEmailMailingBodyAfterSignup(token, user, ctx); sendMail(subject, body, getEmailName(user)); }
/** * Inject the common service. * * @param context * the play context */ protected void injectCommonServicesIncontext(Context context) { super.injectCommonServicesIncontext(context); context.args.put(IDataSyndicationService.class.getName(), dataSyndicationService); context.args.put(ISecurityService.class.getName(), securityService); context.args.put(INotificationManagerPlugin.class.getName(), notificationService); context.args.put(IEchannelService.class.getName(), echannelService); context.args.put(IPreferenceManagerPlugin.class.getName(), preferenceManagerPlugin); context.args.put(IBudgetTrackingService.class.getName(), budgetTrackingService); context.args.put(IPluginManagerService.class.getName(), pluginManagerService); }
@Override public Promise<Result> onClientError(RequestHeader requestHeader, int statusCode, String error) { injectCommonServicesIncontext(Http.Context.current()); if (statusCode == play.mvc.Http.Status.NOT_FOUND) { return Promise.promise(new Function0<Result>() { public Result apply() throws Throwable { if (requestHeader.path().startsWith(AbstractApiController.STANDARD_API_ROOT_URI)) { return getApiControllerUtilsService().getJsonErrorResponse(new ApiError(404, "Not found"), Controller.ctx().response()); } else { return play.mvc.Results.notFound(views.html.error.not_found.render(requestHeader.uri())); } } }); } if (statusCode == play.mvc.Http.Status.BAD_REQUEST) { injectCommonServicesIncontext(Http.Context.current()); return Promise.promise(new Function0<Result>() { public Result apply() throws Throwable { if (requestHeader.path().startsWith(AbstractApiController.STANDARD_API_ROOT_URI)) { return getApiControllerUtilsService().getJsonErrorResponse(new ApiError(400, error), Controller.ctx().response()); } else { return play.mvc.Results.badRequest(views.html.error.bad_request.render()); } } }); } return Promise.<Result> pure(play.mvc.Results.status(statusCode, "an unexpected error occured: " + error)); }
@Override public Promise<Result> onServerError(RequestHeader requestHeader, Throwable t) { injectCommonServicesIncontext(Http.Context.current()); return Promise.promise(new Function0<Result>() { public Result apply() throws Throwable { return (Result) ControllersUtils.logAndReturnUnexpectedError((Exception) t, getUserMailIfAvailableInContext(), log, getConfiguration(), getMessagesPlugin()); } }); }
@Override protected void injectCommonServicesIncontext(Context context) { super.injectCommonServicesIncontext(context); context.args.put(IDataSyndicationService.class.getName(), dataSyndicationService); context.args.put(ISecurityService.class.getName(), securityService); context.args.put(INotificationManagerPlugin.class.getName(), notificationService); context.args.put(IEchannelService.class.getName(), echannelService); context.args.put(IPreferenceManagerPlugin.class.getName(), preferenceManagerPlugin); context.args.put(IBudgetTrackingService.class.getName(), budgetTrackingService); context.args.put(IPluginManagerService.class.getName(), pluginManagerService); }
