OdkAuthProvider.java

package org.activityinfo.server.endpoint.odk;

import com.google.inject.Inject;
import org.activityinfo.model.auth.AuthenticatedUser;
import org.activityinfo.server.DeploymentEnvironment;
import org.activityinfo.server.authentication.ServerSideAuthProvider;
import org.activityinfo.server.database.hibernate.entity.User;
import org.activityinfo.service.DeploymentConfiguration;

import javax.inject.Provider;
import javax.persistence.EntityManager;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response;

public class OdkAuthProvider implements Provider<AuthenticatedUser> {

    public static final String DEBUG_USER_ID = "odk.debug.authorization.userid";


    private final ServerSideAuthProvider authProvider;
    private final Provider<EntityManager> em;
    private final DeploymentConfiguration config;

    @Inject
    public OdkAuthProvider(DeploymentConfiguration config, ServerSideAuthProvider authProvider, Provider<EntityManager> em) {
        this.authProvider = authProvider;
        this.em = em;
        this.config = config;
    }

    /**
     * Returns the currently authenticated user. During develop
     *
     *
     *
     * @return the currently authenticated user
     * @throws javax.ws.rs.WebApplicationException if the request is not authenticated
     *
     */
    @Override
    public AuthenticatedUser get() {
        if (authProvider.get().isAnonymous()) {
            if(DeploymentEnvironment.isAppEngineDevelopment()) {
                // do we have a dummy user id configured?
                String odkDebugAuthorizationUserId = config.getProperty(DEBUG_USER_ID);
                if (odkDebugAuthorizationUserId != null) {
                    int userId = Integer.parseInt(odkDebugAuthorizationUserId);
                    if (userId > 0) {
                        // if so, we're assuming that user is authorized.
                        User user = em.get().find(User.class, userId);
                        if (user == null) {
                            throw new IllegalStateException("odk.debug.authorization.userid set, but user cannot be found");
                        }
                        authProvider.set(user);
                        return new AuthenticatedUser("", user.getId(), user.getEmail(), user.getLocale());
                    }
                }
            }
            // otherwise ask for (basic) authentication
            throw new WebApplicationException(Response
                    .status(401)
                    .header("WWW-Authenticate", "Basic realm=\"Activityinfo\"").build());
        } else {
            // authorized user, continue
            return authProvider.get();
        }
    }
}